Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa
File:                     xPALUfluhc3M1pU60G36RtHocpA.roa (raw, json)
Hash identifier:          wRwFSHaQORk1ykv79GhYTCI3NoOPBL8jK/cotxCEkRo=
Subject key identifier:   C4:F0:0B:51:F9:6E:85:CD:CC:D6:95:3A:D0:6D:FA:46:D1:E8:72:90
Certificate issuer:       /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial:       018CC26D06610CD1EEDCFA12B32C54CE9DB0
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa
Signing time:             Mon 01 Jan 2024 00:29:33 +0000
ROA not before:           Mon 01 Jan 2024 00:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     11426
IP address blocks:        45.81.26.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 May 2024 06:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:06:61:0c:d1:ee:dc:fa:12:b3:2c:54:ce:9d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
        Validity
            Not Before: Jan  1 00:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c4f00b51f96e85cdccd6953ad06dfa46d1e87290
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:23:10:9a:e2:09:6c:51:16:97:58:74:d5:db:
                    c3:60:cc:39:04:1e:b9:bd:e1:61:be:a1:6d:ae:31:
                    e0:b1:b9:52:ce:60:50:6d:23:04:40:cb:ae:17:40:
                    cd:2e:78:c3:72:27:17:ac:f7:75:ab:b4:10:c9:fc:
                    08:b3:5c:23:ed:d8:01:44:b0:56:95:54:a7:40:d1:
                    cc:73:23:9b:e8:59:0c:06:2c:f7:af:93:bb:39:97:
                    65:ad:75:db:a2:57:34:82:7c:af:cb:a2:26:db:5e:
                    1d:22:f6:30:b4:d3:06:93:19:0b:50:5e:1f:13:ad:
                    36:5e:5e:c0:8b:52:21:af:0e:03:8e:30:04:e5:63:
                    47:26:ef:80:d8:fc:46:ab:86:04:46:7c:98:10:c4:
                    df:ce:4c:0b:52:02:52:32:d8:a1:2a:7c:73:01:be:
                    71:81:66:3a:e2:93:e0:33:8c:51:6a:a4:b0:5f:f3:
                    3f:f8:09:a5:19:97:0b:be:33:22:be:66:2d:2b:c7:
                    1b:07:f9:d8:65:d5:2f:c9:34:9c:4c:05:01:2e:b3:
                    e1:b9:86:3f:eb:4f:79:fc:bf:28:df:c4:9c:1e:d3:
                    86:19:35:28:c2:a3:1c:96:15:b2:80:75:f5:c1:aa:
                    56:0c:36:45:24:2a:e6:ac:7a:26:21:48:92:e6:44:
                    3e:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:F0:0B:51:F9:6E:85:CD:CC:D6:95:3A:D0:6D:FA:46:D1:E8:72:90
            X509v3 Authority Key Identifier:
                keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:5c:01:35:cb:86:13:b3:c3:f0:88:07:94:98:21:f8:77:16:
         bd:9a:a3:a4:44:5a:b1:6e:bc:1b:ab:b6:4a:ee:d4:a8:05:4a:
         6b:e8:97:37:91:dd:94:f1:ac:36:49:7a:f2:56:c2:d4:80:73:
         8d:8e:2c:af:e8:92:63:95:e5:fd:f8:ca:a6:9a:96:91:75:54:
         15:97:b1:22:8e:00:59:10:73:3f:e5:67:5e:5e:c5:a4:07:05:
         7c:59:79:42:65:78:b6:42:79:05:d7:1e:75:34:c9:72:c7:78:
         b7:4b:17:8c:b2:93:77:f6:82:39:d0:79:5e:60:48:08:d0:e9:
         1c:1e:77:07:7c:de:e6:b4:83:c2:9a:d8:38:27:0d:45:05:db:
         db:c4:09:ae:77:0f:46:8b:13:08:a9:15:4a:02:c9:89:99:91:
         72:30:c9:0b:19:0b:43:86:ad:9a:dd:14:f6:39:43:47:d2:b8:
         4f:77:74:91:63:48:47:27:a2:b7:5e:5b:85:e0:0a:65:7b:36:
         09:c9:de:18:86:f7:09:6c:84:41:94:b6:f2:46:8e:e4:45:6c:
         a0:9e:15:41:53:0d:ef:ac:49:d4:38:dd:04:2d:0b:4a:2a:bb:
         85:76:b1:47:0e:91:80:e1:7d:59:3a:4a:ff:92:22:24:01:ec:
         21:5d:a4:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQZhDNHu3PoSsyxUzp2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYwMGI1MWY5NmU4NWNkY2NkNjk1M2FkMDZkZmE0NmQxZTg3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiMQmuIJbFEWl1h01dvDYMw5BB65
veFhvqFtrjHgsblSzmBQbSMEQMuuF0DNLnjDcicXrPd1q7QQyfwIs1wj7dgBRLBW
lVSnQNHMcyOb6FkMBiz3r5O7OZdlrXXbolc0gnyvy6Im214dIvYwtNMGkxkLUF4f
E602Xl7Ai1Ihrw4DjjAE5WNHJu+A2PxGq4YERnyYEMTfzkwLUgJSMtihKnxzAb5x
gWY64pPgM4xRaqSwX/M/+AmlGZcLvjMivmYtK8cbB/nYZdUvyTScTAUBLrPhuYY/
6095/L8o38ScHtOGGTUowqMclhWygHX1wapWDDZFJCrmrHomIUiS5kQ+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTwC1H5boXNzNaVOtBt+kbR6HKQMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEveFBBTFVmbHVoYzNNMXBVNjBHMzZSdEhvY3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVEaMA0G
CSqGSIb3DQEBCwUAA4IBAQBQXAE1y4YTs8PwiAeUmCH4dxa9mqOkRFqxbrwbq7ZK
7tSoBUpr6Jc3kd2U8aw2SXryVsLUgHONjiyv6JJjleX9+MqmmpaRdVQVl7EijgBZ
EHM/5WdeXsWkBwV8WXlCZXi2QnkF1x51NMlyx3i3SxeMspN39oI50HleYEgI0Okc
HncHfN7mtIPCmtg4Jw1FBdvbxAmudw9GixMIqRVKAsmJmZFyMMkLGQtDhq2a3RT2
OUNH0rhPd3SRY0hHJ6K3XluF4AplezYJyd4YhvcJbIRBlLbyRo7kRWygnhVBUw3v
rEnUON0ELQtKKruFdrFHDpGA4X1ZOkr/kiIkAewhXaQ2
-----END CERTIFICATE-----
Generated at Tue Apr 30 11:32:36 2024 by rpki-client on console-fra.rpki-client.org