Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/uZ0Byfnk8zyjSWg2WQZSlHHHXgA.roa
File:                     uZ0Byfnk8zyjSWg2WQZSlHHHXgA.roa (raw, json)
Hash identifier:          PDEpCFXOA4FB4K8O0iS3ZCw196YPbnvkTDnr1OhzfZs=
Subject key identifier:   B9:9D:01:C9:F9:E4:F3:3C:A3:49:68:36:59:06:52:94:71:C7:5E:00
Certificate issuer:       /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial:       01909697451FDB75E7C0E5478C3C5173207D
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/uZ0Byfnk8zyjSWg2WQZSlHHHXgA.roa
Signing time:             Tue 09 Jul 2024 08:23:34 +0000
ROA not before:           Tue 09 Jul 2024 08:23:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8280
IP address blocks:        185.82.37.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:96:97:45:1f:db:75:e7:c0:e5:47:8c:3c:51:73:20:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
        Validity
            Not Before: Jul  9 08:23:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b99d01c9f9e4f33ca34968365906529471c75e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:4c:0d:03:42:b0:45:43:a2:6b:15:79:3a:bb:
                    f8:cb:e0:42:da:fc:b3:8c:8c:bf:ed:f0:a3:cb:e5:
                    67:dc:07:f0:e1:ec:f8:fb:2a:25:b5:07:b4:08:31:
                    33:fd:0e:f8:5b:11:b7:99:0c:8e:b6:09:df:c9:49:
                    42:95:06:78:1d:b8:86:cd:b1:6a:0a:8a:ec:69:f1:
                    fb:ad:a1:46:f6:8a:c2:98:8f:30:b1:0f:5f:61:59:
                    de:e4:a6:e2:88:2e:21:c4:73:59:be:ce:b9:ec:0c:
                    ac:05:71:07:bc:94:07:3f:bd:84:f9:a1:f8:0b:5c:
                    3d:1c:fc:ad:d1:f4:20:6a:e4:3c:62:4a:eb:32:fd:
                    46:2d:c4:37:f7:12:73:bb:02:fa:a7:b4:5a:d7:bb:
                    72:3a:f7:7c:3c:a1:f5:b3:bd:6c:b7:d6:7c:f0:6d:
                    00:b7:6c:0e:05:12:c3:35:32:99:29:89:7e:61:37:
                    f6:b0:ed:99:d9:96:13:35:09:1a:a2:7b:35:e2:76:
                    31:75:6d:57:09:23:be:eb:3f:25:47:e4:9c:14:85:
                    81:ab:4d:c3:e4:c9:8f:1c:3e:93:c9:6c:bf:48:10:
                    89:de:0c:b9:53:0e:ac:fb:2d:80:56:9e:1e:84:cc:
                    0e:6e:6b:d1:65:47:9a:fd:49:01:eb:b8:78:b1:a5:
                    99:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:9D:01:C9:F9:E4:F3:3C:A3:49:68:36:59:06:52:94:71:C7:5E:00
            X509v3 Authority Key Identifier:
                keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/uZ0Byfnk8zyjSWg2WQZSlHHHXgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:4b:55:5b:1c:13:b5:3b:45:7c:22:7d:ac:37:a3:d1:a9:44:
         bf:52:ee:79:b1:a0:72:c7:5f:ad:17:fb:9a:8d:25:79:81:bd:
         eb:36:8a:88:b4:7f:21:00:9a:d6:f0:7c:05:2a:60:ec:35:4f:
         12:50:d0:85:ce:4e:8a:ac:0d:d6:0a:86:b1:96:ef:56:1b:7e:
         4b:b4:79:b0:fe:b6:66:19:4d:4c:af:3d:65:c9:aa:6e:32:8a:
         c7:ca:46:22:ec:fc:00:5f:e3:34:a6:39:0b:c4:8e:97:64:14:
         51:01:3b:65:57:9a:a0:ff:61:cf:5c:01:de:40:56:ee:9d:e0:
         47:30:73:f0:11:ee:73:a0:3d:ac:bc:9b:81:7b:99:58:89:df:
         4b:5f:23:c0:ee:30:1b:e0:51:48:02:e8:2b:3b:79:a0:b1:a8:
         af:03:be:05:03:22:5d:64:c9:09:ef:ea:51:0c:f4:6c:e9:20:
         87:96:73:89:73:f7:7e:2c:f4:2d:71:85:26:42:8d:35:09:ce:
         6d:1f:38:9f:8a:15:7e:75:ab:09:fa:6e:ac:9e:56:fb:79:84:
         2a:5b:59:1c:97:92:a5:f2:9d:53:59:ef:fb:85:c6:9f:10:49:
         96:01:4a:46:59:72:e5:12:2e:0c:7a:31:5d:82:76:c0:d1:4e:
         52:22:b0:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCWl0Uf23XnwOVHjDxRcyB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjQwNzA5MDgyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlkMDFjOWY5ZTRmMzNjYTM0OTY4MzY1OTA2NTI5NDcxYzc1ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kwNA0KwRUOiaxV5Orv4y+BC2vyz
jIy/7fCjy+Vn3Afw4ez4+yoltQe0CDEz/Q74WxG3mQyOtgnfyUlClQZ4HbiGzbFq
CorsafH7raFG9orCmI8wsQ9fYVne5KbiiC4hxHNZvs657AysBXEHvJQHP72E+aH4
C1w9HPyt0fQgauQ8YkrrMv1GLcQ39xJzuwL6p7Ra17tyOvd8PKH1s71st9Z88G0A
t2wOBRLDNTKZKYl+YTf2sO2Z2ZYTNQkaons14nYxdW1XCSO+6z8lR+ScFIWBq03D
5MmPHD6TyWy/SBCJ3gy5Uw6s+y2AVp4ehMwObmvRZUea/UkB67h4saWZUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmdAcn55PM8o0loNlkGUpRxx14AMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvdVowQnlmbms4enlqU1dnMldRWlNsSEhIWGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVIlMA0G
CSqGSIb3DQEBCwUAA4IBAQAFS1VbHBO1O0V8In2sN6PRqUS/Uu55saByx1+tF/ua
jSV5gb3rNoqItH8hAJrW8HwFKmDsNU8SUNCFzk6KrA3WCoaxlu9WG35LtHmw/rZm
GU1Mrz1lyapuMorHykYi7PwAX+M0pjkLxI6XZBRRATtlV5qg/2HPXAHeQFbuneBH
MHPwEe5zoD2svJuBe5lYid9LXyPA7jAb4FFIAugrO3mgsaivA74FAyJdZMkJ7+pR
DPRs6SCHlnOJc/d+LPQtcYUmQo01Cc5tHzifihV+dasJ+m6snlb7eYQqW1kcl5Kl
8p1TWe/7hcafEEmWAUpGWXLlEi4MejFdgnbA0U5SIrDE
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:23 2024 by rpki-client on console-ams.rpki-client.org