Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS150452.roa
File:                     AS150452.roa (raw, json)
Hash identifier:          hQv9/mEot7cKTCCTDDc0FEV1p+K48+EDL9nxc+ulAYg=
Subject key identifier:   B0:21:2B:F4:07:2E:A4:76:67:EC:49:67:5A:E3:20:3D:2F:D0:F1:F2
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       01824AEC0CBC9D6938B76B41B877979B1051A339
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS150452.roa
Signing time:             Wed 06 Mar 2024 07:36:25 +0000
ROA not before:           Wed 06 Mar 2024 07:31:25 +0000
ROA not after:            Wed 05 Mar 2025 07:36:25 +0000
asID:                     150452
IP address blocks:        141.11.74.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:4a:ec:0c:bc:9d:69:38:b7:6b:41:b8:77:97:9b:10:51:a3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Mar  6 07:31:25 2024 GMT
            Not After : Mar  5 07:36:25 2025 GMT
        Subject: CN=B0212BF4072EA47667EC49675AE3203D2FD0F1F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2f:96:da:8f:75:01:39:00:c5:b1:54:d6:8a:
                    d1:c3:fb:77:18:9a:e8:46:0e:bc:a2:08:a3:d5:c3:
                    83:4a:ce:8d:30:4d:d3:be:03:3a:aa:87:34:af:35:
                    7f:93:2f:60:48:79:0f:fb:a3:74:7e:06:f0:3a:a5:
                    32:1b:dc:82:de:8c:3c:08:02:9e:a0:e8:09:72:c2:
                    90:38:4d:c7:c7:0e:99:3d:c9:9d:c2:9e:d5:16:e7:
                    e0:9c:16:08:12:f9:a6:9b:0a:b6:8d:4f:90:31:78:
                    3c:38:a1:9c:bb:a4:34:5a:22:bc:14:a4:d2:8e:16:
                    64:a0:d8:85:14:09:15:fc:1b:2b:0d:93:64:42:54:
                    b3:9b:50:23:84:d6:b9:95:bb:a2:4f:1c:c6:21:6a:
                    29:cf:18:90:c5:fd:91:1c:4d:63:ea:8a:c8:ae:89:
                    41:4a:7f:22:21:66:ac:f1:50:a6:af:29:a2:4f:96:
                    cf:4f:4b:94:17:72:32:b7:f3:b3:4e:2d:cb:ac:f7:
                    e0:60:97:e3:f5:57:00:f6:80:ef:9e:c9:31:95:29:
                    a3:3c:ce:b3:8f:cc:d4:a6:6c:ff:cc:c5:d9:01:85:
                    08:95:34:49:eb:2a:2e:d4:88:c1:6b:0c:1a:43:1a:
                    38:06:3a:94:29:88:96:06:09:6a:76:06:c9:d5:8f:
                    fd:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:21:2B:F4:07:2E:A4:76:67:EC:49:67:5A:E3:20:3D:2F:D0:F1:F2
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS150452.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.74.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:9f:c8:4a:86:79:f5:da:bd:67:6e:d5:5c:5a:71:fe:ca:31:
         dc:32:aa:80:43:56:9c:3a:47:e4:2b:f5:0b:c3:7d:a9:ad:08:
         59:86:00:ab:6c:d7:6e:44:a2:9f:c0:2c:0c:d4:0c:2a:c6:36:
         e2:48:27:8f:8a:9a:15:ca:4e:61:c0:5a:ea:53:19:7d:b2:9a:
         30:59:c6:3b:ba:9e:0f:59:68:23:b3:a4:f2:f8:4b:1d:de:cb:
         6e:15:4e:4e:0b:9c:ec:b4:64:92:8c:36:6e:c4:3f:75:2f:ab:
         0a:4d:85:d5:9d:9f:6d:52:c7:55:33:5f:2b:49:f4:40:e9:04:
         9c:6c:dd:b2:cf:bd:a3:e7:30:70:3c:e6:82:ec:1a:5e:64:3c:
         45:d0:fb:6c:dc:f7:f8:99:4d:cb:cb:b2:53:10:12:23:37:6c:
         42:ab:53:fd:e2:8d:4b:f1:8a:76:24:dd:45:13:69:29:07:33:
         e4:cc:2f:64:ec:5a:2a:24:5f:db:a8:f5:e0:13:32:e4:0a:fc:
         14:c4:9b:2b:40:e9:70:b9:96:51:d9:a3:92:d8:1b:83:96:79:
         77:17:48:c0:8e:c6:ae:ff:41:d0:62:3f:4b:f0:fb:00:59:cf:
         0a:c2:0e:b9:ac:30:45:bf:42:37:e7:92:a0:5a:be:fb:e4:aa:
         6d:bf:f7:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUAYJK7Ay8nWk4t2tBuHeXmxBRozkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAzMDYwNzMxMjVaFw0yNTAzMDUwNzM2MjVaMDMxMTAvBgNV
BAMTKEIwMjEyQkY0MDcyRUE0NzY2N0VDNDk2NzVBRTMyMDNEMkZEMEYxRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9L5baj3UBOQDFsVTWitHD+3cY
muhGDryiCKPVw4NKzo0wTdO+AzqqhzSvNX+TL2BIeQ/7o3R+BvA6pTIb3ILejDwI
Ap6g6AlywpA4TcfHDpk9yZ3CntUW5+CcFggS+aabCraNT5AxeDw4oZy7pDRaIrwU
pNKOFmSg2IUUCRX8GysNk2RCVLObUCOE1rmVu6JPHMYhainPGJDF/ZEcTWPqisiu
iUFKfyIhZqzxUKavKaJPls9PS5QXcjK387NOLcus9+Bgl+P1VwD2gO+eyTGVKaM8
zrOPzNSmbP/MxdkBhQiVNEnrKi7UiMFrDBpDGjgGOpQpiJYGCWp2BsnVj/0TAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUsCEr9AcupHZn7ElnWuMgPS/Q8fIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTUwNDUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjQtK
MA0GCSqGSIb3DQEBCwUAA4IBAQCJn8hKhnn12r1nbtVcWnH+yjHcMqqAQ1acOkfk
K/ULw32prQhZhgCrbNduRKKfwCwM1AwqxjbiSCePipoVyk5hwFrqUxl9spowWcY7
up4PWWgjs6Ty+Esd3stuFU5OC5zstGSSjDZuxD91L6sKTYXVnZ9tUsdVM18rSfRA
6QScbN2yz72j5zBwPOaC7BpeZDxF0Pts3Pf4mU3Ly7JTEBIjN2xCq1P94o1L8Yp2
JN1FE2kpBzPkzC9k7FoqJF/bqPXgEzLkCvwUxJsrQOlwuZZR2aOS2BuDlnl3F0jA
jsau/0HQYj9L8PsAWc8Kwg65rDBFv0I355KgWr775Kptv/cL
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org