Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa
File:                     SzeIzbzSMgAlR2R1yJVtOFqcdto.roa (raw, json)
Hash identifier:          A6GOvCCZlsQBcdCDpWaFCQ+QaS5kTdPyBUbR+0diuCU=
Subject key identifier:   4B:37:88:CD:BC:D2:32:00:25:47:64:75:C8:95:6D:38:5A:9C:76:DA
Certificate issuer:       /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial:       018CC3488F79068B248ED4DF9DF2A1E27388
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa
Signing time:             Mon 01 Jan 2024 04:29:21 +0000
ROA not before:           Mon 01 Jan 2024 04:29:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57944
IP address blocks:        194.5.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:8f:79:06:8b:24:8e:d4:df:9d:f2:a1:e2:73:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
        Validity
            Not Before: Jan  1 04:29:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b3788cdbcd2320025476475c8956d385a9c76da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ec:96:f5:02:f5:b8:8b:1d:06:54:0e:59:f9:
                    2e:be:50:48:b2:c6:d7:2d:38:f6:0b:00:75:25:a1:
                    3c:7e:7a:73:8b:6e:69:61:fc:b5:5a:19:68:21:3e:
                    7f:4b:16:51:d6:71:16:50:2c:09:50:ab:a0:21:96:
                    5b:08:b8:91:29:bb:61:ca:89:2f:0b:aa:b4:05:b7:
                    d9:8c:a5:38:0b:12:55:10:06:de:02:32:f5:a9:90:
                    e2:6c:a9:22:6f:d9:9a:2d:ca:e9:c9:e7:9f:3e:2a:
                    4d:7e:26:47:77:8b:ff:d6:eb:fc:02:19:6a:58:ff:
                    8a:f8:07:65:30:ea:7c:c7:31:ed:70:68:45:1b:ff:
                    1b:c1:13:f0:34:7f:b7:97:e7:f9:03:d4:92:c7:44:
                    28:02:d0:ea:72:57:7c:b8:83:55:75:ea:86:00:4b:
                    c5:a9:c7:17:96:c4:12:26:0f:70:0e:98:d6:04:3b:
                    03:77:ee:45:7b:05:4f:4d:8e:cc:ce:64:d1:f7:55:
                    56:b2:1e:bd:ba:4f:fb:70:13:22:d1:28:51:be:ca:
                    09:d6:b2:89:ba:f3:00:ef:dd:eb:5a:63:2b:de:6e:
                    e3:3f:b8:5d:ed:18:2b:3f:58:7c:62:2c:66:c7:47:
                    a9:5d:84:da:32:33:c5:ef:6f:83:33:df:0b:85:1f:
                    e0:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:37:88:CD:BC:D2:32:00:25:47:64:75:C8:95:6D:38:5A:9C:76:DA
            X509v3 Authority Key Identifier:
                keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/SzeIzbzSMgAlR2R1yJVtOFqcdto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.5.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:cd:c2:d4:b9:38:f8:07:55:21:d3:13:99:9b:76:db:10:d2:
         33:ef:fe:04:8f:64:65:2a:9d:2b:ab:e7:ba:92:4c:49:dc:52:
         0f:0f:78:76:c9:55:54:1a:51:9d:6d:80:94:39:1e:48:da:d9:
         17:5b:30:59:9e:8e:5f:22:57:f0:e3:41:b1:6f:52:aa:f0:38:
         be:29:f3:15:ea:03:d5:16:17:d7:26:53:b1:d2:43:99:e8:e6:
         21:19:5d:d5:95:3f:5d:cb:57:ea:44:29:58:c2:dd:96:49:55:
         11:09:5b:e1:04:fb:96:db:cb:12:bc:f1:0c:0c:2d:0e:fa:7c:
         ed:35:4f:dc:fe:af:aa:95:e1:02:9d:42:90:2a:90:83:5f:36:
         7f:6d:ba:42:7d:42:89:63:52:94:a4:9a:1a:14:89:ee:c5:69:
         b2:40:9d:7f:b7:cd:f3:9e:1b:c9:f7:0f:c9:af:2b:65:79:3c:
         2d:7a:35:9f:44:07:6d:b3:d2:09:ca:67:6b:74:39:0d:c3:13:
         ff:c2:b1:7f:64:c7:b7:ed:32:b7:bd:fe:b5:d5:72:bb:fb:c3:
         58:fc:c1:1a:76:de:98:b0:61:2c:14:14:de:84:64:65:99:6a:
         e6:cd:f5:57:04:d1:d3:9a:ad:99:29:73:09:9a:bd:3e:94:5e:
         07:de:ef:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSI95BoskjtTfnfKh4nOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM3ODhjZGJjZDIzMjAwMjU0NzY0NzVjODk1NmQzODVhOWM3NmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeyW9QL1uIsdBlQOWfkuvlBIssbX
LTj2CwB1JaE8fnpzi25pYfy1WhloIT5/SxZR1nEWUCwJUKugIZZbCLiRKbthyokv
C6q0BbfZjKU4CxJVEAbeAjL1qZDibKkib9maLcrpyeefPipNfiZHd4v/1uv8Ahlq
WP+K+AdlMOp8xzHtcGhFG/8bwRPwNH+3l+f5A9SSx0QoAtDqcld8uINVdeqGAEvF
qccXlsQSJg9wDpjWBDsDd+5FewVPTY7MzmTR91VWsh69uk/7cBMi0ShRvsoJ1rKJ
uvMA793rWmMr3m7jP7hd7RgrP1h8Yixmx0epXYTaMjPF72+DM98LhR/gnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEs3iM280jIAJUdkdciVbThanHbaMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvU3plSXpielNNZ0FsUjJSMXlKVnRPRnFjZHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVgMA0G
CSqGSIb3DQEBCwUAA4IBAQDEzcLUuTj4B1Uh0xOZm3bbENIz7/4Ej2RlKp0rq+e6
kkxJ3FIPD3h2yVVUGlGdbYCUOR5I2tkXWzBZno5fIlfw40Gxb1Kq8Di+KfMV6gPV
FhfXJlOx0kOZ6OYhGV3VlT9dy1fqRClYwt2WSVURCVvhBPuW28sSvPEMDC0O+nzt
NU/c/q+qleECnUKQKpCDXzZ/bbpCfUKJY1KUpJoaFInuxWmyQJ1/t83znhvJ9w/J
rytleTwtejWfRAdts9IJymdrdDkNwxP/wrF/ZMe37TK3vf611XK7+8NY/MEadt6Y
sGEsFBTehGRlmWrmzfVXBNHTmq2ZKXMJmr0+lF4H3u8R
-----END CERTIFICATE-----
Generated at Fri May 10 14:40:09 2024 by rpki-client on console-ams.rpki-client.org