Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-CU_sVeHKK4yEFclKnay4ZZuhMI.roa
File:                     1-CU_sVeHKK4yEFclKnay4ZZuhMI.roa (raw, json)
Hash identifier:          lF+uJ0CJkXNjOyrOMuIw05O1L1+cVi5q0bgO+94alfo=
Subject key identifier:   F8:25:3F:B1:57:87:28:AE:32:10:57:25:2A:76:B2:E1:96:6E:84:C2
Certificate issuer:       /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial:       018CC802CA961A5FAF74A7053E7DB7A8658D
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-CU_sVeHKK4yEFclKnay4ZZuhMI.roa
Signing time:             Tue 02 Jan 2024 02:31:15 +0000
ROA not before:           Tue 02 Jan 2024 02:31:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49298
IP address blocks:        93.119.172.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:ca:96:1a:5f:af:74:a7:05:3e:7d:b7:a8:65:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
        Validity
            Not Before: Jan  2 02:31:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f8253fb1578728ae321057252a76b2e1966e84c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:70:3c:68:8a:06:5e:d0:fd:6c:f3:8f:c6:67:
                    d6:5b:73:59:81:8f:1a:7f:4a:0b:e7:9b:42:3c:c2:
                    a3:e2:8e:20:f2:6a:76:d0:fa:08:08:70:0b:a5:70:
                    c3:3d:72:e8:01:47:55:24:b8:24:aa:3c:58:11:7e:
                    d7:2f:53:a1:0f:87:0e:10:fb:91:a0:ca:af:67:69:
                    13:81:12:00:32:80:cb:cd:74:1f:01:71:cb:d9:3d:
                    3a:7f:b3:17:be:5f:09:21:d3:07:0b:95:92:68:0f:
                    cf:6a:4c:ef:4f:bb:ec:c2:03:3f:11:30:44:97:6d:
                    f8:3d:b8:25:76:93:4e:33:43:f3:cd:23:ec:dd:ab:
                    1a:d6:0b:40:1f:eb:be:d2:c9:7e:67:30:73:7e:13:
                    6f:42:98:23:96:5c:c9:13:6d:0b:89:9d:da:7f:6a:
                    67:97:22:c0:f9:ac:89:59:e8:b5:b5:1d:ed:10:49:
                    4f:75:80:08:d9:bf:82:34:71:35:53:42:cb:10:11:
                    30:13:63:f6:b7:2b:25:75:6c:b0:07:f3:ec:22:de:
                    ce:a0:80:6a:c0:dc:5b:8d:4c:a9:d1:eb:f7:d9:c7:
                    12:1f:2c:aa:0b:14:79:f4:1d:7e:e9:df:1b:69:ae:
                    24:f8:0b:8e:7c:4e:5f:6c:fc:06:be:cd:44:c7:d8:
                    db:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:25:3F:B1:57:87:28:AE:32:10:57:25:2A:76:B2:E1:96:6E:84:C2
            X509v3 Authority Key Identifier:
                keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-CU_sVeHKK4yEFclKnay4ZZuhMI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.119.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:86:e0:81:db:de:ec:e5:00:08:8c:cb:c4:74:a4:09:95:40:
         bf:51:14:5a:95:fa:6d:2b:4d:6b:55:c2:2f:dc:92:e7:ca:b9:
         f2:06:01:05:5f:9a:db:fc:7b:3c:f9:52:a2:c4:11:bb:1e:2e:
         c7:18:8e:55:c4:01:3a:81:fb:d3:91:ec:c9:5d:9b:9d:44:cb:
         31:78:6b:aa:83:d7:ef:5c:25:94:08:cb:8f:12:4c:6a:21:94:
         ac:d0:5a:34:d0:7c:a8:bc:ff:00:a6:75:a3:16:c0:24:19:7b:
         81:d6:ce:d1:25:6a:b8:03:94:bd:12:a4:41:e8:ee:30:08:10:
         2d:96:f6:67:80:a6:0b:a9:db:9a:66:a3:f6:4d:a0:46:09:38:
         a5:f2:09:62:d9:e7:73:a7:43:d7:d7:9c:82:c7:3b:bd:eb:0d:
         09:3c:59:b0:03:0c:65:98:7f:70:1f:33:8e:ed:64:97:e8:3c:
         0b:77:52:55:0f:d9:45:11:0a:78:2a:b9:01:3b:60:5e:54:dc:
         3e:60:64:7c:56:fd:a3:bd:f8:b7:32:7d:fc:bb:d2:20:a8:0a:
         a4:fc:47:70:c7:1e:a5:3d:49:c5:a3:69:4b:0a:4a:a9:25:21:
         5d:f5:e0:b6:26:59:36:34:28:01:e5:56:1c:69:1c:b1:50:4d:
         5f:9f:b6:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAsqWGl+vdKcFPn23qGWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODI1M2ZiMTU3ODcyOGFlMzIxMDU3MjUyYTc2YjJlMTk2NmU4NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHA8aIoGXtD9bPOPxmfWW3NZgY8a
f0oL55tCPMKj4o4g8mp20PoICHALpXDDPXLoAUdVJLgkqjxYEX7XL1OhD4cOEPuR
oMqvZ2kTgRIAMoDLzXQfAXHL2T06f7MXvl8JIdMHC5WSaA/PakzvT7vswgM/ETBE
l234PbgldpNOM0PzzSPs3asa1gtAH+u+0sl+ZzBzfhNvQpgjllzJE20LiZ3af2pn
lyLA+ayJWei1tR3tEElPdYAI2b+CNHE1U0LLEBEwE2P2tysldWywB/PsIt7OoIBq
wNxbjUyp0ev32ccSHyyqCxR59B1+6d8baa4k+AuOfE5fbPwGvs1Ex9jbPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPglP7FXhyiuMhBXJSp2suGWboTCMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvMS1DVV9zVmVIS0s0eUVGY2xLbmF5NFpadWhNSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5
Ny8xL2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl13rDAN
BgkqhkiG9w0BAQsFAAOCAQEAk4bggdve7OUACIzLxHSkCZVAv1EUWpX6bStNa1XC
L9yS58q58gYBBV+a2/x7PPlSosQRux4uxxiOVcQBOoH705HsyV2bnUTLMXhrqoPX
71wllAjLjxJMaiGUrNBaNNB8qLz/AKZ1oxbAJBl7gdbO0SVquAOUvRKkQejuMAgQ
LZb2Z4CmC6nbmmaj9k2gRgk4pfIJYtnnc6dD19ecgsc7vesNCTxZsAMMZZh/cB8z
ju1kl+g8C3dSVQ/ZRREKeCq5ATtgXlTcPmBkfFb9o734tzJ9/LvSIKgKpPxHcMce
pT1JxaNpSwpKqSUhXfXgtiZZNjQoAeVWHGkcsVBNX5+2ug==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org