Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/SGzXiTNIbF4ZIzNeF3vjuzTn-84.roa
File:                     SGzXiTNIbF4ZIzNeF3vjuzTn-84.roa (raw, json)
Hash identifier:          TuYKPZDMRWCEEpGOLxJX/CwGa1X5kmb3TTMLX7Hqfrk=
Subject key identifier:   48:6C:D7:89:33:48:6C:5E:19:23:33:5E:17:7B:E3:BB:34:E7:FB:CE
Certificate issuer:       /CN=cb1bd62beecab0e903b29811241db244bbf52c39
Certificate serial:       018CC7257829E65742292D0ACEC468F499E1
Authority key identifier: CB:1B:D6:2B:EE:CA:B0:E9:03:B2:98:11:24:1D:B2:44:BB:F5:2C:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yxvWK-7KsOkDspgRJB2yRLv1LDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/SGzXiTNIbF4ZIzNeF3vjuzTn-84.roa
Signing time:             Mon 01 Jan 2024 22:29:30 +0000
ROA not before:           Mon 01 Jan 2024 22:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212851
IP address blocks:        185.214.65.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/yxvWK-7KsOkDspgRJB2yRLv1LDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/yxvWK-7KsOkDspgRJB2yRLv1LDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yxvWK-7KsOkDspgRJB2yRLv1LDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:25:78:29:e6:57:42:29:2d:0a:ce:c4:68:f4:99:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb1bd62beecab0e903b29811241db244bbf52c39
        Validity
            Not Before: Jan  1 22:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=486cd78933486c5e1923335e177be3bb34e7fbce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:88:0a:57:bd:72:52:3d:bf:a6:88:5e:32:73:
                    61:d8:41:7d:b9:91:1d:f3:77:f1:51:f7:35:42:c9:
                    ae:22:d4:b9:85:81:be:ae:a6:1c:0c:6a:c2:fd:3b:
                    58:e7:dc:32:75:3a:62:11:3e:8d:4a:a3:7f:12:0b:
                    9a:cd:10:77:55:29:69:df:48:55:c2:7c:6f:b7:51:
                    01:00:89:01:2a:fc:f1:a2:5b:09:3f:a5:d5:d9:e7:
                    14:ee:b6:55:4d:6e:bb:17:8c:ad:31:ad:f9:f1:c8:
                    8b:b8:a5:59:79:d5:e4:f6:dd:db:d0:dd:dd:e2:42:
                    a7:e9:28:a9:0e:96:61:4d:3b:59:bd:5b:c6:d0:17:
                    3f:fb:d0:fb:f9:bc:fc:b1:aa:31:55:80:cc:84:f0:
                    f3:79:be:ae:88:96:31:50:3f:ed:4d:66:34:c9:b7:
                    eb:61:5c:0d:63:04:70:c9:56:31:35:d1:f1:8d:93:
                    54:f1:6c:2b:32:b0:64:70:14:7b:40:e2:07:9c:7c:
                    a0:19:5c:42:00:f2:72:91:51:9e:f6:0c:81:dd:2f:
                    c7:8a:5d:ab:90:79:5f:4a:6a:91:81:71:7f:9c:d2:
                    06:b6:25:70:a3:91:08:3c:de:22:e4:84:6d:06:70:
                    c0:36:f0:6b:85:d3:ac:9e:43:39:d6:5e:1d:9a:e2:
                    37:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6C:D7:89:33:48:6C:5E:19:23:33:5E:17:7B:E3:BB:34:E7:FB:CE
            X509v3 Authority Key Identifier:
                keyid:CB:1B:D6:2B:EE:CA:B0:E9:03:B2:98:11:24:1D:B2:44:BB:F5:2C:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxvWK-7KsOkDspgRJB2yRLv1LDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/SGzXiTNIbF4ZIzNeF3vjuzTn-84.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e02b47-f2e0-4402-814f-e4016ad53cc9/1/yxvWK-7KsOkDspgRJB2yRLv1LDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:d1:f2:4c:68:f1:6e:6f:be:96:6d:6d:ca:93:a1:01:9c:d3:
         fd:5f:a1:8c:4e:af:83:a9:ae:75:32:3f:93:63:ea:5c:1d:41:
         91:64:0f:f3:67:48:18:15:a8:08:0d:1d:b4:aa:99:71:11:6d:
         30:a9:78:67:7e:e7:fd:dc:e0:06:62:72:28:41:ff:8f:6e:8c:
         b9:8e:1b:b6:2d:9b:17:51:7f:26:0b:d4:9d:a5:60:ac:b6:fc:
         c2:83:bb:89:28:ea:57:a3:c0:68:c8:eb:2d:76:4e:1c:e1:c8:
         ca:9e:55:4d:c9:f1:47:3c:99:9a:c2:93:5c:3b:26:a5:a7:7b:
         fe:27:ea:5b:1d:ec:52:1b:9a:13:67:f2:52:23:cf:d4:12:43:
         c3:23:e9:1e:02:a8:5a:07:31:6a:27:0f:55:7c:13:c6:80:30:
         eb:5d:88:af:33:55:69:70:12:76:07:bb:9f:31:9d:41:d5:4d:
         b8:e7:66:dd:0d:de:e1:59:29:6d:84:b6:ef:44:72:cb:9a:ba:
         66:4e:e9:1c:7f:7b:28:78:a3:ec:c1:26:2c:c3:bb:0b:1b:f7:
         96:a6:08:a6:a8:f7:fd:2f:c1:a6:2a:38:09:4c:9c:07:47:14:
         90:77:3b:52:7d:38:22:36:f2:ff:f8:54:f1:b9:7c:60:26:bd:
         ae:5a:f1:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXgp5ldCKS0KzsRo9JnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWJkNjJiZWVjYWIwZTkwM2IyOTgxMTI0MWRiMjQ0YmJm
NTJjMzkwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZjZDc4OTMzNDg2YzVlMTkyMzMzNWUxNzdiZTNiYjM0ZTdmYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvogKV71yUj2/poheMnNh2EF9uZEd
83fxUfc1QsmuItS5hYG+rqYcDGrC/TtY59wydTpiET6NSqN/EguazRB3VSlp30hV
wnxvt1EBAIkBKvzxolsJP6XV2ecU7rZVTW67F4ytMa358ciLuKVZedXk9t3b0N3d
4kKn6SipDpZhTTtZvVvG0Bc/+9D7+bz8saoxVYDMhPDzeb6uiJYxUD/tTWY0ybfr
YVwNYwRwyVYxNdHxjZNU8WwrMrBkcBR7QOIHnHygGVxCAPJykVGe9gyB3S/Hil2r
kHlfSmqRgXF/nNIGtiVwo5EIPN4i5IRtBnDANvBrhdOsnkM51l4dmuI3OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhs14kzSGxeGSMzXhd747s05/vOMB8GA1UdIwQY
MBaAFMsb1ivuyrDpA7KYESQdskS79Sw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXh2V0stN0tzT2tEc3BnUkpCMnlSTHYxTERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9lMDJiNDctZjJlMC00NDAyLTgxNGYt
ZTQwMTZhZDUzY2M5LzEvU0d6WGlUTkliRjRaSXpOZUYzdmp1elRuLTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9lMDJiNDctZjJlMC00NDAyLTgxNGYtZTQwMTZhZDUzY2M5
LzEveXh2V0stN0tzT2tEc3BnUkpCMnlSTHYxTERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudZBMA0G
CSqGSIb3DQEBCwUAA4IBAQAR0fJMaPFub76WbW3Kk6EBnNP9X6GMTq+Dqa51Mj+T
Y+pcHUGRZA/zZ0gYFagIDR20qplxEW0wqXhnfuf93OAGYnIoQf+Pboy5jhu2LZsX
UX8mC9SdpWCstvzCg7uJKOpXo8BoyOstdk4c4cjKnlVNyfFHPJmawpNcOyalp3v+
J+pbHexSG5oTZ/JSI8/UEkPDI+keAqhaBzFqJw9VfBPGgDDrXYivM1VpcBJ2B7uf
MZ1B1U2452bdDd7hWSlthLbvRHLLmrpmTukcf3soeKPswSYsw7sLG/eWpgimqPf9
L8GmKjgJTJwHRxSQdztSfTgiNvL/+FTxuXxgJr2uWvG+
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:36:30 2024 by rpki-client on console-ams.rpki-client.org