Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/o49r68I4pOSYJrGaYejEmVo64ho.roa
File:                     o49r68I4pOSYJrGaYejEmVo64ho.roa (raw, json)
Hash identifier:          E4uLxbSZmKh0yaU5oQUCwhxwSF1OX/eVRIYouoWbOXo=
Subject key identifier:   A3:8F:6B:EB:C2:38:A4:E4:98:26:B1:9A:61:E8:C4:99:5A:3A:E2:1A
Certificate issuer:       /CN=0ae1a5b68eca768f211a48e856d7f583f90e75e7
Certificate serial:       018CC79512BC6BDDFD7BDC0E3A5DB728C92D
Authority key identifier: 0A:E1:A5:B6:8E:CA:76:8F:21:1A:48:E8:56:D7:F5:83:F9:0E:75:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CuGlto7Kdo8hGkjoVtf1g_kOdec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/o49r68I4pOSYJrGaYejEmVo64ho.roa
Signing time:             Tue 02 Jan 2024 00:31:24 +0000
ROA not before:           Tue 02 Jan 2024 00:31:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8426
IP address blocks:        194.48.207.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/CuGlto7Kdo8hGkjoVtf1g_kOdec.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/CuGlto7Kdo8hGkjoVtf1g_kOdec.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CuGlto7Kdo8hGkjoVtf1g_kOdec.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:12:bc:6b:dd:fd:7b:dc:0e:3a:5d:b7:28:c9:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ae1a5b68eca768f211a48e856d7f583f90e75e7
        Validity
            Not Before: Jan  2 00:31:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a38f6bebc238a4e49826b19a61e8c4995a3ae21a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:94:9c:93:e2:71:48:84:73:85:8e:ec:4d:93:
                    ff:27:f6:59:53:51:3c:bc:1c:13:09:0b:d0:36:36:
                    4f:62:8a:77:cf:39:d5:43:5b:10:89:46:fe:70:b9:
                    e1:37:a8:9d:08:e2:99:ae:17:9b:27:02:64:bf:be:
                    b1:22:de:da:18:88:7c:62:e1:13:01:0d:a0:42:6e:
                    22:3a:b8:61:03:67:06:dd:9e:9a:7b:2c:c5:5b:b5:
                    49:a8:79:2f:7a:d3:3e:e0:92:e4:16:64:fd:d8:94:
                    79:91:2f:8b:f6:22:b6:60:77:a0:66:58:16:ae:32:
                    02:49:c5:a7:64:a2:b2:12:0c:6c:58:37:c0:b0:8d:
                    84:40:f3:84:e6:9d:b1:33:4e:02:7e:70:dd:1f:58:
                    5e:fd:b1:6e:1b:e4:33:da:cb:02:0e:5f:c2:4f:aa:
                    b7:4f:6c:e4:64:57:46:1d:5e:5c:54:46:84:32:34:
                    10:99:34:31:dd:8e:0e:73:05:61:07:9c:67:6a:3d:
                    49:33:31:c0:1f:f9:4b:44:bd:b4:37:02:31:e2:2e:
                    8a:52:4f:ec:1c:b4:21:d5:76:4f:91:19:3d:a9:17:
                    94:32:ff:9c:4d:4a:56:a2:af:b5:31:db:6e:84:80:
                    51:6c:48:9d:0d:80:78:11:e5:45:bf:08:72:c1:30:
                    83:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8F:6B:EB:C2:38:A4:E4:98:26:B1:9A:61:E8:C4:99:5A:3A:E2:1A
            X509v3 Authority Key Identifier:
                keyid:0A:E1:A5:B6:8E:CA:76:8F:21:1A:48:E8:56:D7:F5:83:F9:0E:75:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuGlto7Kdo8hGkjoVtf1g_kOdec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/o49r68I4pOSYJrGaYejEmVo64ho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/e18c2d-64ff-44e8-8eef-b9c89b9b1f65/1/CuGlto7Kdo8hGkjoVtf1g_kOdec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.48.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:07:34:10:bf:9e:71:8d:ea:3b:ca:57:c1:43:74:9b:37:28:
         2b:4f:dd:1b:95:58:4a:f3:9a:0d:f4:66:d4:34:7a:6d:38:7c:
         82:5b:63:b4:e2:ab:06:36:ca:64:97:f2:ed:f8:8d:29:10:a5:
         05:d6:00:f6:84:da:d5:5d:52:e2:b8:3f:2c:11:d3:66:de:be:
         16:8e:f4:ca:6b:ad:68:85:30:05:84:22:0b:7c:4f:77:45:58:
         de:e6:c9:12:5e:ec:1f:b7:4c:3e:5c:f8:66:5c:ee:31:ad:fe:
         0d:2c:ef:64:6d:52:14:62:b5:85:64:cf:cb:e8:eb:0d:9f:a2:
         9b:d1:41:d3:7c:ec:b3:62:44:41:0f:d0:50:38:ad:fa:2c:c2:
         73:2d:ab:aa:8a:bd:27:41:22:d3:69:21:ed:f9:b2:87:b2:24:
         ac:a4:6e:f3:e6:8a:38:e6:06:60:8a:9d:be:9a:cd:3e:cc:f9:
         ac:e2:26:53:1c:49:58:66:88:62:6d:24:66:2a:f6:94:07:f6:
         0a:fb:05:71:8f:00:50:d0:d8:89:07:f8:15:09:08:58:6e:e2:
         e5:74:86:63:aa:42:61:1a:ae:3c:1f:de:bf:0c:96:d8:68:1e:
         2b:a5:2a:fd:d1:90:3d:1d:75:b9:c1:d6:7e:85:39:d7:48:53:
         ff:77:ee:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRK8a939e9wOOl23KMktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTFhNWI2OGVjYTc2OGYyMTFhNDhlODU2ZDdmNTgzZjkw
ZTc1ZTcwHhcNMjQwMTAyMDAzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhmNmJlYmMyMzhhNGU0OTgyNmIxOWE2MWU4YzQ5OTVhM2FlMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZSck+JxSIRzhY7sTZP/J/ZZU1E8
vBwTCQvQNjZPYop3zznVQ1sQiUb+cLnhN6idCOKZrhebJwJkv76xIt7aGIh8YuET
AQ2gQm4iOrhhA2cG3Z6aeyzFW7VJqHkvetM+4JLkFmT92JR5kS+L9iK2YHegZlgW
rjICScWnZKKyEgxsWDfAsI2EQPOE5p2xM04CfnDdH1he/bFuG+Qz2ssCDl/CT6q3
T2zkZFdGHV5cVEaEMjQQmTQx3Y4OcwVhB5xnaj1JMzHAH/lLRL20NwIx4i6KUk/s
HLQh1XZPkRk9qReUMv+cTUpWoq+1MdtuhIBRbEidDYB4EeVFvwhywTCDZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOPa+vCOKTkmCaxmmHoxJlaOuIaMB8GA1UdIwQY
MBaAFArhpbaOynaPIRpI6FbX9YP5DnXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VHbHRvN0tkbzhoR2tqb1Z0ZjFnX2tPZGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lMThjMmQtNjRmZi00NGU4LThlZWYt
YjljODliOWIxZjY1LzEvbzQ5cjY4STRwT1NZSnJHYVllakVtVm82NGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lMThjMmQtNjRmZi00NGU4LThlZWYtYjljODliOWIxZjY1
LzEvQ3VHbHRvN0tkbzhoR2tqb1Z0ZjFnX2tPZGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjDPMA0G
CSqGSIb3DQEBCwUAA4IBAQCZBzQQv55xjeo7ylfBQ3SbNygrT90blVhK85oN9GbU
NHptOHyCW2O04qsGNspkl/Lt+I0pEKUF1gD2hNrVXVLiuD8sEdNm3r4WjvTKa61o
hTAFhCILfE93RVje5skSXuwft0w+XPhmXO4xrf4NLO9kbVIUYrWFZM/L6OsNn6Kb
0UHTfOyzYkRBD9BQOK36LMJzLauqir0nQSLTaSHt+bKHsiSspG7z5oo45gZgip2+
ms0+zPms4iZTHElYZohibSRmKvaUB/YK+wVxjwBQ0NiJB/gVCQhYbuLldIZjqkJh
Gq48H96/DJbYaB4rpSr90ZA9HXW5wdZ+hTnXSFP/d+5X
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:55 2024 by rpki-client on console-fra.rpki-client.org