Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa
File:                     41OSN5RVla3NV8CQwlckXdV91d8.roa (raw, json)
Hash identifier:          U/U20M8vMZS7whCpFE2GATMdSYrkwq69FieDxNU4528=
Subject key identifier:   E3:53:92:37:94:55:95:AD:CD:57:C0:90:C2:57:24:5D:D5:7D:D5:DF
Certificate issuer:       /CN=6987d47935e1137d544426db5288e12a9c025ac2
Certificate serial:       018CC7951AD405453456E582F70CC942242A
Authority key identifier: 69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa
Signing time:             Tue 02 Jan 2024 00:31:26 +0000
ROA not before:           Tue 02 Jan 2024 00:31:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        193.84.4.0/24 maxlen: 24
                          193.84.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:1a:d4:05:45:34:56:e5:82:f7:0c:c9:42:24:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6987d47935e1137d544426db5288e12a9c025ac2
        Validity
            Not Before: Jan  2 00:31:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e3539237945595adcd57c090c257245dd57dd5df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bf:69:63:43:cf:95:b3:b8:52:52:7f:20:c2:
                    76:7d:e3:af:4f:29:75:59:60:b6:dc:21:53:af:d0:
                    96:16:ca:56:04:24:28:20:11:f8:97:7e:ec:e4:98:
                    87:e6:47:89:e9:ec:d8:d1:55:2e:aa:9b:5f:3f:b8:
                    3b:ae:b5:14:ba:96:fc:9d:ab:4c:00:8a:d1:4e:00:
                    e1:dd:1d:b2:06:12:a9:9f:5b:7e:16:0a:e2:1d:94:
                    0a:17:a4:03:0f:3a:58:cc:d0:45:b0:d3:e6:2d:bd:
                    2f:a1:88:a4:1b:0b:69:5f:b6:41:57:99:38:2b:2b:
                    01:75:75:88:23:13:1a:6e:76:41:f8:55:69:8c:6f:
                    74:0a:76:8c:06:c2:94:9f:5a:1d:41:88:63:d4:93:
                    16:dc:ff:60:34:dc:33:a5:a6:56:ad:a0:c6:79:72:
                    49:c6:81:a1:fc:03:e5:aa:8e:a6:b6:25:9e:43:91:
                    f5:16:c2:4e:b3:d9:7d:77:2c:fc:8a:20:33:7e:42:
                    bd:af:e9:91:27:1e:e2:c9:a2:3a:59:37:8c:5f:43:
                    f8:37:f3:db:f0:cd:74:09:2a:af:48:b6:4f:9b:03:
                    be:b6:20:e4:68:52:00:76:fe:fe:79:b2:ef:7d:b0:
                    e1:96:9c:e1:41:3f:e7:f8:f8:b0:59:b3:18:da:91:
                    55:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:53:92:37:94:55:95:AD:CD:57:C0:90:C2:57:24:5D:D5:7D:D5:DF
            X509v3 Authority Key Identifier:
                keyid:69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.84.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:b9:14:fb:9c:16:f3:20:9a:54:5f:04:0b:66:f3:c1:b0:9d:
         ea:8e:c3:61:e5:1d:f5:d8:75:8f:f9:12:76:c4:46:58:8a:7c:
         86:3a:11:95:b4:83:44:db:bf:df:fc:54:bb:53:97:1f:12:18:
         67:f0:be:bd:bf:e1:7d:d4:10:4f:22:26:86:af:00:d1:16:f1:
         f4:8d:33:b9:b7:52:41:1f:1f:1d:32:f0:2c:30:c5:08:61:cb:
         6e:17:4c:0c:29:85:1e:27:18:14:5e:b1:c8:5a:44:08:57:e0:
         89:76:90:52:4e:2a:59:eb:20:04:58:f9:e8:3a:34:e5:05:1c:
         24:ec:f5:aa:cc:79:94:66:f4:fe:85:ba:6f:6e:2e:8a:fe:9a:
         0e:28:fe:06:43:c1:08:08:81:e2:1b:6e:8d:89:a0:59:c7:e4:
         2b:ff:56:2b:3a:d4:cd:5c:e9:e2:2a:d1:98:30:bc:ae:f7:ab:
         30:2f:4b:f5:8c:db:26:20:63:8a:24:a6:08:ca:ed:55:bf:51:
         3d:e5:05:b1:0a:28:19:72:7d:6f:8c:6a:32:1c:c4:88:4b:4d:
         b3:7f:9e:d7:79:d9:fa:ef:cd:c8:c9:01:fe:26:1e:c8:57:93:
         e5:bc:ff:be:53:98:cd:40:32:3f:99:a3:51:97:58:48:31:8b:
         82:33:f5:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRrUBUU0VuWC9wzJQiQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkNDc5MzVlMTEzN2Q1NDQ0MjZkYjUyODhlMTJhOWMw
MjVhYzIwHhcNMjQwMTAyMDAzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUzOTIzNzk0NTU5NWFkY2Q1N2MwOTBjMjU3MjQ1ZGQ1N2RkNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr9pY0PPlbO4UlJ/IMJ2feOvTyl1
WWC23CFTr9CWFspWBCQoIBH4l37s5JiH5keJ6ezY0VUuqptfP7g7rrUUupb8natM
AIrRTgDh3R2yBhKpn1t+FgriHZQKF6QDDzpYzNBFsNPmLb0voYikGwtpX7ZBV5k4
KysBdXWIIxMabnZB+FVpjG90CnaMBsKUn1odQYhj1JMW3P9gNNwzpaZWraDGeXJJ
xoGh/APlqo6mtiWeQ5H1FsJOs9l9dyz8iiAzfkK9r+mRJx7iyaI6WTeMX0P4N/Pb
8M10CSqvSLZPmwO+tiDkaFIAdv7+ebLvfbDhlpzhQT/n+PiwWbMY2pFVBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONTkjeUVZWtzVfAkMJXJF3VfdXfMB8GA1UdIwQY
MBaAFGmH1Hk14RN9VEQm21KI4SqcAlrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1Zjgt
OWM5NTM1OTRkNmIxLzEvNDFPU041UlZsYTNOVjhDUXdsY2tYZFY5MWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIx
LzEvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwVQEMA0G
CSqGSIb3DQEBCwUAA4IBAQBiuRT7nBbzIJpUXwQLZvPBsJ3qjsNh5R312HWP+RJ2
xEZYinyGOhGVtINE27/f/FS7U5cfEhhn8L69v+F91BBPIiaGrwDRFvH0jTO5t1JB
Hx8dMvAsMMUIYctuF0wMKYUeJxgUXrHIWkQIV+CJdpBSTipZ6yAEWPnoOjTlBRwk
7PWqzHmUZvT+hbpvbi6K/poOKP4GQ8EICIHiG26NiaBZx+Qr/1YrOtTNXOniKtGY
MLyu96swL0v1jNsmIGOKJKYIyu1Vv1E95QWxCigZcn1vjGoyHMSIS02zf57Xedn6
783IyQH+Jh7IV5PlvP++U5jNQDI/maNRl1hIMYuCM/XA
-----END CERTIFICATE-----
Generated at Thu May 2 15:49:36 2024 by rpki-client on console-ams.rpki-client.org