Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/s54rzWCfxkQ7Z8s_wR3dsuYYx4A.roa
File:                     s54rzWCfxkQ7Z8s_wR3dsuYYx4A.roa (raw, json)
Hash identifier:          i4i6kmdfzuOSM9X+GVgdqD7KRkWD0RAPo3BNbb4EuK0=
Subject key identifier:   B3:9E:2B:CD:60:9F:C6:44:3B:67:CB:3F:C1:1D:DD:B2:E6:18:C7:80
Certificate issuer:       /CN=41d10b88eb24f6262d9315368a5d01e1e0860c4e
Certificate serial:       018CC2DAFEC562F954D759E82F11E0D28628
Authority key identifier: 41:D1:0B:88:EB:24:F6:26:2D:93:15:36:8A:5D:01:E1:E0:86:0C:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QdELiOsk9iYtkxU2il0B4eCGDE4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/s54rzWCfxkQ7Z8s_wR3dsuYYx4A.roa
Signing time:             Mon 01 Jan 2024 02:29:41 +0000
ROA not before:           Mon 01 Jan 2024 02:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12874
IP address blocks:        185.190.214.0/24 maxlen: 24
                          185.190.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/QdELiOsk9iYtkxU2il0B4eCGDE4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/QdELiOsk9iYtkxU2il0B4eCGDE4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QdELiOsk9iYtkxU2il0B4eCGDE4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:fe:c5:62:f9:54:d7:59:e8:2f:11:e0:d2:86:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41d10b88eb24f6262d9315368a5d01e1e0860c4e
        Validity
            Not Before: Jan  1 02:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b39e2bcd609fc6443b67cb3fc11dddb2e618c780
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:13:b7:0f:7c:67:d5:bf:42:24:87:59:ad:02:
                    7b:a5:48:2c:9c:2d:f8:32:1e:24:80:32:40:d7:dd:
                    63:5d:b2:fb:74:b8:c8:7b:cc:d6:16:37:83:9a:a4:
                    95:5a:6e:8e:49:33:dc:f2:64:f1:c2:dc:3f:52:a3:
                    98:de:41:f0:56:8d:74:02:5f:77:32:d4:0e:52:64:
                    c5:1e:e0:ec:36:e6:04:7e:8d:b2:94:f9:b1:49:69:
                    90:77:89:ab:e4:9d:68:d6:56:ac:12:86:51:6b:a5:
                    ec:79:96:ca:94:85:44:cb:9b:30:98:d1:5d:d3:b9:
                    db:8d:aa:78:33:22:29:dc:06:e9:58:df:d2:29:d5:
                    f3:a2:e6:40:a7:f2:15:f0:c0:5e:20:72:71:55:6a:
                    ea:17:90:9a:f3:6e:5e:1c:a3:31:53:98:5f:9f:32:
                    da:3d:bf:3e:ad:e9:d7:6e:9c:39:ab:81:c3:02:8f:
                    1c:d8:f2:d6:2b:a2:f0:76:e2:09:77:04:cc:02:a0:
                    b1:3a:b3:19:76:c9:d5:a9:2d:23:00:2c:e4:7f:e0:
                    db:e1:76:f5:4c:ae:cd:e2:1e:6f:f8:a5:43:ef:51:
                    92:fd:c5:f6:ff:f6:12:90:59:aa:13:13:16:4b:00:
                    6f:e7:86:70:10:16:dd:f9:0c:2a:09:c2:e3:d5:dc:
                    02:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:9E:2B:CD:60:9F:C6:44:3B:67:CB:3F:C1:1D:DD:B2:E6:18:C7:80
            X509v3 Authority Key Identifier:
                keyid:41:D1:0B:88:EB:24:F6:26:2D:93:15:36:8A:5D:01:E1:E0:86:0C:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QdELiOsk9iYtkxU2il0B4eCGDE4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/s54rzWCfxkQ7Z8s_wR3dsuYYx4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/998786-8719-4d8e-9500-ef97006c450b/1/QdELiOsk9iYtkxU2il0B4eCGDE4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.190.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:29:48:97:ea:4d:5f:0a:db:80:ce:14:49:87:40:6c:fa:e0:
         c1:07:3e:ab:69:c0:cb:cb:0d:5e:47:f7:58:30:e5:96:64:c3:
         0a:a6:2e:06:dd:d3:50:0c:74:b9:51:30:17:0e:bd:dc:f3:71:
         3a:30:5a:f7:4f:3e:cc:73:01:c0:42:91:90:03:3b:fb:1b:1c:
         4d:52:f8:83:35:94:66:de:da:d4:27:7d:ac:8c:a6:d1:d0:bc:
         f5:1c:83:1c:c2:05:18:b1:b9:74:3a:69:28:67:32:43:4e:7b:
         98:3e:54:85:ea:b3:69:54:11:b0:cd:7b:18:86:f2:f1:ea:95:
         43:fd:80:df:d3:38:7f:b0:d5:06:5c:1c:02:1c:e7:f3:99:f2:
         bd:2e:4a:e5:44:6c:56:4b:e3:5f:26:48:35:32:e0:e1:d6:ea:
         40:7c:f6:63:93:90:db:83:6a:d7:50:4f:6b:96:cf:40:2b:e6:
         8a:ea:62:4c:a9:ef:ad:e4:74:9a:18:49:8f:82:11:60:3b:a3:
         62:bb:0a:60:0e:b1:62:7e:9e:10:b4:d0:79:f1:e6:c6:34:2d:
         ae:51:8f:b6:46:64:ee:b5:bf:fb:f4:96:b3:4d:69:1b:7a:5e:
         4b:3f:4c:b9:79:6c:17:9c:d5:6b:72:dc:55:d6:4f:40:38:96:
         79:09:f6:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v7FYvlU11noLxHg0oYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZDEwYjg4ZWIyNGY2MjYyZDkzMTUzNjhhNWQwMWUxZTA4
NjBjNGUwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzllMmJjZDYwOWZjNjQ0M2I2N2NiM2ZjMTFkZGRiMmU2MThjNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRO3D3xn1b9CJIdZrQJ7pUgsnC34
Mh4kgDJA191jXbL7dLjIe8zWFjeDmqSVWm6OSTPc8mTxwtw/UqOY3kHwVo10Al93
MtQOUmTFHuDsNuYEfo2ylPmxSWmQd4mr5J1o1lasEoZRa6XseZbKlIVEy5swmNFd
07nbjap4MyIp3AbpWN/SKdXzouZAp/IV8MBeIHJxVWrqF5Ca825eHKMxU5hfnzLa
Pb8+renXbpw5q4HDAo8c2PLWK6LwduIJdwTMAqCxOrMZdsnVqS0jACzkf+Db4Xb1
TK7N4h5v+KVD71GS/cX2//YSkFmqExMWSwBv54ZwEBbd+QwqCcLj1dwCUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOeK81gn8ZEO2fLP8Ed3bLmGMeAMB8GA1UdIwQY
MBaAFEHRC4jrJPYmLZMVNopdAeHghgxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWRFTGlPc2s5aVl0a3hVMmlsMEI0ZUNHREU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTg3ODYtODcxOS00ZDhlLTk1MDAt
ZWY5NzAwNmM0NTBiLzEvczU0cnpXQ2Z4a1E3WjhzX3dSM2RzdVlZeDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTg3ODYtODcxOS00ZDhlLTk1MDAtZWY5NzAwNmM0NTBi
LzEvUWRFTGlPc2s5aVl0a3hVMmlsMEI0ZUNHREU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBub7WMA0G
CSqGSIb3DQEBCwUAA4IBAQABKUiX6k1fCtuAzhRJh0Bs+uDBBz6racDLyw1eR/dY
MOWWZMMKpi4G3dNQDHS5UTAXDr3c83E6MFr3Tz7McwHAQpGQAzv7GxxNUviDNZRm
3trUJ32sjKbR0Lz1HIMcwgUYsbl0OmkoZzJDTnuYPlSF6rNpVBGwzXsYhvLx6pVD
/YDf0zh/sNUGXBwCHOfzmfK9LkrlRGxWS+NfJkg1MuDh1upAfPZjk5Dbg2rXUE9r
ls9AK+aK6mJMqe+t5HSaGEmPghFgO6NiuwpgDrFifp4QtNB58ebGNC2uUY+2RmTu
tb/79JazTWkbel5LP0y5eWwXnNVrctxV1k9AOJZ5CfYj
-----END CERTIFICATE-----
Generated at Sun Jun 23 03:07:36 2024 by rpki-client on console-fra.rpki-client.org