Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/YacFjvCwQm9rBsjgh3bLcuMU5mI.roa
File:                     YacFjvCwQm9rBsjgh3bLcuMU5mI.roa (raw, json)
Hash identifier:          a6+9tnseMlBAWUH6LElCMFnpZN4bHojZG1uuSiXjUmo=
Subject key identifier:   61:A7:05:8E:F0:B0:42:6F:6B:06:C8:E0:87:76:CB:72:E3:14:E6:62
Certificate issuer:       /CN=875fc80242d2e69ebd0f22b5e3cc457594ae90ac
Certificate serial:       018E0AC056B8C525DC4C58534F903A7F96F1
Authority key identifier: 87:5F:C8:02:42:D2:E6:9E:BD:0F:22:B5:E3:CC:45:75:94:AE:90:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h1_IAkLS5p69DyK148xFdZSukKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/YacFjvCwQm9rBsjgh3bLcuMU5mI.roa
Signing time:             Mon 04 Mar 2024 18:36:01 +0000
ROA not before:           Mon 04 Mar 2024 18:36:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     397630
IP address blocks:        193.169.59.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/h1_IAkLS5p69DyK148xFdZSukKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/h1_IAkLS5p69DyK148xFdZSukKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h1_IAkLS5p69DyK148xFdZSukKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0a:c0:56:b8:c5:25:dc:4c:58:53:4f:90:3a:7f:96:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=875fc80242d2e69ebd0f22b5e3cc457594ae90ac
        Validity
            Not Before: Mar  4 18:36:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=61a7058ef0b0426f6b06c8e08776cb72e314e662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:17:09:5c:8a:52:cf:42:26:55:24:9f:f7:13:
                    d7:7e:0e:28:d1:cd:3d:f5:9c:45:41:83:d6:34:c0:
                    74:06:24:84:73:69:d8:a9:53:7d:a6:40:26:07:02:
                    73:a8:c4:a9:ce:e0:9b:79:14:42:da:5a:ed:4a:33:
                    41:bb:58:da:d0:02:75:bd:7c:04:98:3b:87:0d:d8:
                    ea:30:af:ec:1d:05:98:48:cd:b6:69:5d:64:85:03:
                    3d:e8:8b:51:92:bf:c7:11:01:12:77:c9:d2:9a:12:
                    97:52:bb:6b:56:9b:90:e2:e3:02:3b:0b:28:5c:9c:
                    23:3c:87:72:a4:49:92:ca:ed:f7:c5:70:be:05:74:
                    e7:9e:94:e4:b0:f4:13:ac:c2:34:cf:cc:9d:c6:83:
                    03:01:04:da:ae:2f:86:97:bb:0c:28:67:9a:d6:9b:
                    68:9f:b2:25:a1:d8:55:dc:3b:76:4f:ab:eb:6d:6d:
                    00:8c:23:56:81:8d:4f:74:67:c2:6c:7d:0c:bd:1a:
                    fd:cc:7f:29:2c:b7:d1:c4:98:eb:6e:8b:50:96:43:
                    9c:1d:3e:fe:e1:b1:5d:2c:c3:ed:16:53:20:4c:56:
                    82:ab:89:d0:e7:3b:b7:08:92:2d:da:da:06:2b:d2:
                    c6:15:42:f7:8b:65:0b:57:41:ab:0e:a8:90:28:73:
                    8b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:A7:05:8E:F0:B0:42:6F:6B:06:C8:E0:87:76:CB:72:E3:14:E6:62
            X509v3 Authority Key Identifier:
                keyid:87:5F:C8:02:42:D2:E6:9E:BD:0F:22:B5:E3:CC:45:75:94:AE:90:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1_IAkLS5p69DyK148xFdZSukKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/YacFjvCwQm9rBsjgh3bLcuMU5mI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/61025f-43da-437d-b010-cc49e534db00/1/h1_IAkLS5p69DyK148xFdZSukKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.169.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:53:cd:49:25:ab:00:4d:01:5c:72:01:f3:d3:82:ce:f0:c1:
         49:bd:3b:e9:34:7f:1a:a8:c5:20:4e:18:17:50:d1:9b:bd:45:
         20:9b:d0:41:3b:40:51:82:99:08:f9:03:f7:d8:e8:f9:5c:7c:
         7b:4a:27:1d:79:60:72:7c:1a:2e:be:2c:bd:2a:4c:0e:f9:7f:
         55:ae:2f:23:34:fc:d2:ea:38:ef:5e:1e:95:41:f5:fb:99:39:
         4d:7b:a4:1a:61:75:ae:9e:f4:cf:75:ca:e6:df:9d:9c:59:ff:
         78:df:6d:94:6a:fe:46:db:03:b5:45:96:c2:63:9d:be:d3:17:
         52:74:cd:d1:61:8d:bf:ae:d1:04:7d:19:92:95:9f:1c:57:95:
         e5:4f:6d:b9:f8:f3:ae:0c:6e:c8:16:94:5d:cb:3e:37:47:83:
         bc:35:8c:46:ad:50:bf:9f:79:7e:b7:3e:64:aa:ac:4e:0f:f6:
         84:ce:d4:25:90:9d:5d:17:ce:a8:63:75:a6:a8:17:ea:80:ae:
         e1:49:d0:b3:51:a8:cd:d4:04:9d:43:db:ab:8a:30:49:bf:7f:
         ba:26:77:35:32:fc:4e:c5:3a:49:0a:c9:1d:fd:9f:55:cc:81:
         ce:3f:d3:7e:62:86:db:92:fb:41:96:cc:46:23:a3:36:78:35:
         24:d7:c0:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4KwFa4xSXcTFhTT5A6f5bxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWZjODAyNDJkMmU2OWViZDBmMjJiNWUzY2M0NTc1OTRh
ZTkwYWMwHhcNMjQwMzA0MTgzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE3MDU4ZWYwYjA0MjZmNmIwNmM4ZTA4Nzc2Y2I3MmUzMTRlNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohcJXIpSz0ImVSSf9xPXfg4o0c09
9ZxFQYPWNMB0BiSEc2nYqVN9pkAmBwJzqMSpzuCbeRRC2lrtSjNBu1ja0AJ1vXwE
mDuHDdjqMK/sHQWYSM22aV1khQM96ItRkr/HEQESd8nSmhKXUrtrVpuQ4uMCOwso
XJwjPIdypEmSyu33xXC+BXTnnpTksPQTrMI0z8ydxoMDAQTari+Gl7sMKGea1pto
n7IlodhV3Dt2T6vrbW0AjCNWgY1PdGfCbH0MvRr9zH8pLLfRxJjrbotQlkOcHT7+
4bFdLMPtFlMgTFaCq4nQ5zu3CJIt2toGK9LGFUL3i2ULV0GrDqiQKHOLvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGnBY7wsEJvawbI4Id2y3LjFOZiMB8GA1UdIwQY
MBaAFIdfyAJC0uaevQ8itePMRXWUrpCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFfSUFrTFM1cDY5RHlLMTQ4eEZkWlN1a0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi82MTAyNWYtNDNkYS00MzdkLWIwMTAt
Y2M0OWU1MzRkYjAwLzEvWWFjRmp2Q3dRbTlyQnNqZ2gzYkxjdU1VNW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi82MTAyNWYtNDNkYS00MzdkLWIwMTAtY2M0OWU1MzRkYjAw
LzEvaDFfSUFrTFM1cDY5RHlLMTQ4eEZkWlN1a0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwak7MA0G
CSqGSIb3DQEBCwUAA4IBAQBGU81JJasATQFccgHz04LO8MFJvTvpNH8aqMUgThgX
UNGbvUUgm9BBO0BRgpkI+QP32Oj5XHx7SicdeWByfBouviy9KkwO+X9Vri8jNPzS
6jjvXh6VQfX7mTlNe6QaYXWunvTPdcrm352cWf94322Uav5G2wO1RZbCY52+0xdS
dM3RYY2/rtEEfRmSlZ8cV5XlT225+POuDG7IFpRdyz43R4O8NYxGrVC/n3l+tz5k
qqxOD/aEztQlkJ1dF86oY3WmqBfqgK7hSdCzUajN1ASdQ9urijBJv3+6Jnc1MvxO
xTpJCskd/Z9VzIHOP9N+YobbkvtBlsxGI6M2eDUk18BJ
-----END CERTIFICATE-----
Generated at Tue May 7 03:51:26 2024 by rpki-client on console-ams.rpki-client.org