Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/80xPPiCn62YIsvEAwvsRRSKdt80.roa
File:                     80xPPiCn62YIsvEAwvsRRSKdt80.roa (raw, json)
Hash identifier:          H5kGV/FcVfW52Zij9PwE70joDby6deJpbZ1Pbq50RqQ=
Subject key identifier:   F3:4C:4F:3E:20:A7:EB:66:08:B2:F1:00:C2:FB:11:45:22:9D:B7:CD
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018CE7BCF0DEBC7AB00B144A2E682E359DB8
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/80xPPiCn62YIsvEAwvsRRSKdt80.roa
Signing time:             Mon 08 Jan 2024 06:22:48 +0000
ROA not before:           Mon 08 Jan 2024 06:22:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     141718
IP address blocks:        213.176.3.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 08:39:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e7:bc:f0:de:bc:7a:b0:0b:14:4a:2e:68:2e:35:9d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Jan  8 06:22:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f34c4f3e20a7eb6608b2f100c2fb1145229db7cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:f6:2d:da:d6:fe:da:33:db:3a:13:3b:c4:c2:
                    6d:4b:f6:dc:a9:2c:89:d3:be:86:04:10:64:8f:07:
                    47:ba:fa:7c:ff:dd:97:8d:19:4c:9e:30:27:f4:46:
                    a4:95:38:86:dd:28:81:0c:e5:3f:26:c5:a1:3f:d3:
                    e7:eb:4a:8e:d4:23:8a:3e:3b:4b:98:5d:67:64:da:
                    5b:5e:f8:10:ad:6c:6c:8f:ea:a0:05:ac:fa:81:fb:
                    05:f2:64:71:75:8f:44:e7:8d:44:5a:3b:8c:7b:4d:
                    cd:08:30:77:1b:18:25:95:6b:9f:17:a1:61:f2:9d:
                    fb:92:e4:54:91:bd:46:cb:6d:9e:55:db:58:45:ed:
                    8b:0b:41:96:be:56:21:1e:e6:01:bd:28:d0:34:89:
                    00:d1:0b:36:54:11:90:94:9f:95:ab:a5:3b:5c:96:
                    03:df:97:bf:ef:d5:4d:b6:d5:bf:34:68:ba:29:6e:
                    ab:98:33:2e:54:9d:05:15:e7:1c:2e:ab:c7:89:98:
                    89:be:98:8c:4b:94:a4:4e:79:55:07:b8:ac:4b:c9:
                    85:a7:a0:b8:03:21:ef:ad:18:47:50:67:50:58:d2:
                    9a:e4:eb:25:9f:f0:71:4e:5b:79:a2:e0:51:9f:e8:
                    a5:87:9b:7b:b1:02:9a:31:1d:a6:c0:aa:70:54:6b:
                    fc:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:4C:4F:3E:20:A7:EB:66:08:B2:F1:00:C2:FB:11:45:22:9D:B7:CD
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/80xPPiCn62YIsvEAwvsRRSKdt80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:0b:76:0c:95:eb:97:3a:8b:9c:86:a0:be:81:4c:85:2e:7d:
         9e:07:9c:cb:48:a7:1c:6b:3e:18:a1:42:03:0f:91:0c:94:3f:
         8a:8a:70:25:4f:bc:be:58:b1:08:31:7c:6b:dc:e0:ab:d5:16:
         3f:f0:c4:f4:dc:0c:3f:f8:ef:2d:b9:ce:34:c9:92:e6:7f:13:
         91:f2:82:d1:ec:60:89:a7:d5:57:60:43:4b:e8:f2:8b:14:e2:
         e0:1f:18:33:87:fe:2b:bd:71:cb:28:49:60:44:90:61:19:f8:
         e1:4e:fb:ff:ef:f8:41:38:1e:b7:1d:b4:5d:d0:d0:e0:c2:47:
         94:24:c9:0c:6f:b9:9f:09:17:ac:43:35:83:9e:61:87:6e:62:
         2a:35:13:d1:a4:23:64:52:4d:8d:f8:6e:f6:18:f9:26:06:9a:
         ef:38:3e:62:bd:e4:46:ee:31:23:00:5a:98:6f:54:3a:e9:4d:
         47:0c:73:fe:37:63:08:2c:0d:2e:b0:62:31:a9:39:ec:a2:64:
         34:e3:80:c2:6e:5e:26:a2:c0:ea:fa:b2:a8:35:c1:20:cd:97:
         7c:ba:2d:b0:6d:dc:e1:7b:1f:67:09:b4:7f:8f:b0:43:41:69:
         a3:b9:96:ea:0d:35:99:e3:ac:07:49:a4:af:11:0b:59:6a:73:
         af:ae:4f:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYznvPDevHqwCxRKLmguNZ24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTA4MDYyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRjNGYzZTIwYTdlYjY2MDhiMmYxMDBjMmZiMTE0NTIyOWRiN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvYt2tb+2jPbOhM7xMJtS/bcqSyJ
076GBBBkjwdHuvp8/92XjRlMnjAn9EaklTiG3SiBDOU/JsWhP9Pn60qO1COKPjtL
mF1nZNpbXvgQrWxsj+qgBaz6gfsF8mRxdY9E541EWjuMe03NCDB3GxgllWufF6Fh
8p37kuRUkb1Gy22eVdtYRe2LC0GWvlYhHuYBvSjQNIkA0Qs2VBGQlJ+Vq6U7XJYD
35e/79VNttW/NGi6KW6rmDMuVJ0FFeccLqvHiZiJvpiMS5SkTnlVB7isS8mFp6C4
AyHvrRhHUGdQWNKa5Osln/BxTlt5ouBRn+ilh5t7sQKaMR2mwKpwVGv8QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNMTz4gp+tmCLLxAML7EUUinbfNMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvODB4UFBpQ242MllJc3ZFQXd2c1JSU0tkdDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bADMA0G
CSqGSIb3DQEBCwUAA4IBAQANC3YMleuXOouchqC+gUyFLn2eB5zLSKccaz4YoUID
D5EMlD+KinAlT7y+WLEIMXxr3OCr1RY/8MT03Aw/+O8tuc40yZLmfxOR8oLR7GCJ
p9VXYENL6PKLFOLgHxgzh/4rvXHLKElgRJBhGfjhTvv/7/hBOB63HbRd0NDgwkeU
JMkMb7mfCResQzWDnmGHbmIqNRPRpCNkUk2N+G72GPkmBprvOD5iveRG7jEjAFqY
b1Q66U1HDHP+N2MILA0usGIxqTnsomQ044DCbl4mosDq+rKoNcEgzZd8ui2wbdzh
ex9nCbR/j7BDQWmjuZbqDTWZ46wHSaSvEQtZanOvrk9Y
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:32:01 2024 by rpki-client on console-ams.rpki-client.org