Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vIxEo8ASP1DuGkv7LKCBVcKyIK0.roa
File:                     vIxEo8ASP1DuGkv7LKCBVcKyIK0.roa (raw, json)
Hash identifier:          FarHIP/UNrasIdkcg4CLzWDPqXnUpGSB5ZzmzeGiLOk=
Subject key identifier:   BC:8C:44:A3:C0:12:3F:50:EE:1A:4B:FB:2C:A0:81:55:C2:B2:20:AD
Certificate issuer:       /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial:       018CC9BC6A73814055102A69B53EB476DCF7
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vIxEo8ASP1DuGkv7LKCBVcKyIK0.roa
Signing time:             Tue 02 Jan 2024 10:33:37 +0000
ROA not before:           Tue 02 Jan 2024 10:33:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35478
IP address blocks:        46.20.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 03:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:6a:73:81:40:55:10:2a:69:b5:3e:b4:76:dc:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
        Validity
            Not Before: Jan  2 10:33:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bc8c44a3c0123f50ee1a4bfb2ca08155c2b220ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:34:09:49:1d:f9:fa:77:b5:83:c8:2b:98:14:
                    71:2a:01:5b:a4:33:f4:33:57:10:7b:19:50:a8:70:
                    ef:38:83:04:1a:b1:76:b0:11:28:93:7a:cd:f9:17:
                    6d:a5:6c:2d:21:b0:51:36:14:37:08:cd:fe:3d:6f:
                    aa:04:34:bc:26:58:ba:fe:6c:2c:93:b0:a0:a4:76:
                    ea:d5:74:44:83:d8:22:15:73:38:83:2e:be:48:fa:
                    ba:cf:62:1b:8e:97:16:13:dd:c6:f5:48:48:c2:9b:
                    da:c5:50:23:bf:ef:42:d6:25:17:44:67:8b:12:ff:
                    77:5a:62:3d:f3:2d:89:d5:0d:b4:98:b4:df:24:07:
                    42:29:a9:3b:3e:a0:22:39:49:63:b4:9b:78:28:d6:
                    52:43:48:ba:e8:9f:18:ff:df:85:f9:91:1d:d3:35:
                    63:ba:7f:a3:a8:84:0f:bb:f1:3a:b1:87:e0:aa:81:
                    5c:34:c1:ec:f4:b1:8e:c1:74:ed:53:df:9d:a8:52:
                    38:a0:6d:74:67:9e:ff:c4:6a:3e:8f:c5:34:c4:92:
                    94:53:34:d9:ef:57:95:83:9d:c8:d5:5f:50:3a:07:
                    17:bc:b2:c4:57:e6:69:4f:f2:dc:38:b0:a9:65:00:
                    4b:53:ee:c6:c7:a4:8b:af:7e:02:31:5e:8a:59:2e:
                    ed:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:8C:44:A3:C0:12:3F:50:EE:1A:4B:FB:2C:A0:81:55:C2:B2:20:AD
            X509v3 Authority Key Identifier:
                keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/vIxEo8ASP1DuGkv7LKCBVcKyIK0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.20.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:97:6b:19:4b:b5:fc:bb:fb:b4:8c:49:3d:7d:bf:a2:b9:e4:
         ae:88:48:3b:40:09:be:db:3f:1b:f4:c1:ad:f3:cb:49:60:8c:
         f3:2b:68:cc:d6:f6:18:be:a1:54:71:72:17:20:a2:38:20:f7:
         f2:47:e2:71:9c:06:36:99:14:fa:d1:3e:c2:ad:c3:4a:30:82:
         f2:e7:f6:8b:46:52:6f:e3:80:0f:65:29:33:29:ed:2d:cc:ab:
         81:e4:0c:ee:39:31:4b:9f:4e:a3:cb:bb:f1:c1:65:44:40:f8:
         76:8c:01:9a:64:c7:a3:cd:bd:54:30:c5:36:b3:07:09:ae:21:
         fe:35:b5:e5:77:ff:ae:49:a7:c3:06:6b:3c:38:48:7b:87:01:
         74:03:59:c2:13:1c:45:1b:01:9e:3a:ad:ca:6f:14:cb:41:a4:
         3a:87:a5:59:b0:8c:22:74:a3:2f:19:71:39:aa:60:56:e8:dd:
         4b:72:12:9c:9d:3a:6c:d1:67:25:c9:94:4b:e5:7e:74:a5:78:
         65:bf:d1:e2:ae:bd:25:ff:31:69:30:6b:7a:8c:b4:a4:f4:25:
         08:ac:24:4e:be:c1:83:e1:d5:c2:5a:85:70:d9:ae:9f:e8:c1:
         ee:05:48:85:10:5f:9d:2f:1b:75:df:51:f0:3e:1d:da:7f:9d:
         96:19:93:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGpzgUBVECpptT60dtz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhjNDRhM2MwMTIzZjUwZWUxYTRiZmIyY2EwODE1NWMyYjIyMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTQJSR35+ne1g8grmBRxKgFbpDP0
M1cQexlQqHDvOIMEGrF2sBEok3rN+RdtpWwtIbBRNhQ3CM3+PW+qBDS8Jli6/mws
k7CgpHbq1XREg9giFXM4gy6+SPq6z2IbjpcWE93G9UhIwpvaxVAjv+9C1iUXRGeL
Ev93WmI98y2J1Q20mLTfJAdCKak7PqAiOUljtJt4KNZSQ0i66J8Y/9+F+ZEd0zVj
un+jqIQPu/E6sYfgqoFcNMHs9LGOwXTtU9+dqFI4oG10Z57/xGo+j8U0xJKUUzTZ
71eVg53I1V9QOgcXvLLEV+ZpT/LcOLCpZQBLU+7Gx6SLr34CMV6KWS7tKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyMRKPAEj9Q7hpL+yyggVXCsiCtMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdkl4RW84QVNQMUR1R2t2N0xLQ0JWY0t5SUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRnMA0G
CSqGSIb3DQEBCwUAA4IBAQBDl2sZS7X8u/u0jEk9fb+iueSuiEg7QAm+2z8b9MGt
88tJYIzzK2jM1vYYvqFUcXIXIKI4IPfyR+JxnAY2mRT60T7CrcNKMILy5/aLRlJv
44APZSkzKe0tzKuB5AzuOTFLn06jy7vxwWVEQPh2jAGaZMejzb1UMMU2swcJriH+
NbXld/+uSafDBms8OEh7hwF0A1nCExxFGwGeOq3KbxTLQaQ6h6VZsIwidKMvGXE5
qmBW6N1LchKcnTps0WclyZRL5X50pXhlv9Hirr0l/zFpMGt6jLSk9CUIrCROvsGD
4dXCWoVw2a6f6MHuBUiFEF+dLxt131HwPh3af52WGZNU
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:54:34 2024 by rpki-client on console-ams.rpki-client.org