Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TEQrbi9pjcfAj5eTwnZCQkBvrcs.roa
File:                     TEQrbi9pjcfAj5eTwnZCQkBvrcs.roa (raw, json)
Hash identifier:          IEHxvcgZZpjngAhtNNyBafDs8TR0Ygbs+i3oVHqKY2o=
Subject key identifier:   4C:44:2B:6E:2F:69:8D:C7:C0:8F:97:93:C2:76:42:42:40:6F:AD:CB
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       01911447F14345B25ED394A9EC7E23FCE6F3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TEQrbi9pjcfAj5eTwnZCQkBvrcs.roa
Signing time:             Fri 02 Aug 2024 18:09:04 +0000
ROA not before:           Fri 02 Aug 2024 18:09:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197071
IP address blocks:        31.56.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:14:47:f1:43:45:b2:5e:d3:94:a9:ec:7e:23:fc:e6:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Aug  2 18:09:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4c442b6e2f698dc7c08f9793c2764242406fadcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7b:53:10:f1:b7:df:dd:bd:a7:d1:44:d0:40:
                    34:71:45:fa:a1:76:f6:69:d3:48:0a:4b:3b:b8:54:
                    3c:ad:0a:6a:75:5c:06:76:82:e4:1d:f9:a5:e2:f9:
                    25:9d:5c:d1:36:a9:ab:5f:37:73:61:90:c1:31:14:
                    3d:c5:73:ae:52:90:a4:b7:f0:a9:6b:86:42:7f:7d:
                    80:b2:1a:ad:b7:15:85:69:7d:a6:e3:c4:14:05:fe:
                    6e:bd:67:a1:26:7a:28:41:9a:89:ad:14:81:62:58:
                    88:d5:49:08:34:e0:e1:35:13:81:a3:80:73:70:28:
                    a8:1f:0d:d5:a6:50:2b:82:aa:d8:ce:6b:aa:06:16:
                    dc:a1:a1:ba:bb:01:b7:1e:9f:ca:17:c0:07:6f:e0:
                    67:88:07:58:74:fd:64:9c:f6:39:3b:d4:c6:e5:56:
                    59:66:21:e5:b8:08:85:d5:82:9f:ca:80:03:23:2f:
                    24:ee:5d:4e:e0:e8:96:3b:a3:81:1f:60:74:ee:3b:
                    6e:7b:96:3a:26:df:74:6a:fb:69:1e:e0:58:69:eb:
                    ce:99:bc:04:e1:b0:a2:7c:ca:9f:4f:83:36:87:76:
                    69:f9:da:91:45:0d:4e:d7:db:cd:2c:c4:c8:bf:17:
                    51:de:dc:b9:81:be:76:b3:af:2a:41:29:4e:14:b5:
                    d8:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:44:2B:6E:2F:69:8D:C7:C0:8F:97:93:C2:76:42:42:40:6F:AD:CB
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TEQrbi9pjcfAj5eTwnZCQkBvrcs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:0d:0a:31:50:ad:0c:3e:1f:9a:6e:58:17:51:f5:f5:45:f5:
         6b:6b:37:2d:dc:98:15:d8:89:e7:66:54:60:37:78:09:6d:77:
         e0:a5:73:ac:29:b9:08:77:14:16:81:74:9d:6f:6f:51:77:4f:
         46:75:62:1b:1d:2a:c9:17:12:be:15:c8:ee:99:48:5d:de:a7:
         5e:d4:98:ad:9c:e9:0f:27:06:17:e1:31:d0:58:3b:05:2c:ef:
         02:53:f8:91:c6:6d:ef:70:54:6d:ec:00:93:34:91:97:7e:3c:
         c1:96:80:50:2b:52:47:d1:ef:b7:a1:8c:5a:41:9e:83:70:37:
         be:d9:93:13:b7:4e:4d:7a:32:bc:29:22:ef:c3:85:fd:fc:94:
         93:73:0f:b2:0e:36:b7:a4:95:ff:2e:e4:ad:08:02:eb:94:c7:
         45:f9:0e:31:88:58:aa:2b:d4:dc:61:95:2a:b5:07:3c:fa:48:
         ea:80:38:ea:eb:da:86:62:59:55:70:a6:70:21:45:25:ca:f8:
         49:ba:fa:4a:5b:60:e4:07:f5:f7:fe:2a:80:d6:83:64:5b:e3:
         a9:01:9e:be:9a:98:63:26:ef:ef:46:d1:ed:e3:7a:dc:f3:e2:
         8c:9b:0a:ee:23:3d:8d:7b:2f:4d:35:c5:f3:a5:25:40:0e:20:
         2a:0b:1a:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEUR/FDRbJe05Sp7H4j/ObzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODAyMTgwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ0MmI2ZTJmNjk4ZGM3YzA4Zjk3OTNjMjc2NDI0MjQwNmZhZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtntTEPG33929p9FE0EA0cUX6oXb2
adNICks7uFQ8rQpqdVwGdoLkHfml4vklnVzRNqmrXzdzYZDBMRQ9xXOuUpCkt/Cp
a4ZCf32AshqttxWFaX2m48QUBf5uvWehJnooQZqJrRSBYliI1UkINODhNROBo4Bz
cCioHw3VplArgqrYzmuqBhbcoaG6uwG3Hp/KF8AHb+BniAdYdP1knPY5O9TG5VZZ
ZiHluAiF1YKfyoADIy8k7l1O4OiWO6OBH2B07jtue5Y6Jt90avtpHuBYaevOmbwE
4bCifMqfT4M2h3Zp+dqRRQ1O19vNLMTIvxdR3ty5gb52s68qQSlOFLXYmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExEK24vaY3HwI+Xk8J2QkJAb63LMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVEVRcmJpOXBqY2ZBajVlVHduWkNRa0J2cmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzgHMA0G
CSqGSIb3DQEBCwUAA4IBAQCsDQoxUK0MPh+ablgXUfX1RfVrazct3JgV2InnZlRg
N3gJbXfgpXOsKbkIdxQWgXSdb29Rd09GdWIbHSrJFxK+FcjumUhd3qde1JitnOkP
JwYX4THQWDsFLO8CU/iRxm3vcFRt7ACTNJGXfjzBloBQK1JH0e+3oYxaQZ6DcDe+
2ZMTt05NejK8KSLvw4X9/JSTcw+yDja3pJX/LuStCALrlMdF+Q4xiFiqK9TcYZUq
tQc8+kjqgDjq69qGYllVcKZwIUUlyvhJuvpKW2DkB/X3/iqA1oNkW+OpAZ6+mphj
Ju/vRtHt43rc8+KMmwruIz2Ney9NNcXzpSVADiAqCxqU
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:03 2024 by rpki-client on console-ams.rpki-client.org