Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa
File:                     30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa (raw, json)
Hash identifier:          U0wIIBSF2NNtVo34y+7lHW59C3gidtpckIT1dAIivKc=
Subject key identifier:   DF:4A:05:E9:A7:34:9E:E9:3C:79:8B:77:29:ED:D1:56:8E:07:D9:FA
Certificate issuer:       /CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
Certificate serial:       018CC348FA26A19F23C01BDE092BB057BA93
Authority key identifier: 8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa
Signing time:             Mon 01 Jan 2024 04:29:48 +0000
ROA not before:           Mon 01 Jan 2024 04:29:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6799
IP address blocks:        94.232.80.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/jsGCA8JVodC_FYdULHYm8mc41sE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/jsGCA8JVodC_FYdULHYm8mc41sE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:fa:26:a1:9f:23:c0:1b:de:09:2b:b0:57:ba:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
        Validity
            Not Before: Jan  1 04:29:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df4a05e9a7349ee93c798b7729edd1568e07d9fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:38:b5:7a:15:9b:7a:f1:62:ba:ce:f9:ad:61:
                    8e:9d:78:99:54:6d:36:15:e4:75:85:99:27:a4:3f:
                    0b:34:92:55:e1:5e:7d:64:9d:36:eb:eb:8f:d7:b4:
                    f6:1f:47:77:2c:c8:a1:2f:5c:33:d1:4f:f4:bd:de:
                    bd:3e:82:a3:11:53:56:19:f0:80:ba:6b:99:9c:20:
                    58:00:fa:98:9f:60:82:25:11:d7:b6:50:e4:e1:2c:
                    7b:49:42:b2:5d:53:bb:d9:c5:11:2d:4b:cb:0d:a8:
                    a0:d3:7d:92:8e:a8:71:04:6a:76:db:2c:d5:3b:76:
                    06:28:4d:7d:22:fa:54:51:ac:75:89:98:f8:7e:d6:
                    97:85:51:1e:0e:7e:79:33:06:60:d2:91:4e:8b:b6:
                    5a:b5:7b:f4:af:36:18:fc:a4:35:9a:4b:e8:ae:27:
                    81:ce:1b:de:16:30:bc:00:3a:f9:46:ca:ce:f7:77:
                    17:65:4e:10:39:74:d5:aa:1e:c7:39:1d:9a:b0:3b:
                    13:f1:25:ab:51:3d:33:2d:f8:33:0b:cd:df:3b:8b:
                    d4:b3:6c:09:63:86:4f:25:f0:52:f7:60:d1:29:ba:
                    85:bb:eb:6d:16:38:70:68:b3:8f:e7:51:12:3b:89:
                    d9:df:1e:1e:a6:7f:de:8e:4a:38:d5:14:8a:66:b8:
                    d2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:4A:05:E9:A7:34:9E:E9:3C:79:8B:77:29:ED:D1:56:8E:07:D9:FA
            X509v3 Authority Key Identifier:
                keyid:8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/jsGCA8JVodC_FYdULHYm8mc41sE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.232.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8c:9b:9f:86:0f:fb:63:09:ef:ed:f9:6b:b7:7a:c1:20:69:e1:
         60:9b:32:59:4b:49:13:f7:a5:49:0c:0d:f9:24:3d:c4:2a:8d:
         e4:05:2f:2f:76:47:ce:aa:5a:42:b8:23:7c:7f:e4:ee:d4:cb:
         35:28:98:e3:cf:99:26:7b:99:22:2f:da:1d:22:ea:ce:65:d1:
         36:f1:6a:49:c5:aa:68:26:c3:67:d7:b5:4e:62:a5:f7:35:bd:
         17:5a:1d:f6:2f:48:f8:51:2c:6f:58:36:e2:26:2a:39:a2:f4:
         53:fe:ab:4e:1a:c8:aa:ed:36:b8:00:1d:ac:66:80:9e:f2:e3:
         83:93:7c:97:1c:14:57:8f:94:ba:31:ab:a2:14:ed:54:cd:6d:
         87:85:80:c3:b6:94:63:30:67:2c:58:b4:d6:26:aa:14:35:76:
         53:9d:27:ae:00:c4:10:74:7a:b2:93:fd:3d:3d:4a:ac:f8:40:
         ed:a6:40:9d:87:dd:62:2b:90:de:c9:27:aa:44:39:d7:67:ee:
         7b:fd:ee:f9:df:d9:a2:c5:63:ad:9c:60:19:53:84:bc:c8:01:
         f2:28:28:af:a0:39:65:4a:60:70:01:bb:48:a7:61:c8:b7:83:
         84:c5:2d:9c:9e:67:bd:97:9d:94:73:e4:dd:a7:5a:4f:33:70:
         c0:b2:7b:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPomoZ8jwBveCSuwV7qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzE4MjAzYzI1NWExZDBiZjE1ODc1NDJjNzYyNmYyNjcz
OGQ2YzEwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRhMDVlOWE3MzQ5ZWU5M2M3OThiNzcyOWVkZDE1NjhlMDdkOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDi1ehWbevFius75rWGOnXiZVG02
FeR1hZknpD8LNJJV4V59ZJ026+uP17T2H0d3LMihL1wz0U/0vd69PoKjEVNWGfCA
umuZnCBYAPqYn2CCJRHXtlDk4Sx7SUKyXVO72cURLUvLDaig032SjqhxBGp22yzV
O3YGKE19IvpUUax1iZj4ftaXhVEeDn55MwZg0pFOi7ZatXv0rzYY/KQ1mkvorieB
zhveFjC8ADr5RsrO93cXZU4QOXTVqh7HOR2asDsT8SWrUT0zLfgzC83fO4vUs2wJ
Y4ZPJfBS92DRKbqFu+ttFjhwaLOP51ESO4nZ3x4epn/ejko41RSKZrjSbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9KBemnNJ7pPHmLdynt0VaOB9n6MB8GA1UdIwQY
MBaAFI7BggPCVaHQvxWHVCx2JvJnONbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2Et
MWEzYmUyNGI3NmRiLzEvMzBvRjZhYzBudWs4ZVl0M0tlM1JWbzRIMmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2EtMWEzYmUyNGI3NmRi
LzEvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXuhQMA0G
CSqGSIb3DQEBCwUAA4IBAQCMm5+GD/tjCe/t+Wu3esEgaeFgmzJZS0kT96VJDA35
JD3EKo3kBS8vdkfOqlpCuCN8f+Tu1Ms1KJjjz5kme5kiL9odIurOZdE28WpJxapo
JsNn17VOYqX3Nb0XWh32L0j4USxvWDbiJio5ovRT/qtOGsiq7Ta4AB2sZoCe8uOD
k3yXHBRXj5S6MauiFO1UzW2HhYDDtpRjMGcsWLTWJqoUNXZTnSeuAMQQdHqyk/09
PUqs+EDtpkCdh91iK5DeySeqRDnXZ+57/e7539mixWOtnGAZU4S8yAHyKCivoDll
SmBwAbtIp2HIt4OExS2cnme9l52Uc+Tdp1pPM3DAsnu/
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:26:00 2024 by rpki-client on console-ams.rpki-client.org