Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/FesQviuTq5lxmgijIXVoIQJJFzc.roa
File:                     FesQviuTq5lxmgijIXVoIQJJFzc.roa (raw, json)
Hash identifier:          mtdxJinhzFzHnyhqfZqHkDnHkZcq6ajYGgGOSgknSVw=
Subject key identifier:   15:EB:10:BE:2B:93:AB:99:71:9A:08:A3:21:75:68:21:02:49:17:37
Certificate issuer:       /CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
Certificate serial:       018CC8DE09D6E95427D21FCDAB08F617A1D0
Authority key identifier: 20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/FesQviuTq5lxmgijIXVoIQJJFzc.roa
Signing time:             Tue 02 Jan 2024 06:30:43 +0000
ROA not before:           Tue 02 Jan 2024 06:30:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209784
IP address blocks:        45.148.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 27 Jun 2024 03:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:09:d6:e9:54:27:d2:1f:cd:ab:08:f6:17:a1:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
        Validity
            Not Before: Jan  2 06:30:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=15eb10be2b93ab99719a08a32175682102491737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:be:df:92:31:11:12:76:fd:fa:27:02:a8:c5:
                    97:12:6a:01:df:91:dd:b6:f6:5f:14:45:10:06:07:
                    99:1d:42:a6:7b:3c:80:61:2f:16:ec:d8:0c:ac:ee:
                    11:71:5a:4c:32:1e:c0:3c:c8:fb:c0:13:cb:50:ab:
                    dd:36:c0:d7:05:ca:35:55:05:44:fb:ea:9a:36:cf:
                    3d:0e:2e:bc:ca:3d:d7:f0:6c:7e:5a:46:05:16:3a:
                    0a:f3:72:7b:44:4a:1d:35:87:8d:b9:86:76:28:9e:
                    a4:d4:38:ef:22:d4:c3:55:df:c2:77:7e:2e:65:59:
                    3f:ba:56:b5:04:7a:f4:83:d5:c0:71:6e:55:1b:7e:
                    ee:dd:6b:1b:8a:48:e4:e6:57:01:69:5c:62:c5:d7:
                    f6:ba:d6:5f:ad:68:c9:ee:34:ef:69:52:44:d0:e5:
                    f8:54:ef:ac:12:0a:16:9c:5b:1c:da:7e:c0:b4:06:
                    85:a9:80:e3:77:f9:e9:4f:68:e1:92:74:a9:68:b1:
                    b2:24:fb:e9:1e:35:3d:ca:65:45:9d:f0:57:98:be:
                    70:c2:14:f1:86:08:69:cc:21:60:f3:37:61:49:00:
                    de:c7:a3:d3:51:b8:97:d6:1a:11:88:77:2c:05:e0:
                    22:61:bd:db:12:2d:14:89:32:ac:d5:7b:72:a7:fa:
                    e6:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:EB:10:BE:2B:93:AB:99:71:9A:08:A3:21:75:68:21:02:49:17:37
            X509v3 Authority Key Identifier:
                keyid:20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/FesQviuTq5lxmgijIXVoIQJJFzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:83:6c:3f:5f:2c:0b:d0:3d:b1:ba:54:b8:c4:a9:f2:46:d0:
         7d:06:06:dc:85:f9:f2:a6:ac:ac:42:1b:59:6d:cc:47:48:23:
         bb:c7:63:57:46:9f:c0:38:78:67:a4:4b:d3:5d:2e:55:bb:21:
         a3:02:1b:2a:82:77:e7:c6:86:54:1d:e6:4f:d4:e2:3a:b0:3c:
         81:a8:37:ff:61:10:9a:3f:3b:b3:80:b7:b1:fb:c8:1f:c8:63:
         8e:42:c7:2f:33:3a:95:b9:a8:50:18:c7:28:87:8f:57:29:26:
         c4:79:03:e7:ea:70:f3:bb:0c:44:6c:01:7a:ea:0d:81:85:41:
         bc:8b:68:c2:c7:cc:ca:a0:45:dc:a9:de:50:8a:53:d2:70:80:
         e4:86:f2:1e:1b:46:f9:45:9b:82:6d:9f:5c:03:6f:10:bc:f2:
         29:cc:53:06:ea:65:f5:3d:69:a7:78:2c:23:3a:b6:f5:fa:bd:
         da:e1:7c:ce:20:78:38:f9:09:25:6b:bc:e9:4b:06:d3:0d:6b:
         92:dd:7b:b9:7f:32:f0:01:e0:82:d1:36:89:8f:8f:84:7f:0a:
         8f:83:cd:88:eb:24:f3:51:f1:63:50:93:0e:13:ab:db:e1:23:
         7c:57:ec:96:58:01:f8:f0:c3:91:64:b0:42:a6:3f:9e:07:a7:
         61:94:2b:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3gnW6VQn0h/Nqwj2F6HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNzhiYWVlNmI2ZWM1NDI1YTE2YjFmYzAwYzUyYzMwZWQ5
NWEzZjAwHhcNMjQwMTAyMDYzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWViMTBiZTJiOTNhYjk5NzE5YTA4YTMyMTc1NjgyMTAyNDkxNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm77fkjEREnb9+icCqMWXEmoB35Hd
tvZfFEUQBgeZHUKmezyAYS8W7NgMrO4RcVpMMh7APMj7wBPLUKvdNsDXBco1VQVE
++qaNs89Di68yj3X8Gx+WkYFFjoK83J7REodNYeNuYZ2KJ6k1DjvItTDVd/Cd34u
ZVk/ula1BHr0g9XAcW5VG37u3Wsbikjk5lcBaVxixdf2utZfrWjJ7jTvaVJE0OX4
VO+sEgoWnFsc2n7AtAaFqYDjd/npT2jhknSpaLGyJPvpHjU9ymVFnfBXmL5wwhTx
hghpzCFg8zdhSQDex6PTUbiX1hoRiHcsBeAiYb3bEi0UiTKs1Xtyp/rmiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBXrEL4rk6uZcZoIoyF1aCECSRc3MB8GA1UdIwQY
MBaAFCB4uu5rbsVCWhax/ADFLDDtlaPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUhpNjdtdHV4VUphRnJIOEFNVXNNTzJWb19BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMTgyYmMtYmMzMi00ZTJmLWJhZDct
Y2E1MWZiNDA4OTAxLzEvRmVzUXZpdVRxNWx4bWdpaklYVm9JUUpKRnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iMTgyYmMtYmMzMi00ZTJmLWJhZDctY2E1MWZiNDA4OTAx
LzEvSUhpNjdtdHV4VUphRnJIOEFNVXNNTzJWb19BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZTTMA0G
CSqGSIb3DQEBCwUAA4IBAQBTg2w/XywL0D2xulS4xKnyRtB9BgbchfnypqysQhtZ
bcxHSCO7x2NXRp/AOHhnpEvTXS5VuyGjAhsqgnfnxoZUHeZP1OI6sDyBqDf/YRCa
PzuzgLex+8gfyGOOQscvMzqVuahQGMcoh49XKSbEeQPn6nDzuwxEbAF66g2BhUG8
i2jCx8zKoEXcqd5QilPScIDkhvIeG0b5RZuCbZ9cA28QvPIpzFMG6mX1PWmneCwj
Orb1+r3a4XzOIHg4+Qkla7zpSwbTDWuS3Xu5fzLwAeCC0TaJj4+EfwqPg82I6yTz
UfFjUJMOE6vb4SN8V+yWWAH48MORZLBCpj+eB6dhlCsn
-----END CERTIFICATE-----
Generated at Wed Jun 26 14:04:51 2024 by rpki-client on console-ams.rpki-client.org