Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/as0Cls6qEjlAuwZ2MkghNSj8MRA.roa
File:                     as0Cls6qEjlAuwZ2MkghNSj8MRA.roa (raw, json)
Hash identifier:          w4gMOD5rL/GnPb6KcQMXyAGUMTbwgGamA2JXHRCU/jI=
Subject key identifier:   6A:CD:02:96:CE:AA:12:39:40:BB:06:76:32:48:21:35:28:FC:31:10
Certificate issuer:       /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial:       0190EF74C1B6E93A2E3DFB249AE6027E9693
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/as0Cls6qEjlAuwZ2MkghNSj8MRA.roa
Signing time:             Fri 26 Jul 2024 14:32:04 +0000
ROA not before:           Fri 26 Jul 2024 14:32:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12541
IP address blocks:        158.172.140.0/23 maxlen: 23
                          158.172.142.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ef:74:c1:b6:e9:3a:2e:3d:fb:24:9a:e6:02:7e:96:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
        Validity
            Not Before: Jul 26 14:32:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6acd0296ceaa123940bb06763248213528fc3110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b6:64:2b:e9:25:d6:ee:f9:a6:62:2b:5d:02:
                    c0:12:b9:fb:62:f2:45:07:34:fe:f5:a8:56:35:78:
                    ba:49:77:2c:8e:8a:d3:e5:2b:92:1b:fb:32:4e:db:
                    81:32:e6:04:e4:8a:4d:df:c6:2a:c5:3d:a2:25:e8:
                    bd:0a:bd:35:bf:a6:3f:cb:41:3b:70:63:5e:92:08:
                    d8:2a:1f:48:1c:52:49:62:44:60:c0:f2:f1:d5:7c:
                    a0:79:74:ab:48:9d:1d:04:92:79:39:3c:08:3c:7b:
                    e1:db:85:ba:f6:76:7a:4a:3d:b8:93:b6:ed:bf:32:
                    68:88:a6:e4:99:5a:3e:54:23:af:f8:87:73:27:b8:
                    10:18:1e:d6:bf:8e:10:2c:49:27:3d:b5:d9:82:13:
                    ec:72:7a:5f:b2:75:44:1d:33:5a:f4:18:9e:fe:04:
                    81:a6:41:c3:20:95:9a:4e:3b:a3:d9:52:c1:f5:66:
                    1e:38:94:90:a1:2c:1e:1d:25:63:d2:cd:b8:1b:b3:
                    9e:f4:9b:dc:51:c2:64:aa:39:50:a9:3d:31:34:8c:
                    b0:12:c3:72:e7:49:e6:25:83:97:dd:8c:3d:90:29:
                    af:63:bf:78:a0:df:e9:db:89:e9:29:a5:31:36:ea:
                    22:d3:3f:d9:64:7a:97:4a:5a:74:87:a9:7c:99:f1:
                    66:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:CD:02:96:CE:AA:12:39:40:BB:06:76:32:48:21:35:28:FC:31:10
            X509v3 Authority Key Identifier:
                keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/as0Cls6qEjlAuwZ2MkghNSj8MRA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.172.140.0-158.172.142.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:dd:38:fb:8f:3c:08:4a:4e:b9:5d:b2:e9:b2:84:a6:20:4e:
         ab:2c:68:36:13:0e:75:7e:54:ba:38:a9:4e:df:4e:37:69:98:
         db:b7:6f:2b:cc:3b:a5:95:08:82:e0:5b:c9:6a:52:cc:c3:43:
         8a:36:76:b5:f7:08:79:4b:cf:f5:10:15:9b:3d:9b:fa:ba:a1:
         ce:62:2d:23:64:c0:63:fe:28:5d:50:a5:f7:09:83:28:c2:ee:
         15:b5:01:f2:ca:8c:a9:75:14:18:75:4c:ac:27:19:9b:e5:8d:
         72:25:3f:5f:2e:b7:a6:a6:dd:3f:b7:de:9e:45:2c:ff:bd:ad:
         f6:52:eb:bb:29:57:48:0a:7b:f3:0c:48:41:4a:47:b3:46:be:
         e7:90:66:35:93:5b:db:33:e4:9f:1e:59:cb:4d:4d:79:c1:5f:
         43:84:82:26:2d:a3:1e:03:95:a3:0e:f4:2b:59:b3:6e:a5:ec:
         a8:7b:31:8a:ce:a2:96:e6:32:b2:15:ff:99:76:bc:3f:98:34:
         86:56:c8:bc:8e:3e:2e:84:a5:14:54:65:d0:e7:07:a2:dc:da:
         08:fd:f9:df:a1:fd:f4:c7:de:64:a6:ba:3f:ff:b6:15:9a:b5:
         61:d9:f5:e9:7a:30:77:f4:32:f1:af:e0:2f:29:50:fa:b0:ca:
         5b:54:87:77
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDvdMG26TouPfskmuYCfpaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwNzI2MTQzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWNkMDI5NmNlYWExMjM5NDBiYjA2NzYzMjQ4MjEzNTI4ZmMzMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLZkK+kl1u75pmIrXQLAErn7YvJF
BzT+9ahWNXi6SXcsjorT5SuSG/syTtuBMuYE5IpN38YqxT2iJei9Cr01v6Y/y0E7
cGNekgjYKh9IHFJJYkRgwPLx1XygeXSrSJ0dBJJ5OTwIPHvh24W69nZ6Sj24k7bt
vzJoiKbkmVo+VCOv+IdzJ7gQGB7Wv44QLEknPbXZghPscnpfsnVEHTNa9Bie/gSB
pkHDIJWaTjuj2VLB9WYeOJSQoSweHSVj0s24G7Oe9JvcUcJkqjlQqT0xNIywEsNy
50nmJYOX3Yw9kCmvY794oN/p24npKaUxNuoi0z/ZZHqXSlp0h6l8mfFmJwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGrNApbOqhI5QLsGdjJIITUo/DEQMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvYXMwQ2xzNnFFamxBdXdaMk1rZ2hOU2o4TVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKerIwD
BACerI4wDQYJKoZIhvcNAQELBQADggEBADvdOPuPPAhKTrldsumyhKYgTqssaDYT
DnV+VLo4qU7fTjdpmNu3byvMO6WVCILgW8lqUszDQ4o2drX3CHlLz/UQFZs9m/q6
oc5iLSNkwGP+KF1QpfcJgyjC7hW1AfLKjKl1FBh1TKwnGZvljXIlP18ut6am3T+3
3p5FLP+9rfZS67spV0gKe/MMSEFKR7NGvueQZjWTW9sz5J8eWctNTXnBX0OEgiYt
ox4DlaMO9CtZs26l7Kh7MYrOopbmMrIV/5l2vD+YNIZWyLyOPi6EpRRUZdDnB6Lc
2gj9+d+h/fTH3mSmuj//thWatWHZ9el6MHf0MvGv4C8pUPqwyltUh3c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:45:24 2024 by rpki-client on console-ams.rpki-client.org