Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/wad0Gxe0FRwFrctxFqO9XSoQP1I.roa
File:                     wad0Gxe0FRwFrctxFqO9XSoQP1I.roa (raw, json)
Hash identifier:          kVoij3plXzul1w2j/mQHxmdNxYtRqOjOS4OPWTTlAAo=
Subject key identifier:   C1:A7:74:1B:17:B4:15:1C:05:AD:CB:71:16:A3:BD:5D:2A:10:3F:52
Certificate issuer:       /CN=4a9d166c6484738972e9b33938165f4489a5168c
Certificate serial:       018CC5DBEEAA2A3A8F90B38EA3842B9F4292
Authority key identifier: 4A:9D:16:6C:64:84:73:89:72:E9:B3:39:38:16:5F:44:89:A5:16:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sp0WbGSEc4ly6bM5OBZfRImlFow.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/wad0Gxe0FRwFrctxFqO9XSoQP1I.roa
Signing time:             Mon 01 Jan 2024 16:29:34 +0000
ROA not before:           Mon 01 Jan 2024 16:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50955
IP address blocks:        83.242.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/Sp0WbGSEc4ly6bM5OBZfRImlFow.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/Sp0WbGSEc4ly6bM5OBZfRImlFow.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sp0WbGSEc4ly6bM5OBZfRImlFow.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:db:ee:aa:2a:3a:8f:90:b3:8e:a3:84:2b:9f:42:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a9d166c6484738972e9b33938165f4489a5168c
        Validity
            Not Before: Jan  1 16:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c1a7741b17b4151c05adcb7116a3bd5d2a103f52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:43:e0:10:24:23:52:38:94:46:69:c1:33:11:
                    39:a8:ec:be:f0:82:27:b2:94:6a:e3:e6:42:bf:40:
                    6b:71:68:f4:42:bf:ef:38:e7:be:0a:e8:cc:8c:87:
                    88:ae:95:38:9a:f3:f5:26:e2:56:4d:7c:b7:1c:23:
                    3c:5a:a9:e5:e7:ff:fc:00:6c:c9:b1:65:82:88:1a:
                    55:9c:a1:6e:96:89:81:36:f9:a1:3d:67:6e:55:9d:
                    5c:cf:19:00:2a:8c:81:a1:c7:ee:51:ed:e9:e2:25:
                    d2:f3:3e:55:9d:68:fc:06:d3:74:0c:02:41:43:15:
                    a7:38:f4:48:21:5c:35:90:96:1c:2e:ae:1d:d0:bb:
                    60:70:7d:25:7c:02:d9:92:86:a6:4f:e5:6d:9a:d8:
                    ef:15:99:66:89:86:3a:f9:8b:96:06:82:4e:4e:4a:
                    7f:d3:e1:29:02:fa:67:5e:ee:c1:37:6e:7f:da:9f:
                    4c:c7:66:31:9c:2f:0b:de:2d:5a:8d:7b:12:99:b4:
                    57:d1:1c:5c:92:9e:1f:13:3a:52:17:0e:fe:61:bc:
                    cc:1f:48:1c:ab:b8:c2:a7:79:b5:b4:84:ad:eb:b7:
                    e6:72:7c:87:97:dc:39:67:a9:4a:c8:9a:ce:a5:8a:
                    cd:d6:5f:8d:fb:8c:97:5d:f7:c3:c4:8f:62:d2:1c:
                    b3:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:A7:74:1B:17:B4:15:1C:05:AD:CB:71:16:A3:BD:5D:2A:10:3F:52
            X509v3 Authority Key Identifier:
                keyid:4A:9D:16:6C:64:84:73:89:72:E9:B3:39:38:16:5F:44:89:A5:16:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sp0WbGSEc4ly6bM5OBZfRImlFow.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/wad0Gxe0FRwFrctxFqO9XSoQP1I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/76c905-e5af-48ae-b7ac-bfa96392ac5d/1/Sp0WbGSEc4ly6bM5OBZfRImlFow.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.242.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:42:70:dc:19:28:51:53:88:8c:a1:53:2a:db:b6:d1:74:5a:
         32:cd:e8:ca:ed:e4:61:7b:4a:cb:b1:23:d4:4c:4b:05:49:f4:
         84:6f:e0:01:54:3e:a2:2e:31:9a:ab:02:dc:e4:53:68:70:ea:
         51:ad:84:d5:b2:93:f3:ca:6f:4d:5b:84:6a:d6:63:8a:7b:07:
         64:d9:44:e7:62:8f:92:0d:0e:dd:f1:ad:4e:72:d9:fb:a6:07:
         f9:02:9f:47:27:1d:92:06:f8:f3:df:ae:c3:7a:0e:bb:d6:e2:
         20:f2:be:0b:9b:1f:7f:ef:6f:58:f6:95:9f:c3:65:84:4c:ed:
         c6:02:67:4d:3c:fc:d3:36:e7:1a:f8:65:e9:51:a9:77:a8:99:
         a6:33:50:78:81:db:03:8e:26:a2:86:24:aa:9c:04:1b:e2:33:
         a6:17:2c:76:d7:78:c8:2e:f7:db:8f:31:76:91:39:c9:d1:82:
         90:3f:5e:b0:1f:7a:7e:68:cd:6d:d0:41:ec:cb:9e:9f:2d:35:
         c4:57:00:b9:73:22:29:d8:3b:99:69:f3:4a:4f:d7:32:76:0a:
         08:c2:08:58:5d:c3:ed:98:90:70:02:0a:70:a3:34:d2:83:a4:
         e0:b8:ea:b4:b2:ee:be:b9:a6:46:a2:e3:65:59:4f:d0:03:60:
         28:25:e2:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+6qKjqPkLOOo4Qrn0KSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWQxNjZjNjQ4NDczODk3MmU5YjMzOTM4MTY1ZjQ0ODlh
NTE2OGMwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE3NzQxYjE3YjQxNTFjMDVhZGNiNzExNmEzYmQ1ZDJhMTAzZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEPgECQjUjiURmnBMxE5qOy+8IIn
spRq4+ZCv0BrcWj0Qr/vOOe+CujMjIeIrpU4mvP1JuJWTXy3HCM8Wqnl5//8AGzJ
sWWCiBpVnKFulomBNvmhPWduVZ1czxkAKoyBocfuUe3p4iXS8z5VnWj8BtN0DAJB
QxWnOPRIIVw1kJYcLq4d0LtgcH0lfALZkoamT+VtmtjvFZlmiYY6+YuWBoJOTkp/
0+EpAvpnXu7BN25/2p9Mx2YxnC8L3i1ajXsSmbRX0Rxckp4fEzpSFw7+YbzMH0gc
q7jCp3m1tISt67fmcnyHl9w5Z6lKyJrOpYrN1l+N+4yXXffDxI9i0hyzHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGndBsXtBUcBa3LcRajvV0qED9SMB8GA1UdIwQY
MBaAFEqdFmxkhHOJcumzOTgWX0SJpRaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3AwV2JHU0VjNGx5NmJNNU9CWmZSSW1sRm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NmM5MDUtZTVhZi00OGFlLWI3YWMt
YmZhOTYzOTJhYzVkLzEvd2FkMEd4ZTBGUndGcmN0eEZxTzlYU29RUDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NmM5MDUtZTVhZi00OGFlLWI3YWMtYmZhOTYzOTJhYzVk
LzEvU3AwV2JHU0VjNGx5NmJNNU9CWmZSSW1sRm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU/JgMA0G
CSqGSIb3DQEBCwUAA4IBAQAiQnDcGShRU4iMoVMq27bRdFoyzejK7eRhe0rLsSPU
TEsFSfSEb+ABVD6iLjGaqwLc5FNocOpRrYTVspPzym9NW4Rq1mOKewdk2UTnYo+S
DQ7d8a1Octn7pgf5Ap9HJx2SBvjz367Deg671uIg8r4Lmx9/729Y9pWfw2WETO3G
AmdNPPzTNuca+GXpUal3qJmmM1B4gdsDjiaihiSqnAQb4jOmFyx213jILvfbjzF2
kTnJ0YKQP16wH3p+aM1t0EHsy56fLTXEVwC5cyIp2DuZafNKT9cydgoIwghYXcPt
mJBwAgpwozTSg6TguOq0su6+uaZGouNlWU/QA2AoJeIm
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:19:54 2024 by rpki-client on console-ams.rpki-client.org