Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa
File:                     dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa (raw, json)
Hash identifier:          /UoYW2ZRPLcJVYhJYvH5c/cKH9ILKkQKTgdgtxOZUyk=
Subject key identifier:   75:F0:ED:D4:CB:52:03:AD:E9:32:9F:52:41:71:73:CC:E9:42:4F:D4
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018CC801D91C1CA7F77F0EB9174D4A374266
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa
Signing time:             Tue 02 Jan 2024 02:30:13 +0000
ROA not before:           Tue 02 Jan 2024 02:30:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43992
IP address blocks:        2a09:7:2001::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 20:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:d9:1c:1c:a7:f7:7f:0e:b9:17:4d:4a:37:42:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  2 02:30:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=75f0edd4cb5203ade9329f52417173cce9424fd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e2:00:b7:ec:ed:ad:1e:f5:1b:0c:43:1a:23:
                    70:f9:a7:d7:b8:0e:23:01:d6:49:6b:28:37:42:61:
                    f8:9f:a4:67:fd:e9:bb:ea:2a:17:95:6a:44:94:7c:
                    2b:e6:07:27:d5:c1:da:ba:ad:72:db:cd:a7:3e:6a:
                    45:79:32:51:e6:2a:6d:be:68:95:17:24:17:46:36:
                    56:bc:96:2f:9c:eb:19:c6:4c:e8:b2:b8:40:1b:63:
                    2c:af:a8:e8:41:2e:87:47:65:5d:88:f8:e9:40:b5:
                    1d:19:c8:ab:c2:e2:4d:47:ad:1e:4b:b2:8f:db:dd:
                    35:ab:56:ac:d8:c0:b4:c7:5d:2c:d3:c8:d5:71:d3:
                    74:44:f7:04:00:23:05:c4:14:1a:2e:d5:d8:90:94:
                    94:f4:96:f0:a8:46:5d:4a:a1:7c:66:77:cf:03:12:
                    18:d7:a8:a4:b5:61:5a:51:f9:5a:b4:d8:94:76:19:
                    13:8e:d5:96:c8:f1:db:d4:35:b4:f3:d9:08:85:69:
                    7d:b6:40:70:a2:d7:84:49:af:f6:0d:13:6c:dd:e3:
                    c6:2e:20:f0:15:38:8c:26:66:f5:3e:04:49:42:eb:
                    bc:14:7b:70:ee:96:04:6d:1c:51:8a:83:05:c7:71:
                    ed:43:ef:2f:46:3d:8f:00:39:6c:5e:ff:48:2e:ac:
                    52:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F0:ED:D4:CB:52:03:AD:E9:32:9F:52:41:71:73:CC:E9:42:4F:D4
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:7:2001::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:c3:96:7a:4c:4a:29:06:d2:bb:9c:b7:6c:76:f5:50:eb:05:
         28:ee:27:51:f7:52:f2:05:5e:b9:19:6a:a4:e8:77:14:5a:e1:
         84:5a:7a:9a:20:33:eb:8a:69:58:78:60:bd:c4:63:ef:d9:46:
         87:98:22:4c:9f:f8:b6:01:4a:20:f9:1d:70:be:e6:0b:37:31:
         b0:dc:93:b3:c9:2e:4f:5b:b8:b2:71:00:0b:3f:70:ed:13:b7:
         d4:06:1d:14:aa:87:e0:c8:95:45:1e:2d:da:1b:83:b1:33:11:
         d3:64:b2:3c:fd:06:e9:f7:7f:5c:d4:56:b0:09:26:a3:cb:8c:
         32:7d:ce:d3:62:fd:51:5e:fe:b5:30:52:4d:ca:79:8d:b0:20:
         dd:0d:39:69:75:90:c9:38:65:da:4b:93:80:1a:82:e4:b3:75:
         0d:05:df:e2:31:9c:09:88:15:80:91:00:fe:b0:7b:1d:a1:b9:
         41:3a:a8:09:e4:f9:df:89:e1:16:2a:ac:66:75:da:d0:06:84:
         a2:5d:2d:39:74:b8:f0:96:ac:8b:6b:9c:5d:90:6e:86:46:59:
         1b:2f:db:81:f4:62:73:db:a1:1f:3c:4a:d2:23:28:d2:3d:fa:
         d8:c5:b3:19:17:94:01:36:da:82:78:85:ee:ba:68:c0:66:40:
         00:cf:53:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAdkcHKf3fw65F01KN0JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYwZWRkNGNiNTIwM2FkZTkzMjlmNTI0MTcxNzNjY2U5NDI0ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OIAt+ztrR71GwxDGiNw+afXuA4j
AdZJayg3QmH4n6Rn/em76ioXlWpElHwr5gcn1cHauq1y282nPmpFeTJR5iptvmiV
FyQXRjZWvJYvnOsZxkzosrhAG2Msr6joQS6HR2VdiPjpQLUdGcirwuJNR60eS7KP
2901q1as2MC0x10s08jVcdN0RPcEACMFxBQaLtXYkJSU9JbwqEZdSqF8ZnfPAxIY
16iktWFaUflatNiUdhkTjtWWyPHb1DW089kIhWl9tkBwoteESa/2DRNs3ePGLiDw
FTiMJmb1PgRJQuu8FHtw7pYEbRxRioMFx3HtQ+8vRj2PADlsXv9ILqxS2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHXw7dTLUgOt6TKfUkFxc8zpQk/UMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZGZEdDFNdFNBNjNwTXA5U1FYRnp6T2xDVDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA2w5Z6TEopBtK7nLdsdvVQ6wUo7idR91LyBV65
GWqk6HcUWuGEWnqaIDPrimlYeGC9xGPv2UaHmCJMn/i2AUog+R1wvuYLNzGw3JOz
yS5PW7iycQALP3DtE7fUBh0UqofgyJVFHi3aG4OxMxHTZLI8/Qbp939c1FawCSaj
y4wyfc7TYv1RXv61MFJNynmNsCDdDTlpdZDJOGXaS5OAGoLks3UNBd/iMZwJiBWA
kQD+sHsdoblBOqgJ5PnfieEWKqxmddrQBoSiXS05dLjwlqyLa5xdkG6GRlkbL9uB
9GJz26EfPErSIyjSPfrYxbMZF5QBNtqCeIXuumjAZkAAz1Nr
-----END CERTIFICATE-----
Generated at Sat May 18 22:54:06 2024 by rpki-client on console-ams.rpki-client.org