Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J-eT-AR-7tPZ7nQpb3ROHROZyXU.roa
File:                     J-eT-AR-7tPZ7nQpb3ROHROZyXU.roa (raw, json)
Hash identifier:          EvecLGXNC4EC0+BcibVvVbYuE1V9yfjQw5d6M5AJV28=
Subject key identifier:   27:E7:93:F8:04:7E:EE:D3:D9:EE:74:29:6F:74:4E:1D:13:99:C9:75
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018EE7E719E151DED80866449DED4AC6CA2A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J-eT-AR-7tPZ7nQpb3ROHROZyXU.roa
Signing time:             Tue 16 Apr 2024 17:14:26 +0000
ROA not before:           Tue 16 Apr 2024 17:14:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215151
IP address blocks:        178.253.52.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 01:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e7:e7:19:e1:51:de:d8:08:66:44:9d:ed:4a:c6:ca:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Apr 16 17:14:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=27e793f8047eeed3d9ee74296f744e1d1399c975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:a0:d6:90:85:a7:4b:55:8b:ba:f4:55:e5:3f:
                    30:a7:0d:a8:85:b9:ba:20:bc:3f:01:60:34:c9:ba:
                    b3:f3:f5:79:3f:0e:7a:3e:9b:c5:41:80:ea:64:e5:
                    8c:8d:7c:c0:8d:bf:c3:68:8e:5f:1f:96:d6:24:b1:
                    ad:77:20:bb:f9:29:b2:2a:6b:29:20:5d:99:af:0e:
                    7b:4b:01:b3:33:40:9c:22:5c:f5:b1:9a:fe:d6:bf:
                    01:fc:84:cc:58:d3:8e:f3:e9:3a:b6:b6:d8:16:93:
                    c6:65:00:0b:cc:2e:45:ac:68:49:98:39:24:d5:1a:
                    8e:26:18:a2:62:f8:ce:82:2d:76:11:82:b9:d5:93:
                    cb:87:5e:ec:ac:36:80:30:91:9a:28:4d:50:ee:20:
                    88:85:ac:a9:5b:bb:58:16:94:45:29:bd:99:f5:ec:
                    e1:57:d2:8c:96:71:91:b2:ef:eb:54:ae:3f:55:72:
                    48:cd:a5:f0:6d:53:9c:c2:7c:fb:a3:e6:57:ec:56:
                    27:d9:6d:05:8b:68:d0:7c:c7:88:36:62:46:a0:97:
                    cd:09:28:60:d8:ea:53:97:a2:aa:6c:56:2d:bc:dc:
                    19:cf:7d:10:e0:f5:93:63:e6:8e:b7:5d:50:58:13:
                    b8:8a:22:eb:b6:04:04:e0:8d:78:57:ca:ef:87:0b:
                    5f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E7:93:F8:04:7E:EE:D3:D9:EE:74:29:6F:74:4E:1D:13:99:C9:75
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/J-eT-AR-7tPZ7nQpb3ROHROZyXU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.253.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:ea:13:04:3a:c8:28:2c:e2:f4:cf:1d:30:29:89:81:50:4c:
         3d:a4:97:29:41:15:ee:c8:9b:5c:b9:01:df:c3:14:2a:f2:15:
         a1:f4:5e:e3:44:12:56:c7:87:37:5a:23:9a:01:c6:fa:fe:f1:
         de:69:4d:21:27:e8:bd:f0:b2:f9:73:41:a8:ad:fd:80:83:a4:
         6f:30:66:48:de:dd:31:e4:16:20:67:0c:58:b6:cb:5f:d6:5a:
         c4:09:67:b6:d6:94:60:df:18:28:6b:08:35:fa:5e:1b:85:eb:
         99:d6:b0:82:a0:82:10:0a:82:b2:3f:aa:74:d8:ee:c9:53:c1:
         c2:05:27:67:c8:4e:5b:01:22:51:28:a7:3d:56:77:ae:7a:84:
         0c:51:63:25:1f:e8:75:c0:34:70:72:93:86:a8:cf:85:60:d6:
         36:32:6a:60:f5:c3:26:ef:a8:9f:1b:75:8f:40:3a:cc:04:e4:
         e0:c7:29:d1:2a:12:62:76:df:ed:62:4b:00:e7:49:9c:0c:10:
         10:20:ed:8a:55:46:7e:db:3e:34:d5:de:fa:c7:06:87:23:fb:
         43:64:77:05:47:40:51:8e:81:d3:ac:0d:d7:7e:ff:9b:5e:b3:
         d2:b4:13:47:1b:65:3c:b6:94:ae:ee:3a:f1:12:b3:21:ea:09:
         de:25:4c:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7n5xnhUd7YCGZEne1KxsoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwNDE2MTcxNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2U3OTNmODA0N2VlZWQzZDllZTc0Mjk2Zjc0NGUxZDEzOTljOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aDWkIWnS1WLuvRV5T8wpw2ohbm6
ILw/AWA0ybqz8/V5Pw56PpvFQYDqZOWMjXzAjb/DaI5fH5bWJLGtdyC7+SmyKmsp
IF2Zrw57SwGzM0CcIlz1sZr+1r8B/ITMWNOO8+k6trbYFpPGZQALzC5FrGhJmDkk
1RqOJhiiYvjOgi12EYK51ZPLh17srDaAMJGaKE1Q7iCIhaypW7tYFpRFKb2Z9ezh
V9KMlnGRsu/rVK4/VXJIzaXwbVOcwnz7o+ZX7FYn2W0Fi2jQfMeINmJGoJfNCShg
2OpTl6KqbFYtvNwZz30Q4PWTY+aOt11QWBO4iiLrtgQE4I14V8rvhwtf2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfnk/gEfu7T2e50KW90Th0Tmcl1MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvSi1lVC1BUi03dFBaN25RcGIzUk9IUk9aeVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv00MA0G
CSqGSIb3DQEBCwUAA4IBAQAo6hMEOsgoLOL0zx0wKYmBUEw9pJcpQRXuyJtcuQHf
wxQq8hWh9F7jRBJWx4c3WiOaAcb6/vHeaU0hJ+i98LL5c0Gorf2Ag6RvMGZI3t0x
5BYgZwxYtstf1lrECWe21pRg3xgoawg1+l4bheuZ1rCCoIIQCoKyP6p02O7JU8HC
BSdnyE5bASJRKKc9VneueoQMUWMlH+h1wDRwcpOGqM+FYNY2Mmpg9cMm76ifG3WP
QDrMBOTgxynRKhJidt/tYksA50mcDBAQIO2KVUZ+2z401d76xwaHI/tDZHcFR0BR
joHTrA3Xfv+bXrPStBNHG2U8tpSu7jrxErMh6gneJUyj
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:43 2024 by rpki-client on console-fra.rpki-client.org