Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UxR31cTLFHAROLkRctwNU5PMLGE.roa
File:                     UxR31cTLFHAROLkRctwNU5PMLGE.roa (raw, json)
Hash identifier:          JFE1iMSdxGdqGmUD3xsAqICrGjnNVAmqkT6HcrPwo3I=
Subject key identifier:   53:14:77:D5:C4:CB:14:70:11:38:B9:11:72:DC:0D:53:93:CC:2C:61
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       018CC348B7E83FB2CBF13A4784EEBD4622D7
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UxR31cTLFHAROLkRctwNU5PMLGE.roa
Signing time:             Mon 01 Jan 2024 04:29:31 +0000
ROA not before:           Mon 01 Jan 2024 04:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35916
IP address blocks:        46.37.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 04:03:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:b7:e8:3f:b2:cb:f1:3a:47:84:ee:bd:46:22:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 04:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=531477d5c4cb14701138b91172dc0d5393cc2c61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:59:ea:06:c9:0c:b3:d3:91:5d:58:b5:ad:12:
                    b2:e4:99:44:74:5e:79:02:30:99:d4:a1:e3:53:df:
                    b2:dd:7d:4b:d4:db:e2:52:0b:62:be:d1:f5:9d:b7:
                    24:32:24:57:a2:ba:8f:a5:a9:fc:85:39:fc:2b:6d:
                    e1:98:b7:9e:3d:0e:b8:06:65:78:e3:93:28:3b:ed:
                    78:c3:87:9c:14:92:27:6e:c8:3c:8f:78:2e:ec:15:
                    ba:4f:b3:9c:64:76:68:ab:be:5b:e4:83:33:c2:a8:
                    98:81:87:ef:a6:03:70:55:6c:e6:64:2d:02:b6:34:
                    a6:05:53:8c:ce:3e:c4:e2:b9:1d:34:90:b7:03:de:
                    bf:fa:83:ad:d1:99:45:65:64:62:5a:38:76:8b:06:
                    b4:8c:31:0e:03:92:f8:f2:e4:24:43:77:f2:82:11:
                    ce:11:96:ef:7d:bb:4e:1b:54:e9:4d:a4:7d:37:76:
                    1a:f3:b0:68:c2:6d:ba:54:f3:2e:45:6a:ab:c5:b9:
                    3e:52:f4:4e:6b:83:28:4a:94:43:7f:34:d7:93:58:
                    45:b6:89:28:a4:4b:9d:a0:04:1d:d4:a8:98:4a:a9:
                    3f:83:7b:7e:9f:6f:08:4c:bc:db:0b:26:86:75:07:
                    1b:f8:bb:f4:f1:af:7d:d7:e9:fb:27:c2:a5:5e:cc:
                    e2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:14:77:D5:C4:CB:14:70:11:38:B9:11:72:DC:0D:53:93:CC:2C:61
            X509v3 Authority Key Identifier:
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/UxR31cTLFHAROLkRctwNU5PMLGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:d5:3d:72:12:3b:19:a6:fc:ed:8d:6c:87:80:50:6e:fa:43:
         c7:a1:76:9a:da:c6:ce:26:26:f7:69:86:fa:32:f4:ee:aa:b5:
         79:74:46:cc:32:b3:08:e6:8a:40:58:02:46:06:d7:d3:40:a9:
         62:4a:26:d3:2a:90:81:28:79:9b:e3:d6:91:6e:20:7d:9e:c3:
         71:71:8e:d5:ca:b5:b6:c6:04:74:d9:61:9b:f4:87:cb:a5:1c:
         d1:8c:9c:79:93:28:8a:3c:59:0a:45:29:d7:69:72:de:8d:e0:
         ce:0f:3a:60:6e:dd:e5:d9:d9:37:32:cc:43:aa:f2:06:a8:b7:
         e6:d7:92:da:9e:a7:6b:6e:fd:3a:81:66:79:c2:e5:f1:8f:38:
         a7:e5:fd:17:93:39:72:88:54:d9:5e:2b:a5:c8:77:40:f2:3c:
         64:04:96:92:30:ce:fa:9d:ce:74:4c:c9:3a:22:5f:ff:47:98:
         2e:74:1f:fb:aa:bf:84:4b:42:a3:10:eb:61:ce:20:ab:56:d0:
         cc:2f:9d:aa:38:b8:d8:39:cf:da:d8:2f:7e:76:93:d9:8a:51:
         33:00:75:4b:2e:13:27:bd:ff:b7:10:82:46:65:7d:d7:65:7d:
         75:d3:3c:44:33:79:2a:da:6f:d4:46:54:6f:13:80:d9:43:56:
         33:69:ab:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLfoP7LL8TpHhO69RiLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE0NzdkNWM0Y2IxNDcwMTEzOGI5MTE3MmRjMGQ1MzkzY2MyYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFnqBskMs9ORXVi1rRKy5JlEdF55
AjCZ1KHjU9+y3X1L1NviUgtivtH1nbckMiRXorqPpan8hTn8K23hmLeePQ64BmV4
45MoO+14w4ecFJInbsg8j3gu7BW6T7OcZHZoq75b5IMzwqiYgYfvpgNwVWzmZC0C
tjSmBVOMzj7E4rkdNJC3A96/+oOt0ZlFZWRiWjh2iwa0jDEOA5L48uQkQ3fyghHO
EZbvfbtOG1TpTaR9N3Ya87Bowm26VPMuRWqrxbk+UvROa4MoSpRDfzTXk1hFtoko
pEudoAQd1KiYSqk/g3t+n28ITLzbCyaGdQcb+Lv08a991+n7J8KlXsziNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMUd9XEyxRwETi5EXLcDVOTzCxhMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvVXhSMzFjVExGSEFST0xrUmN0d05VNVBNTEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV3MA0G
CSqGSIb3DQEBCwUAA4IBAQBQ1T1yEjsZpvztjWyHgFBu+kPHoXaa2sbOJib3aYb6
MvTuqrV5dEbMMrMI5opAWAJGBtfTQKliSibTKpCBKHmb49aRbiB9nsNxcY7VyrW2
xgR02WGb9IfLpRzRjJx5kyiKPFkKRSnXaXLejeDODzpgbt3l2dk3MsxDqvIGqLfm
15Lanqdrbv06gWZ5wuXxjzin5f0XkzlyiFTZXiulyHdA8jxkBJaSMM76nc50TMk6
Il//R5gudB/7qr+ES0KjEOthziCrVtDML52qOLjYOc/a2C9+dpPZilEzAHVLLhMn
vf+3EIJGZX3XZX110zxEM3kq2m/URlRvE4DZQ1Yzaau8
-----END CERTIFICATE-----
Generated at Sun Apr 28 11:06:18 2024 by rpki-client on console-ams.rpki-client.org