Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa
File:                     1lI0IIyXickfMCeAZuFlv8idECM.roa (raw, json)
Hash identifier:          TbjhQ5fKEihbATQea00+yi0Y4AaVqkk+jdcLAz9mQ6Q=
Subject key identifier:   D6:52:34:20:8C:97:89:C9:1F:30:27:80:66:E1:65:BF:C8:9D:10:23
Certificate issuer:       /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial:       018CC9BC06198C424B8D3F1FB8C9E0208FC4
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa
Signing time:             Tue 02 Jan 2024 10:33:11 +0000
ROA not before:           Tue 02 Jan 2024 10:33:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2856
IP address blocks:        185.210.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:06:19:8c:42:4b:8d:3f:1f:b8:c9:e0:20:8f:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
        Validity
            Not Before: Jan  2 10:33:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d65234208c9789c91f30278066e165bfc89d1023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a9:b4:9b:e7:86:a1:70:04:a7:1a:f0:a0:3a:
                    e5:e1:0f:1b:d3:ea:6e:2a:ac:a7:2b:f2:77:1d:33:
                    b1:9c:a8:d1:0e:e8:42:ad:1f:11:03:8f:6c:e3:76:
                    af:78:bc:ad:1d:e1:5e:45:92:2f:9c:e7:3d:80:92:
                    fc:e8:a7:27:5c:40:ec:f7:e8:96:74:e7:07:b2:b2:
                    e9:a4:a9:a4:a6:da:f3:29:5c:9f:31:9f:de:cc:0f:
                    73:7f:68:ac:07:20:31:be:ab:ee:ff:dc:88:97:d7:
                    d1:f5:68:1f:17:e9:13:41:43:6a:79:3e:4c:30:76:
                    94:62:fd:a0:60:2f:62:8f:c5:3c:6c:6e:20:98:18:
                    5b:bd:28:8d:1e:22:fb:ee:90:8d:3e:66:c1:72:22:
                    50:d9:76:db:bb:44:a5:5f:9f:f2:5a:66:45:68:aa:
                    ce:15:82:a8:a3:10:f8:65:5a:7e:82:eb:d2:4f:eb:
                    7b:5c:77:c6:90:85:5e:f3:2d:4d:99:2d:d6:8a:cb:
                    41:d0:29:ed:55:70:af:57:09:0f:2c:3d:8e:f1:6c:
                    99:f7:2f:b4:45:82:48:a0:60:f6:6c:bf:20:78:e2:
                    24:fe:63:a9:cf:ce:5c:4f:b4:42:05:dd:8b:ad:3e:
                    c8:86:d3:99:b0:87:be:e6:f4:0b:e7:c2:db:a7:1f:
                    77:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:52:34:20:8C:97:89:C9:1F:30:27:80:66:E1:65:BF:C8:9D:10:23
            X509v3 Authority Key Identifier:
                keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.210.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:b5:43:b9:a5:43:7d:8d:63:e8:d4:2e:d6:93:9c:50:d4:a6:
         03:8b:b7:38:43:fc:5e:68:8f:ad:9f:e3:12:11:d1:a8:92:e9:
         6d:95:68:6f:3a:58:d2:50:db:c1:f6:52:aa:34:3f:1e:97:73:
         3f:d9:37:25:b1:73:22:ee:1d:ff:22:8c:28:c4:23:88:97:b5:
         b6:ca:c7:28:4b:6b:27:85:91:da:65:58:af:1e:cb:3b:6f:cb:
         cb:44:34:10:d9:38:03:0b:1c:31:ff:52:9b:d2:bd:a2:0a:3e:
         ab:c8:18:d7:1e:a7:a6:a0:53:05:d9:b0:be:ee:54:66:80:18:
         3a:52:66:29:f6:6d:36:60:ad:43:6a:28:c4:82:e8:71:b9:75:
         39:40:7a:79:85:e4:59:bc:76:bf:be:6c:39:4f:74:37:65:59:
         a2:d7:9a:0f:1b:ca:bc:ab:66:8b:a5:0a:06:fe:a5:f0:65:a6:
         8c:69:05:93:d5:0e:08:cc:81:3d:03:50:8a:29:92:0e:43:0d:
         48:88:ce:a7:92:c5:d5:32:f7:2e:6c:cf:8d:e1:3a:9d:b4:59:
         5d:0a:9a:cc:75:eb:ad:44:10:74:f8:78:3f:ef:4a:16:b4:d7:
         e4:9f:be:d1:5a:dd:49:4a:13:34:21:64:95:8f:1d:3c:3b:c6:
         92:58:6a:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvAYZjEJLjT8fuMngII/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjUyMzQyMDhjOTc4OWM5MWYzMDI3ODA2NmUxNjViZmM4OWQxMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAram0m+eGoXAEpxrwoDrl4Q8b0+pu
KqynK/J3HTOxnKjRDuhCrR8RA49s43aveLytHeFeRZIvnOc9gJL86KcnXEDs9+iW
dOcHsrLppKmkptrzKVyfMZ/ezA9zf2isByAxvqvu/9yIl9fR9WgfF+kTQUNqeT5M
MHaUYv2gYC9ij8U8bG4gmBhbvSiNHiL77pCNPmbBciJQ2Xbbu0SlX5/yWmZFaKrO
FYKooxD4ZVp+guvST+t7XHfGkIVe8y1NmS3WistB0CntVXCvVwkPLD2O8WyZ9y+0
RYJIoGD2bL8geOIk/mOpz85cT7RCBd2LrT7IhtOZsIe+5vQL58Lbpx93OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZSNCCMl4nJHzAngGbhZb/InRAjMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvMWxJMElJeVhpY2tmTUNlQVp1Rmx2OGlkRUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQAOtUO5pUN9jWPo1C7Wk5xQ1KYDi7c4Q/xeaI+tn+MS
EdGokultlWhvOljSUNvB9lKqND8el3M/2TclsXMi7h3/IowoxCOIl7W2yscoS2sn
hZHaZVivHss7b8vLRDQQ2TgDCxwx/1Kb0r2iCj6ryBjXHqemoFMF2bC+7lRmgBg6
UmYp9m02YK1DaijEguhxuXU5QHp5heRZvHa/vmw5T3Q3ZVmi15oPG8q8q2aLpQoG
/qXwZaaMaQWT1Q4IzIE9A1CKKZIOQw1IiM6nksXVMvcubM+N4TqdtFldCprMdeut
RBB0+Hg/70oWtNfkn77RWt1JShM0IWSVjx08O8aSWGrw
-----END CERTIFICATE-----
Generated at Sat May 4 02:14:35 2024 by rpki-client on console-ams.rpki-client.org