Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa
File:                     O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa (raw, json)
Hash identifier:          XvRINtgGqUzW6Lkj+0R8yuHePRW4d5CVk5EGOMC79gQ=
Subject key identifier:   3B:F9:D6:5D:3C:69:E0:1E:D9:16:9C:04:AC:51:4B:BE:55:A0:12:12
Certificate issuer:       /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial:       018CC5DC4D9CC1ECBD15E6C8691EAD4482FB
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa
Signing time:             Mon 01 Jan 2024 16:29:58 +0000
ROA not before:           Mon 01 Jan 2024 16:29:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204031
IP address blocks:        146.255.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 13:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:4d:9c:c1:ec:bd:15:e6:c8:69:1e:ad:44:82:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
        Validity
            Not Before: Jan  1 16:29:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3bf9d65d3c69e01ed9169c04ac514bbe55a01212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:87:be:32:01:9d:07:24:64:14:5a:39:3d:8c:
                    c2:db:a0:3d:7c:b0:ea:a6:b5:6a:56:d0:5c:b8:ed:
                    a4:7d:81:12:91:6c:37:8f:88:06:15:1a:37:75:ff:
                    e1:ee:12:1d:05:d3:86:29:8d:ff:eb:fb:10:92:15:
                    9e:44:4b:4f:25:a7:c5:aa:37:83:67:1c:fd:4c:c3:
                    de:9d:da:ba:5f:4d:72:34:46:eb:a3:a8:2b:12:66:
                    96:13:f0:79:6e:a0:ba:a4:db:4a:22:a4:59:de:fe:
                    61:57:d4:7a:40:43:e4:81:ad:7e:8c:37:d1:5e:2a:
                    72:0e:a6:86:f6:af:35:3b:a2:e7:a1:92:bc:81:8b:
                    80:94:50:88:c9:a4:4a:30:b4:a8:09:fa:ea:04:3c:
                    60:ab:ff:7e:e7:4d:c4:09:d7:d7:92:13:b0:d7:69:
                    b4:35:db:4e:58:b9:7b:77:8b:92:78:03:4d:ee:d1:
                    ef:7c:b9:a8:47:7a:ce:b9:49:70:58:48:1e:74:2a:
                    50:be:77:02:f9:50:d6:c2:3c:a8:37:b1:86:4b:b8:
                    12:69:89:71:df:42:9f:1f:ad:02:a3:40:41:b4:11:
                    cd:e2:21:b3:99:3f:ff:d7:f9:d5:27:5f:6a:26:c3:
                    b3:92:d4:12:ef:0b:18:d2:8b:50:aa:63:26:5e:c2:
                    7f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:F9:D6:5D:3C:69:E0:1E:D9:16:9C:04:AC:51:4B:BE:55:A0:12:12
            X509v3 Authority Key Identifier:
                keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.255.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:95:6d:27:e5:10:b4:08:ba:a9:5c:ac:75:10:b1:b4:38:77:
         91:d5:00:57:d4:f1:a5:9c:64:8d:f5:95:e9:b4:fa:80:cf:37:
         fe:80:65:82:a3:18:f5:52:da:ae:f2:84:36:3b:dc:2a:e0:ad:
         15:cb:bd:87:14:da:97:db:47:ac:11:0d:67:8a:d9:17:94:32:
         74:77:57:da:d3:d4:8e:b8:97:8d:21:f3:22:9e:24:78:05:22:
         6f:7d:85:c0:e0:36:97:39:c2:98:e7:89:6a:51:ba:40:4c:ab:
         3d:0b:64:e7:5b:86:cc:ae:91:13:5f:07:28:2f:09:15:b0:f9:
         30:42:03:82:c7:c5:cd:29:5f:d6:6f:be:74:b5:b8:e0:c6:79:
         e3:9b:f3:d0:08:f8:8b:5a:13:09:05:fb:b2:1c:7f:48:65:13:
         cc:6f:c5:e9:43:60:79:7f:fe:c8:32:26:df:b3:23:fd:e3:93:
         32:c3:9b:9b:d5:e7:4f:e8:48:eb:e0:89:bf:21:fa:cd:99:45:
         ab:79:c5:f0:16:6b:43:93:69:79:24:fc:3b:8c:1f:fb:72:f7:
         95:57:10:d5:70:61:ce:d6:0b:a4:f3:0a:c4:0e:bb:1f:de:fe:
         02:45:96:3b:b1:fb:0b:cf:8e:ec:7c:2d:8e:c7:18:f3:66:fb:
         f3:54:da:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3E2cwey9FebIaR6tRIL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY5ZDY1ZDNjNjllMDFlZDkxNjljMDRhYzUxNGJiZTU1YTAxMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oe+MgGdByRkFFo5PYzC26A9fLDq
prVqVtBcuO2kfYESkWw3j4gGFRo3df/h7hIdBdOGKY3/6/sQkhWeREtPJafFqjeD
Zxz9TMPendq6X01yNEbro6grEmaWE/B5bqC6pNtKIqRZ3v5hV9R6QEPkga1+jDfR
XipyDqaG9q81O6LnoZK8gYuAlFCIyaRKMLSoCfrqBDxgq/9+503ECdfXkhOw12m0
NdtOWLl7d4uSeANN7tHvfLmoR3rOuUlwWEgedCpQvncC+VDWwjyoN7GGS7gSaYlx
30KfH60Co0BBtBHN4iGzmT//1/nVJ19qJsOzktQS7wsY0otQqmMmXsJ/RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDv51l08aeAe2RacBKxRS75VoBISMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvT19uV1hUeHA0QjdaRnB3RXJGRkx2bFdnRWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkv9MMA0G
CSqGSIb3DQEBCwUAA4IBAQA5lW0n5RC0CLqpXKx1ELG0OHeR1QBX1PGlnGSN9ZXp
tPqAzzf+gGWCoxj1Utqu8oQ2O9wq4K0Vy72HFNqX20esEQ1nitkXlDJ0d1fa09SO
uJeNIfMiniR4BSJvfYXA4DaXOcKY54lqUbpATKs9C2TnW4bMrpETXwcoLwkVsPkw
QgOCx8XNKV/Wb750tbjgxnnjm/PQCPiLWhMJBfuyHH9IZRPMb8XpQ2B5f/7IMibf
syP945Myw5ub1edP6Ejr4Im/IfrNmUWrecXwFmtDk2l5JPw7jB/7cveVVxDVcGHO
1guk8wrEDrsf3v4CRZY7sfsLz47sfC2OxxjzZvvzVNp2
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:13:02 2024 by rpki-client on console-ams.rpki-client.org