Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/j5jltcxlE7wYiBIP8Ah2seSeJQg.roa
File:                     j5jltcxlE7wYiBIP8Ah2seSeJQg.roa (raw, json)
Hash identifier:          cL5+I57WV96n7r00ADw0sK1L81B1XUzuHXn77ojK2/U=
Subject key identifier:   8F:98:E5:B5:CC:65:13:BC:18:88:12:0F:F0:08:76:B1:E4:9E:25:08
Certificate issuer:       /CN=4f8477e569d1d7d60f0469a7cc8a7f4746039bb7
Certificate serial:       018CCA2B5E52F1C811917587097A6D6592FB
Authority key identifier: 4F:84:77:E5:69:D1:D7:D6:0F:04:69:A7:CC:8A:7F:47:46:03:9B:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T4R35WnR19YPBGmnzIp_R0YDm7c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/j5jltcxlE7wYiBIP8Ah2seSeJQg.roa
Signing time:             Tue 02 Jan 2024 12:34:48 +0000
ROA not before:           Tue 02 Jan 2024 12:34:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9121
IP address blocks:        91.220.50.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/T4R35WnR19YPBGmnzIp_R0YDm7c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/T4R35WnR19YPBGmnzIp_R0YDm7c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T4R35WnR19YPBGmnzIp_R0YDm7c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:5e:52:f1:c8:11:91:75:87:09:7a:6d:65:92:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f8477e569d1d7d60f0469a7cc8a7f4746039bb7
        Validity
            Not Before: Jan  2 12:34:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8f98e5b5cc6513bc1888120ff00876b1e49e2508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:69:67:15:63:e6:95:6d:52:6e:42:b7:da:8c:
                    e3:5e:37:2b:35:cf:8f:57:e5:f5:77:44:a7:be:6f:
                    b8:e7:e4:31:c9:95:cf:dd:cb:ea:fc:c1:a1:cb:f3:
                    cb:5c:21:4b:3d:b1:06:c6:6b:1e:e7:ef:85:4f:a1:
                    72:52:a9:5b:e8:68:58:8c:cb:22:1b:1b:72:55:8e:
                    6e:a0:20:d7:07:f7:03:74:7a:e5:3b:eb:e8:b8:42:
                    c7:d5:22:f5:60:35:cd:f7:86:53:9e:45:1c:7f:77:
                    98:fe:7c:2b:b3:40:50:c1:48:63:8d:2e:fb:3e:af:
                    a4:3d:1d:43:c0:fb:61:43:77:77:6f:5f:bc:42:5f:
                    6d:4c:65:1c:0f:e9:c9:67:50:68:6e:19:6e:5d:3b:
                    dd:42:50:c5:4a:e2:25:41:35:bd:87:e3:86:3b:24:
                    3c:97:64:b0:c0:23:a5:57:05:58:11:d6:a9:18:0e:
                    bd:30:9f:53:0d:48:37:34:4c:2d:20:e1:f8:74:ec:
                    5b:3e:e6:1e:d5:f6:5f:ad:79:44:c8:ff:ff:a8:e1:
                    66:80:27:0a:1f:27:d9:23:08:53:3b:22:b6:10:65:
                    9d:78:8e:45:01:97:0a:04:d2:04:04:bb:97:78:4a:
                    cc:8e:e4:2a:33:ec:96:72:6f:91:f1:b8:a8:a8:30:
                    db:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:98:E5:B5:CC:65:13:BC:18:88:12:0F:F0:08:76:B1:E4:9E:25:08
            X509v3 Authority Key Identifier:
                keyid:4F:84:77:E5:69:D1:D7:D6:0F:04:69:A7:CC:8A:7F:47:46:03:9B:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4R35WnR19YPBGmnzIp_R0YDm7c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/j5jltcxlE7wYiBIP8Ah2seSeJQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/775190-cb94-4063-8c1a-ad147d915791/1/T4R35WnR19YPBGmnzIp_R0YDm7c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:10:c2:f2:aa:be:86:83:d7:2e:a6:f9:5b:b9:b3:69:a2:27:
         27:e2:19:f5:0e:8b:5a:d3:15:39:cd:7e:75:71:35:8e:35:ca:
         dd:fc:27:ac:40:0b:7d:4c:43:39:2e:7a:f8:f2:e9:be:fd:17:
         9d:79:3e:13:7f:93:a6:50:ba:62:38:0c:87:d6:f3:0f:62:1d:
         4e:5f:e3:d9:f2:00:76:51:f4:2f:66:5c:ce:77:fb:8c:e0:0a:
         c1:1b:f9:80:03:41:89:80:0d:fb:a1:36:2e:ed:2e:11:4a:09:
         ae:be:da:dc:43:85:1b:c2:c4:6e:2f:43:ef:66:41:a9:f2:59:
         c2:1b:1a:2a:5f:d4:b2:55:9b:25:48:f5:33:f2:1b:33:ad:30:
         43:35:c5:6d:9d:81:46:12:20:c3:27:eb:e3:c7:8c:3d:15:36:
         f9:32:46:ed:1e:de:ff:c5:77:23:1c:49:fd:d9:d7:c5:56:c1:
         75:95:78:62:36:2c:46:f7:5a:2b:91:71:b0:9a:fd:06:4b:0f:
         37:db:ef:b5:e1:f3:9e:4c:0a:e3:26:f1:47:4d:da:9a:7a:79:
         46:5d:9a:4d:b3:26:a4:09:f7:5c:86:fe:1e:71:8c:ed:aa:17:
         5c:3a:61:5b:95:2b:1c:17:86:4a:ee:d2:2d:65:e3:d9:cd:e5:
         6f:1f:ff:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK15S8cgRkXWHCXptZZL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODQ3N2U1NjlkMWQ3ZDYwZjA0NjlhN2NjOGE3ZjQ3NDYw
MzliYjcwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk4ZTViNWNjNjUxM2JjMTg4ODEyMGZmMDA4NzZiMWU0OWUyNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmlnFWPmlW1SbkK32ozjXjcrNc+P
V+X1d0Snvm+45+QxyZXP3cvq/MGhy/PLXCFLPbEGxmse5++FT6FyUqlb6GhYjMsi
GxtyVY5uoCDXB/cDdHrlO+vouELH1SL1YDXN94ZTnkUcf3eY/nwrs0BQwUhjjS77
Pq+kPR1DwPthQ3d3b1+8Ql9tTGUcD+nJZ1BobhluXTvdQlDFSuIlQTW9h+OGOyQ8
l2SwwCOlVwVYEdapGA69MJ9TDUg3NEwtIOH4dOxbPuYe1fZfrXlEyP//qOFmgCcK
HyfZIwhTOyK2EGWdeI5FAZcKBNIEBLuXeErMjuQqM+yWcm+R8bioqDDbXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+Y5bXMZRO8GIgSD/AIdrHkniUIMB8GA1UdIwQY
MBaAFE+Ed+Vp0dfWDwRpp8yKf0dGA5u3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRSMzVXblIxOVlQQkdtbnpJcF9SMFlEbTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83NzUxOTAtY2I5NC00MDYzLThjMWEt
YWQxNDdkOTE1NzkxLzEvajVqbHRjeGxFN3dZaUJJUDhBaDJzZVNlSlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83NzUxOTAtY2I5NC00MDYzLThjMWEtYWQxNDdkOTE1Nzkx
LzEvVDRSMzVXblIxOVlQQkdtbnpJcF9SMFlEbTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wyMA0G
CSqGSIb3DQEBCwUAA4IBAQACEMLyqr6Gg9cupvlbubNpoicn4hn1Dota0xU5zX51
cTWONcrd/CesQAt9TEM5Lnr48um+/RedeT4Tf5OmULpiOAyH1vMPYh1OX+PZ8gB2
UfQvZlzOd/uM4ArBG/mAA0GJgA37oTYu7S4RSgmuvtrcQ4UbwsRuL0PvZkGp8lnC
GxoqX9SyVZslSPUz8hszrTBDNcVtnYFGEiDDJ+vjx4w9FTb5MkbtHt7/xXcjHEn9
2dfFVsF1lXhiNixG91orkXGwmv0GSw832++14fOeTArjJvFHTdqaenlGXZpNsyak
Cfdchv4ecYztqhdcOmFblSscF4ZK7tItZePZzeVvH//S
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:15:18 2024 by rpki-client on console-fra.rpki-client.org