Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140641.roa
File:                     AS140641.roa (raw, json)
Hash identifier:          xA5CTvnJQjdA4lZULd150X4U+ZPFB88P6dYxGWmOya4=
Subject key identifier:   D7:88:2C:CD:84:56:50:36:AD:F4:64:F1:33:E3:E4:57:3F:29:56:5F
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       1A40DEDF103D4A31E50B823B7083CF0E86F5AFF3
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140641.roa
Signing time:             Mon 27 May 2024 07:05:16 +0000
ROA not before:           Mon 27 May 2024 07:00:16 +0000
ROA not after:            Mon 26 May 2025 07:05:16 +0000
asID:                     140641
IP address blocks:        181.214.10.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:40:de:df:10:3d:4a:31:e5:0b:82:3b:70:83:cf:0e:86:f5:af:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: May 27 07:00:16 2024 GMT
            Not After : May 26 07:05:16 2025 GMT
        Subject: CN=D7882CCD84565036ADF464F133E3E4573F29565F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:33:a9:15:2c:12:20:64:c2:50:49:87:0d:81:
                    56:9b:6b:8c:7d:0f:64:cb:fb:77:99:a8:19:a9:68:
                    dd:63:45:ef:ef:51:ee:23:3a:e3:2f:d6:f1:5f:44:
                    37:66:ea:83:6b:f0:3b:36:82:eb:ee:59:80:77:ce:
                    90:70:a3:7d:12:19:c5:da:71:9e:82:cb:c6:62:eb:
                    4e:bb:fd:da:cc:f1:17:12:11:86:5d:b6:59:de:6a:
                    dd:9f:b5:87:12:a7:0d:58:72:e2:ea:18:2e:c8:c9:
                    37:a3:c3:3e:82:21:8f:ca:c3:9d:ae:fb:be:9f:30:
                    0b:5a:86:2e:77:5e:83:30:37:6e:d7:40:26:51:db:
                    a3:97:bd:9d:ff:08:30:9f:07:c8:0d:d0:e6:04:ea:
                    0c:6d:5d:cd:9a:91:38:3e:70:a5:25:e3:47:6e:32:
                    9a:37:ed:b3:86:64:cf:f5:bf:4e:35:37:86:35:08:
                    8e:49:8d:e1:6b:92:5b:6e:13:30:ac:68:20:bb:e8:
                    40:fa:1a:0a:af:51:4a:35:24:6c:63:87:7a:e1:8c:
                    33:e3:2a:cb:80:d3:eb:0c:f4:d3:ce:dc:8a:01:3c:
                    c9:ed:d3:3c:23:17:9f:4e:bd:8f:a9:23:73:09:db:
                    d8:76:71:e2:5a:42:53:17:f6:cb:c7:4d:59:c3:fc:
                    81:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:88:2C:CD:84:56:50:36:AD:F4:64:F1:33:E3:E4:57:3F:29:56:5F
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS140641.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.214.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:da:15:4b:2a:77:cc:8c:b3:3d:2c:42:93:fa:e7:bc:0a:20:
         c1:37:3e:ff:aa:cd:1f:90:94:c3:39:ef:dd:c9:50:ce:c7:a1:
         60:69:ea:dd:ff:be:82:36:16:e3:4c:07:51:4d:f6:76:8c:31:
         af:5c:fc:da:11:e5:2e:e0:4c:ac:81:a5:d7:69:53:a5:9f:be:
         72:bf:5f:1e:9b:4a:64:e7:aa:ce:bb:e5:14:b4:06:ad:82:1a:
         5e:64:fb:0f:85:ca:65:6f:41:56:a0:ce:c5:a3:e0:99:f1:ed:
         15:d6:e3:78:c3:60:50:1f:7e:38:59:07:3a:7e:06:61:81:9f:
         87:25:5c:c1:89:6c:6b:9c:81:a7:d9:b2:c5:77:1b:a0:73:be:
         d0:40:84:98:e9:80:6e:4a:81:53:d6:b2:75:81:73:88:4a:50:
         96:80:51:f6:84:7a:da:81:a2:cf:24:2c:c8:69:21:d7:f2:44:
         c5:e6:79:34:a4:0d:3f:2a:dd:87:b8:de:d7:20:3f:e4:cd:12:
         74:d4:e5:8d:9e:3e:09:ca:89:dc:c4:29:e9:a2:ed:9c:ef:57:
         5b:26:08:12:61:84:be:92:8d:6c:b2:12:99:34:e2:96:ce:b8:
         62:0e:37:cd:fc:91:2d:4f:02:4b:01:62:56:95:11:6f:ef:e3:
         b6:44:f7:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUGkDe3xA9SjHlC4I7cIPPDob1r/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MjcwNzAwMTZaFw0yNTA1MjYwNzA1MTZaMDMxMTAvBgNV
BAMTKEQ3ODgyQ0NEODQ1NjUwMzZBREY0NjRGMTMzRTNFNDU3M0YyOTU2NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXM6kVLBIgZMJQSYcNgVaba4x9
D2TL+3eZqBmpaN1jRe/vUe4jOuMv1vFfRDdm6oNr8Ds2guvuWYB3zpBwo30SGcXa
cZ6Cy8Zi6067/drM8RcSEYZdtlneat2ftYcSpw1YcuLqGC7IyTejwz6CIY/Kw52u
+76fMAtahi53XoMwN27XQCZR26OXvZ3/CDCfB8gN0OYE6gxtXc2akTg+cKUl40du
Mpo37bOGZM/1v041N4Y1CI5JjeFrkltuEzCsaCC76ED6GgqvUUo1JGxjh3rhjDPj
KsuA0+sM9NPO3IoBPMnt0zwjF59OvY+pI3MJ29h2ceJaQlMX9svHTVnD/IF/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU14gszYRWUDat9GTxM+PkVz8pVl8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQwNjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdYK
MA0GCSqGSIb3DQEBCwUAA4IBAQBL2hVLKnfMjLM9LEKT+ue8CiDBNz7/qs0fkJTD
Oe/dyVDOx6Fgaerd/76CNhbjTAdRTfZ2jDGvXPzaEeUu4EysgaXXaVOln75yv18e
m0pk56rOu+UUtAatghpeZPsPhcplb0FWoM7Fo+CZ8e0V1uN4w2BQH344WQc6fgZh
gZ+HJVzBiWxrnIGn2bLFdxugc77QQISY6YBuSoFT1rJ1gXOISlCWgFH2hHragaLP
JCzIaSHX8kTF5nk0pA0/Kt2HuN7XID/kzRJ01OWNnj4JyoncxCnpou2c71dbJggS
YYS+ko1sshKZNOKWzrhiDjfN/JEtTwJLAWJWlRFv7+O2RPd0
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:44:44 2024 by rpki-client on console-fra.rpki-client.org