Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/EHdbWokzEJGfN57dIi8D86SttsQ.roa
File:                     EHdbWokzEJGfN57dIi8D86SttsQ.roa (raw, json)
Hash identifier:          yMHZF5kfQ+YU4GTm7OEAvTNbaXdtXTUFJViZFyltZm8=
Subject key identifier:   10:77:5B:5A:89:33:10:91:9F:37:9E:DD:22:2F:03:F3:A4:AD:B6:C4
Certificate issuer:       /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial:       018CC8DF775A0F7AEAFA7EBD692DEDC7B970
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/EHdbWokzEJGfN57dIi8D86SttsQ.roa
Signing time:             Tue 02 Jan 2024 06:32:17 +0000
ROA not before:           Tue 02 Jan 2024 06:32:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     54339
IP address blocks:        93.185.152.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 May 2024 22:03:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:77:5a:0f:7a:ea:fa:7e:bd:69:2d:ed:c7:b9:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
        Validity
            Not Before: Jan  2 06:32:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=10775b5a893310919f379edd222f03f3a4adb6c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:01:47:f5:7e:62:08:f0:29:5f:80:c3:93:48:
                    f8:cf:b9:97:d4:65:cf:20:46:5e:d0:15:db:62:b7:
                    9a:36:41:b0:02:49:10:e1:82:68:5f:2f:3a:05:87:
                    33:29:ed:56:55:aa:fc:1f:05:ec:9d:34:09:ed:23:
                    ae:eb:09:32:d9:37:23:b4:98:78:08:4d:19:9e:9b:
                    71:77:bb:f5:55:32:b3:58:c8:53:95:0c:ae:e0:88:
                    3a:d8:18:ec:a3:09:09:29:f7:36:47:53:4e:b0:53:
                    7b:98:47:f3:46:c5:37:8e:90:c4:c8:8b:e8:60:2a:
                    19:df:46:4a:5e:f0:17:c9:1b:c6:a9:2f:3d:51:51:
                    2e:e3:bf:f9:c8:d4:21:c7:be:8f:6f:5c:c6:2c:0e:
                    ea:91:18:43:b4:5e:26:85:6e:0c:fc:eb:04:9f:d1:
                    a0:23:7f:dd:48:27:a2:f6:9e:17:a0:e2:23:d3:ea:
                    ce:2b:15:ae:95:e2:51:3c:72:a1:88:a4:b1:ed:31:
                    10:88:40:ec:8a:66:22:bf:21:9c:0a:a3:f6:d4:b3:
                    0b:0d:18:8b:3a:aa:03:bb:eb:a5:d5:bd:32:55:b7:
                    b6:85:12:1f:7a:1f:61:f0:4e:6d:b6:21:80:10:67:
                    4d:b0:3b:dc:d2:36:49:d7:9b:d4:b8:fc:82:9a:ed:
                    55:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:77:5B:5A:89:33:10:91:9F:37:9E:DD:22:2F:03:F3:A4:AD:B6:C4
            X509v3 Authority Key Identifier:
                keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/EHdbWokzEJGfN57dIi8D86SttsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.185.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:c3:ab:4d:65:16:a8:f1:64:ed:95:fc:d0:46:4e:65:29:ab:
         04:51:ef:0c:0d:12:ca:ab:c0:f6:4d:70:8a:a4:95:71:f7:bf:
         29:af:84:bc:47:54:c0:aa:bd:17:06:90:51:94:f0:e9:16:58:
         e2:ec:f6:06:dc:f9:5c:a8:dd:5a:df:8b:b1:c6:81:42:8a:40:
         8d:21:91:37:db:a9:31:25:73:23:0d:d2:66:1e:ab:00:06:8f:
         97:3e:20:1c:a5:24:97:3c:64:76:9c:2a:54:0a:b1:9a:01:98:
         92:d7:f7:f6:78:d2:20:48:ec:55:33:a9:07:e7:1e:b6:f5:eb:
         e5:60:2b:77:ce:fd:19:ca:02:10:3e:4a:1d:02:c6:e0:74:34:
         23:ec:5d:e8:d6:be:db:94:36:6c:1c:c4:f4:d9:aa:2c:1a:c2:
         1d:81:4b:32:f0:c5:03:90:d4:b8:45:09:58:74:ee:3b:ea:38:
         e0:94:41:5b:bb:27:cd:65:a8:40:31:44:c8:ec:41:87:bb:e9:
         af:ba:77:ee:95:ba:54:cd:b0:fa:33:25:6f:b7:b9:19:36:82:
         31:b9:ac:e9:b5:d4:47:c3:bf:59:82:6a:f6:74:69:28:03:bc:
         68:94:2c:01:dd:88:59:b2:aa:80:0e:a4:5f:e3:6d:80:e7:43:
         fd:7a:ea:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33daD3rq+n69aS3tx7lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOWQ5NzUxZjM2NzVmNTEzMzI3MzRkYTY4ZWE5NjAyNjAw
NDViMTIwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc3NWI1YTg5MzMxMDkxOWYzNzllZGQyMjJmMDNmM2E0YWRiNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwFH9X5iCPApX4DDk0j4z7mX1GXP
IEZe0BXbYreaNkGwAkkQ4YJoXy86BYczKe1WVar8HwXsnTQJ7SOu6wky2TcjtJh4
CE0Znptxd7v1VTKzWMhTlQyu4Ig62BjsowkJKfc2R1NOsFN7mEfzRsU3jpDEyIvo
YCoZ30ZKXvAXyRvGqS89UVEu47/5yNQhx76Pb1zGLA7qkRhDtF4mhW4M/OsEn9Gg
I3/dSCei9p4XoOIj0+rOKxWuleJRPHKhiKSx7TEQiEDsimYivyGcCqP21LMLDRiL
OqoDu+ul1b0yVbe2hRIfeh9h8E5ttiGAEGdNsDvc0jZJ15vUuPyCmu1VHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBB3W1qJMxCRnzee3SIvA/OkrbbEMB8GA1UdIwQY
MBaAFKKdl1HzZ19RMyc02mjqlgJgBFsSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMt
MDc5YmEwNTcwZjc1LzEvRUhkYldva3pFSkdmTjU3ZElpOEQ4NlN0dHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNjQzOTgtOTYwMS00YjdjLWI3ODMtMDc5YmEwNTcwZjc1
LzEvb3AyWFVmTm5YMUV6SnpUYWFPcVdBbUFFV3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXbmYMA0G
CSqGSIb3DQEBCwUAA4IBAQA0w6tNZRao8WTtlfzQRk5lKasEUe8MDRLKq8D2TXCK
pJVx978pr4S8R1TAqr0XBpBRlPDpFlji7PYG3PlcqN1a34uxxoFCikCNIZE326kx
JXMjDdJmHqsABo+XPiAcpSSXPGR2nCpUCrGaAZiS1/f2eNIgSOxVM6kH5x629evl
YCt3zv0ZygIQPkodAsbgdDQj7F3o1r7blDZsHMT02aosGsIdgUsy8MUDkNS4RQlY
dO476jjglEFbuyfNZahAMUTI7EGHu+mvunfulbpUzbD6MyVvt7kZNoIxuazptdRH
w79Zgmr2dGkoA7xolCwB3YhZsqqADqRf422A50P9eupo
-----END CERTIFICATE-----
Generated at Wed May 29 08:16:35 2024 by rpki-client on console-ams.rpki-client.org