Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/cVoXtKJjBYejaHcIkreC8fiAzw8.roa
File:                     cVoXtKJjBYejaHcIkreC8fiAzw8.roa (raw, json)
Hash identifier:          zu0wQMAYmkjyRFbl7WmsMEkHNOxUd3ydo1ZOqpQFQKQ=
Subject key identifier:   71:5A:17:B4:A2:63:05:87:A3:68:77:08:92:B7:82:F1:F8:80:CF:0F
Certificate issuer:       /CN=c4d8c1985c50c7ead4cfd8d3a93d63e5611f6fb6
Certificate serial:       018CC7276FD0CD94D8ABBF504FAD430472F3
Authority key identifier: C4:D8:C1:98:5C:50:C7:EA:D4:CF:D8:D3:A9:3D:63:E5:61:1F:6F:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/cVoXtKJjBYejaHcIkreC8fiAzw8.roa
Signing time:             Mon 01 Jan 2024 22:31:39 +0000
ROA not before:           Mon 01 Jan 2024 22:31:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50304
IP address blocks:        62.176.216.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 10:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:6f:d0:cd:94:d8:ab:bf:50:4f:ad:43:04:72:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4d8c1985c50c7ead4cfd8d3a93d63e5611f6fb6
        Validity
            Not Before: Jan  1 22:31:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=715a17b4a2630587a368770892b782f1f880cf0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:46:1c:79:d2:51:12:c0:c1:00:83:1c:db:0c:
                    fb:3c:8d:fc:d7:0c:87:15:bc:73:3b:fa:aa:60:3c:
                    b5:75:ee:12:92:4a:c6:e2:a6:a9:bd:28:0c:b1:0e:
                    7f:c6:22:93:09:56:bd:b5:e5:6f:5d:8e:d1:dc:ce:
                    6e:cd:68:3e:14:7e:ee:40:64:06:3e:de:cf:19:76:
                    3b:16:77:11:5a:a1:af:5c:e8:c6:e7:71:9f:67:8a:
                    3b:f1:0e:ef:b1:d3:8a:9d:b6:64:bc:fb:08:08:f6:
                    e7:89:75:05:7d:24:42:74:24:86:85:30:c9:6e:95:
                    85:a6:01:3a:47:6a:9c:97:8d:28:53:91:16:f9:e2:
                    bd:be:2f:2e:ba:99:f6:75:a1:72:20:82:04:a4:38:
                    45:b5:50:89:eb:81:dd:27:02:ab:ea:11:a5:6e:98:
                    13:0a:9d:4a:23:dd:8f:9b:7e:f8:d5:03:45:7f:ec:
                    23:b6:81:de:7f:eb:67:ea:13:9b:71:0a:a3:c1:15:
                    93:53:27:e7:90:50:91:20:d4:3c:32:00:fd:6f:11:
                    bc:b5:9d:cd:dc:61:da:a6:34:25:d9:43:6d:57:ae:
                    3a:48:0b:f9:a0:7c:58:26:87:9b:37:3e:f9:0b:09:
                    25:a4:65:10:71:0b:1a:73:b1:1e:08:47:7d:ff:27:
                    0a:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:5A:17:B4:A2:63:05:87:A3:68:77:08:92:B7:82:F1:F8:80:CF:0F
            X509v3 Authority Key Identifier:
                keyid:C4:D8:C1:98:5C:50:C7:EA:D4:CF:D8:D3:A9:3D:63:E5:61:1F:6F:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/cVoXtKJjBYejaHcIkreC8fiAzw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/77d607-7d7c-4589-aff7-2fda97079c01/1/xNjBmFxQx-rUz9jTqT1j5WEfb7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.176.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3c:1d:2d:45:32:7e:c1:6e:aa:78:ba:f3:22:53:a9:d6:0b:90:
         ef:03:a7:83:91:5d:09:08:30:33:bb:f5:4c:dd:bb:70:d5:ea:
         9e:3f:fd:69:85:ad:92:4a:75:07:d9:c2:8c:46:7d:c0:e3:78:
         14:73:28:4d:5e:f2:b0:63:63:7f:af:83:f8:ca:7d:19:bb:c1:
         78:1b:e5:be:77:58:63:2b:a7:b4:bc:6c:a9:04:4a:51:a1:6b:
         ab:0b:eb:6b:c6:66:6e:52:22:5d:7e:4b:56:3b:29:4c:fa:33:
         37:70:97:1e:d3:bd:d3:77:1e:1e:34:f0:b9:4a:1c:25:be:86:
         9a:ec:c7:e3:2d:7d:53:54:82:92:bf:97:b8:e6:6d:fe:0d:63:
         80:21:80:a8:75:06:da:d9:2b:a4:40:6d:07:1d:91:40:dd:9d:
         c7:98:dc:88:73:96:1f:41:59:ca:12:ae:c1:3d:5f:16:a3:60:
         1b:98:b8:22:cd:39:c4:1e:bd:08:58:64:a9:d8:a3:d2:94:90:
         33:c1:12:5d:84:3e:c0:1f:85:72:64:ae:f0:18:df:cb:21:be:
         46:84:e3:ad:b0:f2:70:c8:d2:73:98:98:28:09:1c:02:b1:41:
         eb:fb:62:03:c7:33:7a:ed:3f:41:47:84:92:70:4a:f4:4c:d5:
         ac:27:dd:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2/QzZTYq79QT61DBHLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZDhjMTk4NWM1MGM3ZWFkNGNmZDhkM2E5M2Q2M2U1NjEx
ZjZmYjYwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTVhMTdiNGEyNjMwNTg3YTM2ODc3MDg5MmI3ODJmMWY4ODBjZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkYcedJREsDBAIMc2wz7PI381wyH
FbxzO/qqYDy1de4SkkrG4qapvSgMsQ5/xiKTCVa9teVvXY7R3M5uzWg+FH7uQGQG
Pt7PGXY7FncRWqGvXOjG53GfZ4o78Q7vsdOKnbZkvPsICPbniXUFfSRCdCSGhTDJ
bpWFpgE6R2qcl40oU5EW+eK9vi8uupn2daFyIIIEpDhFtVCJ64HdJwKr6hGlbpgT
Cp1KI92Pm3741QNFf+wjtoHef+tn6hObcQqjwRWTUyfnkFCRINQ8MgD9bxG8tZ3N
3GHapjQl2UNtV646SAv5oHxYJoebNz75CwklpGUQcQsac7EeCEd9/ycK2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFaF7SiYwWHo2h3CJK3gvH4gM8PMB8GA1UdIwQY
MBaAFMTYwZhcUMfq1M/Y06k9Y+VhH2+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE5qQm1GeFF4LXJVejlqVHFUMWo1V0VmYjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83N2Q2MDctN2Q3Yy00NTg5LWFmZjct
MmZkYTk3MDc5YzAxLzEvY1ZvWHRLSmpCWWVqYUhjSWtyZUM4ZmlBenc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83N2Q2MDctN2Q3Yy00NTg5LWFmZjctMmZkYTk3MDc5YzAx
LzEveE5qQm1GeFF4LXJVejlqVHFUMWo1V0VmYjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPrDYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8HS1FMn7Bbqp4uvMiU6nWC5DvA6eDkV0JCDAzu/VM
3btw1eqeP/1pha2SSnUH2cKMRn3A43gUcyhNXvKwY2N/r4P4yn0Zu8F4G+W+d1hj
K6e0vGypBEpRoWurC+trxmZuUiJdfktWOylM+jM3cJce073Tdx4eNPC5Shwlvoaa
7MfjLX1TVIKSv5e45m3+DWOAIYCodQba2SukQG0HHZFA3Z3HmNyIc5YfQVnKEq7B
PV8Wo2AbmLgizTnEHr0IWGSp2KPSlJAzwRJdhD7AH4VyZK7wGN/LIb5GhOOtsPJw
yNJzmJgoCRwCsUHr+2IDxzN67T9BR4SScEr0TNWsJ90r
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:27:10 2024 by rpki-client on console-fra.rpki-client.org