Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/p3xzGbmFHb7b36XwxOK3PiNIgCU.roa
File:                     p3xzGbmFHb7b36XwxOK3PiNIgCU.roa (raw, json)
Hash identifier:          L2P5AhIfPesYP2AyJ7of15kry9HzyY0cm4UGKNvDSfs=
Subject key identifier:   A7:7C:73:19:B9:85:1D:BE:DB:DF:A5:F0:C4:E2:B7:3E:23:48:80:25
Certificate issuer:       /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial:       0190BC6E77B874A12FBD15AAE0302A952C4C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/p3xzGbmFHb7b36XwxOK3PiNIgCU.roa
Signing time:             Tue 16 Jul 2024 16:44:34 +0000
ROA not before:           Tue 16 Jul 2024 16:44:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210542
IP address blocks:        14.102.226.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:bc:6e:77:b8:74:a1:2f:bd:15:aa:e0:30:2a:95:2c:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
        Validity
            Not Before: Jul 16 16:44:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a77c7319b9851dbedbdfa5f0c4e2b73e23488025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:12:4f:be:b8:5e:86:16:1d:62:cd:76:81:29:
                    28:33:b0:a8:5b:7a:e9:3e:50:a3:65:e6:27:69:a8:
                    0f:c8:2f:73:be:46:0d:8a:f7:a5:50:e6:97:7f:04:
                    51:1b:ce:23:bf:40:74:43:fc:e1:ba:03:84:ee:ed:
                    26:35:bf:bb:97:53:2a:8c:8c:ad:ff:4c:b4:3a:3c:
                    66:03:8f:15:ba:24:99:b1:72:40:31:c9:aa:04:cc:
                    5e:17:34:35:5d:67:4b:a2:08:3c:4a:f5:ba:4b:8d:
                    dc:d7:32:47:af:b5:56:90:ba:7a:64:6d:5c:42:b4:
                    08:b7:ae:ea:82:71:6a:10:e2:c5:eb:db:ee:03:d1:
                    3b:73:8e:bc:32:f7:df:7f:58:e1:d8:93:75:10:1a:
                    9c:06:37:55:6e:93:0f:84:f7:3f:eb:6c:f8:ea:09:
                    9a:6b:d5:cc:6b:7b:91:4c:b9:fc:8d:84:56:af:5a:
                    df:c8:69:90:8c:67:f2:68:ed:4e:b5:b1:30:21:59:
                    7d:58:56:8e:60:79:4a:83:e1:d4:86:a3:60:5e:e5:
                    1a:92:74:74:2d:58:24:2d:db:91:59:12:a8:b7:a8:
                    2b:e9:92:1f:6c:07:b0:64:e1:77:61:f4:f6:f7:89:
                    7a:13:da:d8:00:d1:dd:72:2c:39:6a:97:e5:06:c2:
                    5c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:7C:73:19:B9:85:1D:BE:DB:DF:A5:F0:C4:E2:B7:3E:23:48:80:25
            X509v3 Authority Key Identifier:
                keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/p3xzGbmFHb7b36XwxOK3PiNIgCU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.102.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4c:ba:aa:82:11:9a:3d:22:31:f3:ad:23:54:1b:dd:c4:9b:67:
         9a:6d:1c:bb:28:df:bc:2d:d3:c2:7b:35:09:e0:93:9a:6a:38:
         5f:f2:df:ea:87:e9:c2:c2:30:14:fe:d6:d0:09:64:be:34:f7:
         de:fe:fb:3a:2c:20:9a:10:86:85:80:ea:69:bd:ae:c8:37:13:
         06:b1:5d:bf:23:87:c3:ff:d2:bd:58:5d:44:c3:d3:48:63:bb:
         b8:45:fe:89:a7:dc:05:b5:5e:40:4b:c5:de:35:7e:a9:67:a7:
         e7:b4:b4:78:6d:33:48:c7:68:2e:54:4e:fc:09:0e:77:ab:5c:
         75:de:17:e3:7f:b4:10:23:f1:3c:fe:d3:e7:d9:a1:b8:93:dc:
         2d:e0:ff:6c:e4:f3:1e:9a:d7:9f:51:e4:53:3a:0d:86:04:c3:
         8e:08:1c:16:20:f1:52:04:98:20:64:24:63:f1:96:12:b2:3c:
         94:fc:60:ad:7e:14:e8:25:27:f0:b0:ab:d9:26:02:00:bd:91:
         6e:64:fe:0b:40:ec:16:78:fe:ff:da:15:9b:a9:f4:2e:de:af:
         ed:34:ec:a3:ff:08:e2:15:a2:59:da:12:d9:e9:6e:dc:ea:5b:
         1b:a0:89:80:0d:92:cb:aa:fa:b9:25:d7:5d:7f:51:81:87:8d:
         24:fd:0c:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC8bne4dKEvvRWq4DAqlSxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwNzE2MTY0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdjNzMxOWI5ODUxZGJlZGJkZmE1ZjBjNGUyYjczZTIzNDg4MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xJPvrhehhYdYs12gSkoM7CoW3rp
PlCjZeYnaagPyC9zvkYNivelUOaXfwRRG84jv0B0Q/zhugOE7u0mNb+7l1MqjIyt
/0y0OjxmA48VuiSZsXJAMcmqBMxeFzQ1XWdLogg8SvW6S43c1zJHr7VWkLp6ZG1c
QrQIt67qgnFqEOLF69vuA9E7c468Mvfff1jh2JN1EBqcBjdVbpMPhPc/62z46gma
a9XMa3uRTLn8jYRWr1rfyGmQjGfyaO1OtbEwIVl9WFaOYHlKg+HUhqNgXuUaknR0
LVgkLduRWRKot6gr6ZIfbAewZOF3YfT294l6E9rYANHdciw5apflBsJcXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKd8cxm5hR2+29+l8MTitz4jSIAlMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvcDN4ekdibUZIYjdiMzZYd3hPSzNQaU5JZ0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbiMA0G
CSqGSIb3DQEBCwUAA4IBAQBMuqqCEZo9IjHzrSNUG93Em2eabRy7KN+8LdPCezUJ
4JOaajhf8t/qh+nCwjAU/tbQCWS+NPfe/vs6LCCaEIaFgOppva7INxMGsV2/I4fD
/9K9WF1Ew9NIY7u4Rf6Jp9wFtV5AS8XeNX6pZ6fntLR4bTNIx2guVE78CQ53q1x1
3hfjf7QQI/E8/tPn2aG4k9wt4P9s5PMemtefUeRTOg2GBMOOCBwWIPFSBJggZCRj
8ZYSsjyU/GCtfhToJSfwsKvZJgIAvZFuZP4LQOwWeP7/2hWbqfQu3q/tNOyj/wji
FaJZ2hLZ6W7c6lsboImADZLLqvq5Jdddf1GBh40k/Qyn
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:17 2024 by rpki-client on console-ams.rpki-client.org