Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/iSldwScnGx6tLTkClbyNMkLBmes.roa
File:                     iSldwScnGx6tLTkClbyNMkLBmes.roa (raw, json)
Hash identifier:          yuW3aYD6r3uom3UORfibiIVYPsUDW01CcdtZOLwEyv8=
Subject key identifier:   89:29:5D:C1:27:27:1B:1E:AD:2D:39:02:95:BC:8D:32:42:C1:99:EB
Certificate issuer:       /CN=f4dc26c626c51c5def6f2466f38f55b25029642f
Certificate serial:       018CCA99D7D99B41AC5A74D048FA881E089F
Authority key identifier: F4:DC:26:C6:26:C5:1C:5D:EF:6F:24:66:F3:8F:55:B2:50:29:64:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NwmxibFHF3vbyRm849VslApZC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/iSldwScnGx6tLTkClbyNMkLBmes.roa
Signing time:             Tue 02 Jan 2024 14:35:29 +0000
ROA not before:           Tue 02 Jan 2024 14:35:29 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210364
IP address blocks:        193.200.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/9NwmxibFHF3vbyRm849VslApZC8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/9NwmxibFHF3vbyRm849VslApZC8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9NwmxibFHF3vbyRm849VslApZC8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:d7:d9:9b:41:ac:5a:74:d0:48:fa:88:1e:08:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4dc26c626c51c5def6f2466f38f55b25029642f
        Validity
            Not Before: Jan  2 14:35:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=89295dc127271b1ead2d390295bc8d3242c199eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f1:fc:e6:11:d5:20:7a:54:28:e7:e2:9e:bf:
                    ba:15:db:75:50:c9:2a:01:9b:c6:3d:4e:f7:ae:6a:
                    50:06:82:ce:c8:69:6c:08:72:bc:28:3e:09:8d:08:
                    91:bd:d4:13:d6:68:d6:df:9f:73:69:74:d1:da:4e:
                    a6:6a:d4:d0:81:2d:df:c3:9c:09:1d:58:6a:1e:fd:
                    72:68:16:36:2d:ba:5d:d8:f7:46:59:89:bd:d4:ce:
                    5f:b6:0a:e9:f8:a6:9b:14:4b:9b:44:4d:a9:25:f6:
                    86:d8:61:c7:0f:1d:97:f6:8b:05:e1:b9:aa:3a:fe:
                    f4:07:0c:86:ad:6c:b1:40:ac:88:88:4c:1f:44:bd:
                    0c:cc:d1:3e:35:e7:d7:e9:a8:17:5c:d3:18:78:94:
                    70:1a:7f:3b:fd:d0:a1:88:7c:73:17:4e:c2:1b:51:
                    41:c2:ac:69:91:93:5e:da:d6:22:9c:69:65:5f:bf:
                    f4:aa:5a:76:30:2b:a8:2f:5e:ba:04:ef:2b:b0:38:
                    1f:43:9c:4e:f0:37:ff:d8:6f:ee:e4:6a:af:d9:89:
                    71:5f:ae:b3:93:4b:8a:d6:66:3d:72:fa:69:82:f1:
                    6c:ab:fd:01:a5:18:7b:0a:69:ac:a6:03:9b:71:1b:
                    e4:42:13:b7:55:95:f8:52:8f:0f:99:db:42:f4:9f:
                    99:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:29:5D:C1:27:27:1B:1E:AD:2D:39:02:95:BC:8D:32:42:C1:99:EB
            X509v3 Authority Key Identifier:
                keyid:F4:DC:26:C6:26:C5:1C:5D:EF:6F:24:66:F3:8F:55:B2:50:29:64:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NwmxibFHF3vbyRm849VslApZC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/iSldwScnGx6tLTkClbyNMkLBmes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/0879d8-f216-45ab-bf87-23e1dadf106c/1/9NwmxibFHF3vbyRm849VslApZC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:fe:18:de:01:40:b8:76:c0:f8:04:f8:9c:19:7f:ae:95:c8:
         b0:2c:90:42:55:96:b1:d6:39:96:33:a0:e0:20:ed:d3:e0:9b:
         f2:58:c4:06:0e:a7:ce:de:72:1f:cc:68:5b:bb:74:e1:a6:c2:
         b7:5e:22:56:77:f0:a9:31:9c:59:d5:84:0e:18:cc:ce:f9:5e:
         54:2f:8d:eb:99:80:b7:6d:c1:e4:f0:d9:ef:6d:0c:86:83:99:
         ff:b9:e9:33:31:e5:ed:cd:71:24:7f:ca:d1:c1:3b:61:65:4d:
         ba:8a:93:24:87:66:b6:0e:64:43:79:83:36:72:af:3e:d2:df:
         e6:c0:63:a3:a6:a2:57:1c:33:b8:2e:5a:77:0f:5d:4b:ac:aa:
         4b:a5:74:aa:43:84:0c:d1:71:b6:cc:68:05:22:a1:9d:1c:b9:
         ec:0b:fc:09:0c:d7:2c:5b:78:73:df:7c:f1:45:93:99:b7:94:
         48:16:09:a9:23:88:74:36:b4:95:44:b7:86:a9:8d:e3:8d:4f:
         d5:ff:06:e9:b2:22:93:60:6a:e1:2a:fa:4a:f2:ef:af:88:a0:
         fc:de:3c:45:3d:7d:87:9d:23:fe:df:e2:1f:c1:d0:63:02:57:
         ff:41:92:30:d8:52:d8:b7:34:f9:ca:45:83:cb:77:e0:71:b0:
         3c:c3:3c:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmdfZm0GsWnTQSPqIHgifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGMyNmM2MjZjNTFjNWRlZjZmMjQ2NmYzOGY1NWIyNTAy
OTY0MmYwHhcNMjQwMTAyMTQzNTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI5NWRjMTI3MjcxYjFlYWQyZDM5MDI5NWJjOGQzMjQyYzE5OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/H85hHVIHpUKOfinr+6Fdt1UMkq
AZvGPU73rmpQBoLOyGlsCHK8KD4JjQiRvdQT1mjW359zaXTR2k6matTQgS3fw5wJ
HVhqHv1yaBY2Lbpd2PdGWYm91M5ftgrp+KabFEubRE2pJfaG2GHHDx2X9osF4bmq
Ov70BwyGrWyxQKyIiEwfRL0MzNE+NefX6agXXNMYeJRwGn87/dChiHxzF07CG1FB
wqxpkZNe2tYinGllX7/0qlp2MCuoL166BO8rsDgfQ5xO8Df/2G/u5Gqv2YlxX66z
k0uK1mY9cvppgvFsq/0BpRh7CmmspgObcRvkQhO3VZX4Uo8PmdtC9J+ZcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkpXcEnJxserS05ApW8jTJCwZnrMB8GA1UdIwQY
MBaAFPTcJsYmxRxd728kZvOPVbJQKWQvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU53bXhpYkZIRjN2YnlSbTg0OVZzbEFwWkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wODc5ZDgtZjIxNi00NWFiLWJmODct
MjNlMWRhZGYxMDZjLzEvaVNsZHdTY25HeDZ0TFRrQ2xieU5Na0xCbWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wODc5ZDgtZjIxNi00NWFiLWJmODctMjNlMWRhZGYxMDZj
LzEvOU53bXhpYkZIRjN2YnlSbTg0OVZzbEFwWkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcghMA0G
CSqGSIb3DQEBCwUAA4IBAQCL/hjeAUC4dsD4BPicGX+ulciwLJBCVZax1jmWM6Dg
IO3T4JvyWMQGDqfO3nIfzGhbu3ThpsK3XiJWd/CpMZxZ1YQOGMzO+V5UL43rmYC3
bcHk8NnvbQyGg5n/uekzMeXtzXEkf8rRwTthZU26ipMkh2a2DmRDeYM2cq8+0t/m
wGOjpqJXHDO4Llp3D11LrKpLpXSqQ4QM0XG2zGgFIqGdHLnsC/wJDNcsW3hz33zx
RZOZt5RIFgmpI4h0NrSVRLeGqY3jjU/V/wbpsiKTYGrhKvpK8u+viKD83jxFPX2H
nSP+3+IfwdBjAlf/QZIw2FLYtzT5ykWDy3fgcbA8wzyg
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:23:12 2024 by rpki-client on console-ams.rpki-client.org