Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kizCGElwEzSBkrAkhDp2Id7pwU8.roa
File:                     kizCGElwEzSBkrAkhDp2Id7pwU8.roa (raw, json)
Hash identifier:          py/FK/iHrG7oEGI1PxlCIc+BKaVqBdDtGesJhhFTe24=
Subject key identifier:   92:2C:C2:18:49:70:13:34:81:92:B0:24:84:3A:76:21:DE:E9:C1:4F
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018EECB67CEF06485F1B2E846D1E15B775AB
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kizCGElwEzSBkrAkhDp2Id7pwU8.roa
Signing time:             Wed 17 Apr 2024 15:39:26 +0000
ROA not before:           Wed 17 Apr 2024 15:39:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197644
IP address blocks:        185.254.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 01:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ec:b6:7c:ef:06:48:5f:1b:2e:84:6d:1e:15:b7:75:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Apr 17 15:39:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=922cc218497013348192b024843a7621dee9c14f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:77:1c:1d:a3:db:56:a6:0d:76:25:cf:d3:87:
                    b2:aa:a9:04:f2:e2:64:19:a3:4b:ff:b8:60:8e:bf:
                    0e:71:aa:81:c1:71:83:49:23:0e:95:bd:56:d7:ba:
                    8c:26:72:dc:f7:cd:fb:24:e4:b9:e2:fd:9f:93:cf:
                    b3:33:45:09:8a:36:2d:4a:40:52:ad:47:75:bb:bc:
                    17:b5:16:b1:2c:ae:dc:03:d6:81:a4:be:2b:d1:84:
                    9b:49:e4:8a:87:a8:39:43:41:73:19:e4:a9:d0:25:
                    96:c3:3b:89:e1:d3:55:15:55:46:71:17:63:21:9e:
                    df:0a:a7:53:b8:8f:8d:11:27:bf:6e:19:22:bf:e9:
                    85:e6:97:a8:e7:db:4e:86:c3:e3:9b:a1:6c:cc:c0:
                    e0:f5:36:f5:d3:1d:53:9b:01:1a:29:47:43:bb:92:
                    e3:3a:c3:86:31:c2:c2:54:ef:b1:db:50:c5:98:d5:
                    de:97:16:73:ae:65:56:68:6e:59:0d:b4:af:dc:f4:
                    e6:9b:70:97:aa:00:89:24:95:83:f1:18:9c:24:03:
                    e2:0a:3c:0f:d4:02:e3:34:ae:7c:71:8b:aa:36:9a:
                    1c:52:7e:be:13:fd:c7:08:97:00:2a:a0:93:1c:b7:
                    8d:73:2a:b3:81:f7:eb:13:a8:be:f2:1d:fb:12:bb:
                    0d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:2C:C2:18:49:70:13:34:81:92:B0:24:84:3A:76:21:DE:E9:C1:4F
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/kizCGElwEzSBkrAkhDp2Id7pwU8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.254.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:51:ba:4e:61:7a:17:31:69:fa:b5:80:89:2a:54:08:5a:6e:
         95:c4:61:c7:30:49:06:50:18:fd:b9:61:d1:dc:86:7c:d0:81:
         06:01:f5:da:34:d8:d5:41:10:b1:63:b0:19:6f:43:25:6a:f2:
         ea:7f:3a:e4:a0:41:7d:05:2e:d0:a7:ec:44:a8:79:fe:51:55:
         af:0a:b3:cb:8d:37:f8:32:d2:59:ee:ca:15:44:f2:5a:ff:9f:
         d0:7d:44:68:29:ad:ac:9c:d5:68:a2:50:59:92:15:c5:29:d1:
         9a:23:29:66:da:5e:4a:9d:41:7b:9d:36:34:99:0d:71:34:fc:
         a1:11:9a:c3:8e:f7:eb:1c:24:3f:58:95:f8:45:3e:ec:9e:74:
         21:8a:40:49:ce:e9:2b:4f:b9:e8:5b:f0:a2:24:d7:6e:80:13:
         e6:bd:12:07:50:ac:72:56:09:c9:93:c4:a6:36:0c:2d:55:16:
         b9:db:8e:ab:ec:f7:c5:5e:74:83:e1:99:6b:dc:37:88:44:d7:
         00:a5:44:2d:d2:ff:5c:c3:4a:a8:8a:f5:c9:3c:00:b0:bd:4e:
         ec:cc:ae:3f:a8:fe:9b:11:4f:76:33:8b:e4:0c:db:f5:70:60:
         12:99:cf:17:6d:40:de:ad:4e:78:d7:fe:a2:b3:00:76:57:40:
         03:38:eb:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7stnzvBkhfGy6EbR4Vt3WrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNDE3MTUzOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJjYzIxODQ5NzAxMzM0ODE5MmIwMjQ4NDNhNzYyMWRlZTljMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3ccHaPbVqYNdiXP04eyqqkE8uJk
GaNL/7hgjr8OcaqBwXGDSSMOlb1W17qMJnLc9837JOS54v2fk8+zM0UJijYtSkBS
rUd1u7wXtRaxLK7cA9aBpL4r0YSbSeSKh6g5Q0FzGeSp0CWWwzuJ4dNVFVVGcRdj
IZ7fCqdTuI+NESe/bhkiv+mF5peo59tOhsPjm6FszMDg9Tb10x1TmwEaKUdDu5Lj
OsOGMcLCVO+x21DFmNXelxZzrmVWaG5ZDbSv3PTmm3CXqgCJJJWD8RicJAPiCjwP
1ALjNK58cYuqNpocUn6+E/3HCJcAKqCTHLeNcyqzgffrE6i+8h37ErsN5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIswhhJcBM0gZKwJIQ6diHe6cFPMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEva2l6Q0dFbHdFelNCa3JBa2hEcDJJZDdwd1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf42MA0G
CSqGSIb3DQEBCwUAA4IBAQB0UbpOYXoXMWn6tYCJKlQIWm6VxGHHMEkGUBj9uWHR
3IZ80IEGAfXaNNjVQRCxY7AZb0MlavLqfzrkoEF9BS7Qp+xEqHn+UVWvCrPLjTf4
MtJZ7soVRPJa/5/QfURoKa2snNVoolBZkhXFKdGaIylm2l5KnUF7nTY0mQ1xNPyh
EZrDjvfrHCQ/WJX4RT7snnQhikBJzukrT7noW/CiJNdugBPmvRIHUKxyVgnJk8Sm
NgwtVRa5246r7PfFXnSD4Zlr3DeIRNcApUQt0v9cw0qoivXJPACwvU7szK4/qP6b
EU92M4vkDNv1cGASmc8XbUDerU541/6iswB2V0ADOOuj
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:31:44 2024 by rpki-client on console-ams.rpki-client.org