Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6JV6HhZFhTCxjcMWStqUlkqvps8.roa
File:                     6JV6HhZFhTCxjcMWStqUlkqvps8.roa (raw, json)
Hash identifier:          hEq2WpOgia3uihszMKvgUf3EkXWrZw2Qcxjh5fmGU/E=
Subject key identifier:   E8:95:7A:1E:16:45:85:30:B1:8D:C3:16:4A:DA:94:96:4A:AF:A6:CF
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       01909CDA5B8E0036280051349C488A8E7DC0
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6JV6HhZFhTCxjcMWStqUlkqvps8.roa
Signing time:             Wed 10 Jul 2024 13:34:34 +0000
ROA not before:           Wed 10 Jul 2024 13:34:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61019
IP address blocks:        46.8.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 10:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:9c:da:5b:8e:00:36:28:00:51:34:9c:48:8a:8e:7d:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Jul 10 13:34:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e8957a1e16458530b18dc3164ada94964aafa6cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:dd:9a:f3:f6:97:62:b9:78:d0:7d:48:8f:34:
                    a4:f0:47:21:bc:d7:70:b9:1b:d2:48:9d:57:09:9a:
                    b4:dd:8b:02:91:6a:79:19:c7:17:eb:fd:c1:7d:65:
                    eb:20:0a:d5:a0:5c:88:f0:9c:59:75:67:f5:46:3e:
                    5a:fe:ad:00:58:a8:76:0b:87:9a:08:39:27:46:8a:
                    4e:56:4c:e2:55:b0:67:08:e7:44:eb:22:18:50:a9:
                    8e:3f:de:33:2c:1f:1f:ef:2d:a7:49:4f:0a:5a:16:
                    2f:84:36:58:89:26:b7:46:c0:9f:d0:15:05:e1:03:
                    4c:cc:9d:70:ee:54:74:e0:0d:a3:0c:ba:e8:50:de:
                    80:fb:5e:85:f9:ff:b1:22:ba:cc:1a:e9:3b:68:a7:
                    19:da:5d:09:83:2b:d4:61:50:b4:07:61:62:cc:db:
                    42:ca:2e:2f:3b:9f:04:36:79:4e:d7:3f:ca:db:3e:
                    b6:67:53:80:88:79:8f:36:47:1b:3d:cf:a0:9a:04:
                    99:af:c2:60:3a:2e:ce:b2:11:b8:98:26:28:f9:7b:
                    ea:1b:fa:7c:27:d4:28:44:cf:99:c2:28:fa:e0:d2:
                    fd:fe:b5:6b:53:91:03:5e:14:0b:7c:2c:65:6f:87:
                    d5:c1:26:54:2b:e1:25:3b:b6:c3:3e:b9:81:4c:4d:
                    cf:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:95:7A:1E:16:45:85:30:B1:8D:C3:16:4A:DA:94:96:4A:AF:A6:CF
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6JV6HhZFhTCxjcMWStqUlkqvps8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.8.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:2e:18:50:d1:54:83:16:de:d8:7e:d7:1a:0e:c4:46:11:35:
         c5:61:07:bb:33:4f:bc:36:5f:61:30:a8:fe:b1:ec:27:40:af:
         a7:ed:63:b6:3a:4f:33:78:92:ca:ec:56:ef:8c:38:57:3d:99:
         7a:5c:aa:39:5a:0e:f9:b9:5f:39:ea:60:8b:b5:51:56:6f:b3:
         59:a7:ab:b3:90:34:7a:c1:57:4d:e9:fd:7e:f6:5e:15:d9:4a:
         b4:7f:4d:6e:32:fc:9a:d4:0e:88:20:67:cd:a6:05:75:50:f9:
         51:25:60:cb:08:f6:2f:00:0a:42:6f:71:32:4f:2d:c5:28:7c:
         58:07:8a:54:45:2d:60:09:61:84:e7:d4:7a:a3:db:41:1e:62:
         b6:79:7f:35:11:42:f1:a2:9b:38:70:28:dc:b9:19:fe:82:0b:
         00:09:fd:41:10:4b:06:14:77:ab:88:79:f6:90:7a:0d:1b:2a:
         61:10:ab:18:95:e8:0a:21:3c:50:cd:04:61:42:79:61:9e:26:
         f5:f0:59:09:19:5b:83:98:31:a0:8c:c9:b3:55:04:74:90:87:
         a6:a6:c0:6a:9c:c6:6a:35:2f:ff:b1:96:13:e2:a4:2b:af:d9:
         15:ec:7c:1c:54:38:af:8b:cf:38:0a:fb:bb:3f:ea:45:af:c1:
         53:ee:42:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCc2luOADYoAFE0nEiKjn3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNzEwMTMzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk1N2ExZTE2NDU4NTMwYjE4ZGMzMTY0YWRhOTQ5NjRhYWZhNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd2a8/aXYrl40H1IjzSk8EchvNdw
uRvSSJ1XCZq03YsCkWp5GccX6/3BfWXrIArVoFyI8JxZdWf1Rj5a/q0AWKh2C4ea
CDknRopOVkziVbBnCOdE6yIYUKmOP94zLB8f7y2nSU8KWhYvhDZYiSa3RsCf0BUF
4QNMzJ1w7lR04A2jDLroUN6A+16F+f+xIrrMGuk7aKcZ2l0JgyvUYVC0B2FizNtC
yi4vO58ENnlO1z/K2z62Z1OAiHmPNkcbPc+gmgSZr8JgOi7OshG4mCYo+XvqG/p8
J9QoRM+Zwij64NL9/rVrU5EDXhQLfCxlb4fVwSZUK+ElO7bDPrmBTE3PawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOiVeh4WRYUwsY3DFkralJZKr6bPMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNkpWNkhoWkZoVEN4amNNV1N0cVVsa3F2cHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjrMA0G
CSqGSIb3DQEBCwUAA4IBAQAhLhhQ0VSDFt7YftcaDsRGETXFYQe7M0+8Nl9hMKj+
sewnQK+n7WO2Ok8zeJLK7FbvjDhXPZl6XKo5Wg75uV856mCLtVFWb7NZp6uzkDR6
wVdN6f1+9l4V2Uq0f01uMvya1A6IIGfNpgV1UPlRJWDLCPYvAApCb3EyTy3FKHxY
B4pURS1gCWGE59R6o9tBHmK2eX81EULxops4cCjcuRn+ggsACf1BEEsGFHeriHn2
kHoNGyphEKsYlegKITxQzQRhQnlhnib18FkJGVuDmDGgjMmzVQR0kIempsBqnMZq
NS//sZYT4qQrr9kV7HwcVDivi884Cvu7P+pFr8FT7kJ9
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:46:42 2024 by rpki-client on console-ams.rpki-client.org