Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1QlU1qea2dJlbU2dd622iH5e7TA.roa
File:                     1QlU1qea2dJlbU2dd622iH5e7TA.roa (raw, json)
Hash identifier:          kLSdiFAlksJuN40Tk4Sl9AQoa0RwwEbOTbqA8ILUhZg=
Subject key identifier:   D5:09:54:D6:A7:9A:D9:D2:65:6D:4D:9D:77:AD:B6:88:7E:5E:ED:30
Certificate issuer:       /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial:       018D807D5B38B0A594AB3EF1A0250CD0132E
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1QlU1qea2dJlbU2dd622iH5e7TA.roa
Signing time:             Tue 06 Feb 2024 22:15:15 +0000
ROA not before:           Tue 06 Feb 2024 22:15:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58212
IP address blocks:        2a03:5840:fd::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:80:7d:5b:38:b0:a5:94:ab:3e:f1:a0:25:0c:d0:13:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
        Validity
            Not Before: Feb  6 22:15:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d50954d6a79ad9d2656d4d9d77adb6887e5eed30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:53:21:bb:b6:bd:47:49:e6:8f:ec:2b:fb:8b:
                    03:85:ef:8c:1b:76:fa:2d:7f:7e:26:3a:fa:bc:e8:
                    0f:7a:2f:54:eb:25:ca:47:da:bd:f4:75:d9:56:bb:
                    0d:1f:87:1c:c6:01:96:92:7a:61:ed:d4:8d:f7:0d:
                    f3:a2:02:d2:6f:3d:ff:df:2d:54:da:40:08:60:60:
                    82:95:8c:13:6c:d6:4d:90:8c:3c:a6:0e:9f:d3:bd:
                    d0:6e:90:de:ba:b9:06:63:a9:d4:fd:0c:2c:8c:01:
                    df:f0:35:87:b9:1e:5a:71:00:17:5f:af:49:3a:40:
                    ab:8f:f4:fa:55:fe:73:59:c3:60:9d:06:9d:91:8d:
                    13:ed:04:f4:7c:2c:13:fb:dd:05:dd:09:b4:5a:9a:
                    a7:d6:fe:61:7c:e1:5c:9d:dd:a1:64:c2:69:8b:20:
                    28:ac:3f:67:3d:4a:bb:5c:71:9c:e4:de:58:02:98:
                    4a:6c:52:43:db:00:0f:cf:e8:f3:d3:d1:f3:d7:bc:
                    1c:14:d8:d3:7a:b1:0c:57:70:30:f6:d0:91:2d:2b:
                    7d:5c:6c:89:cc:aa:d5:72:0f:55:36:ad:4e:c1:6d:
                    db:76:be:72:80:51:f4:24:72:f5:08:9d:b7:05:af:
                    9c:f4:af:d8:7a:9d:08:ca:ab:05:66:79:6f:c5:85:
                    35:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:09:54:D6:A7:9A:D9:D2:65:6D:4D:9D:77:AD:B6:88:7E:5E:ED:30
            X509v3 Authority Key Identifier:
                keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1QlU1qea2dJlbU2dd622iH5e7TA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:5840:fd::/48

    Signature Algorithm: sha256WithRSAEncryption
         83:77:c9:7f:76:c0:15:0a:0c:ff:6d:59:55:3e:ce:3d:45:46:
         77:a2:63:1d:b0:cd:7e:76:29:15:28:56:93:2c:c8:c3:37:1d:
         fb:0e:e7:fe:69:b1:58:77:9c:63:42:72:dc:a9:2b:77:db:6a:
         05:1e:52:7b:31:4c:f0:4a:ac:c7:6f:24:d7:6d:c2:d5:cc:4c:
         86:8b:7d:44:98:1d:ad:cc:17:f3:45:5c:78:bf:8e:d0:9d:df:
         c7:7a:51:a8:09:de:7c:8f:b6:21:ed:ff:9e:7a:58:00:b6:a1:
         3c:89:96:06:b2:c9:17:d5:d9:31:fb:6b:85:33:82:ee:f7:e5:
         a6:02:f7:71:ec:d9:fa:2b:9b:5d:81:af:5a:50:d6:4e:86:20:
         79:0c:a1:15:d8:eb:46:8e:6a:b4:7a:18:9b:13:ee:f1:65:3a:
         05:33:87:8b:d0:85:0b:5a:09:1e:66:15:4a:b5:a4:f3:1c:e5:
         07:74:5f:62:db:6d:8f:15:1c:32:c7:c1:77:be:93:1f:27:57:
         88:ff:f2:d1:6f:e4:36:7c:b5:f9:20:dc:6d:08:37:26:1c:bb:
         b2:4f:8a:5a:4a:9d:e6:ba:a6:1d:27:c6:d2:92:dd:93:3d:ec:
         f9:7e:fd:66:80:b4:2c:ef:bc:37:7e:8b:33:93:36:32:d0:3b:
         dc:f2:77:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2AfVs4sKWUqz7xoCUM0BMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjQwMjA2MjIxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA5NTRkNmE3OWFkOWQyNjU2ZDRkOWQ3N2FkYjY4ODdlNWVlZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFMhu7a9R0nmj+wr+4sDhe+MG3b6
LX9+Jjr6vOgPei9U6yXKR9q99HXZVrsNH4ccxgGWknph7dSN9w3zogLSbz3/3y1U
2kAIYGCClYwTbNZNkIw8pg6f073QbpDeurkGY6nU/QwsjAHf8DWHuR5acQAXX69J
OkCrj/T6Vf5zWcNgnQadkY0T7QT0fCwT+90F3Qm0Wpqn1v5hfOFcnd2hZMJpiyAo
rD9nPUq7XHGc5N5YAphKbFJD2wAPz+jz09Hz17wcFNjTerEMV3Aw9tCRLSt9XGyJ
zKrVcg9VNq1OwW3bdr5ygFH0JHL1CJ23Ba+c9K/Yep0IyqsFZnlvxYU1TQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNUJVNanmtnSZW1NnXettoh+Xu0wMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMVFsVTFxZWEyZEpsYlUyZGQ2MjJpSDVlN1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAD9
MA0GCSqGSIb3DQEBCwUAA4IBAQCDd8l/dsAVCgz/bVlVPs49RUZ3omMdsM1+dikV
KFaTLMjDNx37Duf+abFYd5xjQnLcqSt322oFHlJ7MUzwSqzHbyTXbcLVzEyGi31E
mB2tzBfzRVx4v47Qnd/HelGoCd58j7Yh7f+eelgAtqE8iZYGsskX1dkx+2uFM4Lu
9+WmAvdx7Nn6K5tdga9aUNZOhiB5DKEV2OtGjmq0ehibE+7xZToFM4eL0IULWgke
ZhVKtaTzHOUHdF9i222PFRwyx8F3vpMfJ1eI//LRb+Q2fLX5INxtCDcmHLuyT4pa
Sp3muqYdJ8bSkt2TPez5fv1mgLQs77w3foszkzYy0Dvc8ncB
-----END CERTIFICATE-----
Generated at Sun May 19 20:43:50 2024 by rpki-client on console-fra.rpki-client.org