Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/1mzNiovqahlxWyLWFoCOPl4aJ5U.roa
File:                     1mzNiovqahlxWyLWFoCOPl4aJ5U.roa (raw, json)
Hash identifier:          NsevijZy+88haLvAtwDS6XgHJvNywoBsoGFNjxmM6Og=
Subject key identifier:   D6:6C:CD:8A:8B:EA:6A:19:71:5B:22:D6:16:80:8E:3E:5E:1A:27:95
Certificate issuer:       /CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
Certificate serial:       018CC8025BDE2BEDE165823361782F28F054
Authority key identifier: C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/1mzNiovqahlxWyLWFoCOPl4aJ5U.roa
Signing time:             Tue 02 Jan 2024 02:30:46 +0000
ROA not before:           Tue 02 Jan 2024 02:30:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2200
IP address blocks:        141.115.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xaH7W7wvqFcePV-MrkGWqNfpbDU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xaH7W7wvqFcePV-MrkGWqNfpbDU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 07:03:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:5b:de:2b:ed:e1:65:82:33:61:78:2f:28:f0:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
        Validity
            Not Before: Jan  2 02:30:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d66ccd8a8bea6a19715b22d616808e3e5e1a2795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6a:86:d3:a6:64:08:46:0a:0c:b7:3c:6b:52:
                    cc:30:a3:52:fb:44:61:10:ea:94:7b:79:56:8b:66:
                    53:a7:48:9d:ef:d1:5b:04:8c:58:f6:3f:6b:bd:b1:
                    c3:58:18:23:10:98:cc:c7:ce:91:ea:96:48:40:8c:
                    a7:e3:82:be:3e:67:3c:ce:27:1d:28:09:69:8f:9b:
                    16:d7:da:27:af:32:ff:85:0f:7e:96:2d:01:0d:01:
                    ec:d4:12:05:8e:a3:75:90:84:84:65:87:c0:b3:2d:
                    99:88:1e:04:f7:c4:0f:90:a1:f0:d7:75:cc:f0:6d:
                    eb:a6:9f:05:fe:58:dd:b2:9d:37:95:8f:f9:2a:73:
                    97:21:73:86:41:81:c4:bf:7a:1b:a2:02:a9:aa:b4:
                    d5:f1:71:d4:e6:be:5c:93:12:10:51:96:e0:7f:14:
                    90:c5:72:cd:cb:10:13:d2:f3:48:95:b8:61:4b:7b:
                    f4:74:7b:b7:3d:ec:ef:55:7d:5d:7c:c7:b6:1e:f5:
                    bf:54:58:2a:06:0e:72:44:61:46:07:38:4c:b9:80:
                    e4:8a:fa:e6:48:00:19:0a:74:a0:1a:be:ad:64:05:
                    7b:30:75:69:01:dd:09:7c:2f:c2:22:ba:37:70:c5:
                    38:ea:61:87:97:00:91:3a:31:62:7e:32:a1:1f:d3:
                    2d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6C:CD:8A:8B:EA:6A:19:71:5B:22:D6:16:80:8E:3E:5E:1A:27:95
            X509v3 Authority Key Identifier:
                keyid:C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/1mzNiovqahlxWyLWFoCOPl4aJ5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xaH7W7wvqFcePV-MrkGWqNfpbDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.115.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         55:82:02:ce:79:bb:65:61:ec:e2:92:1e:52:40:b5:03:a0:6d:
         02:a3:f1:e5:ff:3a:82:8d:ca:b1:1e:37:27:cc:94:85:d7:27:
         a2:c0:44:30:4a:d9:f0:30:e5:22:01:1f:7d:15:71:d3:87:dc:
         54:6a:67:7d:3a:77:33:1c:bd:b5:fe:10:63:fb:49:81:68:ac:
         62:20:fa:4f:fb:bb:ca:3e:3c:95:c1:90:84:1f:3b:e0:a8:e5:
         2a:75:e6:81:34:40:fb:54:17:79:63:5c:d7:de:cd:c8:ab:32:
         36:de:fa:fc:94:a5:17:56:4c:02:54:8b:3c:69:b2:f4:00:79:
         95:85:a8:6b:40:cd:4d:16:30:08:ff:d1:3d:56:e5:81:04:3f:
         8d:b6:98:27:58:a7:cf:6d:c5:d3:d1:c3:57:66:db:80:8a:58:
         de:1e:e6:75:04:fc:bc:2b:43:f7:5f:26:c0:cb:ec:6a:84:1c:
         34:59:7f:03:bd:fb:00:2a:6e:8b:d4:b1:64:14:b4:86:69:c4:
         10:84:a8:89:68:95:67:4d:db:83:d7:3b:14:36:d5:5b:7c:98:
         fb:49:45:18:90:32:67:22:2a:23:18:79:cd:02:73:40:27:34:
         27:07:f9:5a:b8:ba:9c:a9:cc:24:55:f7:44:97:f9:08:73:e0:
         c4:60:28:cd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzIAlveK+3hZYIzYXgvKPBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTFmYjViYmMyZmE4NTcxZTNkNWY4Y2FlNDE5NmE4ZDdl
OTZjMzUwHhcNMjQwMTAyMDIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZjY2Q4YThiZWE2YTE5NzE1YjIyZDYxNjgwOGUzZTVlMWEyNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGqG06ZkCEYKDLc8a1LMMKNS+0Rh
EOqUe3lWi2ZTp0id79FbBIxY9j9rvbHDWBgjEJjMx86R6pZIQIyn44K+Pmc8zicd
KAlpj5sW19onrzL/hQ9+li0BDQHs1BIFjqN1kISEZYfAsy2ZiB4E98QPkKHw13XM
8G3rpp8F/ljdsp03lY/5KnOXIXOGQYHEv3obogKpqrTV8XHU5r5ckxIQUZbgfxSQ
xXLNyxAT0vNIlbhhS3v0dHu3PezvVX1dfMe2HvW/VFgqBg5yRGFGBzhMuYDkivrm
SAAZCnSgGr6tZAV7MHVpAd0JfC/CIro3cMU46mGHlwCROjFifjKhH9MtgQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNZszYqL6moZcVsi1haAjj5eGieVMB8GA1UdIwQY
MBaAFMWh+1u8L6hXHj1fjK5BlqjX6Ww1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFIN1c3d3ZxRmNlUFYtTXJrR1dxTmZwYkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kZWI3MGQtMWZmZC00ZGEwLWEwOTct
ZDhhMGI0MWY0NmU4LzEvMW16TmlvdnFhaGx4V3lMV0ZvQ09QbDRhSjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kZWI3MGQtMWZmZC00ZGEwLWEwOTctZDhhMGI0MWY0NmU4
LzEveGFIN1c3d3ZxRmNlUFYtTXJrR1dxTmZwYkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjXMwDQYJ
KoZIhvcNAQELBQADggEBAFWCAs55u2Vh7OKSHlJAtQOgbQKj8eX/OoKNyrEeNyfM
lIXXJ6LARDBK2fAw5SIBH30VcdOH3FRqZ306dzMcvbX+EGP7SYForGIg+k/7u8o+
PJXBkIQfO+Co5Sp15oE0QPtUF3ljXNfezcirMjbe+vyUpRdWTAJUizxpsvQAeZWF
qGtAzU0WMAj/0T1W5YEEP422mCdYp89txdPRw1dm24CKWN4e5nUE/LwrQ/dfJsDL
7GqEHDRZfwO9+wAqbovUsWQUtIZpxBCEqIlolWdN24PXOxQ21Vt8mPtJRRiQMmci
KiMYec0Cc0AnNCcH+Vq4upypzCRV90SX+Qhz4MRgKM0=
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:01:18 2024 by rpki-client on console-ams.rpki-client.org