Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/i_PWZDViu3Q6Gs4K97ZfuA0X6OY.roa
File:                     i_PWZDViu3Q6Gs4K97ZfuA0X6OY.roa (raw, json)
Hash identifier:          mdgDMnlU6A+oEGZUZ90Uy7ZekSWrTln1Ma1owrgc9go=
Subject key identifier:   8B:F3:D6:64:35:62:BB:74:3A:1A:CE:0A:F7:B6:5F:B8:0D:17:E8:E6
Certificate issuer:       /CN=ce49fc134b706542caf1a1efbe034f7011b49436
Certificate serial:       018E5CEE00320A43E2958E1FCD17D09823C1
Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/i_PWZDViu3Q6Gs4K97ZfuA0X6OY.roa
Signing time:             Wed 20 Mar 2024 17:34:45 +0000
ROA not before:           Wed 20 Mar 2024 17:34:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215563
IP address blocks:        91.223.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 02:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:5c:ee:00:32:0a:43:e2:95:8e:1f:cd:17:d0:98:23:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436
        Validity
            Not Before: Mar 20 17:34:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8bf3d6643562bb743a1ace0af7b65fb80d17e8e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:28:c7:ac:02:67:4e:cb:57:72:07:21:bf:5f:
                    72:38:2e:b4:2b:30:74:ba:d8:a5:ed:83:49:f9:f3:
                    3e:19:46:be:69:25:ad:54:a8:7d:60:92:be:55:1e:
                    af:d8:72:45:c7:a2:0f:eb:18:2b:90:92:01:d1:78:
                    ef:7e:1a:51:00:ce:2e:28:6b:9f:42:2d:ff:f6:ef:
                    39:91:33:d7:be:ad:0d:5f:fe:4e:dd:26:dd:76:95:
                    54:50:3b:f3:fd:42:9c:9c:41:63:4a:3c:ef:21:1c:
                    ae:5c:46:68:f6:63:e2:73:a0:d1:b3:b1:9f:dd:33:
                    87:68:16:bd:30:c8:02:9c:8b:8c:21:73:75:62:35:
                    70:a5:11:3d:bd:53:07:7d:8b:ec:43:d7:ee:96:be:
                    86:a1:ae:49:e4:c4:f9:08:0c:ab:6b:5c:68:12:44:
                    b6:8f:11:cb:a5:75:84:b3:7e:bb:ae:92:ce:4c:24:
                    d6:b9:23:22:c8:77:a5:3b:4d:41:c8:bb:e1:03:dd:
                    b6:c9:e6:17:50:24:cf:df:34:42:40:84:d5:a4:2e:
                    1b:67:02:21:82:49:07:af:88:91:39:50:99:b6:bb:
                    3c:0d:44:6c:a2:db:b9:b8:e3:63:7e:d3:fe:89:7e:
                    af:a7:7d:27:9e:d7:10:c8:fc:4a:50:71:a3:c4:8f:
                    4f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F3:D6:64:35:62:BB:74:3A:1A:CE:0A:F7:B6:5F:B8:0D:17:E8:E6
            X509v3 Authority Key Identifier:
                keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/i_PWZDViu3Q6Gs4K97ZfuA0X6OY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e5:2d:89:79:25:71:79:e6:59:7a:e9:5d:4f:7a:cb:89:57:95:
         96:f8:44:9f:98:b0:17:9b:27:36:86:a1:6a:1e:ef:70:47:84:
         ab:d0:b4:f9:ec:82:85:9c:7d:37:ad:f4:c6:27:cc:2b:3a:f0:
         16:09:69:64:b3:05:a5:b8:0d:96:fd:a1:62:7e:a1:90:65:40:
         dd:0c:fe:02:d3:0b:8f:8b:08:64:9e:d5:71:a7:38:5c:ee:ec:
         d5:a6:36:ce:69:9a:8d:11:5e:dc:5e:e4:9c:e8:19:88:dd:76:
         28:d5:b7:20:09:94:39:2d:8e:9c:7b:d2:ba:9c:dd:8b:01:41:
         4d:64:c9:9f:a7:13:56:d1:aa:52:e2:b2:06:34:67:ef:e0:29:
         a3:cf:7c:77:ef:2a:50:f9:f8:03:94:a4:96:7a:2e:1d:45:b3:
         e3:70:e8:8f:bf:17:fc:6b:45:90:76:41:6d:2a:64:d6:21:40:
         49:24:68:70:f9:3a:51:82:ee:da:02:e2:7a:95:d9:43:d1:04:
         b1:8c:b5:e9:25:35:3c:ac:bb:4e:06:bf:83:9b:33:34:f5:b9:
         a6:48:30:d9:57:53:2e:30:10:78:6b:cb:88:3f:50:31:55:c4:
         a8:02:b8:de:8e:14:21:1c:02:0f:73:da:db:4e:78:77:0e:60:
         99:14:74:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5c7gAyCkPilY4fzRfQmCPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi
NDk0MzYwHhcNMjQwMzIwMTczNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmYzZDY2NDM1NjJiYjc0M2ExYWNlMGFmN2I2NWZiODBkMTdlOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSjHrAJnTstXcgchv19yOC60KzB0
util7YNJ+fM+GUa+aSWtVKh9YJK+VR6v2HJFx6IP6xgrkJIB0XjvfhpRAM4uKGuf
Qi3/9u85kTPXvq0NX/5O3SbddpVUUDvz/UKcnEFjSjzvIRyuXEZo9mPic6DRs7Gf
3TOHaBa9MMgCnIuMIXN1YjVwpRE9vVMHfYvsQ9fulr6Goa5J5MT5CAyra1xoEkS2
jxHLpXWEs367rpLOTCTWuSMiyHelO01ByLvhA922yeYXUCTP3zRCQITVpC4bZwIh
gkkHr4iROVCZtrs8DURsotu5uONjftP+iX6vp30nntcQyPxKUHGjxI9PmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvz1mQ1Yrt0OhrOCve2X7gNF+jmMB8GA1UdIwQY
MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt
NjQxZWRkYTA2Y2NlLzEvaV9QV1pEVml1M1E2R3M0Szk3WmZ1QTBYNk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl
LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9+3MA0G
CSqGSIb3DQEBCwUAA4IBAQDlLYl5JXF55ll66V1PesuJV5WW+ESfmLAXmyc2hqFq
Hu9wR4Sr0LT57IKFnH03rfTGJ8wrOvAWCWlkswWluA2W/aFifqGQZUDdDP4C0wuP
iwhkntVxpzhc7uzVpjbOaZqNEV7cXuSc6BmI3XYo1bcgCZQ5LY6ce9K6nN2LAUFN
ZMmfpxNW0apS4rIGNGfv4Cmjz3x37ypQ+fgDlKSWei4dRbPjcOiPvxf8a0WQdkFt
KmTWIUBJJGhw+TpRgu7aAuJ6ldlD0QSxjLXpJTU8rLtOBr+DmzM09bmmSDDZV1Mu
MBB4a8uIP1AxVcSoArjejhQhHAIPc9rbTnh3DmCZFHQa
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:44:48 2024 by rpki-client on console-fra.rpki-client.org