Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/toEr3wVzp5iVZM-ibHGTB5by198.roa
File:                     toEr3wVzp5iVZM-ibHGTB5by198.roa (raw, json)
Hash identifier:          RVvyNAbmJ6I5NBT/89G2AFJsIRViGNJa+EQ1J134eCs=
Subject key identifier:   B6:81:2B:DF:05:73:A7:98:95:64:CF:A2:6C:71:93:07:96:F2:D7:DF
Certificate issuer:       /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial:       0192DDF2ACCD52A548DCD4F3E5FCE350A03B
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/toEr3wVzp5iVZM-ibHGTB5by198.roa
Signing time:             Wed 30 Oct 2024 15:02:01 +0000
ROA not before:           Wed 30 Oct 2024 15:02:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51765
IP address blocks:        5.180.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 12:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:dd:f2:ac:cd:52:a5:48:dc:d4:f3:e5:fc:e3:50:a0:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
        Validity
            Not Before: Oct 30 15:02:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b6812bdf0573a7989564cfa26c71930796f2d7df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:31:7c:16:91:6c:8d:7a:9d:86:98:2e:bb:ae:
                    96:fe:c6:be:40:37:49:6e:b0:46:7e:d9:d0:8d:14:
                    3a:85:36:83:14:da:03:17:9b:66:27:ce:07:75:a6:
                    e1:3a:09:b2:e2:5b:7c:f6:c3:88:97:8c:1d:3d:9a:
                    e4:04:18:3c:79:38:71:06:5f:98:81:55:c5:04:8d:
                    ca:60:1e:8c:a9:c1:e8:c9:c3:7a:b7:6c:7f:42:9f:
                    e5:04:c9:5d:a2:c6:19:f7:06:f5:f8:bb:8f:f9:b1:
                    8d:66:a8:d7:91:8c:b6:ab:a8:41:88:16:41:7a:ac:
                    3d:e0:02:a1:5e:16:cb:02:d1:e6:02:45:d1:9e:40:
                    09:c6:53:c6:48:e0:68:1e:a5:62:ad:ba:0c:a9:be:
                    98:15:18:bc:7d:72:e1:5a:2c:41:b3:25:f0:85:86:
                    b0:c0:6e:f1:3f:1a:49:28:71:0e:9a:f3:aa:ee:9a:
                    25:f1:c7:02:d8:5f:6b:aa:b5:e4:11:35:1c:45:d5:
                    8e:2a:83:2c:0b:a7:2e:bd:05:db:46:4f:b1:93:eb:
                    76:75:09:88:ab:40:f9:15:ec:ea:19:0a:49:c0:14:
                    1f:9f:b8:ed:9e:a6:9d:a5:2d:56:ce:24:b7:8f:65:
                    60:9e:81:0e:da:ff:a6:e5:63:30:35:bc:18:81:7b:
                    38:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:81:2B:DF:05:73:A7:98:95:64:CF:A2:6C:71:93:07:96:F2:D7:DF
            X509v3 Authority Key Identifier:
                keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/toEr3wVzp5iVZM-ibHGTB5by198.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:60:44:8e:d6:c1:ae:14:d5:ec:e4:9a:0b:46:dc:18:17:de:
         b0:85:5a:0d:70:c9:f6:bc:d5:c2:6c:8c:ac:00:42:38:76:d2:
         ad:7e:4c:49:4f:d3:4c:12:91:aa:3e:77:b3:49:ba:00:ac:27:
         32:fa:7b:b2:a1:bc:22:d4:e5:43:57:9d:d8:bc:1d:46:2e:3e:
         e9:66:23:50:a0:53:1b:e6:db:ff:25:ce:d9:25:fa:7b:dd:10:
         30:0e:7b:00:52:1f:4d:80:9d:90:3f:b2:e4:b7:e4:7a:bf:eb:
         3f:24:de:c9:4c:eb:19:a9:e5:ab:e8:3f:10:bd:55:4c:3f:b4:
         8e:3a:9e:2a:4e:54:be:f7:1d:c8:24:4c:f9:77:88:50:15:c9:
         a3:4f:01:ea:dc:bc:e8:dc:13:8d:94:4f:1d:2b:cf:5d:78:d2:
         8b:63:a6:e2:d9:fe:5b:df:c7:02:1c:c9:57:4f:ba:04:e6:52:
         89:e4:c9:4f:85:2c:6a:07:da:d4:41:59:fb:7c:a1:e2:b1:05:
         f6:e2:e2:9c:76:0d:2f:3d:f8:ab:40:57:d3:75:a2:0d:00:80:
         0d:25:b3:2d:f1:c4:11:0b:3d:25:b1:78:14:37:d7:75:89:77:
         ca:f1:f0:b5:24:8f:17:4c:a0:ad:ed:d4:da:58:8e:cf:21:d6:
         fc:a5:2a:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLd8qzNUqVI3NTz5fzjUKA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjQxMDMwMTUwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjgxMmJkZjA1NzNhNzk4OTU2NGNmYTI2YzcxOTMwNzk2ZjJkN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjF8FpFsjXqdhpguu66W/sa+QDdJ
brBGftnQjRQ6hTaDFNoDF5tmJ84HdabhOgmy4lt89sOIl4wdPZrkBBg8eThxBl+Y
gVXFBI3KYB6MqcHoycN6t2x/Qp/lBMldosYZ9wb1+LuP+bGNZqjXkYy2q6hBiBZB
eqw94AKhXhbLAtHmAkXRnkAJxlPGSOBoHqVirboMqb6YFRi8fXLhWixBsyXwhYaw
wG7xPxpJKHEOmvOq7pol8ccC2F9rqrXkETUcRdWOKoMsC6cuvQXbRk+xk+t2dQmI
q0D5FezqGQpJwBQfn7jtnqadpS1WziS3j2VgnoEO2v+m5WMwNbwYgXs42QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLaBK98Fc6eYlWTPomxxkweW8tffMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvdG9FcjN3VnpwNWlWWk0taWJIR1RCNWJ5MTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbSaMA0G
CSqGSIb3DQEBCwUAA4IBAQBeYESO1sGuFNXs5JoLRtwYF96whVoNcMn2vNXCbIys
AEI4dtKtfkxJT9NMEpGqPnezSboArCcy+nuyobwi1OVDV53YvB1GLj7pZiNQoFMb
5tv/Jc7ZJfp73RAwDnsAUh9NgJ2QP7Lkt+R6v+s/JN7JTOsZqeWr6D8QvVVMP7SO
Op4qTlS+9x3IJEz5d4hQFcmjTwHq3Lzo3BONlE8dK89deNKLY6bi2f5b38cCHMlX
T7oE5lKJ5MlPhSxqB9rUQVn7fKHisQX24uKcdg0vPfirQFfTdaINAIANJbMt8cQR
Cz0lsXgUN9d1iXfK8fC1JI8XTKCt7dTaWI7PIdb8pSoG
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:51:08 2024 by rpki-client on console-ams.rpki-client.org