Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/9n6-SJFTsBIvcEfgofm7iSm4fQg.roa
File:                     9n6-SJFTsBIvcEfgofm7iSm4fQg.roa (raw, json)
Hash identifier:          wpUNmEjFNhcOO37nejg3EP+quL2NORiHwISN+2vJ2RY=
Subject key identifier:   F6:7E:BE:48:91:53:B0:12:2F:70:47:E0:A1:F9:BB:89:29:B8:7D:08
Certificate issuer:       /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial:       018CC2DB0FFEDF235C2F95098FE6463825DB
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/9n6-SJFTsBIvcEfgofm7iSm4fQg.roa
Signing time:             Mon 01 Jan 2024 02:29:45 +0000
ROA not before:           Mon 01 Jan 2024 02:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206804
IP address blocks:        176.96.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:0f:fe:df:23:5c:2f:95:09:8f:e6:46:38:25:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
        Validity
            Not Before: Jan  1 02:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f67ebe489153b0122f7047e0a1f9bb8929b87d08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:56:3f:30:a6:13:80:10:c5:48:a5:04:88:21:
                    9c:6b:ae:f3:bc:0e:62:c1:44:bd:f1:2e:60:62:bc:
                    77:d4:81:38:24:bb:35:2a:71:3d:de:7b:2c:9d:f4:
                    bb:ff:94:e3:b8:b3:e0:63:13:49:21:11:d9:f5:ed:
                    1f:21:2e:59:40:cd:80:9b:58:16:3d:c5:1a:e7:1b:
                    1a:38:26:70:97:e0:2b:08:c1:c2:f6:a1:61:e0:e0:
                    33:9e:14:f9:5e:3a:4c:13:af:a9:9b:2e:42:b8:69:
                    ac:51:4c:6d:9f:93:79:d5:ec:cd:87:94:6a:b6:10:
                    ba:25:13:9d:88:84:cf:d3:d5:3f:d1:c5:0a:b9:ae:
                    fb:07:27:1c:e0:0c:8e:61:47:72:56:30:1e:00:1d:
                    28:46:70:f6:1e:da:0f:90:cc:f0:81:5e:92:56:37:
                    36:5e:86:3e:5e:43:8f:b0:6f:c5:20:7f:7c:c7:1b:
                    1f:10:0d:99:d7:06:2f:16:69:5e:3f:8e:37:34:b7:
                    87:c1:74:ef:4e:9f:f9:00:c6:10:d0:5a:be:83:f9:
                    ce:d5:7d:98:df:20:55:0b:d0:21:3a:19:d3:72:15:
                    99:13:3a:61:5c:77:f9:33:70:89:f3:6b:a0:fd:5f:
                    dc:63:ca:2d:03:8a:c6:bd:f9:17:30:3c:e8:fd:0c:
                    29:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:7E:BE:48:91:53:B0:12:2F:70:47:E0:A1:F9:BB:89:29:B8:7D:08
            X509v3 Authority Key Identifier:
                keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/9n6-SJFTsBIvcEfgofm7iSm4fQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.96.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:bd:e6:6a:93:52:26:a0:ee:3f:2b:fa:a0:35:1f:65:d5:2e:
         5a:d4:18:3c:9a:9e:1c:73:5d:cc:0d:2b:68:17:4d:0e:a5:36:
         cd:0c:27:af:a4:6c:30:4f:f2:fd:5b:8c:e6:f3:ca:2e:d2:0b:
         c0:a6:db:ef:5a:37:b7:75:15:18:1d:de:53:bd:97:98:b3:8e:
         56:ba:f1:c2:8e:88:d3:8b:2c:7f:e7:fa:69:01:f9:c1:21:3a:
         ca:98:67:cc:4a:23:51:4c:9b:da:12:84:00:21:b0:69:ce:b8:
         73:32:b2:e0:c5:55:66:9e:25:2d:e8:ba:3e:22:05:e1:4e:2c:
         b5:c0:f6:52:74:e6:94:22:39:62:af:f2:f2:a2:61:e4:74:dc:
         a5:42:c4:5a:61:47:c8:dd:a8:4b:2a:31:5f:59:ca:ef:67:cd:
         58:c3:18:9e:cb:af:c7:59:cc:54:84:7d:22:0c:f7:2d:4d:b0:
         f4:27:21:5a:1a:06:b9:f7:58:80:88:00:20:2f:c7:8e:1b:27:
         2b:70:2c:a1:e9:c7:db:8c:b9:dc:8c:7b:ed:67:1b:f2:0f:a1:
         31:f2:99:d6:3f:ed:72:f3:4f:36:22:b9:90:ce:10:28:9a:58:
         5b:6c:c9:d2:82:ff:fb:91:8e:f0:a4:d9:bf:80:1a:a6:b5:c9:
         ce:0e:20:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2w/+3yNcL5UJj+ZGOCXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdlYmU0ODkxNTNiMDEyMmY3MDQ3ZTBhMWY5YmI4OTI5Yjg3ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVY/MKYTgBDFSKUEiCGca67zvA5i
wUS98S5gYrx31IE4JLs1KnE93nssnfS7/5TjuLPgYxNJIRHZ9e0fIS5ZQM2Am1gW
PcUa5xsaOCZwl+ArCMHC9qFh4OAznhT5XjpME6+pmy5CuGmsUUxtn5N51ezNh5Rq
thC6JROdiITP09U/0cUKua77Bycc4AyOYUdyVjAeAB0oRnD2HtoPkMzwgV6SVjc2
XoY+XkOPsG/FIH98xxsfEA2Z1wYvFmleP443NLeHwXTvTp/5AMYQ0Fq+g/nO1X2Y
3yBVC9AhOhnTchWZEzphXHf5M3CJ82ug/V/cY8otA4rGvfkXMDzo/Qwp7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZ+vkiRU7ASL3BH4KH5u4kpuH0IMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvOW42LVNKRlRzQkl2Y0VmZ29mbTdpU200ZlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGDiMA0G
CSqGSIb3DQEBCwUAA4IBAQBtveZqk1ImoO4/K/qgNR9l1S5a1Bg8mp4cc13MDSto
F00OpTbNDCevpGwwT/L9W4zm88ou0gvAptvvWje3dRUYHd5TvZeYs45WuvHCjojT
iyx/5/ppAfnBITrKmGfMSiNRTJvaEoQAIbBpzrhzMrLgxVVmniUt6Lo+IgXhTiy1
wPZSdOaUIjlir/LyomHkdNylQsRaYUfI3ahLKjFfWcrvZ81Ywxiey6/HWcxUhH0i
DPctTbD0JyFaGga591iAiAAgL8eOGycrcCyh6cfbjLncjHvtZxvyD6Ex8pnWP+1y
8082IrmQzhAomlhbbMnSgv/7kY7wpNm/gBqmtcnODiBX
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:37 2024 by rpki-client on console-ams.rpki-client.org