Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/B1ny4a9Tkc7QOGfyVma52I3uvTg.roa
File:                     B1ny4a9Tkc7QOGfyVma52I3uvTg.roa (raw, json)
Hash identifier:          /ta4Kon8ayws4GcVKBcPPar60rh61ofcUvBv6Sd/EDk=
Subject key identifier:   07:59:F2:E1:AF:53:91:CE:D0:38:67:F2:56:66:B9:D8:8D:EE:BD:38
Certificate issuer:       /CN=4a97bc504f3075fb4f39236408c1c2d547b44c26
Certificate serial:       018CC802E35DE795FC59870DCAD221B834C5
Authority key identifier: 4A:97:BC:50:4F:30:75:FB:4F:39:23:64:08:C1:C2:D5:47:B4:4C:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Spe8UE8wdftPOSNkCMHC1Ue0TCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/B1ny4a9Tkc7QOGfyVma52I3uvTg.roa
Signing time:             Tue 02 Jan 2024 02:31:21 +0000
ROA not before:           Tue 02 Jan 2024 02:31:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15580
IP address blocks:        193.108.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/Spe8UE8wdftPOSNkCMHC1Ue0TCY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/Spe8UE8wdftPOSNkCMHC1Ue0TCY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Spe8UE8wdftPOSNkCMHC1Ue0TCY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:e3:5d:e7:95:fc:59:87:0d:ca:d2:21:b8:34:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a97bc504f3075fb4f39236408c1c2d547b44c26
        Validity
            Not Before: Jan  2 02:31:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0759f2e1af5391ced03867f25666b9d88deebd38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:39:78:2c:14:ce:9e:03:37:e0:bc:44:3e:38:
                    1a:77:d5:d8:dd:4d:ef:20:7a:5a:dd:e6:08:d7:a7:
                    17:b7:8a:24:78:a8:14:7a:40:2d:bc:c6:f0:17:89:
                    38:ab:44:8f:05:62:5f:e5:c0:a4:5f:d9:51:f5:f3:
                    b7:d1:f0:3d:dc:4f:2b:da:cb:3a:fd:26:73:e7:80:
                    e0:c0:7d:91:bc:f1:c2:68:b8:93:09:bd:de:f7:f7:
                    9d:b3:a1:ee:b0:8d:a4:be:4c:e6:0d:66:a0:99:ed:
                    0b:25:7a:6f:5c:9c:f5:4a:2e:65:21:24:df:c2:1d:
                    a1:de:bf:a7:6b:41:53:8e:b7:da:62:e1:e2:1b:76:
                    eb:b1:72:a9:1a:cf:8f:0f:28:61:85:26:69:bd:cc:
                    23:2e:22:7a:92:4b:3e:66:bc:13:3b:2c:85:6d:13:
                    cc:14:a7:9e:d6:6a:fc:d8:e0:3f:38:01:58:07:a0:
                    ba:b6:a8:b6:97:df:22:cc:e3:d7:ff:a7:d0:7b:6e:
                    55:f5:32:78:a4:a3:77:ac:83:21:bd:ce:f0:0a:ff:
                    8c:e9:1c:c2:36:5f:d6:cc:3c:e2:52:54:55:3e:b4:
                    b5:94:c4:31:18:4b:4e:78:ab:36:52:fa:b9:a1:76:
                    d7:c1:6c:fd:99:73:11:6f:fa:e3:6e:6f:b5:48:f1:
                    cc:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:59:F2:E1:AF:53:91:CE:D0:38:67:F2:56:66:B9:D8:8D:EE:BD:38
            X509v3 Authority Key Identifier:
                keyid:4A:97:BC:50:4F:30:75:FB:4F:39:23:64:08:C1:C2:D5:47:B4:4C:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Spe8UE8wdftPOSNkCMHC1Ue0TCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/B1ny4a9Tkc7QOGfyVma52I3uvTg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d4501b-18ea-4280-85a4-9329f9179fda/1/Spe8UE8wdftPOSNkCMHC1Ue0TCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:15:38:ea:4f:6b:43:b4:8c:e6:d1:d9:6e:dd:66:92:1a:bd:
         b7:e4:6f:3a:08:9d:3e:1f:88:6d:be:bd:0a:9e:84:6d:f1:c4:
         3b:4c:9a:ea:15:c6:0e:b9:7f:86:e8:31:f4:a3:b9:03:df:65:
         b0:21:c9:0f:8a:15:e4:be:1b:25:73:33:ad:5b:49:db:81:31:
         48:63:b1:46:05:e0:93:4d:83:51:e1:9a:72:7a:6c:9b:4e:f0:
         d3:be:23:8f:c9:b9:ac:21:3b:ec:3a:2d:e4:cf:7a:17:5a:de:
         d9:10:28:a8:6e:1b:4b:4c:0e:fe:7f:ec:bf:b2:11:60:aa:7c:
         fb:86:0f:cd:8d:e2:2e:58:2b:80:66:fe:bb:94:63:6f:ac:ce:
         77:ca:58:ef:f3:c1:1f:40:9a:bd:8b:70:4d:e8:fd:58:23:eb:
         32:f2:f4:c3:44:6b:13:1c:2c:6f:2d:76:63:f3:a1:96:72:f9:
         0a:44:79:b9:2c:83:75:8d:82:83:6b:07:af:14:e3:2f:e2:2b:
         70:9e:4b:5c:56:99:41:d0:05:cc:16:9e:c1:47:56:5c:f8:93:
         42:d4:16:05:6b:cb:6b:8e:56:cd:99:22:f5:f1:1a:bf:6a:ef:
         de:77:08:2f:17:e3:f6:9b:ce:80:51:41:05:a7:b9:b4:57:01:
         26:a0:46:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAuNd55X8WYcNytIhuDTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOTdiYzUwNGYzMDc1ZmI0ZjM5MjM2NDA4YzFjMmQ1NDdi
NDRjMjYwHhcNMjQwMTAyMDIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzU5ZjJlMWFmNTM5MWNlZDAzODY3ZjI1NjY2YjlkODhkZWViZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojl4LBTOngM34LxEPjgad9XY3U3v
IHpa3eYI16cXt4okeKgUekAtvMbwF4k4q0SPBWJf5cCkX9lR9fO30fA93E8r2ss6
/SZz54DgwH2RvPHCaLiTCb3e9/eds6HusI2kvkzmDWagme0LJXpvXJz1Si5lISTf
wh2h3r+na0FTjrfaYuHiG3brsXKpGs+PDyhhhSZpvcwjLiJ6kks+ZrwTOyyFbRPM
FKee1mr82OA/OAFYB6C6tqi2l98izOPX/6fQe25V9TJ4pKN3rIMhvc7wCv+M6RzC
Nl/WzDziUlRVPrS1lMQxGEtOeKs2Uvq5oXbXwWz9mXMRb/rjbm+1SPHMpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdZ8uGvU5HO0Dhn8lZmudiN7r04MB8GA1UdIwQY
MBaAFEqXvFBPMHX7TzkjZAjBwtVHtEwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3BlOFVFOHdkZnRQT1NOa0NNSEMxVWUwVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDUwMWItMThlYS00MjgwLTg1YTQt
OTMyOWY5MTc5ZmRhLzEvQjFueTRhOVRrYzdRT0dmeVZtYTUySTN1dlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDUwMWItMThlYS00MjgwLTg1YTQtOTMyOWY5MTc5ZmRh
LzEvU3BlOFVFOHdkZnRQT1NOa0NNSEMxVWUwVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWyvMA0G
CSqGSIb3DQEBCwUAA4IBAQAxFTjqT2tDtIzm0dlu3WaSGr235G86CJ0+H4htvr0K
noRt8cQ7TJrqFcYOuX+G6DH0o7kD32WwIckPihXkvhslczOtW0nbgTFIY7FGBeCT
TYNR4ZpyemybTvDTviOPybmsITvsOi3kz3oXWt7ZECiobhtLTA7+f+y/shFgqnz7
hg/NjeIuWCuAZv67lGNvrM53yljv88EfQJq9i3BN6P1YI+sy8vTDRGsTHCxvLXZj
86GWcvkKRHm5LIN1jYKDawevFOMv4itwnktcVplB0AXMFp7BR1Zc+JNC1BYFa8tr
jlbNmSL18Rq/au/edwgvF+P2m86AUUEFp7m0VwEmoEa7
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:04 2024 by rpki-client on console-ams.rpki-client.org