Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/c1SVheVU37rUuZvatBaUj8cqUEo.roa
File:                     c1SVheVU37rUuZvatBaUj8cqUEo.roa (raw, json)
Hash identifier:          T7WhKx5s6xIUUCPNQzthz1B9pNZd+zCEGCergXP6IRE=
Subject key identifier:   73:54:95:85:E5:54:DF:BA:D4:B9:9B:DA:B4:16:94:8F:C7:2A:50:4A
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       018CC26D5C507F08E22F0CA2D9079149A331
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/c1SVheVU37rUuZvatBaUj8cqUEo.roa
Signing time:             Mon 01 Jan 2024 00:29:56 +0000
ROA not before:           Mon 01 Jan 2024 00:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51987
IP address blocks:        62.73.95.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 01 Nov 2024 13:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:5c:50:7f:08:e2:2f:0c:a2:d9:07:91:49:a3:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 00:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=73549585e554dfbad4b99bdab416948fc72a504a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:89:f9:da:63:21:63:1c:0f:3d:4a:8e:36:d2:
                    de:f8:66:d1:d2:f8:05:3c:47:31:6c:f0:f7:55:52:
                    0c:a2:e7:52:9f:ca:a8:a7:73:04:b7:6b:66:28:30:
                    b7:fd:b4:24:a9:e8:e9:5c:10:f0:5e:78:4d:8e:25:
                    f1:63:60:1d:0c:e5:b5:01:96:29:d8:be:52:a3:2a:
                    fc:7b:b4:3e:57:c3:1d:7e:fc:fe:3e:25:ae:e6:2e:
                    7a:68:37:a9:c4:f3:fb:aa:59:1c:d0:4a:61:86:62:
                    f6:4e:63:7a:b8:2a:b4:a1:94:fe:5c:03:f9:2b:38:
                    af:d9:e2:17:48:ea:e4:9f:f8:56:40:08:4b:7b:72:
                    7a:70:0a:ce:28:d0:52:8e:ea:8a:aa:d8:ea:cd:94:
                    b8:be:f1:bc:fb:d5:80:39:3b:34:95:3a:10:1c:10:
                    34:0e:84:f8:e0:24:08:b3:29:51:5a:a8:86:0d:e8:
                    4d:9d:c1:49:28:ed:fc:ca:05:4d:15:46:a5:5e:cb:
                    2a:9c:56:dc:c5:0b:96:da:05:67:b1:df:ca:d4:55:
                    6f:e1:4a:ca:a4:8c:23:52:3d:a4:0d:ad:ce:91:0f:
                    60:29:0e:4b:b5:73:97:5b:8c:63:64:94:a3:d5:01:
                    20:57:bd:3f:31:e1:c8:21:64:57:4c:21:16:e4:53:
                    89:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:54:95:85:E5:54:DF:BA:D4:B9:9B:DA:B4:16:94:8F:C7:2A:50:4A
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/c1SVheVU37rUuZvatBaUj8cqUEo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.73.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:30:d4:35:5c:a9:56:f7:84:ff:aa:9b:a3:96:d8:90:94:f2:
         96:59:25:33:27:85:65:0c:bf:75:dd:9d:6c:2f:b2:4d:98:6a:
         3e:0f:be:e7:cd:92:e8:bd:7e:1b:5a:dc:d7:58:6f:ab:bd:da:
         15:63:31:0b:11:cb:ed:44:b4:b5:45:4a:1e:64:2c:e9:ec:f9:
         9b:db:58:58:bc:34:16:f4:ee:32:0f:4a:4f:2c:7d:19:1e:39:
         c7:65:86:6b:77:cb:12:2e:67:20:a9:f8:ea:f4:21:31:a9:ff:
         57:0c:a0:31:77:b1:4e:05:67:29:3f:3f:ac:dc:52:93:bf:62:
         eb:d5:2b:bd:60:2b:a3:41:6f:65:35:ec:50:ec:90:2c:e9:39:
         59:ab:4d:ff:5d:d8:fc:a2:b9:92:5d:45:81:15:63:86:5e:2d:
         ae:c4:f8:25:6c:50:04:4f:d1:fc:87:6c:b6:c9:9a:0f:d9:3d:
         c6:bf:e6:45:ff:26:86:07:86:28:c5:32:7e:6a:dc:c4:24:c0:
         f9:38:ee:90:17:0c:e9:90:dc:ac:5c:6e:07:cd:36:8d:da:63:
         f3:59:ea:52:5b:99:6b:fb:23:3f:dc:f1:c6:49:97:34:9d:1e:
         ec:89:60:e6:2e:fd:17:dc:37:ea:16:16:33:9f:b1:54:fb:c2:
         e2:11:09:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVxQfwjiLwyi2QeRSaMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU0OTU4NWU1NTRkZmJhZDRiOTliZGFiNDE2OTQ4ZmM3MmE1MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqon52mMhYxwPPUqONtLe+GbR0vgF
PEcxbPD3VVIMoudSn8qop3MEt2tmKDC3/bQkqejpXBDwXnhNjiXxY2AdDOW1AZYp
2L5Soyr8e7Q+V8Mdfvz+PiWu5i56aDepxPP7qlkc0EphhmL2TmN6uCq0oZT+XAP5
Kziv2eIXSOrkn/hWQAhLe3J6cArOKNBSjuqKqtjqzZS4vvG8+9WAOTs0lToQHBA0
DoT44CQIsylRWqiGDehNncFJKO38ygVNFUalXssqnFbcxQuW2gVnsd/K1FVv4UrK
pIwjUj2kDa3OkQ9gKQ5LtXOXW4xjZJSj1QEgV70/MeHIIWRXTCEW5FOJWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNUlYXlVN+61Lmb2rQWlI/HKlBKMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYzFTVmhlVlUzN3JVdVp2YXRCYVVqOGNxVUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPklfMA0G
CSqGSIb3DQEBCwUAA4IBAQA5MNQ1XKlW94T/qpujltiQlPKWWSUzJ4VlDL913Z1s
L7JNmGo+D77nzZLovX4bWtzXWG+rvdoVYzELEcvtRLS1RUoeZCzp7Pmb21hYvDQW
9O4yD0pPLH0ZHjnHZYZrd8sSLmcgqfjq9CExqf9XDKAxd7FOBWcpPz+s3FKTv2Lr
1Su9YCujQW9lNexQ7JAs6TlZq03/Xdj8ormSXUWBFWOGXi2uxPglbFAET9H8h2y2
yZoP2T3Gv+ZF/yaGB4YoxTJ+atzEJMD5OO6QFwzpkNysXG4HzTaN2mPzWepSW5lr
+yM/3PHGSZc0nR7siWDmLv0X3DfqFhYzn7FU+8LiEQkW
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:05:29 2024 by rpki-client on console-ams.rpki-client.org