Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa
File:                     AS55720.roa (raw, json)
Hash identifier:          TcRyukAaAIGheDaLXZ2GnyZ5Ej4AuBWNsgvFUfc4Z+Q=
Subject key identifier:   96:5A:65:53:7D:FE:05:84:AB:F4:F6:7F:22:A3:16:B8:72:57:B1:9E
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       67378A250AD4E549BB462B787AFF761FD1985A17
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa
Signing time:             Thu 10 Aug 2023 05:24:21 +0000
ROA not before:           Thu 10 Aug 2023 05:19:21 +0000
ROA not after:            Thu 08 Aug 2024 05:24:21 +0000
asID:                     55720
IP address blocks:        141.11.17.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:37:8a:25:0a:d4:e5:49:bb:46:2b:78:7a:ff:76:1f:d1:98:5a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Aug 10 05:19:21 2023 GMT
            Not After : Aug  8 05:24:21 2024 GMT
        Subject: CN=965A65537DFE0584ABF4F67F22A316B87257B19E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:73:ea:be:b6:6d:05:18:62:75:74:24:fe:ec:
                    0e:98:7c:34:d3:93:02:3a:33:7e:a5:fb:79:8e:ea:
                    e9:41:dd:aa:8e:66:f5:2d:f1:f6:f6:cd:cc:8a:b2:
                    99:bd:13:a7:32:60:ca:46:a7:be:45:43:eb:c5:34:
                    fa:d6:99:2c:a3:46:44:79:79:59:c6:b5:77:bf:8b:
                    e7:cf:0b:fe:99:af:58:2a:83:19:73:d2:fa:b9:5d:
                    a7:30:04:51:56:70:8c:23:ad:df:22:9d:90:db:64:
                    68:e7:ce:0e:24:17:41:51:6d:88:a9:69:18:4d:64:
                    82:c0:d8:88:5b:5e:80:84:0a:5a:4a:0a:ad:ec:96:
                    6f:a1:32:3b:6f:99:9c:2e:45:d3:66:57:a4:f0:e0:
                    72:62:61:50:50:bb:63:e3:0b:9c:a5:69:93:c6:20:
                    1c:9f:83:56:a2:c3:c7:02:74:8b:a4:ea:2f:60:26:
                    eb:aa:5f:2d:89:0a:d6:ef:fb:f3:51:55:29:e2:28:
                    df:fc:89:46:11:15:34:f5:36:9f:9f:08:a7:e6:c9:
                    9a:42:20:ab:d2:d0:47:05:eb:cc:61:ff:90:af:3d:
                    3b:9a:eb:e3:0d:d6:db:b8:23:02:16:d9:19:85:0e:
                    ca:70:52:83:f7:c2:7a:6e:7c:5b:c9:b6:e8:0c:ba:
                    a2:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:5A:65:53:7D:FE:05:84:AB:F4:F6:7F:22:A3:16:B8:72:57:B1:9E
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS55720.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:83:dc:86:dc:00:27:5f:bd:8f:bd:7c:a7:4d:02:f0:4b:8e:
         ef:c8:ba:1e:ca:31:78:2c:e9:87:bd:c2:a2:a8:cb:c0:73:3f:
         06:cd:bd:20:4e:3d:5f:c8:5d:a5:09:5b:de:45:53:55:82:e8:
         68:e4:05:40:e1:74:af:3a:06:72:37:04:a3:e8:5f:02:3a:1d:
         fb:7c:2e:1d:eb:00:b9:69:b3:d1:d9:06:36:13:b3:78:d5:ba:
         e3:46:e8:0c:70:0e:ef:5a:64:4c:c4:90:01:44:ba:e8:a1:6f:
         29:56:81:47:23:f4:61:3d:c1:76:ba:e0:13:51:5f:7a:e4:89:
         21:bf:9b:b7:c6:98:03:6b:f6:a8:65:1f:2a:d1:2e:3d:14:5e:
         eb:10:04:23:59:65:a2:c5:33:13:5c:2b:ab:66:50:11:e5:06:
         a8:f1:c0:58:2f:e3:56:de:c8:9f:35:9b:05:ac:78:12:35:1e:
         78:92:bc:e5:79:ed:2f:78:5f:f6:8e:59:07:48:c9:5a:c6:39:
         79:99:9c:6e:c1:8d:5d:3e:e0:03:3d:32:66:5a:39:fb:f4:d0:
         35:26:da:cb:d1:94:44:f7:ca:29:0a:cf:e0:30:09:dc:39:eb:
         53:f5:c4:78:d9:23:5a:5f:e6:50:3a:49:20:4b:82:06:75:fe:
         8e:f2:66:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZzeKJQrU5Um7Rit4ev92H9GYWhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA4MTAwNTE5MjFaFw0yNDA4MDgwNTI0MjFaMDMxMTAvBgNV
BAMTKDk2NUE2NTUzN0RGRTA1ODRBQkY0RjY3RjIyQTMxNkI4NzI1N0IxOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqc+q+tm0FGGJ1dCT+7A6YfDTT
kwI6M36l+3mO6ulB3aqOZvUt8fb2zcyKspm9E6cyYMpGp75FQ+vFNPrWmSyjRkR5
eVnGtXe/i+fPC/6Zr1gqgxlz0vq5XacwBFFWcIwjrd8inZDbZGjnzg4kF0FRbYip
aRhNZILA2IhbXoCEClpKCq3slm+hMjtvmZwuRdNmV6Tw4HJiYVBQu2PjC5ylaZPG
IByfg1aiw8cCdIuk6i9gJuuqXy2JCtbv+/NRVSniKN/8iUYRFTT1Np+fCKfmyZpC
IKvS0EcF68xh/5CvPTua6+MN1tu4IwIW2RmFDspwUoP3wnpufFvJtugMuqLLAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUllplU33+BYSr9PZ/IqMWuHJXsZ4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNTU3MjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCxEw
DQYJKoZIhvcNAQELBQADggEBADOD3IbcACdfvY+9fKdNAvBLju/Iuh7KMXgs6Ye9
wqKoy8BzPwbNvSBOPV/IXaUJW95FU1WC6GjkBUDhdK86BnI3BKPoXwI6Hft8Lh3r
ALlps9HZBjYTs3jVuuNG6AxwDu9aZEzEkAFEuuihbylWgUcj9GE9wXa64BNRX3rk
iSG/m7fGmANr9qhlHyrRLj0UXusQBCNZZaLFMxNcK6tmUBHlBqjxwFgv41beyJ81
mwWseBI1HniSvOV57S94X/aOWQdIyVrGOXmZnG7BjV0+4AM9MmZaOfv00DUm2svR
lET3yikKz+AwCdw561P1xHjZI1pf5lA6SSBLggZ1/o7yZhg=
-----END CERTIFICATE-----
Generated at Sun May 5 14:38:07 2024 by rpki-client on console-ams.rpki-client.org