Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qwysi9X5vs1r9t3C8PCScCUOCc0.roa
File:                     Qwysi9X5vs1r9t3C8PCScCUOCc0.roa (raw, json)
Hash identifier:          f+/uS679G3WYPqCHtWpLN7Nh9dzYsUgDaNkhA1xMxZk=
Subject key identifier:   43:0C:AC:8B:D5:F9:BE:CD:6B:F6:DD:C2:F0:F0:92:70:25:0E:09:CD
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018D74173E0010A4D6CD27BC57A9712675B5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qwysi9X5vs1r9t3C8PCScCUOCc0.roa
Signing time:             Sun 04 Feb 2024 12:28:16 +0000
ROA not before:           Sun 04 Feb 2024 12:28:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211061
IP address blocks:        185.49.127.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 16:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:74:17:3e:00:10:a4:d6:cd:27:bc:57:a9:71:26:75:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Feb  4 12:28:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=430cac8bd5f9becd6bf6ddc2f0f09270250e09cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:47:c3:73:37:7c:52:5d:24:e3:bb:ed:06:d4:
                    fd:30:ea:fa:6d:a1:72:5b:f6:95:6f:20:b9:67:78:
                    0e:54:dd:e7:17:18:e0:bc:ad:bc:5b:2e:b1:23:eb:
                    1d:c4:0f:4d:f1:51:ac:fc:af:55:d4:f7:40:3b:b5:
                    d2:39:bd:1c:91:41:d9:67:cd:dd:18:6f:63:9a:c7:
                    aa:9a:98:cf:6a:4f:a4:d3:8d:71:a4:6a:13:f4:7c:
                    41:c7:5f:bc:bd:d4:82:01:b1:ba:3b:26:2c:9f:be:
                    02:3a:fd:80:01:65:ef:03:14:39:ee:84:84:24:55:
                    58:d5:da:c6:af:45:c2:03:67:ba:45:a8:87:c9:13:
                    e4:57:5e:ea:05:1e:d1:0a:8e:c2:a3:53:68:e1:b7:
                    e0:3c:3a:99:b3:6b:3e:20:4e:27:0c:d2:e2:b9:26:
                    2f:5c:c1:63:88:58:ca:1e:b6:b4:86:f8:37:ad:bd:
                    06:5f:b2:33:ac:2e:a3:38:f6:a4:33:1e:62:17:45:
                    cd:23:62:b6:dc:2f:89:ef:22:d6:a9:b3:90:9c:3c:
                    f2:e7:5c:77:2d:8b:a6:7d:1b:3b:89:5c:0e:56:92:
                    6e:28:0a:9d:ce:75:90:0b:8d:62:37:84:86:54:5d:
                    67:46:09:26:49:b5:55:a6:65:0b:f2:41:8d:80:1a:
                    a1:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:0C:AC:8B:D5:F9:BE:CD:6B:F6:DD:C2:F0:F0:92:70:25:0E:09:CD
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qwysi9X5vs1r9t3C8PCScCUOCc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:6d:39:11:d8:b0:d1:34:3d:20:4e:ae:bc:1c:87:8d:cc:3a:
         c4:49:94:93:7a:05:53:4b:f8:84:d3:c2:ca:d3:41:1a:cc:60:
         8a:41:67:9a:6a:ea:ef:d0:ee:8b:41:f4:f2:d6:37:64:38:fd:
         10:47:97:aa:7b:aa:fd:27:71:2f:d4:6e:c5:7d:3c:77:6a:6b:
         22:56:84:e1:23:9c:42:b3:b5:20:2e:94:a3:d2:f0:fe:23:e9:
         fb:b7:a3:fe:b5:aa:55:50:6d:81:83:3b:9a:7b:1a:81:78:b9:
         e7:31:c7:5e:54:9e:b8:8e:92:67:44:0c:77:95:6b:88:d9:4c:
         37:44:27:90:a2:fe:66:93:74:e6:92:d9:18:9a:dd:bc:66:28:
         fa:5b:5e:3c:dc:00:3c:d0:fb:ae:fb:bf:49:d9:54:b6:02:42:
         a7:b7:c5:cc:b9:43:8f:de:06:44:85:3f:71:8b:c9:c1:bf:7c:
         4f:b8:9f:79:e3:05:91:dc:b7:de:30:9f:a7:50:5e:53:d3:d2:
         88:ae:95:0b:d5:02:e5:d5:1f:09:d0:94:97:12:b2:df:85:86:
         42:40:03:8b:ed:59:ee:97:ca:7a:81:dc:de:9b:2a:b9:81:56:
         5a:a2:99:b9:57:e9:7c:1b:a1:3a:74:c3:b5:3d:88:3c:cc:7c:
         d6:bf:76:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY10Fz4AEKTWzSe8V6lxJnW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjA0MTIyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzBjYWM4YmQ1ZjliZWNkNmJmNmRkYzJmMGYwOTI3MDI1MGUwOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukfDczd8Ul0k47vtBtT9MOr6baFy
W/aVbyC5Z3gOVN3nFxjgvK28Wy6xI+sdxA9N8VGs/K9V1PdAO7XSOb0ckUHZZ83d
GG9jmseqmpjPak+k041xpGoT9HxBx1+8vdSCAbG6OyYsn74COv2AAWXvAxQ57oSE
JFVY1drGr0XCA2e6RaiHyRPkV17qBR7RCo7Co1No4bfgPDqZs2s+IE4nDNLiuSYv
XMFjiFjKHra0hvg3rb0GX7IzrC6jOPakMx5iF0XNI2K23C+J7yLWqbOQnDzy51x3
LYumfRs7iVwOVpJuKAqdznWQC41iN4SGVF1nRgkmSbVVpmUL8kGNgBqhZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMMrIvV+b7Na/bdwvDwknAlDgnNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUXd5c2k5WDV2czFyOXQzQzhQQ1NjQ1VPQ2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTF/MA0G
CSqGSIb3DQEBCwUAA4IBAQANbTkR2LDRND0gTq68HIeNzDrESZSTegVTS/iE08LK
00EazGCKQWeaaurv0O6LQfTy1jdkOP0QR5eqe6r9J3Ev1G7FfTx3amsiVoThI5xC
s7UgLpSj0vD+I+n7t6P+tapVUG2BgzuaexqBeLnnMcdeVJ64jpJnRAx3lWuI2Uw3
RCeQov5mk3TmktkYmt28Zij6W1483AA80Puu+79J2VS2AkKnt8XMuUOP3gZEhT9x
i8nBv3xPuJ954wWR3LfeMJ+nUF5T09KIrpUL1QLl1R8J0JSXErLfhYZCQAOL7Vnu
l8p6gdzemyq5gVZaopm5V+l8G6E6dMO1PYg8zHzWv3b4
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:28 2024 by rpki-client on console-ams.rpki-client.org