Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/qsl9K8nEaUbCn9D96IbfO7qUNDA.roa
File:                     qsl9K8nEaUbCn9D96IbfO7qUNDA.roa (raw, json)
Hash identifier:          nZGvtnnPDm+nDxEyT8PcJZ+C+IlTgHLJFxulumDl4kw=
Subject key identifier:   AA:C9:7D:2B:C9:C4:69:46:C2:9F:D0:FD:E8:86:DF:3B:BA:94:34:30
Certificate issuer:       /CN=1395a3a8fc8dd34dd6f3c950c661f4b2127175a5
Certificate serial:       018CC501005C0F186CDCF50B1CAE61A2136D
Authority key identifier: 13:95:A3:A8:FC:8D:D3:4D:D6:F3:C9:50:C6:61:F4:B2:12:71:75:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E5WjqPyN003W88lQxmH0shJxdaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/qsl9K8nEaUbCn9D96IbfO7qUNDA.roa
Signing time:             Mon 01 Jan 2024 12:30:26 +0000
ROA not before:           Mon 01 Jan 2024 12:30:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58253
IP address blocks:        185.150.64.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/E5WjqPyN003W88lQxmH0shJxdaU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/E5WjqPyN003W88lQxmH0shJxdaU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/E5WjqPyN003W88lQxmH0shJxdaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 30 Jun 2024 02:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:00:5c:0f:18:6c:dc:f5:0b:1c:ae:61:a2:13:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1395a3a8fc8dd34dd6f3c950c661f4b2127175a5
        Validity
            Not Before: Jan  1 12:30:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aac97d2bc9c46946c29fd0fde886df3bba943430
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:08:61:28:8f:da:b8:ca:3b:b0:92:bb:99:a3:
                    ba:06:63:7c:5f:a2:78:ae:02:96:46:b9:77:b4:5f:
                    59:a3:cf:37:6b:2f:bb:a3:a9:12:50:d2:63:8d:5a:
                    31:95:b3:2f:ab:35:f3:5b:9c:ff:59:2a:b8:e0:a7:
                    13:7b:01:4e:6c:7f:c6:2d:a3:75:5b:fa:31:38:7f:
                    5e:bc:01:dd:66:3f:1e:f9:6f:2f:ce:ac:f4:ff:9c:
                    33:e8:4a:c7:f6:74:94:88:0a:6c:5b:70:33:94:c8:
                    a4:08:2f:71:21:c4:ab:83:77:33:9b:c4:8f:64:48:
                    f3:7c:b9:d2:ff:72:f8:14:50:3d:69:13:b0:c3:ac:
                    d2:29:95:5b:e6:f1:5d:fc:51:5f:df:4f:27:87:5e:
                    f2:1c:ff:a0:4b:3b:37:7c:c7:4a:04:c3:47:dd:41:
                    1e:50:c8:3f:5f:09:7d:5b:2e:f9:5f:5e:e3:48:8f:
                    e7:d8:f4:a6:31:03:b6:c3:c8:69:08:2b:82:4e:3d:
                    7c:67:dd:cd:36:be:0c:01:9f:a3:27:80:15:04:47:
                    bb:99:d2:54:be:f9:d6:d2:b4:48:37:d3:9a:2e:7a:
                    95:9a:53:c4:5e:07:c3:8e:0e:d3:60:1d:ef:db:c8:
                    b2:84:f3:ba:05:23:d1:a8:07:b9:0a:91:5b:92:16:
                    f5:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C9:7D:2B:C9:C4:69:46:C2:9F:D0:FD:E8:86:DF:3B:BA:94:34:30
            X509v3 Authority Key Identifier:
                keyid:13:95:A3:A8:FC:8D:D3:4D:D6:F3:C9:50:C6:61:F4:B2:12:71:75:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5WjqPyN003W88lQxmH0shJxdaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/qsl9K8nEaUbCn9D96IbfO7qUNDA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/52c448-1cb9-4beb-8fc2-f048a9266fcf/1/E5WjqPyN003W88lQxmH0shJxdaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:a6:dc:c9:88:15:3c:58:a5:b2:e3:3a:fc:46:4e:fc:a1:cb:
         86:6e:08:10:90:12:40:1c:cd:77:0d:53:d7:87:a7:4d:aa:50:
         1c:23:00:7d:cd:4c:5e:77:f0:dc:85:08:65:64:57:55:4b:df:
         db:be:1a:f6:f6:84:20:dc:bf:fd:0e:cb:92:0c:88:2a:a3:d0:
         54:c7:6f:e9:b8:5b:e4:4b:d6:21:11:77:32:8e:72:4f:52:5c:
         d4:4c:00:70:97:4b:60:c1:4f:d1:c4:fa:80:21:7e:2d:25:ec:
         e0:d5:c6:45:b7:a7:0c:8f:24:ed:62:e0:d3:02:d8:81:b2:74:
         ff:7d:24:20:9d:87:8f:6a:37:39:c3:56:19:4d:d3:38:22:48:
         c9:80:10:1e:06:bf:17:8b:e5:58:df:e8:f9:77:a7:42:a9:55:
         0d:52:0a:02:15:36:42:80:72:38:11:4d:94:1d:6d:2b:e7:6e:
         8a:d8:c3:03:ae:be:c9:53:f3:f8:59:e5:f8:a0:9c:74:d5:4b:
         f5:98:cb:d2:c4:18:0c:6f:bd:00:29:53:5f:a8:21:ab:bc:f0:
         fa:9a:94:04:ad:76:b6:e1:30:b3:49:65:03:75:6b:98:2e:46:
         48:22:d7:ba:1e:5c:54:54:58:12:2b:32:f7:1e:c5:64:c1:53:
         a2:65:b4:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAQBcDxhs3PULHK5hohNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTVhM2E4ZmM4ZGQzNGRkNmYzYzk1MGM2NjFmNGIyMTI3
MTc1YTUwHhcNMjQwMTAxMTIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM5N2QyYmM5YzQ2OTQ2YzI5ZmQwZmRlODg2ZGYzYmJhOTQzNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAhhKI/auMo7sJK7maO6BmN8X6J4
rgKWRrl3tF9Zo883ay+7o6kSUNJjjVoxlbMvqzXzW5z/WSq44KcTewFObH/GLaN1
W/oxOH9evAHdZj8e+W8vzqz0/5wz6ErH9nSUiApsW3AzlMikCC9xIcSrg3czm8SP
ZEjzfLnS/3L4FFA9aROww6zSKZVb5vFd/FFf308nh17yHP+gSzs3fMdKBMNH3UEe
UMg/Xwl9Wy75X17jSI/n2PSmMQO2w8hpCCuCTj18Z93NNr4MAZ+jJ4AVBEe7mdJU
vvnW0rRIN9OaLnqVmlPEXgfDjg7TYB3v28iyhPO6BSPRqAe5CpFbkhb1yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrJfSvJxGlGwp/Q/eiG3zu6lDQwMB8GA1UdIwQY
MBaAFBOVo6j8jdNN1vPJUMZh9LIScXWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVXanFQeU4wMDNXODhsUXhtSDBzaEp4ZGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My81MmM0NDgtMWNiOS00YmViLThmYzIt
ZjA0OGE5MjY2ZmNmLzEvcXNsOUs4bkVhVWJDbjlEOTZJYmZPN3FVTkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My81MmM0NDgtMWNiOS00YmViLThmYzItZjA0OGE5MjY2ZmNm
LzEvRTVXanFQeU4wMDNXODhsUXhtSDBzaEp4ZGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCLptzJiBU8WKWy4zr8Rk78ocuGbggQkBJAHM13DVPX
h6dNqlAcIwB9zUxed/DchQhlZFdVS9/bvhr29oQg3L/9DsuSDIgqo9BUx2/puFvk
S9YhEXcyjnJPUlzUTABwl0tgwU/RxPqAIX4tJezg1cZFt6cMjyTtYuDTAtiBsnT/
fSQgnYePajc5w1YZTdM4IkjJgBAeBr8Xi+VY3+j5d6dCqVUNUgoCFTZCgHI4EU2U
HW0r526K2MMDrr7JU/P4WeX4oJx01Uv1mMvSxBgMb70AKVNfqCGrvPD6mpQErXa2
4TCzSWUDdWuYLkZIIte6HlxUVFgSKzL3HsVkwVOiZbRB
-----END CERTIFICATE-----
Generated at Sat Jun 29 08:01:49 2024 by rpki-client on console-ams.rpki-client.org