Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/mmHxUjBzz6OeDViACPRt1iyYyFQ.roa
File:                     mmHxUjBzz6OeDViACPRt1iyYyFQ.roa (raw, json)
Hash identifier:          F7nvFHHWUqgrTNQ/dn+w7/x8gVmeYjzPWTQsmpF+0Ak=
Subject key identifier:   9A:61:F1:52:30:73:CF:A3:9E:0D:58:80:08:F4:6D:D6:2C:98:C8:54
Certificate issuer:       /CN=b473167913af73e4f6374170c4f945f8b0dd7d64
Certificate serial:       018CC56ECD56DC5BE92591DC4E1239326EB7
Authority key identifier: B4:73:16:79:13:AF:73:E4:F6:37:41:70:C4:F9:45:F8:B0:DD:7D:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tHMWeROvc-T2N0FwxPlF-LDdfWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/mmHxUjBzz6OeDViACPRt1iyYyFQ.roa
Signing time:             Mon 01 Jan 2024 14:30:22 +0000
ROA not before:           Mon 01 Jan 2024 14:30:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50553
IP address blocks:        178.219.176.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/tHMWeROvc-T2N0FwxPlF-LDdfWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/tHMWeROvc-T2N0FwxPlF-LDdfWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tHMWeROvc-T2N0FwxPlF-LDdfWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 20:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:cd:56:dc:5b:e9:25:91:dc:4e:12:39:32:6e:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b473167913af73e4f6374170c4f945f8b0dd7d64
        Validity
            Not Before: Jan  1 14:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9a61f1523073cfa39e0d588008f46dd62c98c854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:72:7a:67:e4:b3:4c:b2:ba:41:e7:97:02:44:
                    43:4e:c5:e7:5f:c2:07:e2:dd:72:30:45:d5:8c:af:
                    eb:cf:fb:84:03:08:ef:d8:a0:35:41:69:31:82:e8:
                    bb:37:e1:71:5a:9d:dc:4f:10:6f:be:01:15:27:0e:
                    4f:fd:9d:cc:52:9c:18:b9:ac:de:3d:46:56:31:fd:
                    50:08:88:5e:37:44:87:fc:a0:3e:4a:18:1e:60:95:
                    41:69:6f:ed:f0:4a:1f:41:0e:47:b2:cc:c2:06:aa:
                    3c:d0:fb:87:88:9a:1a:78:30:4b:97:97:6f:af:b0:
                    25:68:9e:1a:d1:e3:f4:c0:13:de:95:53:15:e9:38:
                    dc:62:18:cb:c7:94:cc:f9:ad:0e:3c:28:4b:54:e8:
                    0a:07:0d:d4:fa:60:06:35:2d:e3:a2:5e:4f:39:09:
                    6e:80:78:f9:9f:6e:89:8c:74:18:54:2d:57:29:57:
                    ef:91:02:57:d1:d7:7a:64:42:d7:5a:56:f7:63:7b:
                    89:3e:9c:f2:9e:3b:19:f1:ea:c0:72:c3:48:63:9b:
                    64:11:ea:18:1c:cb:f2:e1:83:87:7b:6b:21:04:97:
                    2d:eb:ea:a2:64:70:d2:67:9e:3d:bf:23:ae:8e:45:
                    6a:78:1f:40:73:4f:c2:4f:e8:c4:da:e3:3f:0b:7d:
                    d7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:61:F1:52:30:73:CF:A3:9E:0D:58:80:08:F4:6D:D6:2C:98:C8:54
            X509v3 Authority Key Identifier:
                keyid:B4:73:16:79:13:AF:73:E4:F6:37:41:70:C4:F9:45:F8:B0:DD:7D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tHMWeROvc-T2N0FwxPlF-LDdfWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/mmHxUjBzz6OeDViACPRt1iyYyFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/e56d41-5bb8-4a91-a4f0-f86dcaad8c49/1/tHMWeROvc-T2N0FwxPlF-LDdfWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.219.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         64:70:c4:ed:54:b7:89:cf:0f:f6:36:47:23:8c:c2:6c:91:d3:
         4d:4f:ec:b3:43:98:de:29:2d:66:eb:bb:f2:6c:3c:f6:c8:8c:
         f2:d2:8b:dc:c0:06:ec:bd:84:dc:52:9c:3f:87:1b:b5:9e:89:
         9f:4b:12:aa:d5:39:ea:f1:7e:a5:10:0f:b7:a8:cc:38:9c:0e:
         df:96:07:b1:a5:cb:26:d8:4c:15:c8:f6:40:d4:cc:de:05:54:
         5e:72:1e:2b:79:c5:7e:14:89:94:d6:f6:36:ef:ff:77:37:7e:
         4d:15:0a:ae:f5:78:d8:23:90:cd:f4:d1:97:a5:eb:b7:b0:da:
         32:8f:d3:d6:0d:d0:c4:e5:dc:d1:72:4f:5d:ff:39:e8:a3:27:
         1d:20:e6:cb:68:51:98:99:d8:bd:75:f5:8a:08:a7:36:1d:87:
         97:58:d4:f1:54:7c:4a:aa:bc:d2:8f:a2:8a:0d:a2:0a:43:e1:
         d7:13:79:12:a8:aa:63:f2:ee:1a:de:4c:84:d3:87:5a:83:71:
         8c:02:df:a3:84:de:1c:5c:30:8e:b5:cb:6a:7f:50:8b:24:52:
         10:20:53:ce:17:19:5c:1c:38:da:5f:ee:da:9f:39:4c:72:29:
         51:35:25:cc:8d:3a:7f:c7:67:b6:ed:73:b7:0c:f8:12:3f:83:
         90:ad:6a:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbs1W3FvpJZHcThI5Mm63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NzMxNjc5MTNhZjczZTRmNjM3NDE3MGM0Zjk0NWY4YjBk
ZDdkNjQwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYxZjE1MjMwNzNjZmEzOWUwZDU4ODAwOGY0NmRkNjJjOThjODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnJ6Z+SzTLK6QeeXAkRDTsXnX8IH
4t1yMEXVjK/rz/uEAwjv2KA1QWkxgui7N+FxWp3cTxBvvgEVJw5P/Z3MUpwYuaze
PUZWMf1QCIheN0SH/KA+ShgeYJVBaW/t8EofQQ5HsszCBqo80PuHiJoaeDBLl5dv
r7AlaJ4a0eP0wBPelVMV6TjcYhjLx5TM+a0OPChLVOgKBw3U+mAGNS3jol5POQlu
gHj5n26JjHQYVC1XKVfvkQJX0dd6ZELXWlb3Y3uJPpzynjsZ8erAcsNIY5tkEeoY
HMvy4YOHe2shBJct6+qiZHDSZ549vyOujkVqeB9Ac0/CT+jE2uM/C33X7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJph8VIwc8+jng1YgAj0bdYsmMhUMB8GA1UdIwQY
MBaAFLRzFnkTr3Pk9jdBcMT5Rfiw3X1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEhNV2VST3ZjLVQyTjBGd3hQbEYtTERkZldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9lNTZkNDEtNWJiOC00YTkxLWE0ZjAt
Zjg2ZGNhYWQ4YzQ5LzEvbW1IeFVqQnp6Nk9lRFZpQUNQUnQxaXlZeUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9lNTZkNDEtNWJiOC00YTkxLWE0ZjAtZjg2ZGNhYWQ4YzQ5
LzEvdEhNV2VST3ZjLVQyTjBGd3hQbEYtTERkZldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstuwMA0G
CSqGSIb3DQEBCwUAA4IBAQBkcMTtVLeJzw/2NkcjjMJskdNNT+yzQ5jeKS1m67vy
bDz2yIzy0ovcwAbsvYTcUpw/hxu1nomfSxKq1Tnq8X6lEA+3qMw4nA7flgexpcsm
2EwVyPZA1MzeBVRech4recV+FImU1vY27/93N35NFQqu9XjYI5DN9NGXpeu3sNoy
j9PWDdDE5dzRck9d/znooycdIObLaFGYmdi9dfWKCKc2HYeXWNTxVHxKqrzSj6KK
DaIKQ+HXE3kSqKpj8u4a3kyE04dag3GMAt+jhN4cXDCOtctqf1CLJFIQIFPOFxlc
HDjaX+7anzlMcilRNSXMjTp/x2e27XO3DPgSP4OQrWoT
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:17:26 2024 by rpki-client on console-ams.rpki-client.org