Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/eEPZHK0y4YYjUOCSThdZNOng0SA.roa
File:                     eEPZHK0y4YYjUOCSThdZNOng0SA.roa (raw, json)
Hash identifier:          IvBZNYD6xTwDlNptXX4R6U5olfqc77qhoTzD4jAcfBU=
Subject key identifier:   78:43:D9:1C:AD:32:E1:86:23:50:E0:92:4E:17:59:34:E9:E0:D1:20
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018CC5DC4BE48F69AE0B750366E325152FD4
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/eEPZHK0y4YYjUOCSThdZNOng0SA.roa
Signing time:             Mon 01 Jan 2024 16:29:58 +0000
ROA not before:           Mon 01 Jan 2024 16:29:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60308
IP address blocks:        212.193.175.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:4b:e4:8f:69:ae:0b:75:03:66:e3:25:15:2f:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jan  1 16:29:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7843d91cad32e1862350e0924e175934e9e0d120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:86:78:b4:96:e0:10:fe:e3:b5:39:69:82:a2:
                    fb:8e:08:36:f5:a3:b3:48:6c:1c:2a:9d:58:90:e0:
                    f1:54:a0:1d:32:31:59:1e:77:22:ba:a4:92:8b:fa:
                    30:68:0e:6a:66:f5:4d:7a:ab:64:1d:99:2f:1c:6a:
                    e3:e6:67:66:1b:89:2d:4a:22:39:f4:b9:ad:7b:94:
                    81:f5:e2:e7:4d:e9:2b:17:08:a9:ed:7d:17:14:7b:
                    72:50:67:a4:e5:b3:08:c7:70:ca:d7:47:0c:c9:b5:
                    6c:1c:fe:b6:95:cc:7f:0e:e0:24:f7:f2:41:b1:57:
                    52:fc:18:d3:d3:fe:1c:ca:95:1e:17:39:0f:26:2a:
                    7f:34:88:0c:21:e1:58:98:47:55:b8:08:73:78:0c:
                    d2:96:23:05:0e:89:7e:de:1d:e3:13:76:af:79:f0:
                    e6:49:e1:a0:d5:40:c7:92:1d:53:a3:e9:3f:82:b4:
                    f7:85:7c:41:db:85:b6:31:f3:5c:da:b4:30:72:7e:
                    ef:e9:a7:4f:e2:f8:6a:b8:2a:3b:f9:fe:09:34:4a:
                    94:2b:b6:1b:3c:78:1a:81:3c:12:a0:c2:95:8a:d1:
                    6e:9f:e5:35:e6:87:b2:22:80:19:83:57:62:58:48:
                    23:b8:2b:f3:95:50:b0:a7:eb:a0:b9:9d:5d:0e:69:
                    80:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:43:D9:1C:AD:32:E1:86:23:50:E0:92:4E:17:59:34:E9:E0:D1:20
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/eEPZHK0y4YYjUOCSThdZNOng0SA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.193.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:d1:09:0a:7e:af:07:46:67:f8:83:c5:b2:c6:cb:8f:55:30:
         0f:46:70:90:57:9c:cb:5c:29:e4:d9:d5:1a:69:85:c4:9b:15:
         58:6b:59:32:18:af:05:d6:9f:fe:a5:d4:07:2f:d7:2b:10:87:
         30:0b:e5:cb:0c:94:06:46:c1:0e:96:92:68:86:4d:d1:78:53:
         ff:bc:7a:04:79:fa:a1:f0:f2:97:7f:60:4e:0b:a4:39:6a:32:
         e7:f2:73:c9:78:35:2c:3a:04:4a:a3:ba:e1:e8:2a:a8:1e:0f:
         73:87:ca:de:80:f9:e6:87:1d:21:54:37:de:91:b5:7b:e5:f9:
         ee:21:ce:ef:1c:67:01:1e:21:7e:b1:2d:94:83:de:0a:7e:a3:
         a8:9c:c2:7f:0f:05:79:14:1e:5b:1e:8e:ce:66:cd:c0:8f:b2:
         21:d4:bd:cb:17:7d:f0:58:ab:7e:2a:d8:31:a7:0d:e4:db:aa:
         e7:c6:76:33:91:aa:cf:93:c9:13:54:1b:02:91:68:5a:c7:a9:
         8a:36:20:b4:ea:bf:10:10:a0:82:de:e5:8c:59:5b:72:b3:1c:
         dc:80:1a:4c:68:3a:70:97:f5:f6:93:7d:7d:6d:84:f1:2f:d1:
         df:b0:75:c2:1b:1c:9e:6c:c3:aa:53:6e:5b:d3:cf:42:67:27:
         1b:30:92:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Evkj2muC3UDZuMlFS/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQzZDkxY2FkMzJlMTg2MjM1MGUwOTI0ZTE3NTkzNGU5ZTBkMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoZ4tJbgEP7jtTlpgqL7jgg29aOz
SGwcKp1YkODxVKAdMjFZHnciuqSSi/owaA5qZvVNeqtkHZkvHGrj5mdmG4ktSiI5
9Lmte5SB9eLnTekrFwip7X0XFHtyUGek5bMIx3DK10cMybVsHP62lcx/DuAk9/JB
sVdS/BjT0/4cypUeFzkPJip/NIgMIeFYmEdVuAhzeAzSliMFDol+3h3jE3avefDm
SeGg1UDHkh1To+k/grT3hXxB24W2MfNc2rQwcn7v6adP4vhquCo7+f4JNEqUK7Yb
PHgagTwSoMKVitFun+U15oeyIoAZg1diWEgjuCvzlVCwp+uguZ1dDmmARQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHhD2RytMuGGI1Dgkk4XWTTp4NEgMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvZUVQWkhLMHk0WVlqVU9DU1RoZFpOT25nMFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MGvMA0G
CSqGSIb3DQEBCwUAA4IBAQBq0QkKfq8HRmf4g8WyxsuPVTAPRnCQV5zLXCnk2dUa
aYXEmxVYa1kyGK8F1p/+pdQHL9crEIcwC+XLDJQGRsEOlpJohk3ReFP/vHoEefqh
8PKXf2BOC6Q5ajLn8nPJeDUsOgRKo7rh6CqoHg9zh8regPnmhx0hVDfekbV75fnu
Ic7vHGcBHiF+sS2Ug94KfqOonMJ/DwV5FB5bHo7OZs3Aj7Ih1L3LF33wWKt+Ktgx
pw3k26rnxnYzkarPk8kTVBsCkWhax6mKNiC06r8QEKCC3uWMWVtysxzcgBpMaDpw
l/X2k319bYTxL9HfsHXCGxyebMOqU25b089CZycbMJJ5
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:52:03 2024 by rpki-client on console-fra.rpki-client.org