Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/0YIlzBLxLzuWctKtQaMF4nWjTpY.roa
File:                     0YIlzBLxLzuWctKtQaMF4nWjTpY.roa (raw, json)
Hash identifier:          6E/fnASnVJZjbuBYAjpofGoRfn+J4kYI+z3Tjo4lAts=
Subject key identifier:   D1:82:25:CC:12:F1:2F:3B:96:72:D2:AD:41:A3:05:E2:75:A3:4E:96
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       018E37507CC5AD5D3C4C535F99E0BEB76BE2
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/0YIlzBLxLzuWctKtQaMF4nWjTpY.roa
Signing time:             Wed 13 Mar 2024 10:16:45 +0000
ROA not before:           Wed 13 Mar 2024 10:16:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137409
IP address blocks:        185.243.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 May 2024 08:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:37:50:7c:c5:ad:5d:3c:4c:53:5f:99:e0:be:b7:6b:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Mar 13 10:16:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d18225cc12f12f3b9672d2ad41a305e275a34e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:86:87:60:3a:a6:82:5d:41:ba:f6:b1:d7:4e:
                    ae:ab:fc:0a:a7:af:0b:37:d8:41:21:e0:b0:80:04:
                    73:01:38:95:c3:75:79:6f:50:78:02:eb:e8:72:43:
                    67:27:ea:67:8d:af:3b:47:1a:4f:09:71:43:62:26:
                    a5:f5:a3:72:53:81:20:94:5b:2a:93:62:ff:dd:6b:
                    7d:1d:9d:b6:08:bd:e9:61:d3:a9:b2:df:16:da:03:
                    05:0a:3d:2b:38:d7:4f:f5:cb:82:bf:b1:18:98:a9:
                    9c:35:42:25:24:79:41:97:d5:1f:ea:96:72:1e:2a:
                    f7:35:fe:30:a3:66:ac:5b:e2:66:7c:61:a3:59:6e:
                    a4:dc:aa:f4:0b:fb:e0:39:df:13:91:7e:6a:51:fe:
                    9a:76:be:47:1d:0d:54:59:0b:93:a3:5c:05:c7:eb:
                    51:84:c3:f2:7e:2f:a4:5b:1c:4d:21:0a:74:ea:42:
                    ed:fa:5b:5f:60:b3:30:37:24:5a:40:88:e2:59:f1:
                    8c:f1:a9:7d:f6:d6:e1:99:f5:5b:b8:38:b0:a5:56:
                    9c:44:ce:3d:a0:6f:6c:ca:68:71:d9:8e:62:5c:76:
                    96:b0:eb:95:c8:b8:f5:ee:d1:91:1e:92:86:64:d9:
                    c1:58:d7:39:38:26:ba:84:c1:35:57:88:6f:46:bd:
                    25:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:82:25:CC:12:F1:2F:3B:96:72:D2:AD:41:A3:05:E2:75:A3:4E:96
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/0YIlzBLxLzuWctKtQaMF4nWjTpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:cd:2d:ed:d2:14:1f:da:cc:22:cc:95:ae:49:d9:97:f6:f8:
         0e:0f:88:57:c7:36:b0:55:52:08:3a:ee:20:83:5b:b7:ca:88:
         d8:29:38:49:b4:d5:4a:bb:83:b0:dc:08:a2:fe:7b:ca:d7:17:
         ed:05:3e:66:89:19:da:21:d9:ab:61:08:50:d4:c7:2a:ef:b3:
         1c:25:6a:f8:aa:ba:e6:12:eb:d5:a3:ab:3a:04:d1:ff:66:0c:
         05:a3:41:71:e8:83:73:f9:1b:ef:55:6b:52:33:1b:3e:1b:71:
         c3:1f:96:66:9d:0a:d2:37:1f:cb:99:95:f2:40:a8:55:c8:3e:
         84:e1:03:1c:e3:45:b9:65:7e:6b:2b:06:a0:f3:c9:00:14:5b:
         d5:7f:9f:45:3e:3a:bd:df:5d:80:f0:02:c8:7d:40:98:b7:1d:
         57:8d:49:fe:26:25:88:aa:bf:14:e4:4d:e2:13:88:cb:ce:fe:
         da:34:84:33:08:e8:0d:f8:b3:61:2a:e1:f7:61:89:b9:c7:b4:
         34:7c:47:31:0a:05:df:31:2c:b7:e6:a9:e8:69:74:00:21:6f:
         42:79:e1:a3:b9:33:3c:51:4f:0e:e6:b9:4c:9b:cc:b9:98:5d:
         87:0a:f8:c0:6e:9d:28:01:24:00:37:52:1e:f0:21:cb:63:74:
         13:dc:81:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY43UHzFrV08TFNfmeC+t2viMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwMzEzMTAxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTgyMjVjYzEyZjEyZjNiOTY3MmQyYWQ0MWEzMDVlMjc1YTM0ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIaHYDqmgl1Buvax106uq/wKp68L
N9hBIeCwgARzATiVw3V5b1B4AuvockNnJ+pnja87RxpPCXFDYial9aNyU4EglFsq
k2L/3Wt9HZ22CL3pYdOpst8W2gMFCj0rONdP9cuCv7EYmKmcNUIlJHlBl9Uf6pZy
Hir3Nf4wo2asW+JmfGGjWW6k3Kr0C/vgOd8TkX5qUf6adr5HHQ1UWQuTo1wFx+tR
hMPyfi+kWxxNIQp06kLt+ltfYLMwNyRaQIjiWfGM8al99tbhmfVbuDiwpVacRM49
oG9symhx2Y5iXHaWsOuVyLj17tGRHpKGZNnBWNc5OCa6hME1V4hvRr0l4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGCJcwS8S87lnLSrUGjBeJ1o06WMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvMFlJbHpCTHhMenVXY3RLdFFhTUY0bldqVHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufOZMA0G
CSqGSIb3DQEBCwUAA4IBAQAozS3t0hQf2swizJWuSdmX9vgOD4hXxzawVVIIOu4g
g1u3yojYKThJtNVKu4Ow3Aii/nvK1xftBT5miRnaIdmrYQhQ1Mcq77McJWr4qrrm
EuvVo6s6BNH/ZgwFo0Fx6INz+RvvVWtSMxs+G3HDH5ZmnQrSNx/LmZXyQKhVyD6E
4QMc40W5ZX5rKwag88kAFFvVf59FPjq9312A8ALIfUCYtx1XjUn+JiWIqr8U5E3i
E4jLzv7aNIQzCOgN+LNhKuH3YYm5x7Q0fEcxCgXfMSy35qnoaXQAIW9CeeGjuTM8
UU8O5rlMm8y5mF2HCvjAbp0oASQAN1Ie8CHLY3QT3IE9
-----END CERTIFICATE-----
Generated at Mon May 27 13:12:10 2024 by rpki-client on console-fra.rpki-client.org