Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/NC5Yrskoj7p8AIV60eDqvkwHOUA.roa
File:                     NC5Yrskoj7p8AIV60eDqvkwHOUA.roa (raw, json)
Hash identifier:          y+LlI1VZdIU2nGwVN4/DpCTvEa+DeKIMZxko2KY4mrc=
Subject key identifier:   34:2E:58:AE:C9:28:8F:BA:7C:00:85:7A:D1:E0:EA:BE:4C:07:39:40
Certificate issuer:       /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial:       018CDB3C1DEF88DE48CD280F8D73908442C8
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/NC5Yrskoj7p8AIV60eDqvkwHOUA.roa
Signing time:             Fri 05 Jan 2024 20:06:39 +0000
ROA not before:           Fri 05 Jan 2024 20:06:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42831
IP address blocks:        91.102.165.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 01:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:db:3c:1d:ef:88:de:48:cd:28:0f:8d:73:90:84:42:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
        Validity
            Not Before: Jan  5 20:06:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=342e58aec9288fba7c00857ad1e0eabe4c073940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:b4:b8:79:37:7a:04:54:50:1d:b5:3a:fa:bb:
                    b4:88:78:93:ae:63:5f:59:1f:47:69:02:f3:c3:f8:
                    8e:4e:54:87:36:e3:63:ca:20:91:58:f3:44:f6:99:
                    6b:f3:9b:98:07:28:9f:59:23:24:50:92:02:6a:e1:
                    f7:28:bc:74:21:89:5a:bd:20:ff:ae:31:6a:3e:84:
                    d1:d4:74:88:1d:31:90:94:c5:07:41:4c:f7:88:c9:
                    7f:7c:34:eb:c8:e4:df:c2:6c:71:e3:4b:44:80:49:
                    c4:50:c2:fc:f7:e1:c0:89:6b:6d:e3:32:7f:1f:b3:
                    cd:29:67:1c:5b:9f:61:ce:06:a1:ed:9b:ff:69:92:
                    88:34:9f:30:7c:17:28:e5:fd:9e:8f:a6:7f:96:cd:
                    26:36:28:02:73:e6:56:81:df:8a:cd:97:99:ad:0b:
                    47:4a:d0:73:c4:43:f5:82:cf:c3:1f:29:17:50:b5:
                    48:82:1d:b7:7b:bd:de:76:f2:c8:d0:6c:ba:9b:09:
                    0f:0d:17:ec:f6:b9:0b:4a:4d:d0:cb:16:ee:ac:89:
                    29:b0:b0:9f:7d:71:00:13:df:b4:85:6e:e2:4f:d8:
                    64:67:39:90:cc:fd:b4:99:14:89:19:2d:0e:97:ac:
                    ab:4c:bd:ba:25:65:e1:33:a1:76:77:4d:6f:59:02:
                    16:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:2E:58:AE:C9:28:8F:BA:7C:00:85:7A:D1:E0:EA:BE:4C:07:39:40
            X509v3 Authority Key Identifier:
                keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/NC5Yrskoj7p8AIV60eDqvkwHOUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.102.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:1b:97:8f:7c:0a:3c:04:5a:90:ca:31:bc:9b:da:8f:d7:e3:
         5e:c7:9a:46:d1:6d:bd:5d:d2:ea:82:8e:3b:de:01:c6:2c:6f:
         66:ab:75:79:70:49:6f:6a:d8:12:a5:00:ea:35:af:52:dc:36:
         87:af:31:3c:c0:eb:54:85:b5:3e:40:ab:91:6e:ab:36:cf:50:
         6a:cb:76:20:d8:e0:ab:d4:ce:89:85:ab:c2:dc:9c:68:8d:a5:
         95:1f:f1:40:4c:19:92:37:8a:66:a2:42:ee:d9:c6:d0:e8:f7:
         ff:b2:4d:ad:8c:f2:98:62:67:6a:8f:5e:b9:4f:05:fb:aa:21:
         d8:1f:41:d3:1d:bf:17:b5:67:e8:a7:65:86:c4:ff:9d:f5:6a:
         10:b6:ae:6f:2d:da:8e:c9:b9:0a:75:1d:d0:65:fc:2f:9e:46:
         ab:ba:c1:fb:89:f9:08:d0:b6:53:0d:57:72:b1:ba:f7:b3:57:
         76:bb:69:c4:11:8e:4a:b9:08:b7:10:0f:50:1e:19:06:2d:cb:
         7d:2f:47:aa:93:f7:3a:0a:b5:7d:90:f5:54:10:3e:db:b0:d6:
         77:da:86:53:f0:16:a0:29:64:e2:5e:09:a5:5d:15:91:be:29:
         49:54:0c:ed:6d:c5:c5:c2:9a:17:14:6c:37:37:e6:7e:cc:b7:
         59:01:55:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzbPB3viN5IzSgPjXOQhELIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjQwMTA1MjAwNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDJlNThhZWM5Mjg4ZmJhN2MwMDg1N2FkMWUwZWFiZTRjMDczOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbS4eTd6BFRQHbU6+ru0iHiTrmNf
WR9HaQLzw/iOTlSHNuNjyiCRWPNE9plr85uYByifWSMkUJICauH3KLx0IYlavSD/
rjFqPoTR1HSIHTGQlMUHQUz3iMl/fDTryOTfwmxx40tEgEnEUML89+HAiWtt4zJ/
H7PNKWccW59hzgah7Zv/aZKINJ8wfBco5f2ej6Z/ls0mNigCc+ZWgd+KzZeZrQtH
StBzxEP1gs/DHykXULVIgh23e73edvLI0Gy6mwkPDRfs9rkLSk3QyxburIkpsLCf
fXEAE9+0hW7iT9hkZzmQzP20mRSJGS0Ol6yrTL26JWXhM6F2d01vWQIWAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQuWK7JKI+6fACFetHg6r5MBzlAMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvTkM1WXJza29qN3A4QUlWNjBlRHF2a3dIT1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2alMA0G
CSqGSIb3DQEBCwUAA4IBAQBUG5ePfAo8BFqQyjG8m9qP1+Nex5pG0W29XdLqgo47
3gHGLG9mq3V5cElvatgSpQDqNa9S3DaHrzE8wOtUhbU+QKuRbqs2z1Bqy3Yg2OCr
1M6JhavC3JxojaWVH/FATBmSN4pmokLu2cbQ6Pf/sk2tjPKYYmdqj165TwX7qiHY
H0HTHb8XtWfop2WGxP+d9WoQtq5vLdqOybkKdR3QZfwvnkarusH7ifkI0LZTDVdy
sbr3s1d2u2nEEY5KuQi3EA9QHhkGLct9L0eqk/c6CrV9kPVUED7bsNZ32oZT8Bag
KWTiXgmlXRWRvilJVAztbcXFwpoXFGw3N+Z+zLdZAVXv
-----END CERTIFICATE-----
Generated at Sat May 4 09:05:35 2024 by rpki-client on console-fra.rpki-client.org