Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa
File:                     sCw9SpNl50PgkY00gehoXHS4tXs.roa (raw, json)
Hash identifier:          KL676s77pRP5v8Z/2Bn3ScO1U46zXBuvpZijZ+KullI=
Subject key identifier:   B0:2C:3D:4A:93:65:E7:43:E0:91:8D:34:81:E8:68:5C:74:B8:B5:7B
Certificate issuer:       /CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
Certificate serial:       018E0480B7E9DF122C87EB61303DAB94356E
Authority key identifier: 1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa
Signing time:             Sun 03 Mar 2024 13:28:48 +0000
ROA not before:           Sun 03 Mar 2024 13:28:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     19905
IP address blocks:        46.143.172.0/22 maxlen: 22
                          46.143.172.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:04:80:b7:e9:df:12:2c:87:eb:61:30:3d:ab:94:35:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e8d205c798ed78f3c44ca0c8f2852e8bec8eaa2
        Validity
            Not Before: Mar  3 13:28:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b02c3d4a9365e743e0918d3481e8685c74b8b57b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:84:5b:f4:87:65:db:90:9f:f5:d6:71:4a:ed:
                    f2:5d:d1:98:b1:2e:6c:41:17:9d:9d:0e:51:12:e1:
                    2d:42:9e:df:67:c4:72:85:79:9a:e2:d1:98:d4:2f:
                    0f:11:29:a7:3d:d0:29:ad:26:38:86:ca:0b:c1:59:
                    7b:cc:ae:a9:76:00:ec:ac:f7:c3:24:f2:b4:ad:26:
                    1b:df:3e:35:a7:eb:26:22:46:d4:05:33:9c:97:bc:
                    31:db:f8:2c:40:41:5e:0b:d4:d1:bf:62:47:b5:36:
                    0f:63:3f:e2:2e:85:7b:c4:3c:7b:ec:de:45:be:7e:
                    42:e9:f4:0f:9f:23:c6:73:e9:03:31:8a:d0:4b:83:
                    d1:b8:d8:60:a1:f1:74:66:77:3e:e5:f2:0b:19:d3:
                    01:3d:24:fc:9d:31:44:42:e4:f2:e7:19:49:27:2f:
                    b4:b8:a5:4c:c4:b8:9c:b4:0c:34:a6:9e:10:87:bb:
                    1c:6b:bb:b7:fb:8b:94:3c:93:7d:84:e2:bc:36:2e:
                    f2:76:29:82:24:24:c8:13:87:fd:a9:3e:cd:9b:ca:
                    e2:8c:1d:11:89:2f:1b:74:ac:c3:f6:17:be:00:0b:
                    e9:7a:07:43:6c:84:1f:f4:af:7b:52:56:5a:6d:5d:
                    a5:a8:92:6a:c7:07:e2:b9:cb:6f:de:b6:f2:d6:b3:
                    84:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:2C:3D:4A:93:65:E7:43:E0:91:8D:34:81:E8:68:5C:74:B8:B5:7B
            X509v3 Authority Key Identifier:
                keyid:1E:8D:20:5C:79:8E:D7:8F:3C:44:CA:0C:8F:28:52:E8:BE:C8:EA:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ho0gXHmO1488RMoMjyhS6L7I6qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/sCw9SpNl50PgkY00gehoXHS4tXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/298898-7454-402b-81e9-ee1bd344f015/1/Ho0gXHmO1488RMoMjyhS6L7I6qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:3c:f8:a3:a3:c9:59:18:d5:a7:25:1c:b0:88:3b:a8:c4:b7:
         91:33:98:e7:2f:86:d4:5b:71:f7:7c:b9:c6:19:0c:b8:94:0c:
         08:6c:18:ee:e9:6c:fa:c7:17:8d:7d:92:8f:8e:6b:dd:ea:d0:
         52:cb:63:b6:b3:47:d9:16:2e:09:70:bd:01:4b:7e:08:2b:41:
         3f:3e:47:62:f6:1c:47:85:be:71:83:86:80:96:8f:aa:d1:30:
         f7:37:08:69:7a:c1:34:ff:28:f9:96:4c:8b:84:0e:4f:6e:24:
         da:5b:11:5e:e6:f4:74:a8:0a:61:7d:24:e6:0e:8c:a4:9c:fa:
         6e:c6:20:6a:27:c4:a8:19:a9:08:b9:32:db:af:ff:ab:73:81:
         b2:98:78:2b:07:e8:57:cd:d4:b3:05:95:d1:81:5b:de:22:68:
         bd:12:0f:cc:fd:cc:d0:9e:f9:4e:73:33:90:2c:af:52:10:04:
         15:98:08:73:2d:58:d1:20:b9:60:5f:da:08:58:70:e0:bc:3e:
         fb:3f:05:0a:b7:d8:1d:3d:80:dc:35:77:80:06:04:2d:9c:64:
         57:3a:a8:c6:58:e0:ca:a2:62:d8:f8:f2:b8:26:9e:0a:56:09:
         ce:78:72:12:63:7b:cb:d5:03:e8:2b:d4:37:05:a0:c3:61:0d:
         67:e5:a2:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4EgLfp3xIsh+thMD2rlDVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGQyMDVjNzk4ZWQ3OGYzYzQ0Y2EwYzhmMjg1MmU4YmVj
OGVhYTIwHhcNMjQwMzAzMTMyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDJjM2Q0YTkzNjVlNzQzZTA5MThkMzQ4MWU4Njg1Yzc0YjhiNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYRb9Idl25Cf9dZxSu3yXdGYsS5s
QRednQ5REuEtQp7fZ8RyhXma4tGY1C8PESmnPdAprSY4hsoLwVl7zK6pdgDsrPfD
JPK0rSYb3z41p+smIkbUBTOcl7wx2/gsQEFeC9TRv2JHtTYPYz/iLoV7xDx77N5F
vn5C6fQPnyPGc+kDMYrQS4PRuNhgofF0Znc+5fILGdMBPST8nTFEQuTy5xlJJy+0
uKVMxLictAw0pp4Qh7sca7u3+4uUPJN9hOK8Ni7ydimCJCTIE4f9qT7Nm8rijB0R
iS8bdKzD9he+AAvpegdDbIQf9K97UlZabV2lqJJqxwfiuctv3rby1rOEqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAsPUqTZedD4JGNNIHoaFx0uLV7MB8GA1UdIwQY
MBaAFB6NIFx5jtePPETKDI8oUui+yOqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTkt
ZWUxYmQzNDRmMDE1LzEvc0N3OVNwTmw1MFBna1kwMGdlaG9YSFM0dFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yOTg4OTgtNzQ1NC00MDJiLTgxZTktZWUxYmQzNDRmMDE1
LzEvSG8wZ1hIbU8xNDg4Uk1vTWp5aFM2TDdJNnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLo+sMA0G
CSqGSIb3DQEBCwUAA4IBAQAIPPijo8lZGNWnJRywiDuoxLeRM5jnL4bUW3H3fLnG
GQy4lAwIbBju6Wz6xxeNfZKPjmvd6tBSy2O2s0fZFi4JcL0BS34IK0E/Pkdi9hxH
hb5xg4aAlo+q0TD3NwhpesE0/yj5lkyLhA5PbiTaWxFe5vR0qAphfSTmDoyknPpu
xiBqJ8SoGakIuTLbr/+rc4GymHgrB+hXzdSzBZXRgVveImi9Eg/M/czQnvlOczOQ
LK9SEAQVmAhzLVjRILlgX9oIWHDgvD77PwUKt9gdPYDcNXeABgQtnGRXOqjGWODK
omLY+PK4Jp4KVgnOeHISY3vL1QPoK9Q3BaDDYQ1n5aI2
-----END CERTIFICATE-----
Generated at Thu May 2 13:20:16 2024 by rpki-client on console-fra.rpki-client.org