Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa
File:                     Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa (raw, json)
Hash identifier:          KrpqkQj4Vx1BGUR1GsE1cpTWh1FfMq6S2AExEzi4G9U=
Subject key identifier:   07:0A:68:DC:0B:90:0C:56:59:8F:33:AA:CF:0F:7A:73:84:42:33:AC
Certificate issuer:       /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial:       018CC802FA4AEDC8710CE163740B2B80DF32
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa
Signing time:             Tue 02 Jan 2024 02:31:27 +0000
ROA not before:           Tue 02 Jan 2024 02:31:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        79.143.156.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 07:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:fa:4a:ed:c8:71:0c:e1:63:74:0b:2b:80:df:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
        Validity
            Not Before: Jan  2 02:31:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=070a68dc0b900c56598f33aacf0f7a73844233ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:67:e1:3a:9e:d3:ae:fb:8c:03:b0:ae:54:fe:
                    f8:3c:01:59:90:48:50:95:8b:7a:49:96:90:c1:ac:
                    b3:b1:a0:63:ff:e2:5a:00:0b:44:bd:5b:16:f4:2e:
                    59:3f:97:d3:53:51:fb:12:da:d4:19:39:7c:db:a9:
                    e6:11:e5:f8:33:29:64:58:1a:cd:e7:92:0a:05:d0:
                    40:2d:cc:88:f9:62:2f:51:f5:22:3b:f8:bb:dc:3a:
                    19:1a:2a:3b:23:07:03:c2:69:8c:d2:3a:17:8b:4a:
                    d8:e2:f5:4a:d8:e0:c2:b3:39:ab:14:f2:a5:ad:76:
                    ec:ee:2e:cb:03:d6:f8:c9:72:ba:71:e4:da:5b:02:
                    45:9b:48:6d:96:9c:b1:48:d0:d0:c8:e7:00:66:73:
                    b4:53:e9:44:97:39:49:2a:cc:00:cb:93:7b:0a:93:
                    97:c2:2b:02:51:15:94:e7:4a:4b:86:7a:cb:ec:c7:
                    bb:1e:45:24:90:e1:50:e4:4d:a2:f5:2f:4d:56:89:
                    5b:80:c3:8e:de:09:0c:e8:a5:97:8f:7f:38:99:8b:
                    8e:aa:ff:1a:bf:59:93:ef:73:9e:b3:fc:c8:a1:64:
                    81:3b:9d:19:38:ee:9e:02:c3:84:02:80:3c:1a:cf:
                    04:bd:02:ff:f4:3f:ab:c6:28:f8:de:65:6c:21:bd:
                    56:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:0A:68:DC:0B:90:0C:56:59:8F:33:AA:CF:0F:7A:73:84:42:33:AC
            X509v3 Authority Key Identifier:
                keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/Bwpo3AuQDFZZjzOqzw96c4RCM6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.143.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:cf:89:1e:55:ae:38:49:fc:20:70:35:3c:fe:20:74:ec:63:
         84:e5:90:9e:6e:99:72:75:2f:db:4b:67:bd:23:77:f4:52:dd:
         24:0b:17:e0:65:d5:a8:b1:db:b4:20:9f:7c:d5:0d:c5:0e:13:
         87:99:be:f9:af:96:5d:a4:0c:f4:bf:b5:96:17:35:66:e7:21:
         d5:fe:80:8b:de:cc:e0:b9:26:b7:aa:13:93:ea:00:ad:50:bd:
         f5:a0:fa:b9:24:6a:61:b8:80:9b:ad:d2:b8:9d:39:74:a8:23:
         d7:a3:3d:19:72:40:61:9b:9e:12:54:de:9a:30:1d:c2:0a:e8:
         70:ff:fa:c5:21:61:ce:5a:90:1f:da:98:25:ed:8d:94:4a:f8:
         30:f4:0b:a4:80:9e:97:c9:c9:f0:8b:0c:b7:5a:0b:d1:64:58:
         13:f2:8f:7f:0f:1a:ed:bf:09:83:2b:dd:93:ce:92:f5:28:0b:
         c0:b8:c6:47:a4:5b:cf:6a:11:b0:ba:66:f0:98:69:2d:81:e3:
         20:db:be:f5:c7:05:36:62:2b:69:71:4d:f7:29:91:a3:80:d7:
         bc:38:4f:8a:e8:32:48:52:94:5e:ab:d0:63:05:f4:c1:68:7c:
         0f:73:cd:bd:62:9d:2e:70:56:d6:84:ee:09:57:e1:47:2a:d0:
         57:fe:bf:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAvpK7chxDOFjdAsrgN8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjQwMTAyMDIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBhNjhkYzBiOTAwYzU2NTk4ZjMzYWFjZjBmN2E3Mzg0NDIzM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2fhOp7TrvuMA7CuVP74PAFZkEhQ
lYt6SZaQwayzsaBj/+JaAAtEvVsW9C5ZP5fTU1H7EtrUGTl826nmEeX4MylkWBrN
55IKBdBALcyI+WIvUfUiO/i73DoZGio7IwcDwmmM0joXi0rY4vVK2ODCszmrFPKl
rXbs7i7LA9b4yXK6ceTaWwJFm0htlpyxSNDQyOcAZnO0U+lElzlJKswAy5N7CpOX
wisCURWU50pLhnrL7Me7HkUkkOFQ5E2i9S9NVolbgMOO3gkM6KWXj384mYuOqv8a
v1mT73Oes/zIoWSBO50ZOO6eAsOEAoA8Gs8EvQL/9D+rxij43mVsIb1WWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcKaNwLkAxWWY8zqs8PenOEQjOsMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvQndwbzNBdVFERlpaanpPcXp3OTZjNFJDTTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT4+cMA0G
CSqGSIb3DQEBCwUAA4IBAQA0z4keVa44SfwgcDU8/iB07GOE5ZCebplydS/bS2e9
I3f0Ut0kCxfgZdWosdu0IJ981Q3FDhOHmb75r5ZdpAz0v7WWFzVm5yHV/oCL3szg
uSa3qhOT6gCtUL31oPq5JGphuICbrdK4nTl0qCPXoz0ZckBhm54SVN6aMB3CCuhw
//rFIWHOWpAf2pgl7Y2USvgw9AukgJ6Xycnwiwy3WgvRZFgT8o9/DxrtvwmDK92T
zpL1KAvAuMZHpFvPahGwumbwmGktgeMg2771xwU2YitpcU33KZGjgNe8OE+K6DJI
UpReq9BjBfTBaHwPc829Yp0ucFbWhO4JV+FHKtBX/r/5
-----END CERTIFICATE-----
Generated at Thu May 2 16:24:15 2024 by rpki-client on console-fra.rpki-client.org