Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272962.roa
File:                     AS272962.roa (raw, json)
Hash identifier:          JeNVgs4+jnFNRY0ET8l8XijzTZMLxz8Ja77cEL9YNXk=
Subject key identifier:   2B:A9:22:38:9B:58:B6:E7:11:B2:9F:82:48:60:43:88:96:2A:22:4C
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       4670D0A0005D914D6F975D11D921BA41B85FA759
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272962.roa
Signing time:             Tue 07 Nov 2023 18:26:16 +0000
ROA not before:           Tue 07 Nov 2023 18:21:16 +0000
ROA not after:            Tue 05 Nov 2024 18:26:16 +0000
asID:                     272962
IP address blocks:        191.101.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 11 May 2024 04:39:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:70:d0:a0:00:5d:91:4d:6f:97:5d:11:d9:21:ba:41:b8:5f:a7:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Nov  7 18:21:16 2023 GMT
            Not After : Nov  5 18:26:16 2024 GMT
        Subject: CN=2BA922389B58B6E711B29F8248604388962A224C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:5e:ba:ee:a5:9a:b6:0e:61:83:1b:39:a4:70:
                    46:e1:4f:15:f8:a5:9c:43:e4:ee:3b:48:52:a5:8c:
                    af:eb:d0:44:90:9f:a0:61:94:07:f4:a1:29:99:aa:
                    46:6d:91:dc:7b:af:8f:84:7d:40:ec:ec:6c:64:2f:
                    fe:be:84:57:65:68:a3:c3:eb:ed:3a:8f:f1:92:d6:
                    e8:f0:c7:d6:6d:91:fb:22:45:49:36:bd:03:ac:11:
                    86:a1:0b:89:26:9c:ca:66:66:f1:80:60:5a:1a:4e:
                    a8:2f:a3:c8:3e:28:dd:6f:be:ce:f5:67:7a:c9:ee:
                    2a:03:26:92:82:1d:8f:13:23:5e:eb:f6:06:01:81:
                    42:80:9d:00:14:a7:5e:80:d8:42:b5:d8:ee:ca:58:
                    9c:b0:a3:fa:77:56:13:05:77:9a:2f:0e:ac:eb:3f:
                    37:1b:54:94:38:f7:b8:7e:1e:71:5b:27:30:61:46:
                    ee:91:a2:4b:8f:19:5e:3b:ab:42:4e:12:b7:fa:b6:
                    1b:aa:3c:23:9e:83:2c:99:6a:d7:fc:89:3d:04:94:
                    a5:8c:ae:06:e8:1f:4c:8e:ff:ea:d3:95:92:78:d0:
                    48:c9:00:b6:2f:24:6a:4d:3a:a1:5a:ef:39:df:7a:
                    6a:ed:e0:7c:2d:74:ce:70:09:7b:3e:3f:13:37:82:
                    31:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:A9:22:38:9B:58:B6:E7:11:B2:9F:82:48:60:43:88:96:2A:22:4C
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS272962.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.101.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:bf:18:db:51:81:d6:30:f0:90:6e:1d:bf:52:2b:18:e6:1b:
         2d:ef:95:4f:2d:a1:d6:29:43:5e:b9:70:a5:5c:4e:0a:9d:c7:
         7e:df:da:8a:69:1d:c1:9d:85:c2:a7:f3:74:4e:b8:70:a9:e7:
         05:0a:65:db:1f:36:f1:e1:19:33:7e:8b:ae:89:9d:0b:e9:19:
         03:1f:b1:7a:fc:27:b5:cc:6d:99:81:cc:33:8d:d7:36:c5:d6:
         79:e8:f1:e3:59:72:28:e5:97:8f:5b:d1:b7:67:d3:3e:f4:1b:
         ba:89:3d:73:c9:2f:c2:3a:86:f7:8d:bd:1b:c1:28:ee:8f:d2:
         bb:c1:19:34:34:20:cf:54:ca:79:19:5a:de:32:7d:9c:15:89:
         21:44:44:7f:14:97:79:3e:24:c4:83:32:bb:aa:11:f0:ec:e5:
         e2:43:a9:58:a6:24:4a:47:85:a2:dc:5f:49:f2:96:05:7f:2b:
         c5:c6:37:6c:5a:67:1b:6e:65:e6:97:7d:fd:cc:45:20:dc:bf:
         eb:ef:7d:24:f9:88:dc:8d:92:8b:7a:7a:b1:d6:d9:03:4c:71:
         8f:73:dd:36:b2:11:f9:10:74:ec:dd:41:47:2b:ee:58:97:a9:
         c3:62:fa:ab:1a:c7:9e:4a:42:e3:e0:56:e6:6e:ae:cc:5a:78:
         11:ad:e2:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURnDQoABdkU1vl10R2SG6Qbhfp1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMDcxODIxMTZaFw0yNDExMDUxODI2MTZaMDMxMTAvBgNV
BAMTKDJCQTkyMjM4OUI1OEI2RTcxMUIyOUY4MjQ4NjA0Mzg4OTYyQTIyNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrXrrupZq2DmGDGzmkcEbhTxX4
pZxD5O47SFKljK/r0ESQn6BhlAf0oSmZqkZtkdx7r4+EfUDs7GxkL/6+hFdlaKPD
6+06j/GS1ujwx9ZtkfsiRUk2vQOsEYahC4kmnMpmZvGAYFoaTqgvo8g+KN1vvs71
Z3rJ7ioDJpKCHY8TI17r9gYBgUKAnQAUp16A2EK12O7KWJywo/p3VhMFd5ovDqzr
PzcbVJQ497h+HnFbJzBhRu6RokuPGV47q0JOErf6thuqPCOegyyZatf8iT0ElKWM
rgboH0yO/+rTlZJ40EjJALYvJGpNOqFa7znfemrt4HwtdM5wCXs+PxM3gjEpAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUK6kiOJtYtucRsp+CSGBDiJYqIkwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcyOTYyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2U/
MA0GCSqGSIb3DQEBCwUAA4IBAQAMvxjbUYHWMPCQbh2/UisY5hst75VPLaHWKUNe
uXClXE4Kncd+39qKaR3BnYXCp/N0TrhwqecFCmXbHzbx4RkzfouuiZ0L6RkDH7F6
/Ce1zG2Zgcwzjdc2xdZ56PHjWXIo5ZePW9G3Z9M+9Bu6iT1zyS/COob3jb0bwSju
j9K7wRk0NCDPVMp5GVreMn2cFYkhRER/FJd5PiTEgzK7qhHw7OXiQ6lYpiRKR4Wi
3F9J8pYFfyvFxjdsWmcbbmXml339zEUg3L/r730k+YjcjZKLenqx1tkDTHGPc902
shH5EHTs3UFHK+5Yl6nDYvqrGseeSkLj4Fbmbq7MWngRreIx
-----END CERTIFICATE-----
Generated at Fri May 10 08:14:32 2024 by rpki-client on console-ams.rpki-client.org