Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/TWAWTlHwDKmATMja0dO7TFLyDpg.roa
File:                     TWAWTlHwDKmATMja0dO7TFLyDpg.roa (raw, json)
Hash identifier:          y/v2vaZT1Ti3FNqI6qgslkB69aH3RDgRMx8Aez9qQF4=
Subject key identifier:   4D:60:16:4E:51:F0:0C:A9:80:4C:C8:DA:D1:D3:BB:4C:52:F2:0E:98
Certificate issuer:       /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial:       018EB4C4675D5EB38C5D7BB62FD9496D0653
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/TWAWTlHwDKmATMja0dO7TFLyDpg.roa
Signing time:             Sat 06 Apr 2024 18:55:54 +0000
ROA not before:           Sat 06 Apr 2024 18:55:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400950
IP address blocks:        46.175.130.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 23 May 2024 14:15:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b4:c4:67:5d:5e:b3:8c:5d:7b:b6:2f:d9:49:6d:06:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
        Validity
            Not Before: Apr  6 18:55:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d60164e51f00ca9804cc8dad1d3bb4c52f20e98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:22:df:96:42:65:5d:08:5d:c8:08:c7:1d:e1:
                    d4:f7:63:9b:40:31:59:59:79:ea:4e:f2:91:50:f7:
                    8a:ae:c7:e6:d9:6c:11:5a:da:f9:f5:8f:aa:81:da:
                    3f:14:5b:d9:e3:6f:74:f5:65:68:8d:6d:ea:a1:d3:
                    60:9d:30:1e:3b:b1:a4:da:5d:34:ad:f1:2c:9b:52:
                    52:12:28:a2:6a:c9:98:e4:fb:20:70:05:56:3a:b2:
                    27:f8:61:92:34:d8:8a:bd:89:21:6c:67:77:e6:22:
                    8f:42:ba:68:72:d0:1a:9f:14:cd:69:d1:a6:f2:3b:
                    35:53:e4:b2:e2:28:8f:a6:0b:8f:22:69:ff:62:c8:
                    bd:0b:77:d6:c9:38:5d:a3:db:4c:6b:2a:a1:b9:40:
                    fb:a4:c6:3c:13:52:c1:c3:12:af:ab:81:d2:da:f3:
                    bd:d9:db:d4:b7:c2:e3:64:39:41:a7:39:60:46:49:
                    64:4f:7c:f1:3a:d3:26:fc:06:33:b5:45:2d:fa:c8:
                    c3:6a:c4:85:e1:cf:1b:6d:c1:9a:99:e0:46:c6:69:
                    c5:fd:eb:25:e0:34:1c:f3:a2:c1:70:c6:4c:ec:3e:
                    c1:45:cc:3d:94:c0:f4:e6:3b:8a:e5:f8:8f:f1:a7:
                    e5:21:e9:21:db:78:6f:bd:67:95:0b:a1:dc:94:d6:
                    91:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:60:16:4E:51:F0:0C:A9:80:4C:C8:DA:D1:D3:BB:4C:52:F2:0E:98
            X509v3 Authority Key Identifier:
                keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/TWAWTlHwDKmATMja0dO7TFLyDpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.175.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:48:e7:0d:9b:88:82:60:33:34:06:35:d4:36:4f:aa:69:77:
         35:70:34:91:03:cd:87:c9:06:0d:ca:6a:f4:e7:82:1a:d0:c7:
         f6:f1:c1:be:00:a3:2c:03:a3:ca:7f:63:84:15:65:f1:42:ed:
         03:67:93:61:cb:74:84:57:cb:81:b3:6d:2f:e2:8a:1f:8a:53:
         87:ab:d2:4c:7e:97:23:6c:f4:82:ab:a9:89:6c:9c:31:48:c7:
         a4:41:67:b5:f3:34:ce:4a:63:49:40:0b:6e:93:27:b7:55:be:
         a7:5d:d0:e8:1e:ed:fd:e5:52:1a:ac:4d:b4:1e:33:dc:19:0c:
         34:31:36:15:d8:fc:10:6b:20:69:3a:c4:fe:e2:d5:2f:eb:f7:
         51:93:71:71:a9:64:b4:29:40:c0:1d:94:d8:e4:fa:7e:ff:04:
         e7:2d:65:25:da:f9:6f:a2:d8:44:0b:cb:99:66:a8:0d:8f:0a:
         5e:29:8c:5c:8c:58:af:27:f8:a3:90:6d:f1:51:d3:e9:9e:3f:
         68:3c:61:e3:e1:66:89:98:6d:e3:1b:01:b7:68:16:1d:3f:84:
         d1:b7:03:cb:43:bc:8e:e6:63:d6:d8:1c:19:98:3d:0b:ac:d5:
         e4:60:42:5e:7e:92:aa:b2:41:3a:88:9d:5c:16:39:76:85:56:
         97:42:23:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY60xGddXrOMXXu2L9lJbQZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwNDA2MTg1NTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYwMTY0ZTUxZjAwY2E5ODA0Y2M4ZGFkMWQzYmI0YzUyZjIwZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSLflkJlXQhdyAjHHeHU92ObQDFZ
WXnqTvKRUPeKrsfm2WwRWtr59Y+qgdo/FFvZ42909WVojW3qodNgnTAeO7Gk2l00
rfEsm1JSEiiiasmY5PsgcAVWOrIn+GGSNNiKvYkhbGd35iKPQrpoctAanxTNadGm
8js1U+Sy4iiPpguPImn/Ysi9C3fWyThdo9tMayqhuUD7pMY8E1LBwxKvq4HS2vO9
2dvUt8LjZDlBpzlgRklkT3zxOtMm/AYztUUt+sjDasSF4c8bbcGameBGxmnF/esl
4DQc86LBcMZM7D7BRcw9lMD05juK5fiP8aflIekh23hvvWeVC6HclNaRFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1gFk5R8AypgEzI2tHTu0xS8g6YMB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvVFdBV1RsSHdES21BVE1qYTBkTzdURkx5RHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALq+CMA0G
CSqGSIb3DQEBCwUAA4IBAQBVSOcNm4iCYDM0BjXUNk+qaXc1cDSRA82HyQYNymr0
54Ia0Mf28cG+AKMsA6PKf2OEFWXxQu0DZ5Nhy3SEV8uBs20v4oofilOHq9JMfpcj
bPSCq6mJbJwxSMekQWe18zTOSmNJQAtukye3Vb6nXdDoHu395VIarE20HjPcGQw0
MTYV2PwQayBpOsT+4tUv6/dRk3FxqWS0KUDAHZTY5Pp+/wTnLWUl2vlvothEC8uZ
ZqgNjwpeKYxcjFivJ/ijkG3xUdPpnj9oPGHj4WaJmG3jGwG3aBYdP4TRtwPLQ7yO
5mPW2BwZmD0LrNXkYEJefpKqskE6iJ1cFjl2hVaXQiOV
-----END CERTIFICATE-----
Generated at Thu May 23 00:51:05 2024 by rpki-client on console-ams.rpki-client.org