Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58061.roa
File:                     AS58061.roa (raw, json)
Hash identifier:          qVTMAqGBngJM9vLuKyebObBBCv8RCv1ueOiD8Bj/1Gg=
Subject key identifier:   F1:92:CB:06:C1:A9:E4:AE:B3:66:97:78:FD:40:AD:4F:51:E8:5B:82
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       73A85E496297A81EA546146DF40D2EEDCE1E516A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58061.roa
Signing time:             Mon 06 May 2024 14:15:12 +0000
ROA not before:           Mon 06 May 2024 14:10:12 +0000
ROA not after:            Mon 05 May 2025 14:15:12 +0000
asID:                     58061
IP address blocks:        147.79.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:a8:5e:49:62:97:a8:1e:a5:46:14:6d:f4:0d:2e:ed:ce:1e:51:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: May  6 14:10:12 2024 GMT
            Not After : May  5 14:15:12 2025 GMT
        Subject: CN=F192CB06C1A9E4AEB3669778FD40AD4F51E85B82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d8:b3:55:92:8a:41:f4:a4:8d:29:32:76:05:
                    ae:9d:57:36:56:71:93:df:2d:89:8f:b6:5a:6b:2d:
                    75:82:30:46:fe:b4:b7:44:f1:09:fd:97:cc:77:28:
                    64:29:d2:af:9d:9c:1d:16:9a:fd:64:80:d9:0c:ab:
                    34:49:dd:d6:8a:03:6e:aa:74:e6:e8:f7:56:21:61:
                    1b:f4:7f:51:7b:6c:04:81:a2:21:16:a1:bf:ca:41:
                    c8:07:79:6d:27:51:d2:24:84:bd:bc:b9:ff:7b:fb:
                    49:15:3d:5e:2d:32:7e:10:c6:19:73:e5:a5:c4:e5:
                    3a:58:2a:63:6e:5f:68:22:15:2d:be:4c:53:16:8d:
                    b7:2a:be:6c:e3:ae:60:5f:03:c0:eb:a2:52:d2:95:
                    a6:df:48:43:49:f0:4b:42:b1:7b:37:c0:95:d6:03:
                    92:01:fd:35:ed:cb:04:79:24:66:6e:07:24:9a:68:
                    e9:0f:d8:c5:8b:b2:79:1d:62:a4:4a:84:18:07:e4:
                    12:49:d7:8a:cd:9b:cb:18:48:9e:7e:47:1b:bc:c1:
                    6c:0b:a3:d0:76:c7:a3:20:17:09:6e:b2:93:a4:3b:
                    13:ba:ac:f6:ad:7f:d1:5c:2e:64:f4:97:0c:18:9f:
                    a7:03:e6:12:28:fa:67:4f:a0:34:bb:df:08:fe:15:
                    63:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:92:CB:06:C1:A9:E4:AE:B3:66:97:78:FD:40:AD:4F:51:E8:5B:82
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS58061.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:f2:74:9d:bb:17:d7:dd:c9:51:61:0e:4b:2a:48:66:36:f7:
         55:07:80:d5:b6:c8:16:c1:ac:2b:04:3c:46:cc:0e:70:83:2a:
         5a:7d:9a:25:2f:00:7e:f5:45:a3:09:fd:72:72:8d:d3:33:cb:
         13:bc:70:d3:62:01:dd:1e:7b:20:85:07:b6:6c:bd:d7:04:23:
         41:8b:3e:e6:1b:6d:37:02:36:09:4f:f2:0d:c7:bf:5c:c5:71:
         75:87:1f:6a:62:d6:87:c1:0c:e6:c0:5b:f9:2b:41:cc:9b:cc:
         9a:ba:c8:f7:4f:9e:75:fc:b8:dd:3d:2c:e4:d0:35:fb:b4:1a:
         7c:48:c0:7a:de:81:c1:7d:76:21:4f:4a:59:42:de:83:09:fc:
         e7:95:0d:7b:da:a1:cd:89:9c:71:2c:85:37:08:3b:b7:cc:49:
         e0:4f:5a:84:d5:0e:ac:84:ef:92:4c:97:7a:c2:eb:90:41:e0:
         7a:c0:20:8f:13:54:86:b6:7f:76:0a:b4:7c:e9:ad:55:89:11:
         9e:18:22:93:a5:4b:07:1e:c0:97:bd:45:42:42:19:f8:88:81:
         56:2a:87:bc:62:5c:36:a1:f5:95:21:35:99:19:5d:21:40:32:
         85:c1:55:98:b3:54:f2:ee:b1:cf:dc:35:5a:8a:d3:06:c9:43:
         14:d5:61:6c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUc6heSWKXqB6lRhRt9A0u7c4eUWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA1MDYxNDEwMTJaFw0yNTA1MDUxNDE1MTJaMDMxMTAvBgNV
BAMTKEYxOTJDQjA2QzFBOUU0QUVCMzY2OTc3OEZENDBBRDRGNTFFODVCODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2LNVkopB9KSNKTJ2Ba6dVzZW
cZPfLYmPtlprLXWCMEb+tLdE8Qn9l8x3KGQp0q+dnB0Wmv1kgNkMqzRJ3daKA26q
dObo91YhYRv0f1F7bASBoiEWob/KQcgHeW0nUdIkhL28uf97+0kVPV4tMn4Qxhlz
5aXE5TpYKmNuX2giFS2+TFMWjbcqvmzjrmBfA8DrolLSlabfSENJ8EtCsXs3wJXW
A5IB/TXtywR5JGZuBySaaOkP2MWLsnkdYqRKhBgH5BJJ14rNm8sYSJ5+Rxu8wWwL
o9B2x6MgFwluspOkOxO6rPatf9FcLmT0lwwYn6cD5hIo+mdPoDS73wj+FWOHAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU8ZLLBsGp5K6zZpd4/UCtT1HoW4IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTgwNjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTTwEw
DQYJKoZIhvcNAQELBQADggEBACbydJ27F9fdyVFhDksqSGY291UHgNW2yBbBrCsE
PEbMDnCDKlp9miUvAH71RaMJ/XJyjdMzyxO8cNNiAd0eeyCFB7ZsvdcEI0GLPuYb
bTcCNglP8g3Hv1zFcXWHH2pi1ofBDObAW/krQcybzJq6yPdPnnX8uN09LOTQNfu0
GnxIwHregcF9diFPSllC3oMJ/OeVDXvaoc2JnHEshTcIO7fMSeBPWoTVDqyE75JM
l3rC65BB4HrAII8TVIa2f3YKtHzprVWJEZ4YIpOlSwcewJe9RUJCGfiIgVYqh7xi
XDah9ZUhNZkZXSFAMoXBVZizVPLusc/cNVqK0wbJQxTVYWw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org