Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS201364.roa
File:                     AS201364.roa (raw, json)
Hash identifier:          O5uUd5Z0AMWYn7ceuoX22xLOrlCU+KJZqmXOwij0m2M=
Subject key identifier:   21:B2:02:3A:08:F2:4A:3E:D8:CE:DD:0B:9E:FE:21:3C:64:09:85:07
Certificate issuer:       /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial:       0F923CDFE48457AC32385C13277A443E4B2DF6AF
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS201364.roa
Signing time:             Thu 30 Nov 2023 13:05:08 +0000
ROA not before:           Thu 30 Nov 2023 13:00:08 +0000
ROA not after:            Thu 28 Nov 2024 13:05:08 +0000
asID:                     201364
IP address blocks:        195.206.235.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:92:3c:df:e4:84:57:ac:32:38:5c:13:27:7a:44:3e:4b:2d:f6:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
        Validity
            Not Before: Nov 30 13:00:08 2023 GMT
            Not After : Nov 28 13:05:08 2024 GMT
        Subject: CN=21B2023A08F24A3ED8CEDD0B9EFE213C64098507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:91:42:32:cf:46:10:02:52:ad:f7:8b:05:c5:
                    8a:98:fc:62:f1:8c:b7:5d:41:24:ae:ab:3d:62:5c:
                    66:4b:ea:02:03:0d:80:fa:e8:14:da:38:48:f6:4c:
                    85:b1:b1:76:02:b3:8f:e3:35:f1:b6:3f:b1:90:31:
                    44:6a:d7:f7:9e:89:17:17:63:f4:b6:5f:7a:f7:1d:
                    d6:0c:98:47:37:71:5e:0a:ab:46:1f:17:0c:d0:07:
                    89:41:08:6e:05:ef:1d:40:eb:fd:08:7b:c1:69:2c:
                    8a:b9:ce:17:59:09:db:ef:64:17:10:ed:c1:8f:2a:
                    d6:13:ec:75:d0:70:d7:3c:1a:5c:2a:d0:c6:2b:6a:
                    09:05:d0:41:bb:62:15:d1:3e:07:66:14:77:80:c2:
                    6e:1d:1b:af:40:98:46:bb:c2:76:b9:06:37:9e:51:
                    63:b4:95:73:6e:31:fd:46:4b:5b:3e:aa:77:1b:db:
                    cb:29:1f:5d:76:e2:65:db:1d:e1:3a:d5:46:a1:4e:
                    39:ea:8b:7f:71:81:48:6c:25:21:84:30:df:8b:71:
                    c1:f1:fe:67:a3:de:b6:a8:8d:e9:d3:76:e2:a8:05:
                    ac:4b:e2:98:de:29:1e:7c:b9:37:d3:84:c5:7e:08:
                    c8:8d:38:7f:d4:9a:4c:df:82:41:54:d1:bf:3c:62:
                    d4:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:B2:02:3A:08:F2:4A:3E:D8:CE:DD:0B:9E:FE:21:3C:64:09:85:07
            X509v3 Authority Key Identifier:
                keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS201364.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.206.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:82:64:03:66:ed:67:eb:6b:6b:93:df:25:6e:b7:a7:da:cf:
         b4:55:af:15:13:f6:29:71:de:87:5e:64:f0:a5:3a:6d:00:5d:
         6d:cc:d5:47:0f:07:ca:b5:d8:42:60:f8:6b:96:fc:92:99:c9:
         b6:07:7d:83:35:dc:94:09:7f:4f:28:5e:46:16:e1:1d:d3:0b:
         1e:07:5f:1a:ca:30:41:cd:5c:45:9e:62:db:06:17:73:1c:da:
         bb:ad:28:fa:9a:9e:23:5f:43:48:c1:70:1a:fe:00:1c:29:c9:
         cf:cd:7b:7e:11:3f:e9:b2:28:69:2f:ec:a5:69:86:fb:ba:7b:
         b9:eb:34:e7:19:a3:d1:fb:f7:ba:f7:8f:a4:b8:bd:ab:2b:ea:
         61:b5:7e:54:23:56:ad:f7:ea:8b:c1:80:06:1d:75:3b:eb:2a:
         fb:b4:e3:95:66:e4:0e:22:81:97:37:a8:fb:47:60:75:82:7d:
         31:db:d2:e0:b8:61:e5:75:bc:06:49:30:39:7a:87:84:d4:a6:
         de:30:4e:13:92:a3:9e:30:e9:b2:dd:5a:81:fb:fd:4e:a6:7f:
         d4:4b:90:11:d7:07:b9:c2:fb:af:f7:f9:68:21:0e:bf:1a:9a:
         ba:78:e8:8d:8d:6b:a0:b4:58:8e:40:97:b0:4e:9e:dc:96:15:
         8d:a5:36:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUD5I83+SEV6wyOFwTJ3pEPkst9q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzExMzAxMzAwMDhaFw0yNDExMjgxMzA1MDhaMDMxMTAvBgNV
BAMTKDIxQjIwMjNBMDhGMjRBM0VEOENFREQwQjlFRkUyMTNDNjQwOTg1MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLkUIyz0YQAlKt94sFxYqY/GLx
jLddQSSuqz1iXGZL6gIDDYD66BTaOEj2TIWxsXYCs4/jNfG2P7GQMURq1/eeiRcX
Y/S2X3r3HdYMmEc3cV4Kq0YfFwzQB4lBCG4F7x1A6/0Ie8FpLIq5zhdZCdvvZBcQ
7cGPKtYT7HXQcNc8Glwq0MYragkF0EG7YhXRPgdmFHeAwm4dG69AmEa7wna5Bjee
UWO0lXNuMf1GS1s+qncb28spH1124mXbHeE61UahTjnqi39xgUhsJSGEMN+LccHx
/mej3raojenTduKoBaxL4pjeKR58uTfThMV+CMiNOH/UmkzfgkFU0b88YtR/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUIbICOgjySj7Yzt0Lnv4hPGQJhQcwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjAxMzY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw87r
MA0GCSqGSIb3DQEBCwUAA4IBAQBzgmQDZu1n62trk98lbren2s+0Va8VE/Ypcd6H
XmTwpTptAF1tzNVHDwfKtdhCYPhrlvySmcm2B32DNdyUCX9PKF5GFuEd0wseB18a
yjBBzVxFnmLbBhdzHNq7rSj6mp4jX0NIwXAa/gAcKcnPzXt+ET/psihpL+ylaYb7
unu56zTnGaPR+/e694+kuL2rK+phtX5UI1at9+qLwYAGHXU76yr7tOOVZuQOIoGX
N6j7R2B1gn0x29LguGHldbwGSTA5eoeE1KbeME4TkqOeMOmy3VqB+/1Opn/US5AR
1we5wvuv9/loIQ6/Gpq6eOiNjWugtFiOQJewTp7clhWNpTYn
-----END CERTIFICATE-----
Generated at Mon May 20 12:33:04 2024 by rpki-client on console-fra.rpki-client.org