Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/eM9DIP7OOON8NO1ngbKTR1YvH64.roa
File:                     eM9DIP7OOON8NO1ngbKTR1YvH64.roa (raw, json)
Hash identifier:          vUSwYNK6AKtA0Xv8NS50w4ct/iXQP3l8qUaZNit9bHM=
Subject key identifier:   78:CF:43:20:FE:CE:38:E3:7C:34:ED:67:81:B2:93:47:56:2F:1F:AE
Certificate issuer:       /CN=b464b4523a8972b9e2f46a4f4a1634e97027aedf
Certificate serial:       018D69DDBDE73165C5D011FA77815D29A1BA
Authority key identifier: B4:64:B4:52:3A:89:72:B9:E2:F4:6A:4F:4A:16:34:E9:70:27:AE:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/eM9DIP7OOON8NO1ngbKTR1YvH64.roa
Signing time:             Fri 02 Feb 2024 12:49:16 +0000
ROA not before:           Fri 02 Feb 2024 12:49:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14618
IP address blocks:        5.61.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:69:dd:bd:e7:31:65:c5:d0:11:fa:77:81:5d:29:a1:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b464b4523a8972b9e2f46a4f4a1634e97027aedf
        Validity
            Not Before: Feb  2 12:49:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=78cf4320fece38e37c34ed6781b29347562f1fae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b5:cb:15:f7:5e:2c:c9:b8:2c:1b:5c:63:ce:
                    83:29:4c:e1:8b:1f:68:ed:8d:6b:98:a5:99:03:9b:
                    c2:46:4e:f2:b7:5d:86:23:3a:3e:8a:06:19:5f:6e:
                    80:47:2c:67:2e:21:cd:75:5f:97:4e:bf:7f:66:5e:
                    37:8a:0e:93:27:64:5e:62:35:57:53:bf:13:95:67:
                    50:75:a7:59:78:2b:0c:d2:51:54:b3:5f:7b:c0:b2:
                    0b:74:88:ae:db:95:c1:ae:b3:e1:8b:ba:7a:9e:85:
                    05:8c:6d:28:63:25:5a:61:9c:67:b4:2b:57:c2:b9:
                    98:86:d2:5e:4d:65:c0:30:b2:e0:82:21:19:15:c9:
                    58:d8:db:5e:bf:3b:30:99:65:0a:70:03:14:ab:6d:
                    6c:56:6e:53:5a:59:83:95:56:51:6e:a4:62:81:e6:
                    b5:98:6b:e4:9b:e5:21:4a:eb:39:c9:ba:a8:3e:6d:
                    d1:05:20:71:08:cb:69:49:8c:42:79:08:43:ad:78:
                    02:0f:ba:1b:34:eb:90:87:35:f4:84:07:ca:9d:d6:
                    d1:b8:b7:43:bd:2a:65:fc:aa:6e:dc:4b:ef:1b:15:
                    eb:06:83:98:35:4d:b9:69:94:2f:53:d1:68:30:11:
                    5d:54:d2:6f:d2:d2:38:8d:49:f1:49:ad:97:3c:82:
                    de:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:CF:43:20:FE:CE:38:E3:7C:34:ED:67:81:B2:93:47:56:2F:1F:AE
            X509v3 Authority Key Identifier:
                keyid:B4:64:B4:52:3A:89:72:B9:E2:F4:6A:4F:4A:16:34:E9:70:27:AE:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/eM9DIP7OOON8NO1ngbKTR1YvH64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.61.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:17:c2:32:c7:57:c6:07:c9:a3:48:e7:4d:7a:3d:e9:ea:31:
         66:38:ba:1b:c7:39:b3:96:63:03:26:d9:9b:fc:e4:cf:cb:f8:
         2a:07:f7:50:dd:99:d6:9f:8e:1c:5c:5d:4f:34:14:34:b2:1d:
         04:5b:9a:81:a0:57:a4:bf:b7:25:a1:44:15:61:34:19:0a:65:
         85:74:07:36:ef:92:88:97:e1:e8:4a:22:6a:c1:10:17:f0:20:
         c8:24:51:ec:70:31:1e:5f:19:36:be:68:1e:6e:d2:12:31:f6:
         26:4e:27:c8:3b:30:d8:1b:85:8f:8c:53:c4:6c:de:86:c3:54:
         35:46:e2:52:79:f8:e9:00:e4:0e:40:30:23:1d:6c:91:7f:0c:
         19:e2:65:03:df:94:39:c3:4a:ea:94:7c:27:cd:97:5d:72:fd:
         95:95:00:a4:53:8d:23:6c:45:42:af:50:57:72:1f:53:c0:64:
         69:56:3a:ae:76:94:8a:76:21:02:a1:dc:b0:69:6f:93:a0:ff:
         12:8d:0b:e3:a7:04:98:8e:cc:bc:f1:af:a8:61:fc:33:c3:48:
         26:12:25:fa:20:3a:b7:f8:ef:dc:b3:e2:e6:b9:60:ef:bd:90:
         31:db:62:0e:f7:2b:f9:f1:05:1d:eb:e3:65:92:79:e3:c0:56:
         28:b7:39:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1p3b3nMWXF0BH6d4FdKaG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjRiNDUyM2E4OTcyYjllMmY0NmE0ZjRhMTYzNGU5NzAy
N2FlZGYwHhcNMjQwMjAyMTI0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNmNDMyMGZlY2UzOGUzN2MzNGVkNjc4MWIyOTM0NzU2MmYxZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybXLFfdeLMm4LBtcY86DKUzhix9o
7Y1rmKWZA5vCRk7yt12GIzo+igYZX26ARyxnLiHNdV+XTr9/Zl43ig6TJ2ReYjVX
U78TlWdQdadZeCsM0lFUs197wLILdIiu25XBrrPhi7p6noUFjG0oYyVaYZxntCtX
wrmYhtJeTWXAMLLggiEZFclY2NtevzswmWUKcAMUq21sVm5TWlmDlVZRbqRigea1
mGvkm+UhSus5ybqoPm3RBSBxCMtpSYxCeQhDrXgCD7obNOuQhzX0hAfKndbRuLdD
vSpl/Kpu3EvvGxXrBoOYNU25aZQvU9FoMBFdVNJv0tI4jUnxSa2XPILeiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHjPQyD+zjjjfDTtZ4Gyk0dWLx+uMB8GA1UdIwQY
MBaAFLRktFI6iXK54vRqT0oWNOlwJ67fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdTMFVqcUpjcm5pOUdwUFNoWTA2WEFucnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jN2NhZjMtZWIwOC00NTU2LWE1Yjct
ZmM2ZTc3ODg0MDU0LzEvZU05RElQN09PT044Tk8xbmdiS1RSMVl2SDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jN2NhZjMtZWIwOC00NTU2LWE1YjctZmM2ZTc3ODg0MDU0
LzEvdEdTMFVqcUpjcm5pOUdwUFNoWTA2WEFucnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT13MA0G
CSqGSIb3DQEBCwUAA4IBAQARF8Iyx1fGB8mjSOdNej3p6jFmOLobxzmzlmMDJtmb
/OTPy/gqB/dQ3ZnWn44cXF1PNBQ0sh0EW5qBoFekv7cloUQVYTQZCmWFdAc275KI
l+HoSiJqwRAX8CDIJFHscDEeXxk2vmgebtISMfYmTifIOzDYG4WPjFPEbN6Gw1Q1
RuJSefjpAOQOQDAjHWyRfwwZ4mUD35Q5w0rqlHwnzZddcv2VlQCkU40jbEVCr1BX
ch9TwGRpVjqudpSKdiECodywaW+ToP8SjQvjpwSYjsy88a+oYfwzw0gmEiX6IDq3
+O/cs+LmuWDvvZAx22IO9yv58QUd6+NlknnjwFYotzlp
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:03 2024 by rpki-client on console-ams.rpki-client.org