Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/qW8uj814qLw3SY6PDe8Zmlyj0Ls.roa
File:                     qW8uj814qLw3SY6PDe8Zmlyj0Ls.roa (raw, json)
Hash identifier:          wRvHUWiO9P1aGJMVjBkUsPEGRX6tArewRGfuGHnOCRU=
Subject key identifier:   A9:6F:2E:8F:CD:78:A8:BC:37:49:8E:8F:0D:EF:19:9A:5C:A3:D0:BB
Certificate issuer:       /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial:       018CC87143206BD3A20CEDCB322128FA37A2
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/qW8uj814qLw3SY6PDe8Zmlyj0Ls.roa
Signing time:             Tue 02 Jan 2024 04:31:55 +0000
ROA not before:           Tue 02 Jan 2024 04:31:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204372
IP address blocks:        91.232.99.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:43:20:6b:d3:a2:0c:ed:cb:32:21:28:fa:37:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
        Validity
            Not Before: Jan  2 04:31:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a96f2e8fcd78a8bc37498e8f0def199a5ca3d0bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fd:ed:c2:01:b0:2b:af:23:88:a9:6b:29:cd:
                    35:82:d0:a8:f5:ba:17:b2:79:e8:7e:3e:2a:a0:3a:
                    39:c4:5c:96:a2:03:64:4b:fb:6a:8f:9c:cb:7d:5c:
                    ee:4e:eb:cf:0b:04:98:df:61:6a:92:9f:ec:db:07:
                    f3:6f:1d:2e:ee:f7:5a:06:9c:d7:74:a2:40:e2:29:
                    6f:9f:4e:9b:f0:e4:78:40:62:01:8e:00:cc:87:1a:
                    d6:2a:84:9a:0a:a2:49:01:ba:ed:c4:ad:d5:b5:d8:
                    d2:f0:f0:a3:aa:28:94:9e:79:4c:8a:53:f2:67:53:
                    d4:2a:3c:85:1d:7a:c5:bc:94:a2:bf:fa:da:80:f2:
                    93:fd:e9:73:a3:f1:fb:af:6c:54:94:86:4d:06:5a:
                    83:d0:b7:df:88:dc:52:24:b4:80:dd:e8:7f:43:bd:
                    8a:6d:87:f7:3a:84:5f:2e:c1:dc:d0:21:b0:7b:7d:
                    e3:2a:8b:db:45:49:f5:16:d2:4d:80:a9:d1:89:f4:
                    35:99:31:2d:e7:34:12:81:58:54:02:a6:77:fc:d6:
                    a9:92:33:93:f3:b3:59:ce:a1:18:55:6e:59:bf:27:
                    47:90:90:ea:61:a1:12:1b:8d:dd:2f:80:ca:fd:0f:
                    4d:7a:75:a0:90:33:90:77:40:54:02:d0:08:00:2e:
                    c4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:6F:2E:8F:CD:78:A8:BC:37:49:8E:8F:0D:EF:19:9A:5C:A3:D0:BB
            X509v3 Authority Key Identifier:
                keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/qW8uj814qLw3SY6PDe8Zmlyj0Ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.232.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:29:f8:56:75:23:49:a8:54:fb:ef:18:d9:47:5c:bd:65:33:
         4d:2f:7d:a4:0e:4c:f3:19:9d:b0:da:55:e2:07:38:b6:1a:c3:
         b2:0d:00:e3:46:8e:7c:4f:ef:c0:a6:d9:8b:7a:bd:3e:91:b1:
         a0:e5:56:21:81:49:b6:9e:08:dc:f0:3a:73:6d:8a:05:82:b7:
         74:6a:8b:3a:ce:a1:93:e2:86:56:75:24:1d:51:e4:37:01:60:
         ca:3c:19:e6:ca:29:cf:60:e7:7a:89:4a:36:96:2b:0f:57:05:
         75:f0:2d:88:f1:a3:c5:9f:9f:04:53:7c:c4:71:1a:88:41:4f:
         3a:58:89:1f:25:df:a1:a6:06:b3:f8:a9:be:8f:b8:c8:59:f5:
         77:e2:c2:a6:bb:2a:6b:82:cf:4d:b5:1e:37:07:3f:2c:0c:89:
         f1:29:f5:d8:fe:45:8d:14:00:10:88:42:21:f8:97:53:9a:88:
         e3:11:3f:eb:67:d0:a8:e1:d2:6c:7e:63:91:9b:42:4f:28:25:
         a3:cd:09:50:5b:8b:b3:da:61:c1:55:ba:8a:f3:40:8b:8a:85:
         57:85:93:86:f0:c0:49:5d:dd:86:8a:0b:43:8c:cd:a4:4f:b0:
         96:d2:fe:54:ee:41:f7:4e:c3:a5:44:80:10:a1:88:4d:5f:89:
         b6:0c:d7:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcUMga9OiDO3LMiEo+jeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTZmMmU4ZmNkNzhhOGJjMzc0OThlOGYwZGVmMTk5YTVjYTNkMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/3twgGwK68jiKlrKc01gtCo9boX
snnofj4qoDo5xFyWogNkS/tqj5zLfVzuTuvPCwSY32Fqkp/s2wfzbx0u7vdaBpzX
dKJA4ilvn06b8OR4QGIBjgDMhxrWKoSaCqJJAbrtxK3VtdjS8PCjqiiUnnlMilPy
Z1PUKjyFHXrFvJSiv/ragPKT/elzo/H7r2xUlIZNBlqD0LffiNxSJLSA3eh/Q72K
bYf3OoRfLsHc0CGwe33jKovbRUn1FtJNgKnRifQ1mTEt5zQSgVhUAqZ3/NapkjOT
87NZzqEYVW5ZvydHkJDqYaESG43dL4DK/Q9NenWgkDOQd0BUAtAIAC7E6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlvLo/NeKi8N0mOjw3vGZpco9C7MB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvcVc4dWo4MTRxTHczU1k2UERlOFptbHlqMExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hjMA0G
CSqGSIb3DQEBCwUAA4IBAQASKfhWdSNJqFT77xjZR1y9ZTNNL32kDkzzGZ2w2lXi
Bzi2GsOyDQDjRo58T+/AptmLer0+kbGg5VYhgUm2ngjc8DpzbYoFgrd0aos6zqGT
4oZWdSQdUeQ3AWDKPBnmyinPYOd6iUo2lisPVwV18C2I8aPFn58EU3zEcRqIQU86
WIkfJd+hpgaz+Km+j7jIWfV34sKmuyprgs9NtR43Bz8sDInxKfXY/kWNFAAQiEIh
+JdTmojjET/rZ9Co4dJsfmORm0JPKCWjzQlQW4uz2mHBVbqK80CLioVXhZOG8MBJ
Xd2GigtDjM2kT7CW0v5U7kH3TsOlRIAQoYhNX4m2DNdl
-----END CERTIFICATE-----
Generated at Fri May 17 21:44:28 2024 by rpki-client on console-fra.rpki-client.org