Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9VeimpxrnQ9OUfpfVXDzk9jlRm0.roa
File:                     9VeimpxrnQ9OUfpfVXDzk9jlRm0.roa (raw, json)
Hash identifier:          e0A95T35+R6FGfrNJwHeLrdSZ9yWzfJlKjqi+Zg8B/Y=
Subject key identifier:   F5:57:A2:9A:9C:6B:9D:0F:4E:51:FA:5F:55:70:F3:93:D8:E5:46:6D
Certificate issuer:       /CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Certificate serial:       018CC8DF5C793572D4F5ECC7F42C86AB3422
Authority key identifier: D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9VeimpxrnQ9OUfpfVXDzk9jlRm0.roa
Signing time:             Tue 02 Jan 2024 06:32:10 +0000
ROA not before:           Tue 02 Jan 2024 06:32:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.163.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 15:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:5c:79:35:72:d4:f5:ec:c7:f4:2c:86:ab:34:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
        Validity
            Not Before: Jan  2 06:32:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f557a29a9c6b9d0f4e51fa5f5570f393d8e5466d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e1:d3:68:e3:2c:d5:79:30:d7:6a:64:f7:c0:
                    99:40:c1:ab:46:78:dd:44:b5:c5:26:4f:44:61:69:
                    00:f4:3c:41:49:f3:20:9c:e1:7a:74:fc:f1:c3:0f:
                    c1:14:d9:cc:fc:0d:0a:ec:0d:c7:d9:68:d1:b8:6f:
                    5c:af:65:09:d3:14:6d:c6:a3:aa:03:ea:a7:06:88:
                    40:77:de:cd:0e:06:b2:a5:c4:ea:21:8e:8c:2a:cf:
                    f0:d2:32:e3:b8:70:7f:0d:53:01:eb:cf:ba:70:d8:
                    21:b3:d4:93:ea:25:c5:b0:78:2d:b8:19:e4:88:e4:
                    1f:8c:ef:92:be:1c:47:ee:3c:f4:1e:3e:9c:42:b0:
                    80:5d:a8:cd:9c:24:9f:7e:9a:c7:44:79:69:89:39:
                    cc:04:12:8b:58:97:75:f9:c6:8d:dc:f7:c9:d7:f8:
                    d9:71:8a:06:f9:01:f5:8a:54:94:e3:f3:c3:bb:d4:
                    ee:37:10:6d:c1:89:c1:ba:98:93:b5:21:86:9c:bb:
                    4c:41:ce:05:13:48:f3:ca:30:3d:f4:b4:e9:bc:b0:
                    ec:1c:39:6c:fb:cb:01:bb:fb:3a:f3:73:59:5f:70:
                    aa:72:49:6f:2a:79:4c:28:96:41:46:b2:e8:dd:92:
                    64:00:21:f4:e6:7c:54:3f:c7:11:1b:72:31:ab:04:
                    07:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:57:A2:9A:9C:6B:9D:0F:4E:51:FA:5F:55:70:F3:93:D8:E5:46:6D
            X509v3 Authority Key Identifier:
                keyid:D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/9VeimpxrnQ9OUfpfVXDzk9jlRm0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:45:08:08:60:cc:71:9d:03:e1:0a:0b:e2:30:8f:a1:be:0f:
         7d:0d:a3:bb:c6:f7:6d:ab:88:7f:7f:c0:b8:5b:ef:31:be:5b:
         12:f4:de:10:b5:bb:29:6d:b4:03:0d:d2:c8:83:55:a2:c3:e8:
         1f:61:53:a4:e2:df:0e:0e:33:7b:9f:7b:56:15:d7:8b:cb:ad:
         83:a3:82:02:ac:7e:43:0a:37:e1:9b:64:8e:04:14:f3:2d:4a:
         57:70:84:7b:f6:f0:c6:8f:37:c6:73:42:4f:93:36:56:98:e8:
         70:3d:bb:57:75:37:00:82:26:65:31:87:b7:1a:94:ff:dd:84:
         68:ab:3f:00:5b:77:e7:ba:a6:30:96:5f:e9:73:e4:6c:b7:9f:
         6a:a1:47:b3:9e:f8:f4:34:61:b1:a3:06:d9:5a:e6:d0:d0:5e:
         16:2c:df:6b:24:e9:cf:9e:11:12:0b:15:84:9c:d1:a7:c3:30:
         75:57:23:f1:47:51:8b:bb:95:7b:4f:e9:e8:f1:b2:48:0c:a4:
         44:ea:09:14:ca:fe:55:b3:4b:58:c6:46:ae:95:88:8c:bf:79:
         86:25:87:8c:15:f7:d6:94:3f:40:92:ba:ef:7d:85:19:f9:94:
         bc:7a:bd:65:ab:99:5f:b2:bc:07:62:5f:30:d6:77:61:e1:9e:
         9d:96:fe:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI31x5NXLU9ezH9CyGqzQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTVmYTcwZTNmN2RmMzYxMTUxZDU1Mzc5ZDRkOWI4NWRh
ZGZkM2QwHhcNMjQwMTAyMDYzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU3YTI5YTljNmI5ZDBmNGU1MWZhNWY1NTcwZjM5M2Q4ZTU0NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuHTaOMs1Xkw12pk98CZQMGrRnjd
RLXFJk9EYWkA9DxBSfMgnOF6dPzxww/BFNnM/A0K7A3H2WjRuG9cr2UJ0xRtxqOq
A+qnBohAd97NDgaypcTqIY6MKs/w0jLjuHB/DVMB68+6cNghs9ST6iXFsHgtuBnk
iOQfjO+SvhxH7jz0Hj6cQrCAXajNnCSffprHRHlpiTnMBBKLWJd1+caN3PfJ1/jZ
cYoG+QH1ilSU4/PDu9TuNxBtwYnBupiTtSGGnLtMQc4FE0jzyjA99LTpvLDsHDls
+8sBu/s683NZX3CqcklvKnlMKJZBRrLo3ZJkACH05nxUP8cRG3IxqwQHCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVXopqca50PTlH6X1Vw85PY5UZtMB8GA1UdIwQY
MBaAFNiV+nDj9982EVHVU3nU2bhdrf09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUt
ZjQ1YjhkYmUyZjk3LzEvOVZlaW1weHJuUTlPVWZwZlZYRHprOWpsUm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUtZjQ1YjhkYmUyZjk3
LzEvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQGjMA0G
CSqGSIb3DQEBCwUAA4IBAQBkRQgIYMxxnQPhCgviMI+hvg99DaO7xvdtq4h/f8C4
W+8xvlsS9N4QtbspbbQDDdLIg1Wiw+gfYVOk4t8ODjN7n3tWFdeLy62Do4ICrH5D
Cjfhm2SOBBTzLUpXcIR79vDGjzfGc0JPkzZWmOhwPbtXdTcAgiZlMYe3GpT/3YRo
qz8AW3fnuqYwll/pc+Rst59qoUeznvj0NGGxowbZWubQ0F4WLN9rJOnPnhESCxWE
nNGnwzB1VyPxR1GLu5V7T+no8bJIDKRE6gkUyv5Vs0tYxkaulYiMv3mGJYeMFffW
lD9AkrrvfYUZ+ZS8er1lq5lfsrwHYl8w1ndh4Z6dlv4B
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:11:20 2024 by rpki-client on console-ams.rpki-client.org