Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/cGqUWzprqJZHWmCUK07KWYIFsPs.roa
File:                     cGqUWzprqJZHWmCUK07KWYIFsPs.roa (raw, json)
Hash identifier:          MvdwIqcCCfHyyxbh480YcfalaP7nHfc/qm8G7uMDaBU=
Subject key identifier:   70:6A:94:5B:3A:6B:A8:96:47:5A:60:94:2B:4E:CA:59:82:05:B0:FB
Certificate issuer:       /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial:       01931B65662AE88DBE42559BC394F19A1BDF
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/cGqUWzprqJZHWmCUK07KWYIFsPs.roa
Signing time:             Mon 11 Nov 2024 13:24:10 +0000
ROA not before:           Mon 11 Nov 2024 13:24:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214379
IP address blocks:        141.105.130.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:1b:65:66:2a:e8:8d:be:42:55:9b:c3:94:f1:9a:1b:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
        Validity
            Not Before: Nov 11 13:24:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=706a945b3a6ba896475a60942b4eca598205b0fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b1:f6:d3:07:d5:ff:73:54:16:cf:e7:7b:62:
                    6a:40:51:0c:9b:1c:d8:cd:97:35:7b:41:75:87:a2:
                    60:1b:e0:c8:be:72:b4:35:91:23:64:66:d2:01:5a:
                    8e:60:99:b1:4a:87:ab:4e:f2:41:9d:c1:38:24:72:
                    e3:7c:66:c5:8e:d0:0b:17:d4:e3:d5:1b:89:d8:f4:
                    3f:8b:68:00:0e:a4:92:cf:c0:2e:e2:e2:64:22:83:
                    13:a9:7b:38:32:93:2c:28:bb:cb:24:de:d3:7f:df:
                    7e:4a:e6:5c:d4:0e:a5:9a:d1:bd:c8:23:44:8a:1c:
                    b2:df:43:4a:72:84:8d:8f:07:9a:5d:26:bb:65:a8:
                    ff:4d:13:2f:b3:e0:13:e4:fc:7f:16:43:d5:5c:5c:
                    64:3a:88:27:5b:3d:39:2d:7a:b9:81:ed:fb:d0:32:
                    0f:b2:34:e0:22:e1:78:1b:3b:11:9a:72:cc:8e:82:
                    47:94:45:96:ee:21:66:db:75:23:2a:85:b5:ce:10:
                    c4:c0:84:32:8d:c6:50:1b:7d:31:bd:56:40:9c:95:
                    39:6b:f3:96:63:5d:c4:e7:bb:78:7d:22:1c:51:fb:
                    5a:55:7b:cf:a7:aa:26:65:e7:60:8d:c1:24:09:3d:
                    d6:db:0d:c7:d3:7d:e8:e2:5f:a0:aa:9d:80:f4:d6:
                    87:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:6A:94:5B:3A:6B:A8:96:47:5A:60:94:2B:4E:CA:59:82:05:B0:FB
            X509v3 Authority Key Identifier:
                keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/cGqUWzprqJZHWmCUK07KWYIFsPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.105.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:3b:ab:b4:68:8b:36:b9:50:aa:fd:db:f0:4c:fb:9e:2a:86:
         62:76:ad:dd:66:9f:e4:f2:c2:59:dc:d8:66:94:0d:b0:19:42:
         20:11:19:e5:da:53:d6:13:4f:bb:2c:bc:82:0e:6c:e5:73:ac:
         5f:69:c1:4a:9a:0c:6b:f0:54:86:1a:80:f1:8b:b5:03:dc:b2:
         5a:29:45:18:55:7f:2a:1a:1b:38:cc:78:bb:bc:f5:f2:65:de:
         42:d9:95:1e:e6:e9:99:40:52:c8:dc:e3:f5:29:5a:4a:47:84:
         ee:5b:a5:e9:db:f3:6f:02:d6:93:9c:c9:ac:47:d5:07:93:b7:
         d1:ba:12:29:1c:6e:1c:06:94:3f:8e:49:e3:de:a0:4c:c0:33:
         7b:be:d6:d1:10:af:b4:97:62:ad:95:81:e2:c2:2a:bd:d6:be:
         88:5c:c8:74:64:84:aa:70:d1:4a:6e:30:53:51:a5:40:69:21:
         3b:b9:a3:09:e3:18:52:76:63:b8:8a:ae:36:68:42:75:b0:36:
         57:ee:70:75:d0:e1:af:8b:bf:20:52:ed:f0:dd:c5:32:8f:7c:
         4b:63:39:91:aa:a6:c4:97:44:ca:6d:72:02:bf:c2:98:bf:c2:
         b9:89:24:5e:7a:e4:42:f1:20:23:f6:e0:c4:a9:28:08:28:70:
         de:38:74:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMbZWYq6I2+QlWbw5TxmhvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQxMTExMTMyNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZhOTQ1YjNhNmJhODk2NDc1YTYwOTQyYjRlY2E1OTgyMDViMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLH20wfV/3NUFs/ne2JqQFEMmxzY
zZc1e0F1h6JgG+DIvnK0NZEjZGbSAVqOYJmxSoerTvJBncE4JHLjfGbFjtALF9Tj
1RuJ2PQ/i2gADqSSz8Au4uJkIoMTqXs4MpMsKLvLJN7Tf99+SuZc1A6lmtG9yCNE
ihyy30NKcoSNjweaXSa7Zaj/TRMvs+AT5Px/FkPVXFxkOognWz05LXq5ge370DIP
sjTgIuF4GzsRmnLMjoJHlEWW7iFm23UjKoW1zhDEwIQyjcZQG30xvVZAnJU5a/OW
Y13E57t4fSIcUftaVXvPp6omZedgjcEkCT3W2w3H033o4l+gqp2A9NaHqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBqlFs6a6iWR1pglCtOylmCBbD7MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvY0dxVVd6cHJxSlpIV21DVUswN0tXWUlGc1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWmCMA0G
CSqGSIb3DQEBCwUAA4IBAQBfO6u0aIs2uVCq/dvwTPueKoZidq3dZp/k8sJZ3Nhm
lA2wGUIgERnl2lPWE0+7LLyCDmzlc6xfacFKmgxr8FSGGoDxi7UD3LJaKUUYVX8q
Ghs4zHi7vPXyZd5C2ZUe5umZQFLI3OP1KVpKR4TuW6Xp2/NvAtaTnMmsR9UHk7fR
uhIpHG4cBpQ/jknj3qBMwDN7vtbREK+0l2KtlYHiwiq91r6IXMh0ZISqcNFKbjBT
UaVAaSE7uaMJ4xhSdmO4iq42aEJ1sDZX7nB10OGvi78gUu3w3cUyj3xLYzmRqqbE
l0TKbXICv8KYv8K5iSReeuRC8SAj9uDEqSgIKHDeOHRn
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:30:48 2024 by rpki-client on console-fra.rpki-client.org