Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/RCrTEPZTCU8Pso24HrOUSnlWM5U.roa
File:                     RCrTEPZTCU8Pso24HrOUSnlWM5U.roa (raw, json)
Hash identifier:          n4J3k0WKddiNPKQ40+B0Z7+zJSHNSYsn/HCl2akhYas=
Subject key identifier:   44:2A:D3:10:F6:53:09:4F:0F:B2:8D:B8:1E:B3:94:4A:79:56:33:95
Certificate issuer:       /CN=e4d271c3fa903a590fdf54899449e698f2e9c632
Certificate serial:       018CC6B8FAB113B6091C21B89B192B5E27B0
Authority key identifier: E4:D2:71:C3:FA:90:3A:59:0F:DF:54:89:94:49:E6:98:F2:E9:C6:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5NJxw_qQOlkP31SJlEnmmPLpxjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/RCrTEPZTCU8Pso24HrOUSnlWM5U.roa
Signing time:             Mon 01 Jan 2024 20:31:00 +0000
ROA not before:           Mon 01 Jan 2024 20:31:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29296
IP address blocks:        193.135.64.0/19 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/5NJxw_qQOlkP31SJlEnmmPLpxjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/5NJxw_qQOlkP31SJlEnmmPLpxjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5NJxw_qQOlkP31SJlEnmmPLpxjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:fa:b1:13:b6:09:1c:21:b8:9b:19:2b:5e:27:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4d271c3fa903a590fdf54899449e698f2e9c632
        Validity
            Not Before: Jan  1 20:31:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=442ad310f653094f0fb28db81eb3944a79563395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:32:ad:65:4d:27:39:2e:d6:bd:dc:f0:d4:2c:
                    23:42:a6:38:66:67:cf:84:74:f6:aa:6a:68:87:a3:
                    4e:17:7f:bc:c2:42:fe:db:01:1f:72:ee:fe:01:80:
                    3d:9a:f8:82:c3:6a:64:f9:6a:36:ef:de:63:df:86:
                    62:f9:2d:c3:40:32:2c:c9:cf:4d:5b:06:86:fe:35:
                    80:c9:ce:89:c8:1f:81:7b:d5:da:7d:47:7a:9b:7a:
                    2e:f6:25:c8:27:3c:2e:69:06:91:09:f1:2e:3c:93:
                    a5:88:a2:0a:c4:d4:3f:cf:11:84:f1:31:f3:10:5a:
                    89:95:66:b7:b1:68:6f:8f:28:17:d3:04:db:d0:52:
                    f7:e0:29:22:e1:e0:ee:97:72:e1:86:1f:79:23:d8:
                    68:32:a8:b9:3a:2a:d1:1e:ab:a3:1d:11:b3:07:1b:
                    28:b9:ab:6e:2d:d9:2f:71:c0:e2:e5:f7:e5:0b:60:
                    f9:ef:5c:60:c4:54:21:67:3d:4e:e5:90:38:f7:04:
                    3a:86:21:52:61:80:54:65:d9:a1:0e:eb:43:23:36:
                    ed:33:82:3c:df:58:a6:a6:12:1f:60:47:73:96:c2:
                    ce:96:89:05:76:66:c2:33:4e:87:a4:2a:16:ce:db:
                    6e:d4:9a:7d:97:c8:c5:ea:8a:be:96:4a:55:e1:a4:
                    95:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:2A:D3:10:F6:53:09:4F:0F:B2:8D:B8:1E:B3:94:4A:79:56:33:95
            X509v3 Authority Key Identifier:
                keyid:E4:D2:71:C3:FA:90:3A:59:0F:DF:54:89:94:49:E6:98:F2:E9:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5NJxw_qQOlkP31SJlEnmmPLpxjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/RCrTEPZTCU8Pso24HrOUSnlWM5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/897092-0750-4d96-b32f-5f205236de1f/1/5NJxw_qQOlkP31SJlEnmmPLpxjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         3c:11:a5:0c:c3:aa:33:ac:57:42:79:ad:50:89:8c:32:02:ca:
         d7:a0:8a:65:95:d5:b7:1c:af:60:22:a0:93:07:a0:30:96:f1:
         9d:40:a3:19:7a:ba:8d:a1:ad:7c:ac:a2:73:1b:c1:a9:b7:00:
         f8:ac:1c:60:c9:19:ad:3e:12:4f:7e:8c:bf:4d:70:57:a8:b1:
         25:08:3e:e4:36:89:65:8a:dc:be:7a:9c:fc:8a:e7:c7:4d:40:
         2c:cd:2f:ab:55:dc:78:38:dd:5a:78:d2:95:22:bc:b7:55:7e:
         43:23:97:6e:fc:b6:63:fb:91:12:62:89:8d:74:5c:d9:44:35:
         e3:06:16:5d:e6:c3:af:e0:58:00:7c:87:10:ac:ae:03:1a:fe:
         94:22:76:3c:79:2b:b3:7a:f4:64:86:df:71:91:f6:51:6c:fa:
         33:a8:fd:75:08:a0:1a:51:ed:55:38:e0:bc:91:74:d6:c8:b9:
         3c:d7:88:73:4c:b7:44:73:fe:37:44:11:05:a0:3e:b6:d8:5f:
         31:2f:94:f5:a3:67:93:93:5b:b2:84:e4:98:59:51:c3:ef:b3:
         d5:f6:60:78:e6:a5:e5:8f:14:61:61:44:c1:b2:be:75:0d:f6:
         e6:3c:a3:99:1b:2a:8c:11:06:48:74:83:ea:da:ab:fe:d4:e2:
         ce:42:c1:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuPqxE7YJHCG4mxkrXiewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZDI3MWMzZmE5MDNhNTkwZmRmNTQ4OTk0NDllNjk4ZjJl
OWM2MzIwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJhZDMxMGY2NTMwOTRmMGZiMjhkYjgxZWIzOTQ0YTc5NTYzMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDKtZU0nOS7Wvdzw1CwjQqY4ZmfP
hHT2qmpoh6NOF3+8wkL+2wEfcu7+AYA9mviCw2pk+Wo2795j34Zi+S3DQDIsyc9N
WwaG/jWAyc6JyB+Be9XafUd6m3ou9iXIJzwuaQaRCfEuPJOliKIKxNQ/zxGE8THz
EFqJlWa3sWhvjygX0wTb0FL34Cki4eDul3Lhhh95I9hoMqi5OirRHqujHRGzBxso
uatuLdkvccDi5fflC2D571xgxFQhZz1O5ZA49wQ6hiFSYYBUZdmhDutDIzbtM4I8
31imphIfYEdzlsLOlokFdmbCM06HpCoWzttu1Jp9l8jF6oq+lkpV4aSVRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQq0xD2UwlPD7KNuB6zlEp5VjOVMB8GA1UdIwQY
MBaAFOTSccP6kDpZD99UiZRJ5pjy6cYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU5KeHdfcVFPbGtQMzFTSmxFbm1tUExweGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC84OTcwOTItMDc1MC00ZDk2LWIzMmYt
NWYyMDUyMzZkZTFmLzEvUkNyVEVQWlRDVThQc28yNEhyT1VTbmxXTTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC84OTcwOTItMDc1MC00ZDk2LWIzMmYtNWYyMDUyMzZkZTFm
LzEvNU5KeHdfcVFPbGtQMzFTSmxFbm1tUExweGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwYdAMA0G
CSqGSIb3DQEBCwUAA4IBAQA8EaUMw6ozrFdCea1QiYwyAsrXoIplldW3HK9gIqCT
B6AwlvGdQKMZerqNoa18rKJzG8GptwD4rBxgyRmtPhJPfoy/TXBXqLElCD7kNoll
ity+epz8iufHTUAszS+rVdx4ON1aeNKVIry3VX5DI5du/LZj+5ESYomNdFzZRDXj
BhZd5sOv4FgAfIcQrK4DGv6UInY8eSuzevRkht9xkfZRbPozqP11CKAaUe1VOOC8
kXTWyLk814hzTLdEc/43RBEFoD622F8xL5T1o2eTk1uyhOSYWVHD77PV9mB45qXl
jxRhYUTBsr51DfbmPKOZGyqMEQZIdIPq2qv+1OLOQsEu
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:07 2024 by rpki-client on console-fra.rpki-client.org