Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_UA0TNAUY1jI5BCsV9TLwoZfpzo.roa
File:                     _UA0TNAUY1jI5BCsV9TLwoZfpzo.roa (raw, json)
Hash identifier:          T8EFqLLnK1uaSC/RRMxhW1z44lkcJC0g4NK2K+LFGJE=
Subject key identifier:   FD:40:34:4C:D0:14:63:58:C8:E4:10:AC:57:D4:CB:C2:86:5F:A7:3A
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01906E8AF42126CDE7201F2EF4EE899C3B41
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_UA0TNAUY1jI5BCsV9TLwoZfpzo.roa
Signing time:             Mon 01 Jul 2024 13:45:18 +0000
ROA not before:           Mon 01 Jul 2024 13:45:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47270
IP address blocks:        91.212.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 11:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6e:8a:f4:21:26:cd:e7:20:1f:2e:f4:ee:89:9c:3b:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul  1 13:45:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd40344cd0146358c8e410ac57d4cbc2865fa73a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:8d:f9:7b:b7:3f:30:f1:4d:6b:f7:d8:8c:df:
                    03:6a:d7:77:82:f6:01:4e:ed:a5:58:87:59:6c:6b:
                    dd:74:56:0e:09:2d:9f:c5:d5:8c:82:f0:4c:19:48:
                    e0:ef:bd:af:26:d9:95:73:c9:e3:c5:f9:97:6a:05:
                    c6:8a:5d:31:06:b5:c9:ce:60:92:3b:62:15:f9:be:
                    b1:97:26:b2:d7:d0:02:c3:cd:90:14:cc:57:63:fa:
                    4c:93:f8:94:40:6b:bb:1a:00:67:51:7a:e2:1c:2f:
                    92:e6:48:5e:01:c7:cc:85:53:c9:d9:68:52:90:74:
                    ac:97:e9:8e:b1:cb:78:b3:61:8e:b7:d2:0e:47:e4:
                    8e:d7:6b:79:9d:f7:c8:c0:92:c9:a5:35:c9:90:86:
                    6d:c4:f7:99:54:63:f0:fb:45:6d:9f:88:67:00:85:
                    01:3f:84:f2:6c:33:e6:4f:c5:11:97:e3:6c:16:08:
                    01:ae:68:93:ce:70:e6:c7:4c:d4:ca:21:d8:7f:9a:
                    a6:74:c1:b0:89:91:db:d6:a1:c2:8d:fc:fe:64:97:
                    3c:7f:0e:c2:9e:77:1c:3c:7f:0b:f1:12:73:3d:9f:
                    cf:19:4c:a3:8e:3d:09:77:62:10:d5:cf:9d:e1:ec:
                    29:1e:b3:20:3b:1a:78:c5:5e:37:36:55:3a:dd:bd:
                    d4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:40:34:4C:D0:14:63:58:C8:E4:10:AC:57:D4:CB:C2:86:5F:A7:3A
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_UA0TNAUY1jI5BCsV9TLwoZfpzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.212.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:de:35:08:e5:45:e8:de:65:d6:ae:a7:5c:9c:2b:89:fe:87:
         e5:2c:ee:04:f1:cb:0a:2e:8a:ca:5f:50:9e:c6:1d:e3:e2:b1:
         7b:5a:91:79:71:4c:c6:75:de:72:b4:f2:62:5a:c4:f8:db:cf:
         0f:46:62:57:a2:2d:e0:3d:19:d4:39:ba:bc:e9:94:8e:33:84:
         df:72:0d:f2:5b:f1:58:e4:3d:32:04:43:0e:e6:0c:62:17:4f:
         f3:6e:fe:95:82:8d:85:8b:02:d9:7e:19:42:b9:26:54:ce:fb:
         fa:23:7d:2d:54:6f:ca:de:56:b1:20:36:60:77:64:6d:f2:2c:
         24:4d:6f:92:87:4f:94:5c:5b:1c:b5:04:26:97:4f:7a:38:90:
         a6:70:d3:ad:bf:f8:32:42:ce:34:e2:72:b3:e2:51:1e:cd:df:
         05:13:4c:08:28:1d:93:cc:fa:b6:cf:61:ce:a1:6d:66:23:62:
         46:f2:9a:c3:30:ce:db:98:be:c5:90:2e:f0:74:bb:b5:f4:59:
         9e:67:f8:50:97:a8:72:da:5d:6f:9c:55:a6:72:ef:e7:7a:60:
         60:ea:c8:9e:07:48:e4:34:4a:6f:37:72:f4:12:9a:4e:b9:fc:
         dc:81:09:ea:44:b0:02:74:7e:53:b9:dd:57:75:8d:01:53:3a:
         4d:e8:4e:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBuivQhJs3nIB8u9O6JnDtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNzAxMTM0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQwMzQ0Y2QwMTQ2MzU4YzhlNDEwYWM1N2Q0Y2JjMjg2NWZhNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I35e7c/MPFNa/fYjN8Datd3gvYB
Tu2lWIdZbGvddFYOCS2fxdWMgvBMGUjg772vJtmVc8njxfmXagXGil0xBrXJzmCS
O2IV+b6xlyay19ACw82QFMxXY/pMk/iUQGu7GgBnUXriHC+S5kheAcfMhVPJ2WhS
kHSsl+mOsct4s2GOt9IOR+SO12t5nffIwJLJpTXJkIZtxPeZVGPw+0Vtn4hnAIUB
P4TybDPmT8URl+NsFggBrmiTznDmx0zUyiHYf5qmdMGwiZHb1qHCjfz+ZJc8fw7C
nnccPH8L8RJzPZ/PGUyjjj0Jd2IQ1c+d4ewpHrMgOxp4xV43NlU63b3UGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1ANEzQFGNYyOQQrFfUy8KGX6c6MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvX1VBMFROQVVZMWpJNUJDc1Y5VEx3b1pmcHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9Q9MA0G
CSqGSIb3DQEBCwUAA4IBAQDE3jUI5UXo3mXWrqdcnCuJ/oflLO4E8csKLorKX1Ce
xh3j4rF7WpF5cUzGdd5ytPJiWsT4288PRmJXoi3gPRnUObq86ZSOM4Tfcg3yW/FY
5D0yBEMO5gxiF0/zbv6Vgo2FiwLZfhlCuSZUzvv6I30tVG/K3laxIDZgd2Rt8iwk
TW+Sh0+UXFsctQQml096OJCmcNOtv/gyQs404nKz4lEezd8FE0wIKB2TzPq2z2HO
oW1mI2JG8prDMM7bmL7FkC7wdLu19FmeZ/hQl6hy2l1vnFWmcu/nemBg6sieB0jk
NEpvN3L0EppOufzcgQnqRLACdH5Tud1XdY0BUzpN6E5r
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:27 2024 by rpki-client on console-fra.rpki-client.org