Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS47952.roa
File:                     AS47952.roa (raw, json)
Hash identifier:          t/L++mEiyha75VUv30PFxWyK1u39wgtapNGrpZoCe+g=
Subject key identifier:   2D:41:17:47:D9:BE:A5:F4:05:52:24:75:E9:BD:F3:D4:B8:DA:84:0F
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       67BAA8CA0A0521BD0DAA88C90130FD85001BD3A8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS47952.roa
Signing time:             Thu 05 Sep 2024 05:03:23 +0000
ROA not before:           Thu 05 Sep 2024 04:58:23 +0000
ROA not after:            Thu 04 Sep 2025 05:03:23 +0000
asID:                     47952
IP address blocks:        92.112.93.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:ba:a8:ca:0a:05:21:bd:0d:aa:88:c9:01:30:fd:85:00:1b:d3:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Sep  5 04:58:23 2024 GMT
            Not After : Sep  4 05:03:23 2025 GMT
        Subject: CN=2D411747D9BEA5F405522475E9BDF3D4B8DA840F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:10:3b:7d:f7:57:19:f2:5e:24:dd:ea:91:6b:
                    65:d9:11:4f:91:f6:33:98:62:ca:91:81:06:e8:cb:
                    2d:4f:a3:01:1f:5a:83:af:8a:be:e5:c2:05:76:0c:
                    0b:b0:b6:c7:5b:0c:c3:ae:0d:a7:2e:69:b5:24:dc:
                    68:e0:7d:89:e4:21:4a:c8:0d:f2:e0:8d:8e:e4:ef:
                    17:66:9d:74:39:f4:54:2c:dd:dd:a6:c8:a2:21:8c:
                    2b:ed:6f:7f:33:44:11:ff:f6:3e:b8:45:08:41:cc:
                    6b:54:ad:f9:37:7d:19:08:72:8b:09:70:23:3f:94:
                    47:0c:38:11:d5:de:67:58:91:f1:6d:b7:16:43:8b:
                    98:04:34:ae:ba:1a:8d:ba:55:f8:82:45:29:c4:c3:
                    d2:60:6e:17:47:5b:74:bb:66:b8:3d:f6:92:0d:9b:
                    32:06:78:11:4f:99:83:4c:aa:d8:a4:11:d5:ad:8e:
                    12:31:6b:6a:4a:49:13:a5:3f:37:15:dc:95:30:8f:
                    ec:a8:a1:31:91:dd:bb:c9:ee:9a:35:78:d9:ce:56:
                    cb:83:a5:57:4a:64:21:60:b8:74:ed:22:50:cb:90:
                    7c:11:78:49:15:60:01:ff:7e:1d:37:4b:03:b1:db:
                    2b:b6:cb:1a:a5:a5:40:9a:59:9e:81:ab:a4:cb:22:
                    00:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:41:17:47:D9:BE:A5:F4:05:52:24:75:E9:BD:F3:D4:B8:DA:84:0F
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS47952.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.112.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:8f:98:ae:ab:83:4f:c3:33:03:71:ee:db:36:b9:ea:70:69:
         b7:1c:96:f6:ca:42:6c:de:68:13:7e:8a:f2:28:b2:62:95:2a:
         47:b1:8d:e3:7e:71:7e:c1:3b:be:84:56:cc:16:2f:c3:dc:ce:
         33:ad:9d:88:45:2a:7e:ee:e6:d3:e6:22:c7:1e:79:53:1e:ca:
         02:fd:7f:4a:ee:8f:7e:7c:7b:aa:89:1b:47:2a:0b:87:93:9b:
         46:b4:f5:ef:53:c3:73:27:0a:97:3a:01:a7:ca:a6:29:a4:c6:
         2e:c8:1b:2d:58:85:78:a7:5e:19:3d:4a:48:7a:1a:83:ce:d4:
         4c:11:d2:f9:35:85:5e:d2:bb:ae:ba:bf:8b:38:8c:41:eb:74:
         59:aa:28:d9:6e:22:f1:96:7e:a1:77:d3:49:bb:e0:e3:f7:3b:
         ea:1f:9c:c0:05:46:51:be:e9:05:0c:57:f1:19:ab:98:2e:21:
         1d:10:8c:53:fd:e2:a7:26:5f:19:d4:70:57:55:50:ba:ff:6f:
         a7:cc:62:de:24:65:bf:81:bb:73:f6:9f:e2:32:cb:83:e0:0f:
         92:c1:d7:ad:42:0e:7e:4c:bc:e0:1f:e0:54:55:25:9c:13:73:
         8e:38:18:96:b3:50:2a:f9:87:74:fa:dc:a4:8b:3d:e4:2d:87:
         7f:e8:35:67
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZ7qoygoFIb0NqojJATD9hQAb06gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA5MDUwNDU4MjNaFw0yNTA5MDQwNTAzMjNaMDMxMTAvBgNV
BAMTKDJENDExNzQ3RDlCRUE1RjQwNTUyMjQ3NUU5QkRGM0Q0QjhEQTg0MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhEDt991cZ8l4k3eqRa2XZEU+R
9jOYYsqRgQboyy1PowEfWoOvir7lwgV2DAuwtsdbDMOuDacuabUk3GjgfYnkIUrI
DfLgjY7k7xdmnXQ59FQs3d2myKIhjCvtb38zRBH/9j64RQhBzGtUrfk3fRkIcosJ
cCM/lEcMOBHV3mdYkfFttxZDi5gENK66Go26VfiCRSnEw9JgbhdHW3S7Zrg99pIN
mzIGeBFPmYNMqtikEdWtjhIxa2pKSROlPzcV3JUwj+yooTGR3bvJ7po1eNnOVsuD
pVdKZCFguHTtIlDLkHwReEkVYAH/fh03SwOx2yu2yxqlpUCaWZ6Bq6TLIgA7AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQULUEXR9m+pfQFUiR16b3z1LjahA8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDc5NTIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABccF0w
DQYJKoZIhvcNAQELBQADggEBABCPmK6rg0/DMwNx7ts2uepwabcclvbKQmzeaBN+
ivIosmKVKkexjeN+cX7BO76EVswWL8PczjOtnYhFKn7u5tPmIsceeVMeygL9f0ru
j358e6qJG0cqC4eTm0a09e9Tw3MnCpc6AafKpimkxi7IGy1YhXinXhk9Skh6GoPO
1EwR0vk1hV7Su666v4s4jEHrdFmqKNluIvGWfqF300m74OP3O+ofnMAFRlG+6QUM
V/EZq5guIR0QjFP94qcmXxnUcFdVULr/b6fMYt4kZb+Bu3P2n+Iyy4PgD5LB161C
Dn5MvOAf4FRVJZwTc444GJazUCr5h3T63KSLPeQth3/oNWc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:42 2024 by rpki-client on console-ams.rpki-client.org