Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/RLUj9IzH2goeEW7s4Pb2PDoZL1E.roa
File:                     RLUj9IzH2goeEW7s4Pb2PDoZL1E.roa (raw, json)
Hash identifier:          IEMxuktKdbiQKqJGvE8uCT0Iw2GnYaN+QNT7RGryyrg=
Subject key identifier:   44:B5:23:F4:8C:C7:DA:0A:1E:11:6E:EC:E0:F6:F6:3C:3A:19:2F:51
Certificate issuer:       /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial:       018E1825B77430C83350F8829D44F51DAA57
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/RLUj9IzH2goeEW7s4Pb2PDoZL1E.roa
Signing time:             Thu 07 Mar 2024 09:01:48 +0000
ROA not before:           Thu 07 Mar 2024 09:01:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     216394
IP address blocks:        77.83.203.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 11 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:18:25:b7:74:30:c8:33:50:f8:82:9d:44:f5:1d:aa:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
        Validity
            Not Before: Mar  7 09:01:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44b523f48cc7da0a1e116eece0f6f63c3a192f51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:00:67:e7:ad:6e:96:e0:cb:b8:1a:55:b6:fb:
                    80:a6:48:65:ce:0c:be:c5:49:4b:26:f9:a5:f5:a8:
                    c6:b4:0d:2c:d3:0b:5a:b3:81:70:a3:75:9f:0f:fe:
                    73:49:b1:07:47:84:db:c4:67:73:5c:a8:a7:7b:43:
                    ea:07:c4:fe:87:4a:94:5c:4c:c1:46:2e:f2:32:28:
                    ae:b8:22:8e:c5:cf:1a:f6:b5:a0:a8:d5:ac:17:06:
                    ff:93:c3:7c:c9:44:3f:9e:10:a9:d6:ef:1b:a1:43:
                    ed:1c:09:c1:a4:63:42:6f:19:75:46:8c:32:5b:37:
                    d8:78:64:d4:14:3d:c1:bc:b6:77:51:6f:74:37:01:
                    03:f1:3a:19:ad:b7:7f:af:be:5d:62:01:1e:5b:40:
                    5a:80:4e:bc:40:0f:60:8f:e2:e8:fe:11:22:ee:61:
                    2e:b5:80:fe:98:c2:7a:0e:a0:c8:83:d2:c8:ef:c8:
                    b5:5d:c6:3c:47:2b:0a:bb:99:78:c6:2f:a7:af:fb:
                    1e:cb:b0:09:a8:44:aa:e1:9b:f4:be:d4:c8:e6:58:
                    37:08:7a:0f:58:33:cd:b7:a2:01:5d:32:42:40:1c:
                    23:01:e1:81:9f:15:e4:47:a4:89:58:cb:d4:71:f3:
                    d2:85:40:7a:de:0c:31:89:9c:0b:6f:16:20:e7:a8:
                    e9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B5:23:F4:8C:C7:DA:0A:1E:11:6E:EC:E0:F6:F6:3C:3A:19:2F:51
            X509v3 Authority Key Identifier:
                keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/RLUj9IzH2goeEW7s4Pb2PDoZL1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:aa:c0:a3:e2:c7:e6:14:eb:e7:24:8a:2d:f7:0b:f8:a8:74:
         03:03:fb:fc:5a:dc:e3:7f:b5:46:bc:3b:bd:8d:84:1c:8c:bf:
         15:56:a5:cb:fd:22:fb:11:41:18:46:92:d2:06:59:4e:67:44:
         84:3c:2b:0f:2d:9a:ee:f4:b1:9d:c1:2c:1c:de:dc:a7:a9:e3:
         fe:81:99:1f:dc:d2:ad:27:4c:a6:c4:dd:c4:6e:11:f9:6b:80:
         7d:42:24:43:12:05:c5:65:8e:22:f9:f2:66:ff:47:94:5c:e9:
         9c:71:32:48:ba:1a:30:44:64:06:33:f7:d3:a9:c2:e1:a8:58:
         60:3b:33:4c:a2:e7:3a:b7:e1:8a:6f:f1:63:3d:20:22:fa:46:
         f2:a9:81:20:65:d6:ba:56:1a:c0:63:e8:c7:47:e3:60:ef:5c:
         06:d8:14:15:5e:01:6c:2f:f9:9b:57:b4:4f:4f:da:db:c5:7c:
         a0:1d:79:84:6c:37:ad:e7:00:54:08:d4:96:8e:cb:28:d2:a6:
         e9:1d:54:03:c6:a9:85:f2:71:93:d7:f7:44:fe:14:31:6b:c3:
         66:c1:35:77:59:59:0c:0b:ac:05:a6:5b:ae:70:67:1a:d3:d0:
         7c:8c:5b:aa:f5:a0:f8:bd:4a:22:16:4a:33:96:33:dc:53:83:
         16:49:8c:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4YJbd0MMgzUPiCnUT1HapXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMzA3MDkwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI1MjNmNDhjYzdkYTBhMWUxMTZlZWNlMGY2ZjYzYzNhMTkyZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggBn561uluDLuBpVtvuApkhlzgy+
xUlLJvml9ajGtA0s0wtas4Fwo3WfD/5zSbEHR4TbxGdzXKine0PqB8T+h0qUXEzB
Ri7yMiiuuCKOxc8a9rWgqNWsFwb/k8N8yUQ/nhCp1u8boUPtHAnBpGNCbxl1Rowy
WzfYeGTUFD3BvLZ3UW90NwED8ToZrbd/r75dYgEeW0BagE68QA9gj+Lo/hEi7mEu
tYD+mMJ6DqDIg9LI78i1XcY8RysKu5l4xi+nr/sey7AJqESq4Zv0vtTI5lg3CHoP
WDPNt6IBXTJCQBwjAeGBnxXkR6SJWMvUcfPShUB63gwxiZwLbxYg56jp9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFES1I/SMx9oKHhFu7OD29jw6GS9RMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvUkxVajlJekgyZ29lRVc3czRQYjJQRG9aTDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVPLMA0G
CSqGSIb3DQEBCwUAA4IBAQBUqsCj4sfmFOvnJIot9wv4qHQDA/v8Wtzjf7VGvDu9
jYQcjL8VVqXL/SL7EUEYRpLSBllOZ0SEPCsPLZru9LGdwSwc3tynqeP+gZkf3NKt
J0ymxN3EbhH5a4B9QiRDEgXFZY4i+fJm/0eUXOmccTJIuhowRGQGM/fTqcLhqFhg
OzNMouc6t+GKb/FjPSAi+kbyqYEgZda6VhrAY+jHR+Ng71wG2BQVXgFsL/mbV7RP
T9rbxXygHXmEbDet5wBUCNSWjsso0qbpHVQDxqmF8nGT1/dE/hQxa8NmwTV3WVkM
C6wFpluucGca09B8jFuq9aD4vUoiFkozljPcU4MWSYwW
-----END CERTIFICATE-----
Generated at Mon Jun 10 21:33:13 2024 by rpki-client on console-fra.rpki-client.org