Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vsuThx8vbnFNo40rPs63rBdLUo.roa
File:                     6vsuThx8vbnFNo40rPs63rBdLUo.roa (raw, json)
Hash identifier:          NDRZ0ucn0Ap9m06T/jhRZCz7fpKkkKE8DqlQ1UAbtRI=
Subject key identifier:   EA:FB:2E:4E:1C:7C:BD:B9:C5:36:8E:34:AC:FB:3A:DE:B0:5D:2D:4A
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       018CC79550EE454730D6F254747B32E1B2F8
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vsuThx8vbnFNo40rPs63rBdLUo.roa
Signing time:             Tue 02 Jan 2024 00:31:40 +0000
ROA not before:           Tue 02 Jan 2024 00:31:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49169
IP address blocks:        86.105.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:50:ee:45:47:30:d6:f2:54:74:7b:32:e1:b2:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  2 00:31:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=eafb2e4e1c7cbdb9c5368e34acfb3adeb05d2d4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e3:f6:e9:3f:8a:b5:b0:ae:3e:10:4f:5d:44:
                    83:4f:1a:83:35:89:5d:64:4e:60:52:ac:56:bc:da:
                    a1:f7:45:79:7d:a8:5c:c7:5a:bd:8d:d4:bd:7f:6c:
                    71:d1:9c:85:cf:dd:36:11:06:c6:57:a7:c9:11:26:
                    c9:b4:6e:f9:7d:99:b6:09:8e:de:af:70:1d:f4:66:
                    eb:a5:28:2e:0e:5f:be:35:cb:e1:63:d0:0b:52:35:
                    5b:14:fb:ef:8d:63:34:7b:ce:61:76:90:f3:eb:6f:
                    cd:41:b6:3b:30:f1:af:48:a0:53:df:b7:c8:49:7c:
                    08:b6:ed:65:6e:00:c3:3e:f7:e8:d5:05:ef:91:7f:
                    c8:ab:98:f2:f0:4e:a7:6d:01:b4:62:bb:b0:8f:54:
                    63:f4:9a:14:8a:f1:8c:b6:3c:86:12:df:a4:80:33:
                    e4:f9:48:af:fd:33:9d:8f:9d:f5:60:59:19:c1:4d:
                    43:9b:7a:24:6f:d3:60:3f:ad:40:14:a6:f3:b1:34:
                    dd:f3:f4:88:9b:03:7d:e2:47:67:7d:5d:78:64:ce:
                    f3:42:4d:99:3d:82:46:8d:da:10:f3:fd:45:8a:50:
                    90:d2:6c:22:1f:3e:17:0d:93:ae:0b:20:07:2d:b6:
                    fd:13:bd:19:07:54:9c:5a:06:03:f1:8e:72:69:95:
                    93:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:FB:2E:4E:1C:7C:BD:B9:C5:36:8E:34:AC:FB:3A:DE:B0:5D:2D:4A
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/6vsuThx8vbnFNo40rPs63rBdLUo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.105.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:c4:57:5e:2e:85:53:8b:93:22:d0:2f:70:b5:fc:c4:82:60:
         64:19:43:5b:cc:f9:db:b8:3e:bc:b7:c0:11:b0:51:ba:34:79:
         4b:7d:55:45:a7:6b:24:cc:8c:86:b6:7b:cf:d7:5c:57:ee:5a:
         1e:a3:f3:81:99:2f:79:7f:b0:c9:8d:2e:36:a4:c7:19:9a:6e:
         6a:10:5e:db:07:ec:39:c5:a5:38:db:14:63:da:6c:0f:cc:55:
         f7:84:26:59:b4:10:e3:03:ea:03:28:07:e5:c1:92:11:2f:f1:
         8e:4c:b0:5d:7f:9e:db:aa:d0:23:df:d1:c9:53:d3:d1:45:79:
         f0:8c:37:8c:c1:97:26:f2:31:d0:f8:fb:9a:36:14:ce:e5:f0:
         45:78:85:53:3c:a0:b6:c9:96:5d:40:f8:1f:7f:f9:d7:8f:a7:
         62:c5:90:9e:ed:74:d5:e5:e4:d1:2f:2c:50:d8:be:32:40:41:
         bd:64:e1:f7:4b:a0:3d:b0:3c:1b:b0:93:35:35:30:f8:ed:0b:
         67:7d:41:17:76:13:4d:93:22:dd:63:8d:cd:6d:e8:90:ba:3f:
         69:7c:30:68:01:0d:a5:0a:1b:aa:01:7b:65:fb:0c:05:f3:33:
         20:3d:a1:fc:05:90:17:71:f5:1a:fc:d5:fe:0d:7d:97:3d:58:
         f0:ae:91:80
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlVDuRUcw1vJUdHsy4bL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWZiMmU0ZTFjN2NiZGI5YzUzNjhlMzRhY2ZiM2FkZWIwNWQyZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeP26T+KtbCuPhBPXUSDTxqDNYld
ZE5gUqxWvNqh90V5fahcx1q9jdS9f2xx0ZyFz902EQbGV6fJESbJtG75fZm2CY7e
r3Ad9GbrpSguDl++NcvhY9ALUjVbFPvvjWM0e85hdpDz62/NQbY7MPGvSKBT37fI
SXwItu1lbgDDPvfo1QXvkX/Iq5jy8E6nbQG0Yruwj1Rj9JoUivGMtjyGEt+kgDPk
+Uiv/TOdj531YFkZwU1Dm3okb9NgP61AFKbzsTTd8/SImwN94kdnfV14ZM7zQk2Z
PYJGjdoQ8/1FilCQ0mwiHz4XDZOuCyAHLbb9E70ZB1ScWgYD8Y5yaZWTKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOr7Lk4cfL25xTaONKz7Ot6wXS1KMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzZ2c3VUaHg4dmJuRk5vNDByUHM2M3JCZExVby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWaZow
DQYJKoZIhvcNAQELBQADggEBALfEV14uhVOLkyLQL3C1/MSCYGQZQ1vM+du4Pry3
wBGwUbo0eUt9VUWnayTMjIa2e8/XXFfuWh6j84GZL3l/sMmNLjakxxmabmoQXtsH
7DnFpTjbFGPabA/MVfeEJlm0EOMD6gMoB+XBkhEv8Y5MsF1/ntuq0CPf0clT09FF
efCMN4zBlybyMdD4+5o2FM7l8EV4hVM8oLbJll1A+B9/+dePp2LFkJ7tdNXl5NEv
LFDYvjJAQb1k4fdLoD2wPBuwkzU1MPjtC2d9QRd2E02TIt1jjc1t6JC6P2l8MGgB
DaUKG6oBe2X7DAXzMyA9ofwFkBdx9Rr81f4NfZc9WPCukYA=
-----END CERTIFICATE-----
Generated at Thu Jun 20 09:22:20 2024 by rpki-client on console-fra.rpki-client.org