Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/I7WPke6phqGy60alAJ7fN3_qw-0.roa
File:                     I7WPke6phqGy60alAJ7fN3_qw-0.roa (raw, json)
Hash identifier:          A6OeYnnQGnAqRQSppNNrqbdU/WQ/36Zx5jlnXPXp6+s=
Subject key identifier:   23:B5:8F:91:EE:A9:86:A1:B2:EB:46:A5:00:9E:DF:37:7F:EA:C3:ED
Certificate issuer:       /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial:       018CC802CBFA01674A49C0555EB5BA096BF6
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/I7WPke6phqGy60alAJ7fN3_qw-0.roa
Signing time:             Tue 02 Jan 2024 02:31:15 +0000
ROA not before:           Tue 02 Jan 2024 02:31:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50336
IP address blocks:        188.211.224.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:cb:fa:01:67:4a:49:c0:55:5e:b5:ba:09:6b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
        Validity
            Not Before: Jan  2 02:31:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=23b58f91eea986a1b2eb46a5009edf377feac3ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:80:27:24:d7:00:9a:d4:83:8e:be:78:86:bf:
                    af:27:f8:31:fc:c3:9b:29:de:3b:ff:85:43:4d:ef:
                    9c:f4:11:1e:19:1c:8c:25:11:ec:87:c3:66:1a:58:
                    4e:c8:83:56:c7:79:f6:99:0e:09:28:51:78:74:6e:
                    f5:46:36:73:8c:a6:67:d2:a1:33:98:6f:63:dc:81:
                    b2:c1:00:41:f4:fd:81:81:cb:14:3e:79:a1:d0:ea:
                    ee:43:dd:d6:33:81:7a:ab:60:bd:67:fc:16:e6:72:
                    08:98:96:a2:05:08:99:6f:e8:77:41:17:45:da:66:
                    73:1d:22:ca:26:1b:e5:05:b7:30:13:25:24:8f:16:
                    47:5a:5c:1d:d7:a5:e9:a9:a7:69:07:81:24:8b:28:
                    20:21:9f:f3:22:62:6d:bf:ba:e2:f7:8e:23:4e:c7:
                    40:d9:70:9a:ff:e8:a0:ce:4c:4c:94:0d:5f:5d:09:
                    66:7b:71:9c:6d:e7:1c:7d:1f:79:02:08:4f:9e:b8:
                    5f:45:bb:a0:03:42:c3:b0:2c:54:90:a3:09:25:b9:
                    cf:3d:b5:f0:44:3d:e3:63:5f:e2:dd:01:82:57:ad:
                    09:7e:4f:d7:87:2e:b3:97:d2:4a:a7:d8:d1:e6:3e:
                    fb:a3:11:e9:b5:b2:ec:58:ce:07:4f:c8:cb:42:b9:
                    72:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B5:8F:91:EE:A9:86:A1:B2:EB:46:A5:00:9E:DF:37:7F:EA:C3:ED
            X509v3 Authority Key Identifier:
                keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/I7WPke6phqGy60alAJ7fN3_qw-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.211.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:9d:72:c8:cf:72:c1:d3:8f:66:52:c7:71:23:92:3b:3b:2d:
         d6:3f:4c:9c:13:6f:c9:fd:5a:c6:74:ea:6e:be:bc:55:75:a8:
         f2:bc:ff:aa:d3:0f:82:c5:84:50:c1:f4:b3:d9:4c:9c:6d:9a:
         71:c9:97:54:fa:53:4b:86:3e:f7:b9:48:e6:38:7b:93:85:e3:
         62:05:3a:08:45:c8:eb:89:93:d4:f3:9c:60:95:bb:03:e1:26:
         ab:91:51:a8:3f:45:d6:2c:a5:97:76:16:1a:d2:23:e2:d3:01:
         90:47:1b:57:59:47:0c:11:61:74:ce:de:b2:30:4f:66:95:48:
         09:70:78:2c:18:a6:ca:b6:30:e5:9f:c9:3c:f0:82:b7:fe:c5:
         64:12:00:4b:8c:71:03:a7:4c:6e:c6:47:45:52:39:88:44:55:
         68:8c:54:ce:e7:0e:b1:f0:ee:ca:73:67:03:d8:83:00:15:d8:
         3f:8f:10:5e:5c:fc:fd:85:fd:5c:ce:b1:d5:57:0f:15:15:e8:
         e0:df:a4:ab:12:f2:5d:53:5e:68:78:a4:31:81:f6:01:a4:a9:
         76:1a:5a:46:d5:9a:9f:6c:29:c8:5e:b1:2b:e6:69:35:b9:91:
         61:1f:43:e3:83:a0:8b:0f:4f:2f:32:41:8d:d0:f2:2d:ff:e8:
         79:b1:6d:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAsv6AWdKScBVXrW6CWv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I1OGY5MWVlYTk4NmExYjJlYjQ2YTUwMDllZGYzNzdmZWFjM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIAnJNcAmtSDjr54hr+vJ/gx/MOb
Kd47/4VDTe+c9BEeGRyMJRHsh8NmGlhOyINWx3n2mQ4JKFF4dG71RjZzjKZn0qEz
mG9j3IGywQBB9P2BgcsUPnmh0OruQ93WM4F6q2C9Z/wW5nIImJaiBQiZb+h3QRdF
2mZzHSLKJhvlBbcwEyUkjxZHWlwd16XpqadpB4EkiyggIZ/zImJtv7ri944jTsdA
2XCa/+igzkxMlA1fXQlme3GcbeccfR95AghPnrhfRbugA0LDsCxUkKMJJbnPPbXw
RD3jY1/i3QGCV60Jfk/Xhy6zl9JKp9jR5j77oxHptbLsWM4HT8jLQrlymwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCO1j5HuqYahsutGpQCe3zd/6sPtMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvSTdXUGtlNnBocUd5NjBhbEFKN2ZOM19xdy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBFnXLIz3LB049mUsdxI5I7Oy3WP0ycE2/J/VrGdOpu
vrxVdajyvP+q0w+CxYRQwfSz2UycbZpxyZdU+lNLhj73uUjmOHuTheNiBToIRcjr
iZPU85xglbsD4SarkVGoP0XWLKWXdhYa0iPi0wGQRxtXWUcMEWF0zt6yME9mlUgJ
cHgsGKbKtjDln8k88IK3/sVkEgBLjHEDp0xuxkdFUjmIRFVojFTO5w6x8O7Kc2cD
2IMAFdg/jxBeXPz9hf1czrHVVw8VFejg36SrEvJdU15oeKQxgfYBpKl2GlpG1Zqf
bCnIXrEr5mk1uZFhH0Pjg6CLD08vMkGN0PIt/+h5sW26
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org