Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/mYOclqC3SnSQdr6ICN9EQfNVhwk.roa
File:                     mYOclqC3SnSQdr6ICN9EQfNVhwk.roa (raw, json)
Hash identifier:          eI3ZxZ0D685TVhyar7W/glMZ2J2ATb1ygi1UZw9HT0M=
Subject key identifier:   99:83:9C:96:A0:B7:4A:74:90:76:BE:88:08:DF:44:41:F3:55:87:09
Certificate issuer:       /CN=a24cf90329c47ba343a66cd65d38833a357b5955
Certificate serial:       018CCA29E4B731D812DBB7DF5E36D74991FC
Authority key identifier: A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/mYOclqC3SnSQdr6ICN9EQfNVhwk.roa
Signing time:             Tue 02 Jan 2024 12:33:12 +0000
ROA not before:           Tue 02 Jan 2024 12:33:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210569
IP address blocks:        185.217.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 01:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:29:e4:b7:31:d8:12:db:b7:df:5e:36:d7:49:91:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a24cf90329c47ba343a66cd65d38833a357b5955
        Validity
            Not Before: Jan  2 12:33:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99839c96a0b74a749076be8808df4441f3558709
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bc:b9:5b:0b:b7:8e:68:fe:e1:ee:c5:35:78:
                    b9:8f:34:04:95:8a:58:b2:ce:fe:fe:50:76:28:06:
                    b1:81:0c:cc:fa:c3:b4:22:f4:70:ba:10:ee:e5:df:
                    9f:60:a8:f5:50:30:52:a9:14:09:50:29:30:d2:5e:
                    89:b3:e9:64:38:51:4b:ea:a0:65:a7:c5:cb:cd:51:
                    47:d4:af:97:31:ba:17:ee:47:9f:32:e9:b0:f1:38:
                    34:2a:26:03:d9:52:27:05:59:9d:6c:8f:75:99:29:
                    f9:69:3e:0b:0c:49:0f:7d:06:95:f9:d5:c3:8a:96:
                    a1:3f:21:59:69:41:e2:4b:a1:f4:fe:87:96:fb:b5:
                    9c:bb:64:74:45:8f:86:80:7a:c8:31:66:91:7c:50:
                    f4:ba:84:97:f2:69:ab:c7:79:54:78:c0:26:1a:03:
                    f1:42:a3:be:33:95:fc:df:f3:76:4e:79:95:67:d7:
                    d4:e7:f6:1c:a6:fe:34:a6:3b:07:cc:4c:4d:63:b0:
                    1c:94:23:cd:78:e8:71:98:41:b5:9b:9e:31:c9:74:
                    31:14:77:0f:fd:44:db:c2:bc:b5:a9:8a:1f:6c:ae:
                    c3:54:68:59:64:bd:98:cb:d2:2b:3a:85:f1:6f:dc:
                    af:4d:de:f7:e9:8a:4c:96:0d:de:d6:f6:b5:58:25:
                    02:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:83:9C:96:A0:B7:4A:74:90:76:BE:88:08:DF:44:41:F3:55:87:09
            X509v3 Authority Key Identifier:
                keyid:A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/mYOclqC3SnSQdr6ICN9EQfNVhwk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:65:8d:77:af:9e:15:a0:ad:40:79:f8:f8:ab:c6:29:c7:59:
         7f:8a:74:07:0a:e8:c1:02:05:36:cb:72:54:ec:39:fe:cf:6e:
         c5:e7:aa:0e:2b:a5:f0:04:83:e7:0c:b5:d7:3c:e6:cb:1b:1e:
         9c:d3:72:ac:2a:c3:19:fa:e3:43:13:5b:d4:f9:8c:51:e6:7d:
         44:dd:02:9b:fe:55:0d:20:e8:f1:33:bf:23:b8:95:f4:48:8b:
         95:04:65:48:f0:de:b3:59:a2:22:38:08:1b:d9:6e:80:12:ad:
         fc:b8:5c:b2:c6:7b:28:59:a5:c1:33:5c:23:cb:12:89:e9:02:
         84:6c:e8:24:5c:f3:29:f9:a3:8d:6b:34:eb:12:93:e3:04:d1:
         7b:f1:78:90:72:b7:55:69:6b:d6:09:1c:d5:e5:f5:9d:7b:69:
         94:27:2e:31:80:0e:a8:8e:58:0c:24:93:42:56:52:91:f9:68:
         6a:58:50:37:ce:37:2d:fe:27:a0:6d:90:b1:c1:19:d3:c4:5e:
         ff:85:2b:fa:d3:42:ac:0e:55:a2:11:28:51:78:24:fa:87:f0:
         c1:7b:30:91:ed:18:39:05:e2:c9:61:32:b0:71:d2:9b:54:d0:
         47:85:33:f3:e7:5d:b3:1c:fb:fd:36:02:82:18:26:7e:24:a7:
         d5:31:ef:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKeS3MdgS27ffXjbXSZH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGNmOTAzMjljNDdiYTM0M2E2NmNkNjVkMzg4MzNhMzU3
YjU5NTUwHhcNMjQwMTAyMTIzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTgzOWM5NmEwYjc0YTc0OTA3NmJlODgwOGRmNDQ0MWYzNTU4NzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7y5Wwu3jmj+4e7FNXi5jzQElYpY
ss7+/lB2KAaxgQzM+sO0IvRwuhDu5d+fYKj1UDBSqRQJUCkw0l6Js+lkOFFL6qBl
p8XLzVFH1K+XMboX7kefMumw8Tg0KiYD2VInBVmdbI91mSn5aT4LDEkPfQaV+dXD
ipahPyFZaUHiS6H0/oeW+7Wcu2R0RY+GgHrIMWaRfFD0uoSX8mmrx3lUeMAmGgPx
QqO+M5X83/N2TnmVZ9fU5/Ycpv40pjsHzExNY7AclCPNeOhxmEG1m54xyXQxFHcP
/UTbwry1qYofbK7DVGhZZL2Yy9IrOoXxb9yvTd736YpMlg3e1va1WCUC9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmDnJagt0p0kHa+iAjfREHzVYcJMB8GA1UdIwQY
MBaAFKJM+QMpxHujQ6Zs1l04gzo1e1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmIt
MzM5ODVkYjgwNDdhLzEvbVlPY2xxQzNTblNRZHI2SUNOOUVRZk5WaHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmItMzM5ODVkYjgwNDdh
LzEvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudkeMA0G
CSqGSIb3DQEBCwUAA4IBAQBjZY13r54VoK1Aefj4q8Ypx1l/inQHCujBAgU2y3JU
7Dn+z27F56oOK6XwBIPnDLXXPObLGx6c03KsKsMZ+uNDE1vU+YxR5n1E3QKb/lUN
IOjxM78juJX0SIuVBGVI8N6zWaIiOAgb2W6AEq38uFyyxnsoWaXBM1wjyxKJ6QKE
bOgkXPMp+aONazTrEpPjBNF78XiQcrdVaWvWCRzV5fWde2mUJy4xgA6ojlgMJJNC
VlKR+WhqWFA3zjct/iegbZCxwRnTxF7/hSv600KsDlWiEShReCT6h/DBezCR7Rg5
BeLJYTKwcdKbVNBHhTPz512zHPv9NgKCGCZ+JKfVMe+1
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:01:05 2024 by rpki-client on console-ams.rpki-client.org