Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/6dcpFHKDCDJHvYRR1pmXe0SR8XY.roa
File:                     6dcpFHKDCDJHvYRR1pmXe0SR8XY.roa (raw, json)
Hash identifier:          CZ/ha2MJeiD8zH7ilx8CWd1UuQwiv+CnRR+sDmpcTBI=
Subject key identifier:   E9:D7:29:14:72:83:08:32:47:BD:84:51:D6:99:97:7B:44:91:F1:76
Certificate issuer:       /CN=9b19758a087876816dc19361eaf1e9412de73f86
Certificate serial:       018CC5DC1F6503EE9E340A1AA8AE568DA32C
Authority key identifier: 9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/6dcpFHKDCDJHvYRR1pmXe0SR8XY.roa
Signing time:             Mon 01 Jan 2024 16:29:46 +0000
ROA not before:           Mon 01 Jan 2024 16:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60118
IP address blocks:        185.150.17.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/mxl1igh4doFtwZNh6vHpQS3nP4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/mxl1igh4doFtwZNh6vHpQS3nP4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:1f:65:03:ee:9e:34:0a:1a:a8:ae:56:8d:a3:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b19758a087876816dc19361eaf1e9412de73f86
        Validity
            Not Before: Jan  1 16:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e9d729147283083247bd8451d699977b4491f176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:17:4a:73:5b:95:6c:49:4e:ab:0f:5f:8a:7c:
                    24:46:23:a5:af:4a:57:33:be:c0:dd:75:7d:11:f6:
                    70:49:4a:3e:4d:4f:76:83:a4:51:d3:20:ab:42:23:
                    ca:12:96:84:09:2a:7d:e8:87:4d:5e:54:e5:51:78:
                    0a:ac:9b:ca:92:6e:2e:97:dd:1e:92:0a:d3:40:a2:
                    6d:3c:71:b2:b9:83:c4:42:fe:3e:23:be:8c:2b:fe:
                    9e:9b:78:73:20:a2:85:57:88:dd:ad:4f:8e:c4:16:
                    0b:86:d1:b2:19:74:2b:10:fc:6b:ab:f1:bc:14:32:
                    bc:86:da:41:12:d9:19:09:ee:26:81:45:e1:b7:b9:
                    cc:40:5b:c3:fa:4f:68:5b:96:7e:5d:35:1e:59:6f:
                    8d:1d:f6:57:09:c9:d1:38:d3:bd:99:5d:18:7c:d8:
                    56:42:40:83:c5:df:09:78:81:92:5a:9d:af:b4:d1:
                    3a:a4:15:1a:f1:f0:ac:41:41:2b:87:ea:c8:38:21:
                    87:e0:04:2d:91:2a:9e:27:a7:d4:5d:9d:5b:9f:5e:
                    50:bf:ec:c4:3b:41:e1:f3:e7:ad:35:e6:b9:fb:d6:
                    f8:45:fa:47:ab:55:47:7d:82:e7:18:84:6f:3a:77:
                    7d:1b:d4:d4:67:f6:55:1e:28:23:89:65:4b:19:43:
                    39:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D7:29:14:72:83:08:32:47:BD:84:51:D6:99:97:7B:44:91:F1:76
            X509v3 Authority Key Identifier:
                keyid:9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/6dcpFHKDCDJHvYRR1pmXe0SR8XY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/mxl1igh4doFtwZNh6vHpQS3nP4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:29:e2:f9:4a:5b:90:a7:67:de:08:36:83:56:44:5f:a2:20:
         55:84:44:71:c1:4f:46:09:32:6f:1e:b8:6b:c5:8c:f2:1d:c2:
         c0:b2:23:81:e2:7a:b3:2f:66:00:91:a6:a5:39:bd:53:83:d3:
         fe:63:49:f9:e8:b6:d9:81:80:b3:9e:6f:a2:27:a6:13:f3:ad:
         c3:9e:f2:48:e4:d7:01:9c:19:37:87:cc:d6:b4:6e:d2:20:bd:
         f5:86:b8:99:d8:43:3d:11:79:8d:4e:0e:14:00:13:cc:b1:07:
         61:b9:cf:56:a0:ff:24:a1:eb:32:d7:b5:c2:44:ed:c7:8a:99:
         06:14:0b:b5:f3:7e:8f:74:d6:11:c2:b9:8f:03:58:8f:ba:f1:
         27:3e:1b:d3:1d:00:b5:41:89:67:3c:a1:ae:c2:e7:db:58:7c:
         c6:25:44:a5:8e:8c:9f:ac:92:50:10:58:8c:0a:04:32:53:8a:
         ca:62:e0:3a:66:22:31:2f:b6:de:7d:b3:89:87:98:95:f5:bb:
         8c:f9:f9:54:2b:5b:7c:23:5d:f9:d8:14:cd:e5:13:2c:16:e9:
         ec:85:77:56:df:37:e8:22:1e:a3:db:a5:54:32:d7:01:36:6b:
         9b:f5:f5:75:1a:e9:ba:99:bd:d6:21:76:cf:e7:10:34:f2:61:
         55:7d:bb:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3B9lA+6eNAoaqK5WjaMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMTk3NThhMDg3ODc2ODE2ZGMxOTM2MWVhZjFlOTQxMmRl
NzNmODYwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ3MjkxNDcyODMwODMyNDdiZDg0NTFkNjk5OTc3YjQ0OTFmMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxdKc1uVbElOqw9finwkRiOlr0pX
M77A3XV9EfZwSUo+TU92g6RR0yCrQiPKEpaECSp96IdNXlTlUXgKrJvKkm4ul90e
kgrTQKJtPHGyuYPEQv4+I76MK/6em3hzIKKFV4jdrU+OxBYLhtGyGXQrEPxrq/G8
FDK8htpBEtkZCe4mgUXht7nMQFvD+k9oW5Z+XTUeWW+NHfZXCcnRONO9mV0YfNhW
QkCDxd8JeIGSWp2vtNE6pBUa8fCsQUErh+rIOCGH4AQtkSqeJ6fUXZ1bn15Qv+zE
O0Hh8+etNea5+9b4RfpHq1VHfYLnGIRvOnd9G9TUZ/ZVHigjiWVLGUM5ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOnXKRRygwgyR72EUdaZl3tEkfF2MB8GA1UdIwQY
MBaAFJsZdYoIeHaBbcGTYerx6UEt5z+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTkt
NDEzZGE2NjdhOGJlLzEvNmRjcEZIS0RDREpIdllSUjFwbVhlMFNSOFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTktNDEzZGE2NjdhOGJl
LzEvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZYRMA0G
CSqGSIb3DQEBCwUAA4IBAQCbKeL5SluQp2feCDaDVkRfoiBVhERxwU9GCTJvHrhr
xYzyHcLAsiOB4nqzL2YAkaalOb1Tg9P+Y0n56LbZgYCznm+iJ6YT863DnvJI5NcB
nBk3h8zWtG7SIL31hriZ2EM9EXmNTg4UABPMsQdhuc9WoP8koesy17XCRO3HipkG
FAu1836PdNYRwrmPA1iPuvEnPhvTHQC1QYlnPKGuwufbWHzGJUSljoyfrJJQEFiM
CgQyU4rKYuA6ZiIxL7befbOJh5iV9buM+flUK1t8I1352BTN5RMsFunshXdW3zfo
Ih6j26VUMtcBNmub9fV1Gum6mb3WIXbP5xA08mFVfbv7
-----END CERTIFICATE-----
Generated at Sun May 19 20:39:08 2024 by rpki-client on console-fra.rpki-client.org