Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/ix58f4LcXxkW-msHnWNlR6Z649Q.roa
File:                     ix58f4LcXxkW-msHnWNlR6Z649Q.roa (raw, json)
Hash identifier:          po0wmR4YORbEOi20CNHVH8fn0F8/D1/68FXgwvnd6RQ=
Subject key identifier:   8B:1E:7C:7F:82:DC:5F:19:16:FA:6B:07:9D:63:65:47:A6:7A:E3:D4
Certificate issuer:       /CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Certificate serial:       018CC8700DE130C5EEB6BEF0C803EB663464
Authority key identifier: 86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/ix58f4LcXxkW-msHnWNlR6Z649Q.roa
Signing time:             Tue 02 Jan 2024 04:30:35 +0000
ROA not before:           Tue 02 Jan 2024 04:30:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15869
IP address blocks:        62.3.128.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:0d:e1:30:c5:ee:b6:be:f0:c8:03:eb:66:34:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8693655326b0472c866c5c99302e2b2d78cbddf7
        Validity
            Not Before: Jan  2 04:30:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8b1e7c7f82dc5f1916fa6b079d636547a67ae3d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:1c:3d:38:34:80:9b:00:55:d5:ba:2b:ac:76:
                    2b:c8:9b:b9:5c:a2:51:28:85:17:17:ae:99:d5:da:
                    3d:fd:fa:74:91:88:8e:0d:c7:a4:50:58:9c:0e:b0:
                    f9:d1:7f:94:80:dd:1b:16:45:b1:50:42:3c:fa:82:
                    8f:36:6f:6e:cb:33:16:f9:41:d9:18:37:18:4d:b6:
                    43:0e:1d:1e:10:bb:c5:de:d4:38:63:ee:ee:5f:cd:
                    bd:79:6f:ec:4d:53:8b:64:2c:93:87:b9:3a:04:92:
                    54:5f:f9:1f:60:76:9a:bd:a0:ba:36:89:d5:27:5d:
                    8b:c0:48:88:5a:2f:f4:5f:3c:e6:d0:47:31:e3:b8:
                    d0:49:47:5c:db:3f:42:e7:42:c5:eb:33:c7:c9:49:
                    15:04:f8:54:ae:f5:e4:bf:32:70:45:48:72:3d:a5:
                    ff:e6:24:cb:6c:c3:dd:87:3a:08:65:c8:48:a0:e0:
                    21:a7:87:18:bc:78:bc:48:98:d0:61:99:2d:3b:af:
                    d3:7f:0f:2d:5e:de:a1:ca:5b:fa:49:e3:3a:9e:3d:
                    db:b7:6c:f0:eb:5d:fb:4c:35:05:28:60:4a:4c:62:
                    c6:ca:66:df:fa:79:d2:df:86:5e:59:53:af:8b:4f:
                    59:c5:e4:10:9d:28:36:5b:d7:c4:3e:31:76:44:53:
                    a6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:1E:7C:7F:82:DC:5F:19:16:FA:6B:07:9D:63:65:47:A6:7A:E3:D4
            X509v3 Authority Key Identifier:
                keyid:86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/ix58f4LcXxkW-msHnWNlR6Z649Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.3.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:da:b0:ab:88:6f:3c:b7:c8:18:45:0c:be:7d:72:c6:1f:6e:
         22:3c:8b:93:59:c8:72:ec:62:83:64:7e:5b:3f:12:0a:fa:b4:
         21:e5:46:e1:d4:6d:0f:f8:10:23:fc:89:92:01:e8:39:ed:1a:
         29:1f:e6:99:f8:7d:6c:1a:86:1a:ee:05:f2:23:18:d6:7d:97:
         e2:86:93:14:60:71:05:4a:7b:cc:50:1a:ce:b4:fe:26:5a:db:
         f7:5e:0d:70:7c:2a:9b:8b:43:74:6e:a2:90:a9:f1:c8:31:b6:
         be:d9:78:89:40:f6:f5:b4:64:23:fc:18:9f:c1:e8:0a:e4:1f:
         73:54:a4:7a:a6:03:9f:6d:18:fc:84:d9:1e:b2:5f:04:1a:fd:
         61:15:81:28:37:dd:f9:d2:2a:ed:6f:ef:c2:87:59:7b:f8:76:
         8a:5a:a2:7a:c0:b5:c5:b5:db:80:5c:c1:6e:c1:86:d8:d9:a4:
         0f:0c:fc:9a:f8:85:29:d5:7d:7e:60:0c:7e:b2:96:9f:c2:ee:
         28:d5:0b:79:25:a0:b7:64:0d:db:13:14:4b:c9:8e:f9:f8:27:
         a7:71:a3:25:8e:05:2b:b5:34:a3:a1:62:25:7c:a4:61:9d:21:
         d6:f0:f7:c8:b0:2b:ae:84:a2:d7:ce:81:76:df:12:ed:07:6f:
         1e:87:72:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcA3hMMXutr7wyAPrZjRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTM2NTUzMjZiMDQ3MmM4NjZjNWM5OTMwMmUyYjJkNzhj
YmRkZjcwHhcNMjQwMTAyMDQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFlN2M3ZjgyZGM1ZjE5MTZmYTZiMDc5ZDYzNjU0N2E2N2FlM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBw9ODSAmwBV1borrHYryJu5XKJR
KIUXF66Z1do9/fp0kYiODcekUFicDrD50X+UgN0bFkWxUEI8+oKPNm9uyzMW+UHZ
GDcYTbZDDh0eELvF3tQ4Y+7uX829eW/sTVOLZCyTh7k6BJJUX/kfYHaavaC6NonV
J12LwEiIWi/0Xzzm0Ecx47jQSUdc2z9C50LF6zPHyUkVBPhUrvXkvzJwRUhyPaX/
5iTLbMPdhzoIZchIoOAhp4cYvHi8SJjQYZktO6/Tfw8tXt6hylv6SeM6nj3bt2zw
6137TDUFKGBKTGLGymbf+nnS34ZeWVOvi09ZxeQQnSg2W9fEPjF2RFOmawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsefH+C3F8ZFvprB51jZUemeuPUMB8GA1UdIwQY
MBaAFIaTZVMmsEcshmxcmTAuKy14y933MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEt
OWU2NzcyZWQzOWE2LzEvaXg1OGY0TGNYeGtXLW1zSG5XTmxSNlo2NDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEtOWU2NzcyZWQzOWE2
LzEvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPgOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBu2rCriG88t8gYRQy+fXLGH24iPIuTWchy7GKDZH5b
PxIK+rQh5Ubh1G0P+BAj/ImSAeg57RopH+aZ+H1sGoYa7gXyIxjWfZfihpMUYHEF
SnvMUBrOtP4mWtv3Xg1wfCqbi0N0bqKQqfHIMba+2XiJQPb1tGQj/BifwegK5B9z
VKR6pgOfbRj8hNkesl8EGv1hFYEoN9350irtb+/Ch1l7+HaKWqJ6wLXFtduAXMFu
wYbY2aQPDPya+IUp1X1+YAx+spafwu4o1Qt5JaC3ZA3bExRLyY75+CencaMljgUr
tTSjoWIlfKRhnSHW8PfIsCuuhKLXzoF23xLtB28eh3I3
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:20:15 2024 by rpki-client on console-fra.rpki-client.org