Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/6oezs21ep1oveYkauWd8kWmjLls.roa
File:                     6oezs21ep1oveYkauWd8kWmjLls.roa (raw, json)
Hash identifier:          V2g5tQSf1tLfxBlgwhIdsQ1kpqohaQ6L3JQQ6LdJZg4=
Subject key identifier:   EA:87:B3:B3:6D:5E:A7:5A:2F:79:89:1A:B9:67:7C:91:69:A3:2E:5B
Certificate issuer:       /CN=b11a1f9770bab077515b7712cb8d49550b3138a1
Certificate serial:       018CC56E134B224C78B2B9ED9EC28680F7D8
Authority key identifier: B1:1A:1F:97:70:BA:B0:77:51:5B:77:12:CB:8D:49:55:0B:31:38:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/6oezs21ep1oveYkauWd8kWmjLls.roa
Signing time:             Mon 01 Jan 2024 14:29:34 +0000
ROA not before:           Mon 01 Jan 2024 14:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30742
IP address blocks:        185.48.216.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 20:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:13:4b:22:4c:78:b2:b9:ed:9e:c2:86:80:f7:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b11a1f9770bab077515b7712cb8d49550b3138a1
        Validity
            Not Before: Jan  1 14:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea87b3b36d5ea75a2f79891ab9677c9169a32e5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:87:7c:74:df:a0:ee:5d:83:51:f0:c5:07:00:
                    d2:86:a0:08:1c:f0:d3:5c:8e:e9:b5:87:af:c7:43:
                    20:91:da:e9:f7:3d:bb:45:84:48:7d:76:2e:5a:cd:
                    b3:52:55:3f:ec:e2:3a:ca:4c:06:56:0f:e2:1a:87:
                    48:83:fb:d6:f2:5c:93:87:3e:04:87:e3:bc:30:47:
                    48:26:de:25:18:06:3a:cb:cc:94:e4:de:d5:85:8d:
                    d2:61:bd:b7:29:e3:29:2b:82:5f:bb:8e:8e:07:78:
                    13:c3:0f:08:cd:4e:08:65:00:1c:84:3d:4e:04:0d:
                    31:a8:d1:b0:53:a0:81:76:7b:dd:da:ee:46:0e:dd:
                    bb:e1:37:28:5c:96:ac:66:83:42:21:08:d0:01:bc:
                    13:3d:99:12:de:b2:aa:c6:5f:cb:78:4e:c6:78:6d:
                    99:eb:8e:d9:78:8e:93:40:14:56:71:71:4b:5c:0a:
                    2e:3f:76:4d:36:3b:09:3d:a3:84:c9:61:b8:97:be:
                    dd:65:83:45:a0:19:6f:76:3f:08:af:7f:85:7c:de:
                    7c:5d:bb:ac:a9:b6:7c:a2:79:80:88:57:7c:94:d5:
                    e6:61:7d:aa:ab:0a:b9:9c:cb:b2:e3:c3:f8:d4:76:
                    26:38:e3:77:bd:77:1c:0f:d1:00:dd:e6:e5:ab:1d:
                    b8:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:87:B3:B3:6D:5E:A7:5A:2F:79:89:1A:B9:67:7C:91:69:A3:2E:5B
            X509v3 Authority Key Identifier:
                keyid:B1:1A:1F:97:70:BA:B0:77:51:5B:77:12:CB:8D:49:55:0B:31:38:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sRofl3C6sHdRW3cSy41JVQsxOKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/6oezs21ep1oveYkauWd8kWmjLls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/8d6c33-b2c1-48da-a609-8217a929fd8d/1/sRofl3C6sHdRW3cSy41JVQsxOKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.48.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:43:41:82:56:bb:3a:35:e0:21:d8:a8:99:b8:30:51:20:b3:
         9e:7b:6c:28:61:37:6a:5f:9f:a2:d3:f8:09:54:6a:8c:bc:ed:
         c8:93:7c:65:ee:ee:9d:39:bb:eb:3d:72:53:f6:e2:5a:de:83:
         e4:4a:c2:fb:ee:f7:ca:d0:02:5b:4a:2d:14:09:b6:73:b1:26:
         d5:ac:59:72:53:07:fa:39:05:8e:24:d6:8d:fe:9f:e9:81:5b:
         cd:28:58:8f:06:23:c4:f0:06:28:4f:6a:57:a0:41:0c:f7:66:
         bf:23:81:dd:2e:40:9a:fc:d0:11:d0:fb:be:41:6c:63:66:10:
         d3:63:fb:68:bf:30:25:fa:69:cf:b3:da:79:66:25:be:36:04:
         36:10:55:79:29:3c:03:42:de:df:99:82:df:69:97:06:ac:c2:
         9e:23:2c:fc:18:c9:e5:03:34:ae:36:5e:20:cf:7a:32:3a:a5:
         0f:10:36:99:f1:13:0f:d6:f4:51:0d:39:35:71:05:f3:fa:21:
         ca:c7:fc:41:02:f9:90:0d:3c:07:07:5f:e9:2a:dd:bf:0a:5d:
         ba:b6:f7:29:01:61:f8:33:0b:01:23:f3:75:cb:f5:75:78:b7:
         b8:c5:1b:92:e1:e3:a1:b4:5d:08:5c:d7:aa:7b:4c:a8:3b:b9:
         20:30:75:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhNLIkx4srntnsKGgPfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMWExZjk3NzBiYWIwNzc1MTViNzcxMmNiOGQ0OTU1MGIz
MTM4YTEwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTg3YjNiMzZkNWVhNzVhMmY3OTg5MWFiOTY3N2M5MTY5YTMyZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArId8dN+g7l2DUfDFBwDShqAIHPDT
XI7ptYevx0Mgkdrp9z27RYRIfXYuWs2zUlU/7OI6ykwGVg/iGodIg/vW8lyThz4E
h+O8MEdIJt4lGAY6y8yU5N7VhY3SYb23KeMpK4Jfu46OB3gTww8IzU4IZQAchD1O
BA0xqNGwU6CBdnvd2u5GDt274TcoXJasZoNCIQjQAbwTPZkS3rKqxl/LeE7GeG2Z
647ZeI6TQBRWcXFLXAouP3ZNNjsJPaOEyWG4l77dZYNFoBlvdj8Ir3+FfN58Xbus
qbZ8onmAiFd8lNXmYX2qqwq5nMuy48P41HYmOON3vXccD9EA3eblqx24pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqHs7NtXqdaL3mJGrlnfJFpoy5bMB8GA1UdIwQY
MBaAFLEaH5dwurB3UVt3EsuNSVULMTihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1JvZmwzQzZzSGRSVzNjU3k0MUpWUXN4T0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS84ZDZjMzMtYjJjMS00OGRhLWE2MDkt
ODIxN2E5MjlmZDhkLzEvNm9lenMyMWVwMW92ZVlrYXVXZDhrV21qTGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS84ZDZjMzMtYjJjMS00OGRhLWE2MDktODIxN2E5MjlmZDhk
LzEvc1JvZmwzQzZzSGRSVzNjU3k0MUpWUXN4T0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTDYMA0G
CSqGSIb3DQEBCwUAA4IBAQA4Q0GCVrs6NeAh2KiZuDBRILOee2woYTdqX5+i0/gJ
VGqMvO3Ik3xl7u6dObvrPXJT9uJa3oPkSsL77vfK0AJbSi0UCbZzsSbVrFlyUwf6
OQWOJNaN/p/pgVvNKFiPBiPE8AYoT2pXoEEM92a/I4HdLkCa/NAR0Pu+QWxjZhDT
Y/tovzAl+mnPs9p5ZiW+NgQ2EFV5KTwDQt7fmYLfaZcGrMKeIyz8GMnlAzSuNl4g
z3oyOqUPEDaZ8RMP1vRRDTk1cQXz+iHKx/xBAvmQDTwHB1/pKt2/Cl26tvcpAWH4
MwsBI/N1y/V1eLe4xRuS4eOhtF0IXNeqe0yoO7kgMHXr
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:20:58 2024 by rpki-client on console-ams.rpki-client.org