Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/4HFTtP0e7E8r28tOGbp6vkNsnm4.roa
File:                     4HFTtP0e7E8r28tOGbp6vkNsnm4.roa (raw, json)
Hash identifier:          1jYRuu3ag2qh5tF4jIXjq574fA6AuM78+YA0A6uTX9I=
Subject key identifier:   E0:71:53:B4:FD:1E:EC:4F:2B:DB:CB:4E:19:BA:7A:BE:43:6C:9E:6E
Certificate issuer:       /CN=14d94a6b30920d1f7a2d15171b508f92266476e3
Certificate serial:       018CC726722614DA5A434306F0C7A9AFDC31
Authority key identifier: 14:D9:4A:6B:30:92:0D:1F:7A:2D:15:17:1B:50:8F:92:26:64:76:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FNlKazCSDR96LRUXG1CPkiZkduM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/4HFTtP0e7E8r28tOGbp6vkNsnm4.roa
Signing time:             Mon 01 Jan 2024 22:30:34 +0000
ROA not before:           Mon 01 Jan 2024 22:30:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1103
IP address blocks:        136.231.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/FNlKazCSDR96LRUXG1CPkiZkduM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/FNlKazCSDR96LRUXG1CPkiZkduM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FNlKazCSDR96LRUXG1CPkiZkduM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:72:26:14:da:5a:43:43:06:f0:c7:a9:af:dc:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14d94a6b30920d1f7a2d15171b508f92266476e3
        Validity
            Not Before: Jan  1 22:30:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e07153b4fd1eec4f2bdbcb4e19ba7abe436c9e6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:3f:13:e0:e1:85:30:64:77:97:0a:83:4d:4f:
                    f7:7f:00:19:d0:94:73:04:65:de:fc:c6:8a:b9:96:
                    de:41:45:1e:b6:26:92:b3:4d:2c:82:78:06:02:ba:
                    64:6d:37:c0:0a:41:42:ff:c4:a7:b0:0e:2f:4b:8a:
                    30:63:05:5b:61:9b:76:a3:32:ac:46:58:4e:6e:3b:
                    1c:94:43:59:6e:6c:ec:5d:b0:6b:cd:2b:ee:1c:0f:
                    69:f9:6e:71:91:cb:70:7f:37:cc:f3:e3:b1:62:f8:
                    b0:61:7c:b9:58:8d:66:16:39:30:73:2f:0e:83:3f:
                    83:7f:4c:91:d0:87:0d:87:fa:60:eb:97:15:f6:79:
                    db:e4:c1:bd:3e:7f:26:02:f6:cf:bb:0d:bb:71:8f:
                    30:71:43:c5:01:df:84:b9:07:ce:4e:47:0d:6b:8e:
                    8d:8b:4f:99:39:7e:c2:6d:15:ad:79:d9:89:fb:a4:
                    5d:81:c4:cb:ab:62:95:d2:96:de:f3:ca:e5:1f:dd:
                    30:72:6d:fa:97:d8:88:c5:c3:8a:d5:5d:f2:32:d6:
                    c1:6e:fa:80:cd:50:66:27:a7:1c:20:51:5a:ff:14:
                    33:51:24:20:5f:8d:a8:fc:4a:45:2e:6a:f8:35:d7:
                    72:34:8b:54:18:aa:53:7e:dd:c2:3d:10:b9:27:2d:
                    54:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:71:53:B4:FD:1E:EC:4F:2B:DB:CB:4E:19:BA:7A:BE:43:6C:9E:6E
            X509v3 Authority Key Identifier:
                keyid:14:D9:4A:6B:30:92:0D:1F:7A:2D:15:17:1B:50:8F:92:26:64:76:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNlKazCSDR96LRUXG1CPkiZkduM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/4HFTtP0e7E8r28tOGbp6vkNsnm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e5d5eb-ada0-4d5c-8664-f2b22c69d5fc/1/FNlKazCSDR96LRUXG1CPkiZkduM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.231.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         41:6e:73:bc:f5:a4:52:96:72:12:68:b8:29:63:de:f4:24:a3:
         8d:d3:b9:fc:4b:2b:c6:05:0c:04:c8:5c:61:00:22:bf:ce:71:
         ce:a1:e7:28:3c:e4:30:d2:04:0f:1e:5b:fb:e5:4b:62:53:ca:
         4d:b5:46:08:0a:73:d4:cd:fd:1d:c1:df:5b:f7:1b:8a:af:e3:
         2a:91:13:b3:41:f1:7f:56:20:fc:50:b7:3a:f0:db:80:75:75:
         8e:60:10:06:18:81:61:43:64:0b:dc:0a:d0:3d:70:9d:e8:4e:
         9d:f1:a6:c4:53:71:c7:c6:a8:78:fb:41:8e:a6:9c:74:9a:e6:
         75:a3:22:d2:3d:58:01:06:70:af:8b:03:e2:15:c5:78:12:ed:
         0e:77:47:e7:2d:76:94:e0:67:72:3d:c9:2d:87:01:90:46:56:
         38:cc:00:ec:dd:06:9e:01:07:2c:79:fe:83:f6:d1:55:9c:2f:
         69:0b:28:58:a7:70:83:ec:29:0c:b0:b5:8f:fa:bc:91:75:02:
         bc:e1:d1:48:17:7e:42:49:73:ce:d9:f9:da:9e:11:91:64:a5:
         fa:6e:bb:7d:64:5c:f2:6c:ea:6a:64:92:7e:b9:30:c5:4a:62:
         c9:a2:3b:12:c4:f9:76:5f:31:37:0d:6f:42:db:33:d7:c8:fd:
         c7:84:54:e4
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzHJnImFNpaQ0MG8Mepr9wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZDk0YTZiMzA5MjBkMWY3YTJkMTUxNzFiNTA4ZjkyMjY2
NDc2ZTMwHhcNMjQwMTAxMjIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDcxNTNiNGZkMWVlYzRmMmJkYmNiNGUxOWJhN2FiZTQzNmM5ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz8T4OGFMGR3lwqDTU/3fwAZ0JRz
BGXe/MaKuZbeQUUetiaSs00sgngGArpkbTfACkFC/8SnsA4vS4owYwVbYZt2ozKs
RlhObjsclENZbmzsXbBrzSvuHA9p+W5xkctwfzfM8+OxYviwYXy5WI1mFjkwcy8O
gz+Df0yR0IcNh/pg65cV9nnb5MG9Pn8mAvbPuw27cY8wcUPFAd+EuQfOTkcNa46N
i0+ZOX7CbRWtedmJ+6RdgcTLq2KV0pbe88rlH90wcm36l9iIxcOK1V3yMtbBbvqA
zVBmJ6ccIFFa/xQzUSQgX42o/EpFLmr4NddyNItUGKpTft3CPRC5Jy1UwwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOBxU7T9HuxPK9vLThm6er5DbJ5uMB8GA1UdIwQY
MBaAFBTZSmswkg0fei0VFxtQj5ImZHbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5sS2F6Q1NEUjk2TFJVWEcxQ1BraVprZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lNWQ1ZWItYWRhMC00ZDVjLTg2NjQt
ZjJiMjJjNjlkNWZjLzEvNEhGVHRQMGU3RThyMjh0T0dicDZ2a05zbm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9lNWQ1ZWItYWRhMC00ZDVjLTg2NjQtZjJiMjJjNjlkNWZj
LzEvRk5sS2F6Q1NEUjk2TFJVWEcxQ1BraVprZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAiOcwDQYJ
KoZIhvcNAQELBQADggEBAEFuc7z1pFKWchJouClj3vQko43TufxLK8YFDATIXGEA
Ir/Occ6h5yg85DDSBA8eW/vlS2JTyk21RggKc9TN/R3B31v3G4qv4yqRE7NB8X9W
IPxQtzrw24B1dY5gEAYYgWFDZAvcCtA9cJ3oTp3xpsRTccfGqHj7QY6mnHSa5nWj
ItI9WAEGcK+LA+IVxXgS7Q53R+ctdpTgZ3I9yS2HAZBGVjjMAOzdBp4BByx5/oP2
0VWcL2kLKFincIPsKQywtY/6vJF1Arzh0UgXfkJJc87Z+dqeEZFkpfpuu31kXPJs
6mpkkn65MMVKYsmiOxLE+XZfMTcNb0LbM9fI/ceEVOQ=
-----END CERTIFICATE-----
Generated at Fri May 17 20:11:39 2024 by rpki-client on console-ams.rpki-client.org