Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/4Tgk9okg8m6RmD2HDF9TBzEzmno.roa
File:                     4Tgk9okg8m6RmD2HDF9TBzEzmno.roa (raw, json)
Hash identifier:          un+gzT3az6wOUI0ZSVT9XfALXhMiq3rWbGscId7/kTo=
Subject key identifier:   E1:38:24:F6:89:20:F2:6E:91:98:3D:87:0C:5F:53:07:31:33:9A:7A
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       018CC9BC6D2F46A5CAF4559D561D30FA21CF
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/4Tgk9okg8m6RmD2HDF9TBzEzmno.roa
Signing time:             Tue 02 Jan 2024 10:33:38 +0000
ROA not before:           Tue 02 Jan 2024 10:33:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        185.36.140.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 19:02:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:6d:2f:46:a5:ca:f4:55:9d:56:1d:30:fa:21:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Jan  2 10:33:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e13824f68920f26e91983d870c5f530731339a7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:77:21:86:27:c2:5b:55:55:3b:bc:5b:1f:21:
                    70:9b:b8:f8:e5:f5:1c:12:25:db:38:f4:dd:71:ff:
                    ab:d1:73:1f:93:cf:b2:8d:25:96:e9:f9:cc:66:77:
                    9e:b5:4f:fb:e4:d6:71:eb:c2:5c:2d:fa:8b:be:77:
                    72:12:1c:b9:f1:e0:53:1a:b0:f2:0e:6d:29:f7:76:
                    5d:81:5d:ff:ac:dc:55:f3:fb:e3:4d:e2:b6:1c:ee:
                    c3:45:da:6c:59:c2:e2:c2:8c:ef:73:7f:b3:30:c7:
                    a5:65:55:0a:1f:50:fb:8d:f3:cb:0c:39:88:c5:25:
                    6e:ed:70:33:76:c7:4c:6b:7a:01:0b:83:39:c9:2b:
                    7e:52:2f:60:ac:91:bb:14:2b:a6:41:cf:65:55:bd:
                    e2:0a:91:86:18:0a:40:af:a6:ad:ea:8c:f9:be:26:
                    db:2d:ac:f2:9b:1b:55:24:fc:d9:f9:10:09:c8:0f:
                    66:73:41:61:14:ff:3e:fa:1b:ae:d7:22:d5:ef:ef:
                    36:d6:b7:1c:36:d6:24:fd:e8:16:58:a8:2e:ca:15:
                    42:56:85:4d:24:0f:91:b8:13:c4:9d:9f:85:72:7c:
                    44:4f:92:52:0c:ce:54:12:5b:f3:a0:c3:37:8c:20:
                    7a:2d:d5:84:b6:1c:e9:ea:e9:2f:ec:37:88:df:17:
                    f0:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:38:24:F6:89:20:F2:6E:91:98:3D:87:0C:5F:53:07:31:33:9A:7A
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/4Tgk9okg8m6RmD2HDF9TBzEzmno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:4b:49:f0:f9:a1:b8:2a:7f:87:02:ec:9a:18:59:90:d0:79:
         e5:1e:b7:67:d1:aa:08:6a:37:d8:73:32:d2:cf:d8:83:b2:74:
         1c:d8:90:01:4a:86:a4:3d:6d:6b:cb:34:44:f0:58:2a:54:4c:
         5a:48:8c:b2:25:b2:99:92:d3:73:67:0e:c9:8e:00:b3:7b:79:
         ea:74:2b:15:db:45:40:1f:97:b7:5d:42:65:c8:54:c0:34:29:
         df:26:f9:2c:00:93:f1:16:e5:41:8a:8f:4b:7c:9f:29:82:7f:
         a9:cd:df:75:ed:24:ee:11:89:52:f6:ac:5b:c4:e2:bd:03:e4:
         d9:f2:c8:b8:47:85:25:5a:a7:51:9c:52:d2:4f:e1:3b:5e:e0:
         14:b4:28:ac:04:a5:ed:68:9a:65:28:5d:7b:d8:f8:f2:29:cc:
         20:1b:00:b5:ec:4d:2a:fe:54:e3:c0:a9:b4:1d:64:38:75:62:
         84:5a:b7:3d:81:39:d3:7a:1f:0c:44:d6:db:07:18:83:68:dc:
         4a:58:ad:58:af:87:30:47:5c:ef:d3:78:7c:42:7a:a1:dd:0f:
         0c:fd:b6:ff:9c:c2:ef:c4:32:ac:f2:99:d1:80:99:6a:36:ec:
         f3:66:97:49:e7:66:65:f8:c3:64:f5:6e:10:de:62:12:68:ba:
         06:31:8d:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvG0vRqXK9FWdVh0w+iHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM4MjRmNjg5MjBmMjZlOTE5ODNkODcwYzVmNTMwNzMxMzM5YTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHchhifCW1VVO7xbHyFwm7j45fUc
EiXbOPTdcf+r0XMfk8+yjSWW6fnMZneetU/75NZx68JcLfqLvndyEhy58eBTGrDy
Dm0p93ZdgV3/rNxV8/vjTeK2HO7DRdpsWcLiwozvc3+zMMelZVUKH1D7jfPLDDmI
xSVu7XAzdsdMa3oBC4M5ySt+Ui9grJG7FCumQc9lVb3iCpGGGApAr6at6oz5vibb
LazymxtVJPzZ+RAJyA9mc0FhFP8++huu1yLV7+821rccNtYk/egWWKguyhVCVoVN
JA+RuBPEnZ+FcnxET5JSDM5UElvzoMM3jCB6LdWEthzp6ukv7DeI3xfw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOE4JPaJIPJukZg9hwxfUwcxM5p6MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvNFRnazlva2c4bTZSbUQySERGOVRCekV6bW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSSMMA0G
CSqGSIb3DQEBCwUAA4IBAQAxS0nw+aG4Kn+HAuyaGFmQ0HnlHrdn0aoIajfYczLS
z9iDsnQc2JABSoakPW1ryzRE8FgqVExaSIyyJbKZktNzZw7JjgCze3nqdCsV20VA
H5e3XUJlyFTANCnfJvksAJPxFuVBio9LfJ8pgn+pzd917STuEYlS9qxbxOK9A+TZ
8si4R4UlWqdRnFLST+E7XuAUtCisBKXtaJplKF172PjyKcwgGwC17E0q/lTjwKm0
HWQ4dWKEWrc9gTnTeh8MRNbbBxiDaNxKWK1Yr4cwR1zv03h8Qnqh3Q8M/bb/nMLv
xDKs8pnRgJlqNuzzZpdJ52Zl+MNk9W4Q3mISaLoGMY2N
-----END CERTIFICATE-----
Generated at Mon May 6 23:38:31 2024 by rpki-client on console-ams.rpki-client.org