Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/tPUrbHtE6djFjZSXP9ALGSgUUtg.roa
File:                     tPUrbHtE6djFjZSXP9ALGSgUUtg.roa (raw, json)
Hash identifier:          itk8yUqCVtL+o1Nr95aatxax+qqyP3aJCOQMcu3reFI=
Subject key identifier:   B4:F5:2B:6C:7B:44:E9:D8:C5:8D:94:97:3F:D0:0B:19:28:14:52:D8
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018CC5DC469929DAFFB2A104DBECAC45E8A7
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/tPUrbHtE6djFjZSXP9ALGSgUUtg.roa
Signing time:             Mon 01 Jan 2024 16:29:56 +0000
ROA not before:           Mon 01 Jan 2024 16:29:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49063
IP address blocks:        194.226.177.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:46:99:29:da:ff:b2:a1:04:db:ec:ac:45:e8:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jan  1 16:29:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b4f52b6c7b44e9d8c58d94973fd00b19281452d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:72:3a:3e:58:ca:5d:41:91:f1:13:fe:cf:14:
                    fa:73:d6:d2:3b:f6:ad:64:3d:3d:cb:54:dc:5c:52:
                    f4:67:68:89:7c:3c:7b:59:3a:71:4b:0d:ce:b9:09:
                    cf:4b:aa:aa:c0:9b:de:05:ff:69:db:6a:00:6b:75:
                    96:3d:a3:58:2d:b7:d4:58:d1:81:eb:da:20:ff:b0:
                    b0:e1:cf:03:cb:8f:1e:64:2c:34:47:74:14:bf:08:
                    5d:26:9a:37:8b:d7:3c:09:ac:50:e0:cb:ea:94:15:
                    22:12:24:55:ae:9f:68:af:91:80:be:7b:c5:a4:f2:
                    38:02:98:69:92:93:b4:2e:98:f3:d8:a0:2c:6e:0f:
                    d4:d5:fd:d0:28:68:44:ca:5e:a5:c9:c9:4f:ee:2d:
                    c1:5a:53:b6:bb:1c:40:2d:e2:2a:01:58:b6:ef:d8:
                    6c:dc:2d:53:7d:45:bf:19:94:7e:af:c0:14:33:d0:
                    c6:1a:a2:34:d4:2a:7e:4f:93:e6:4f:09:56:8b:fc:
                    e9:21:9b:e0:b1:b4:87:bf:75:e1:ff:90:c3:94:03:
                    28:1c:1e:68:2f:a7:5e:c2:39:b4:12:b5:ff:9b:b2:
                    33:01:dc:85:6e:a2:70:99:9e:ab:6e:3a:b4:d2:27:
                    7a:be:0d:0e:c6:94:45:55:84:f3:ed:cd:8f:ca:f5:
                    21:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F5:2B:6C:7B:44:E9:D8:C5:8D:94:97:3F:D0:0B:19:28:14:52:D8
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/tPUrbHtE6djFjZSXP9ALGSgUUtg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.226.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:3d:7c:cd:4b:aa:e9:61:9c:9e:a7:e8:56:c9:d7:9d:cd:be:
         59:84:ad:95:ca:95:cd:c9:07:29:0c:d9:2a:1e:cf:9a:5f:02:
         d2:db:75:74:46:ac:bf:b9:e0:21:53:3f:39:9a:91:0a:3a:51:
         6c:39:f0:f2:17:d2:d1:d0:98:08:75:66:d1:38:4d:e7:cc:b9:
         21:09:a2:f6:14:9c:d3:ad:91:f4:f2:88:ce:17:8d:69:dd:2e:
         b7:a6:a3:7e:f9:d5:90:50:2c:f7:2a:17:74:24:1d:f8:3b:f9:
         99:40:40:ed:15:24:c9:f8:ff:b0:b1:a5:c0:88:65:ff:9b:12:
         1b:c9:8b:d4:f1:2e:f1:60:24:39:67:d7:3c:19:04:27:d6:71:
         3b:de:79:44:30:5f:da:8a:35:8e:11:d1:44:06:e7:d1:27:fd:
         1e:ca:d0:8f:2c:4c:4e:27:7a:68:7e:7f:99:7c:9a:35:41:21:
         13:99:40:b2:c2:c0:3b:8e:94:2d:ef:5a:64:5f:28:b5:1a:6f:
         d0:43:c1:c2:37:83:ff:4c:7b:f0:af:6f:91:8d:fe:de:9e:2c:
         bd:db:9f:73:c0:69:7f:b7:a9:31:d8:32:3f:d3:cb:34:ea:e4:
         3e:a4:d6:eb:dc:98:a6:0d:fe:2a:4c:d7:9c:0e:96:52:61:75:
         d1:69:2c:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3EaZKdr/sqEE2+ysReinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY1MmI2YzdiNDRlOWQ4YzU4ZDk0OTczZmQwMGIxOTI4MTQ1MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinI6PljKXUGR8RP+zxT6c9bSO/at
ZD09y1TcXFL0Z2iJfDx7WTpxSw3OuQnPS6qqwJveBf9p22oAa3WWPaNYLbfUWNGB
69og/7Cw4c8Dy48eZCw0R3QUvwhdJpo3i9c8CaxQ4MvqlBUiEiRVrp9or5GAvnvF
pPI4AphpkpO0Lpjz2KAsbg/U1f3QKGhEyl6lyclP7i3BWlO2uxxALeIqAVi279hs
3C1TfUW/GZR+r8AUM9DGGqI01Cp+T5PmTwlWi/zpIZvgsbSHv3Xh/5DDlAMoHB5o
L6dewjm0ErX/m7IzAdyFbqJwmZ6rbjq00id6vg0OxpRFVYTz7c2PyvUh4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT1K2x7ROnYxY2Ulz/QCxkoFFLYMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvdFBVcmJIdEU2ZGpGalpTWFA5QUxHU2dVVXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwuKxMA0G
CSqGSIb3DQEBCwUAA4IBAQB5PXzNS6rpYZyep+hWydedzb5ZhK2VypXNyQcpDNkq
Hs+aXwLS23V0Rqy/ueAhUz85mpEKOlFsOfDyF9LR0JgIdWbROE3nzLkhCaL2FJzT
rZH08ojOF41p3S63pqN++dWQUCz3Khd0JB34O/mZQEDtFSTJ+P+wsaXAiGX/mxIb
yYvU8S7xYCQ5Z9c8GQQn1nE73nlEMF/aijWOEdFEBufRJ/0eytCPLExOJ3pofn+Z
fJo1QSETmUCywsA7jpQt71pkXyi1Gm/QQ8HCN4P/THvwr2+Rjf7eniy9259zwGl/
t6kx2DI/08s06uQ+pNbr3JimDf4qTNecDpZSYXXRaSxh
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:52:03 2024 by rpki-client on console-fra.rpki-client.org