Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tmov-Rp6RwjIwE6r5gxmnUnnZzA.roa
File:                     tmov-Rp6RwjIwE6r5gxmnUnnZzA.roa (raw, json)
Hash identifier:          zTL9Q8p9InUcJ9vtdsLK1IN3KhkBK4fvP+rn6ECLidU=
Subject key identifier:   B6:6A:2F:F9:1A:7A:47:08:C8:C0:4E:AB:E6:0C:66:9D:49:E7:67:30
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0191BD77FCFDF15D64F53A5B9563EE510FEB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tmov-Rp6RwjIwE6r5gxmnUnnZzA.roa
Signing time:             Wed 04 Sep 2024 14:37:22 +0000
ROA not before:           Wed 04 Sep 2024 14:37:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214285
IP address blocks:        213.210.39.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:bd:77:fc:fd:f1:5d:64:f5:3a:5b:95:63:ee:51:0f:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Sep  4 14:37:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b66a2ff91a7a4708c8c04eabe60c669d49e76730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7d:f9:45:07:ca:ca:ca:34:2e:50:94:6d:9d:
                    61:ee:be:86:a6:c2:68:a8:e8:f6:c2:95:33:85:14:
                    7f:ef:8a:54:34:4d:5c:fa:a2:6c:b1:b1:23:1f:2f:
                    c5:b7:c9:61:7c:64:4a:17:28:ea:3e:11:79:aa:0b:
                    dd:b7:0a:10:94:84:05:20:57:50:0f:2d:b4:8f:8e:
                    67:0d:b0:47:ea:e6:63:c8:b9:d7:13:d1:ad:a3:ca:
                    1a:e2:0a:22:e2:45:d8:b5:2e:c6:45:e0:6a:ef:4c:
                    ce:13:89:f1:60:e3:90:46:ec:6d:e9:7e:0d:b4:b7:
                    9a:c7:a3:c0:3b:a6:7f:e5:77:33:df:5d:87:2d:92:
                    67:b6:60:d5:52:91:16:7d:69:4d:cf:b2:2f:56:51:
                    af:44:ca:53:e1:6e:6d:7e:27:71:fb:f8:e9:49:1a:
                    36:3c:9c:45:8f:c4:db:16:e9:65:65:a8:e9:b7:5a:
                    65:d8:47:6d:e7:41:49:ac:3c:b4:e7:ac:04:76:97:
                    12:48:f9:5f:0c:60:61:ba:dc:79:e3:d4:8e:07:d9:
                    b7:36:56:34:29:c1:13:a1:ce:54:6f:88:a3:a3:8b:
                    40:cc:05:5c:73:8b:04:00:14:bb:92:f4:60:85:a1:
                    24:be:6d:9a:15:f3:b6:3b:50:6f:6d:0a:2b:d8:7e:
                    f1:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:6A:2F:F9:1A:7A:47:08:C8:C0:4E:AB:E6:0C:66:9D:49:E7:67:30
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tmov-Rp6RwjIwE6r5gxmnUnnZzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.210.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:c3:14:6d:90:ea:cd:bd:f6:0b:5c:de:6a:fb:31:e7:82:99:
         d5:2b:09:e8:d4:ea:a0:10:2d:02:f9:17:b8:93:e8:99:53:26:
         8b:f2:e8:61:36:a7:b2:36:31:90:e3:a8:8e:16:21:60:da:b7:
         c7:6b:c8:7e:4e:32:02:41:7d:db:77:92:74:af:6d:11:d2:1b:
         14:45:eb:af:2b:93:3b:2f:ca:6d:e5:a8:1b:3f:2e:d6:be:e0:
         5a:82:62:02:fa:cb:75:04:88:f4:65:5b:c3:59:3f:85:e1:10:
         bd:aa:ac:37:a2:70:b3:69:33:d0:66:9d:27:bc:5d:f1:0a:ff:
         66:bc:96:08:cb:b9:9b:ce:40:70:4d:fe:b2:ce:53:42:c7:c8:
         71:7e:d7:a4:e8:28:9f:00:a0:de:1f:b3:77:2c:1a:56:cf:c5:
         05:85:b1:ee:3e:a8:a8:60:5a:f6:ed:24:83:00:f2:da:66:fb:
         9f:de:9f:84:2b:93:9d:30:f9:1e:50:90:36:4e:d4:4f:34:98:
         56:97:91:f4:28:48:e1:5b:b4:1c:71:10:94:35:08:a6:15:16:
         0f:6b:db:63:d5:a7:f6:e0:5d:55:fb:99:dd:68:33:36:fd:dc:
         09:a0:46:eb:dc:3e:a0:c4:a1:0a:38:78:68:60:4b:45:5a:75:
         66:bf:6a:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG9d/z98V1k9TpblWPuUQ/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA0MTQzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZhMmZmOTFhN2E0NzA4YzhjMDRlYWJlNjBjNjY5ZDQ5ZTc2NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn35RQfKyso0LlCUbZ1h7r6GpsJo
qOj2wpUzhRR/74pUNE1c+qJssbEjHy/Ft8lhfGRKFyjqPhF5qgvdtwoQlIQFIFdQ
Dy20j45nDbBH6uZjyLnXE9Gto8oa4goi4kXYtS7GReBq70zOE4nxYOOQRuxt6X4N
tLeax6PAO6Z/5Xcz312HLZJntmDVUpEWfWlNz7IvVlGvRMpT4W5tfidx+/jpSRo2
PJxFj8TbFullZajpt1pl2Edt50FJrDy056wEdpcSSPlfDGBhutx549SOB9m3NlY0
KcEToc5Ub4ijo4tAzAVcc4sEABS7kvRghaEkvm2aFfO2O1BvbQor2H7xvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZqL/kaekcIyMBOq+YMZp1J52cwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdG1vdi1ScDZSd2pJd0U2cjVneG1uVW5uWnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dInMA0G
CSqGSIb3DQEBCwUAA4IBAQBfwxRtkOrNvfYLXN5q+zHngpnVKwno1OqgEC0C+Re4
k+iZUyaL8uhhNqeyNjGQ46iOFiFg2rfHa8h+TjICQX3bd5J0r20R0hsUReuvK5M7
L8pt5agbPy7WvuBagmIC+st1BIj0ZVvDWT+F4RC9qqw3onCzaTPQZp0nvF3xCv9m
vJYIy7mbzkBwTf6yzlNCx8hxftek6CifAKDeH7N3LBpWz8UFhbHuPqioYFr27SSD
APLaZvuf3p+EK5OdMPkeUJA2TtRPNJhWl5H0KEjhW7QccRCUNQimFRYPa9tj1af2
4F1V+5ndaDM2/dwJoEbr3D6gxKEKOHhoYEtFWnVmv2p9
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:16 2024 by rpki-client on console-fra.rpki-client.org