Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/svO2BJTKynyNwaH1tqB7AX4eINQ.roa
File:                     svO2BJTKynyNwaH1tqB7AX4eINQ.roa (raw, json)
Hash identifier:          WEoXGVM6L7n0y/yNXy2BNbmtANHTxy83AY8msBBwUT4=
Subject key identifier:   B2:F3:B6:04:94:CA:CA:7C:8D:C1:A1:F5:B6:A0:7B:01:7E:1E:20:D4
Certificate issuer:       /CN=62efff88bf665ec86a9e356b79d06ba5940c383c
Certificate serial:       0192C039F647A686AFD3999E74E3071B2C3D
Authority key identifier: 62:EF:FF:88:BF:66:5E:C8:6A:9E:35:6B:79:D0:6B:A5:94:0C:38:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yu__iL9mXshqnjVredBrpZQMODw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/svO2BJTKynyNwaH1tqB7AX4eINQ.roa
Signing time:             Thu 24 Oct 2024 20:31:16 +0000
ROA not before:           Thu 24 Oct 2024 20:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215287
IP address blocks:        170.62.190.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/Yu__iL9mXshqnjVredBrpZQMODw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/Yu__iL9mXshqnjVredBrpZQMODw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yu__iL9mXshqnjVredBrpZQMODw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Nov 2024 07:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:c0:39:f6:47:a6:86:af:d3:99:9e:74:e3:07:1b:2c:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62efff88bf665ec86a9e356b79d06ba5940c383c
        Validity
            Not Before: Oct 24 20:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2f3b60494caca7c8dc1a1f5b6a07b017e1e20d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c6:7c:93:d3:63:59:a6:8f:d8:1c:72:aa:8b:
                    e6:39:68:82:73:54:5d:75:fa:0d:31:5e:71:e8:78:
                    0c:19:79:da:3c:33:eb:61:fd:8d:0c:06:af:ba:2b:
                    42:dc:48:56:8e:2c:59:2f:06:cf:ba:50:c4:0c:56:
                    2f:55:14:21:b6:4b:da:c5:0f:e6:9c:46:52:5e:1b:
                    7a:79:2a:d8:97:34:50:9a:bb:c7:d4:44:ee:97:bd:
                    79:1c:3d:d6:2f:cb:40:34:7b:a3:bc:e8:c9:22:0a:
                    3b:f3:8a:9e:fc:09:26:74:d0:8a:5a:ce:0b:9c:7b:
                    0d:bb:85:85:6d:27:9d:03:d0:b5:f0:e8:ce:4c:f5:
                    e2:08:63:33:71:85:56:c1:fc:75:37:86:ff:26:81:
                    ce:1d:a3:41:14:33:33:d5:79:45:c9:9f:91:b4:25:
                    74:ce:66:49:38:cc:5b:47:ca:35:f2:67:04:dc:21:
                    3d:8d:63:da:a9:ab:7a:e3:a9:4d:86:30:b6:d8:98:
                    d0:44:90:32:5b:fb:15:72:bb:0c:76:09:29:13:b8:
                    ae:68:bb:fe:0e:d3:ad:26:f7:1c:a5:10:9e:4b:38:
                    86:9a:ce:4b:ca:2b:ae:d8:47:d5:2e:09:1d:d4:1b:
                    66:99:d8:aa:b7:e9:64:9c:8c:ef:45:63:fe:32:d8:
                    99:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F3:B6:04:94:CA:CA:7C:8D:C1:A1:F5:B6:A0:7B:01:7E:1E:20:D4
            X509v3 Authority Key Identifier:
                keyid:62:EF:FF:88:BF:66:5E:C8:6A:9E:35:6B:79:D0:6B:A5:94:0C:38:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yu__iL9mXshqnjVredBrpZQMODw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/svO2BJTKynyNwaH1tqB7AX4eINQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3123b0-93e3-465d-80e4-040407a290d9/1/Yu__iL9mXshqnjVredBrpZQMODw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.62.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:5d:76:be:a8:a8:57:81:46:90:be:27:07:40:b9:e5:28:55:
         b8:0c:68:21:69:25:05:0a:7b:d5:8f:fe:3a:68:37:1b:1e:86:
         31:1b:96:e9:5c:3f:f6:44:32:38:6d:46:10:1b:cc:37:54:32:
         2a:a6:02:1b:4c:17:2c:ad:7d:cc:56:60:5d:9b:c7:2b:17:df:
         4b:9a:b4:77:72:b9:04:82:71:a4:c0:c2:6f:7a:7a:53:02:3f:
         f0:95:d0:ad:c9:59:10:69:62:ba:0b:a1:89:65:58:af:09:94:
         bd:dc:ea:59:c5:4e:10:7d:47:77:9d:da:de:78:d7:37:ad:a1:
         45:44:06:63:71:98:1d:e7:dc:61:98:52:f1:3b:ef:e9:29:68:
         5e:2e:90:fb:8d:37:37:47:bc:d7:8b:73:4e:13:db:a4:6e:e7:
         c2:b0:4b:30:af:df:f6:78:a1:09:f7:82:76:4e:ed:2e:aa:24:
         f2:24:6d:8c:7a:33:a4:b4:70:fc:ae:6d:7e:90:43:da:ac:52:
         5b:99:83:10:35:e1:a0:d1:61:4e:10:99:49:b2:c4:c8:4c:40:
         77:e0:9c:36:be:a9:d2:57:02:18:af:1b:d4:e0:e3:cc:e1:d0:
         9f:b6:27:70:dd:45:ca:76:55:f8:21:83:22:91:3f:06:58:b4:
         f6:c7:0e:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLAOfZHpoav05medOMHGyw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZWZmZjg4YmY2NjVlYzg2YTllMzU2Yjc5ZDA2YmE1OTQw
YzM4M2MwHhcNMjQxMDI0MjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYzYjYwNDk0Y2FjYTdjOGRjMWExZjViNmEwN2IwMTdlMWUyMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcZ8k9NjWaaP2BxyqovmOWiCc1Rd
dfoNMV5x6HgMGXnaPDPrYf2NDAavuitC3EhWjixZLwbPulDEDFYvVRQhtkvaxQ/m
nEZSXht6eSrYlzRQmrvH1ETul715HD3WL8tANHujvOjJIgo784qe/AkmdNCKWs4L
nHsNu4WFbSedA9C18OjOTPXiCGMzcYVWwfx1N4b/JoHOHaNBFDMz1XlFyZ+RtCV0
zmZJOMxbR8o18mcE3CE9jWPaqat646lNhjC22JjQRJAyW/sVcrsMdgkpE7iuaLv+
DtOtJvccpRCeSziGms5Lyiuu2EfVLgkd1Btmmdiqt+lknIzvRWP+MtiZvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLztgSUysp8jcGh9bagewF+HiDUMB8GA1UdIwQY
MBaAFGLv/4i/Zl7Iap41a3nQa6WUDDg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXVfX2lMOW1Yc2hxbmpWcmVkQnJwWlFNT0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zMTIzYjAtOTNlMy00NjVkLTgwZTQt
MDQwNDA3YTI5MGQ5LzEvc3ZPMkJKVEt5bnlOd2FIMXRxQjdBWDRlSU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zMTIzYjAtOTNlMy00NjVkLTgwZTQtMDQwNDA3YTI5MGQ5
LzEvWXVfX2lMOW1Yc2hxbmpWcmVkQnJwWlFNT0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj6+MA0G
CSqGSIb3DQEBCwUAA4IBAQB3XXa+qKhXgUaQvicHQLnlKFW4DGghaSUFCnvVj/46
aDcbHoYxG5bpXD/2RDI4bUYQG8w3VDIqpgIbTBcsrX3MVmBdm8crF99LmrR3crkE
gnGkwMJvenpTAj/wldCtyVkQaWK6C6GJZVivCZS93OpZxU4QfUd3ndreeNc3raFF
RAZjcZgd59xhmFLxO+/pKWheLpD7jTc3R7zXi3NOE9ukbufCsEswr9/2eKEJ94J2
Tu0uqiTyJG2MejOktHD8rm1+kEParFJbmYMQNeGg0WFOEJlJssTITEB34Jw2vqnS
VwIYrxvU4OPM4dCftidw3UXKdlX4IYMikT8GWLT2xw5n
-----END CERTIFICATE-----
Generated at Mon Nov 4 17:25:14 2024 by rpki-client on console-ams.rpki-client.org