Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/dJuSwKiZbJok10zLVuKCHHLu1UA.roa
File:                     dJuSwKiZbJok10zLVuKCHHLu1UA.roa (raw, json)
Hash identifier:          xZCS6cqG7yaNArASqZS61QkkKK1qjik9Rfsy182svMg=
Subject key identifier:   74:9B:92:C0:A8:99:6C:9A:24:D7:4C:CB:56:E2:82:1C:72:EE:D5:40
Certificate issuer:       /CN=e7c7ec8d780503db7cabcb141d6b991cd029a6a2
Certificate serial:       018CC3B69320F6331DF59AE56923DEC7B993
Authority key identifier: E7:C7:EC:8D:78:05:03:DB:7C:AB:CB:14:1D:6B:99:1C:D0:29:A6:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/58fsjXgFA9t8q8sUHWuZHNAppqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/dJuSwKiZbJok10zLVuKCHHLu1UA.roa
Signing time:             Mon 01 Jan 2024 06:29:31 +0000
ROA not before:           Mon 01 Jan 2024 06:29:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48774
IP address blocks:        194.59.182.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/58fsjXgFA9t8q8sUHWuZHNAppqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/58fsjXgFA9t8q8sUHWuZHNAppqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/58fsjXgFA9t8q8sUHWuZHNAppqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:93:20:f6:33:1d:f5:9a:e5:69:23:de:c7:b9:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7c7ec8d780503db7cabcb141d6b991cd029a6a2
        Validity
            Not Before: Jan  1 06:29:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=749b92c0a8996c9a24d74ccb56e2821c72eed540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c3:be:6e:91:63:04:59:6a:5e:74:d6:82:34:
                    ff:06:ba:08:09:ca:e9:f7:15:d1:35:b7:ca:ea:04:
                    d4:10:fb:a6:ce:08:57:c7:0a:e2:4d:d4:43:38:fc:
                    ea:6e:a1:e1:e4:49:f0:48:22:2e:40:39:f7:2c:66:
                    8f:b2:3b:e2:57:c5:bb:97:58:c1:85:55:7c:39:16:
                    06:cd:9a:44:98:0d:a6:4c:c7:dd:04:f2:32:e2:a7:
                    ca:4b:04:24:14:8e:30:0c:c5:cb:f2:d8:c1:4d:9a:
                    1e:59:81:6b:16:a7:c3:70:00:7b:86:5a:03:ce:b6:
                    d1:0f:8f:58:20:74:b3:cf:e0:74:1a:82:39:16:c1:
                    d5:12:5b:2e:e5:6a:28:ec:b9:30:2c:3b:89:8b:0f:
                    6c:25:46:b7:9d:c2:69:3f:80:38:77:3a:2c:6b:99:
                    be:9b:85:ff:31:d8:bb:5f:ed:6f:c2:2b:d2:c1:ff:
                    6c:fc:3f:4b:54:c8:b4:21:84:d4:2a:b3:a2:49:a5:
                    d5:61:97:49:ed:20:55:1e:41:ea:7a:eb:d1:80:83:
                    ed:c3:a3:da:b4:0e:3a:e9:b8:43:1f:ca:7b:f8:40:
                    b0:85:73:2e:a0:5c:0a:d5:01:77:8c:c9:44:46:1c:
                    0d:ae:e3:93:00:58:3d:40:46:74:65:c2:e2:4f:d2:
                    98:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:9B:92:C0:A8:99:6C:9A:24:D7:4C:CB:56:E2:82:1C:72:EE:D5:40
            X509v3 Authority Key Identifier:
                keyid:E7:C7:EC:8D:78:05:03:DB:7C:AB:CB:14:1D:6B:99:1C:D0:29:A6:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58fsjXgFA9t8q8sUHWuZHNAppqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/dJuSwKiZbJok10zLVuKCHHLu1UA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/674e76-4245-402d-9c51-d2d2aba28e80/1/58fsjXgFA9t8q8sUHWuZHNAppqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:19:b6:a8:a1:eb:19:c7:ba:d1:8f:7c:60:a4:1c:ee:2d:9a:
         13:ee:d1:ae:78:5b:f2:7c:5c:40:59:01:f9:8d:64:ab:31:e9:
         f7:34:1e:9e:a5:47:7a:9a:b1:34:d9:1e:f9:dc:cb:9b:0c:18:
         1b:4d:2a:7f:41:06:86:f7:6f:d9:d3:fe:46:a0:a6:f3:9d:49:
         7d:d9:9b:b4:c2:72:c0:82:cb:7e:70:3b:c0:c5:e9:b9:09:9e:
         d2:46:91:c0:04:4b:bc:19:00:42:f5:59:d4:07:dd:15:ef:dc:
         f7:89:c6:08:0a:ef:b3:47:0c:99:d1:f2:27:17:4d:67:47:15:
         8f:45:ec:c9:2b:a5:09:85:e1:b8:fa:3e:db:f1:27:ad:0b:7f:
         10:49:eb:ff:04:37:57:37:e4:32:dc:58:d0:30:5d:2e:34:bf:
         ee:5b:14:d1:c7:7e:c9:95:df:14:dd:a2:6b:3b:c9:5b:c5:1d:
         83:7f:4b:07:04:a2:5d:1d:62:40:5d:36:43:eb:42:47:33:41:
         26:a8:35:b6:33:9f:c4:67:a1:8f:55:4f:a6:89:e7:ec:51:a4:
         4d:be:aa:ac:53:49:7e:96:fc:4e:e9:c9:12:05:26:c8:88:71:
         8d:7d:09:9e:2a:85:a0:53:db:d0:b4:45:0b:3f:92:79:64:c6:
         cb:3a:db:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpMg9jMd9ZrlaSPex7mTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzdlYzhkNzgwNTAzZGI3Y2FiY2IxNDFkNmI5OTFjZDAy
OWE2YTIwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDliOTJjMGE4OTk2YzlhMjRkNzRjY2I1NmUyODIxYzcyZWVkNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucO+bpFjBFlqXnTWgjT/BroICcrp
9xXRNbfK6gTUEPumzghXxwriTdRDOPzqbqHh5EnwSCIuQDn3LGaPsjviV8W7l1jB
hVV8ORYGzZpEmA2mTMfdBPIy4qfKSwQkFI4wDMXL8tjBTZoeWYFrFqfDcAB7hloD
zrbRD49YIHSzz+B0GoI5FsHVElsu5Woo7LkwLDuJiw9sJUa3ncJpP4A4dzosa5m+
m4X/Mdi7X+1vwivSwf9s/D9LVMi0IYTUKrOiSaXVYZdJ7SBVHkHqeuvRgIPtw6Pa
tA466bhDH8p7+ECwhXMuoFwK1QF3jMlERhwNruOTAFg9QEZ0ZcLiT9KY3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSbksComWyaJNdMy1bighxy7tVAMB8GA1UdIwQY
MBaAFOfH7I14BQPbfKvLFB1rmRzQKaaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThmc2pYZ0ZBOXQ4cThzVUhXdVpITkFwcHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy82NzRlNzYtNDI0NS00MDJkLTljNTEt
ZDJkMmFiYTI4ZTgwLzEvZEp1U3dLaVpiSm9rMTB6TFZ1S0NISEx1MVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy82NzRlNzYtNDI0NS00MDJkLTljNTEtZDJkMmFiYTI4ZTgw
LzEvNThmc2pYZ0ZBOXQ4cThzVUhXdVpITkFwcHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwju2MA0G
CSqGSIb3DQEBCwUAA4IBAQCuGbaooesZx7rRj3xgpBzuLZoT7tGueFvyfFxAWQH5
jWSrMen3NB6epUd6mrE02R753MubDBgbTSp/QQaG92/Z0/5GoKbznUl92Zu0wnLA
gst+cDvAxem5CZ7SRpHABEu8GQBC9VnUB90V79z3icYICu+zRwyZ0fInF01nRxWP
RezJK6UJheG4+j7b8SetC38QSev/BDdXN+Qy3FjQMF0uNL/uWxTRx37Jld8U3aJr
O8lbxR2Df0sHBKJdHWJAXTZD60JHM0EmqDW2M5/EZ6GPVU+miefsUaRNvqqsU0l+
lvxO6ckSBSbIiHGNfQmeKoWgU9vQtEULP5J5ZMbLOtuH
-----END CERTIFICATE-----
Generated at Sun May 19 10:32:16 2024 by rpki-client on console-ams.rpki-client.org