Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/1-aRMzvhakBUCQimU7ay_AqiRys0.roa
File:                     1-aRMzvhakBUCQimU7ay_AqiRys0.roa (raw, json)
Hash identifier:          xHGsOVfd+RyVY2I8q2a7YEi/E84QG7i6jaaR/x4FaPs=
Subject key identifier:   F9:A4:4C:CE:F8:5A:90:15:02:42:29:94:ED:AC:BF:02:A8:91:CA:CD
Certificate issuer:       /CN=300b2f46ba570a1677bfd584c72822ad9d9fe5b0
Certificate serial:       018CC348CF40EAB688DF51D6A3587853CE92
Authority key identifier: 30:0B:2F:46:BA:57:0A:16:77:BF:D5:84:C7:28:22:AD:9D:9F:E5:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MAsvRrpXChZ3v9WExygirZ2f5bA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/1-aRMzvhakBUCQimU7ay_AqiRys0.roa
Signing time:             Mon 01 Jan 2024 04:29:37 +0000
ROA not before:           Mon 01 Jan 2024 04:29:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62000
IP address blocks:        185.140.44.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/MAsvRrpXChZ3v9WExygirZ2f5bA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/MAsvRrpXChZ3v9WExygirZ2f5bA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MAsvRrpXChZ3v9WExygirZ2f5bA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 16 Nov 2024 16:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:cf:40:ea:b6:88:df:51:d6:a3:58:78:53:ce:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=300b2f46ba570a1677bfd584c72822ad9d9fe5b0
        Validity
            Not Before: Jan  1 04:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f9a44ccef85a901502422994edacbf02a891cacd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e2:7c:13:bd:43:fd:98:bc:f4:8f:63:76:27:
                    d0:1b:c3:ab:df:99:14:64:62:75:8a:00:8f:a0:60:
                    11:05:83:52:8d:44:d7:de:76:54:71:7a:32:27:bd:
                    66:a3:23:c2:a3:86:ce:c3:4c:be:af:52:3e:d5:05:
                    fb:07:b9:4d:23:c9:9d:b2:30:23:e9:80:80:75:05:
                    d1:fd:f6:2f:81:08:83:a7:2b:4b:db:7c:59:00:e0:
                    3f:90:52:24:75:3d:54:ac:d7:71:09:1f:63:3d:5b:
                    0b:b6:5f:ff:78:9e:01:22:45:f5:db:9e:ab:59:f9:
                    13:f2:20:68:2d:6b:18:9f:9d:22:7e:b0:e2:7d:e2:
                    44:74:6c:dd:b8:4e:b1:0e:b0:64:02:8f:bb:d2:52:
                    a6:34:a2:4d:13:75:ff:46:92:e9:49:3e:fb:33:6e:
                    3e:66:b0:9b:14:a7:44:07:09:b8:0d:b4:41:8c:ca:
                    dd:9a:83:df:aa:a3:d1:a0:6e:d2:48:05:17:2b:ec:
                    7a:e4:4c:15:0b:cd:b5:56:f6:f2:31:44:a8:21:32:
                    8f:16:d6:d2:7c:1f:c7:74:d7:27:52:6b:73:07:c6:
                    76:9c:0c:3d:f0:55:29:22:07:69:ec:2e:ee:f1:5a:
                    f2:bd:4a:12:d3:34:fb:1e:4e:a4:15:98:b6:8a:de:
                    c4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:A4:4C:CE:F8:5A:90:15:02:42:29:94:ED:AC:BF:02:A8:91:CA:CD
            X509v3 Authority Key Identifier:
                keyid:30:0B:2F:46:BA:57:0A:16:77:BF:D5:84:C7:28:22:AD:9D:9F:E5:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAsvRrpXChZ3v9WExygirZ2f5bA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/1-aRMzvhakBUCQimU7ay_AqiRys0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/bcb87f-2c17-4207-962b-98072936c518/1/MAsvRrpXChZ3v9WExygirZ2f5bA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.140.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:bf:32:55:d1:9a:fa:71:1d:9f:8b:ec:74:f0:ad:6b:77:86:
         db:a5:87:81:d7:0b:a4:8d:3b:9c:ec:1b:85:7b:3a:58:e5:f1:
         74:8c:d4:88:c8:65:4e:5f:87:a6:48:80:b7:e8:02:60:2c:61:
         68:e4:dc:b3:1e:54:45:53:d4:5f:f9:bb:0b:9e:b1:70:49:28:
         84:4e:aa:17:ec:68:d5:96:ae:12:90:e6:98:b6:d8:7c:98:d1:
         bb:20:0e:e5:6d:ca:b5:d0:13:e1:69:de:de:f4:af:bc:39:47:
         1a:36:ab:73:66:b4:97:96:a2:84:7d:52:25:f0:18:28:05:42:
         4a:28:33:ad:2f:69:92:39:01:e9:6a:c4:56:77:32:5d:0e:19:
         1f:e5:92:69:45:49:e0:66:ef:f7:fc:ff:3d:4b:18:0f:23:cb:
         4d:ff:08:72:b0:9c:dc:4a:38:7e:dd:10:e1:b4:9d:60:1e:24:
         fb:79:5c:ae:2c:2e:79:5a:18:f3:b9:44:7d:f1:d3:11:c8:ca:
         72:ca:e7:36:89:cf:c0:99:51:ad:80:24:02:6a:0d:83:21:b0:
         70:b1:f4:5f:e7:0c:11:6a:5b:00:30:9b:b0:86:9d:50:58:f3:
         4d:3d:1b:8b:fa:31:e3:11:34:50:eb:54:ea:0f:ae:08:ef:2a:
         66:fb:13:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSM9A6raI31HWo1h4U86SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMGIyZjQ2YmE1NzBhMTY3N2JmZDU4NGM3MjgyMmFkOWQ5
ZmU1YjAwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWE0NGNjZWY4NWE5MDE1MDI0MjI5OTRlZGFjYmYwMmE4OTFjYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouJ8E71D/Zi89I9jdifQG8Or35kU
ZGJ1igCPoGARBYNSjUTX3nZUcXoyJ71moyPCo4bOw0y+r1I+1QX7B7lNI8mdsjAj
6YCAdQXR/fYvgQiDpytL23xZAOA/kFIkdT1UrNdxCR9jPVsLtl//eJ4BIkX1256r
WfkT8iBoLWsYn50ifrDifeJEdGzduE6xDrBkAo+70lKmNKJNE3X/RpLpST77M24+
ZrCbFKdEBwm4DbRBjMrdmoPfqqPRoG7SSAUXK+x65EwVC821VvbyMUSoITKPFtbS
fB/HdNcnUmtzB8Z2nAw98FUpIgdp7C7u8VryvUoS0zT7Hk6kFZi2it7EsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmkTM74WpAVAkIplO2svwKokcrNMB8GA1UdIwQY
MBaAFDALL0a6VwoWd7/VhMcoIq2dn+WwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFzdlJycFhDaFozdjlXRXh5Z2lyWjJmNWJBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iY2I4N2YtMmMxNy00MjA3LTk2MmIt
OTgwNzI5MzZjNTE4LzEvMS1hUk16dmhha0JVQ1FpbVU3YXlfQXFpUnlzMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWUvYmNiODdmLTJjMTctNDIwNy05NjJiLTk4MDcyOTM2YzUx
OC8xL01Bc3ZScnBYQ2haM3Y5V0V4eWdpcloyZjViQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmMLDAN
BgkqhkiG9w0BAQsFAAOCAQEAUL8yVdGa+nEdn4vsdPCta3eG26WHgdcLpI07nOwb
hXs6WOXxdIzUiMhlTl+HpkiAt+gCYCxhaOTcsx5URVPUX/m7C56xcEkohE6qF+xo
1ZauEpDmmLbYfJjRuyAO5W3KtdAT4Wne3vSvvDlHGjarc2a0l5aihH1SJfAYKAVC
SigzrS9pkjkB6WrEVncyXQ4ZH+WSaUVJ4Gbv9/z/PUsYDyPLTf8IcrCc3Eo4ft0Q
4bSdYB4k+3lcriwueVoY87lEffHTEcjKcsrnNonPwJlRrYAkAmoNgyGwcLH0X+cM
EWpbADCbsIadUFjzTT0bi/ox4xE0UOtU6g+uCO8qZvsTvQ==
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:10:26 2024 by rpki-client on console-ams.rpki-client.org