Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqayOcSBcA24HNGSqok2iTQUu9s.roa
File:                     EqayOcSBcA24HNGSqok2iTQUu9s.roa (raw, json)
Hash identifier:          6T+f8cgY22S+sxXSV1PCqODZbti0yXOLBQQGtcgUVL4=
Subject key identifier:   12:A6:B2:39:C4:81:70:0D:B8:1C:D1:92:AA:89:36:89:34:14:BB:DB
Certificate issuer:       /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial:       018EDC76F3CD5757060A3F0F1DF949AB4118
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqayOcSBcA24HNGSqok2iTQUu9s.roa
Signing time:             Sun 14 Apr 2024 11:56:06 +0000
ROA not before:           Sun 14 Apr 2024 11:56:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39131
IP address blocks:        194.190.250.0/23 maxlen: 24
                          194.190.252.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:dc:76:f3:cd:57:57:06:0a:3f:0f:1d:f9:49:ab:41:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
        Validity
            Not Before: Apr 14 11:56:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=12a6b239c481700db81cd192aa8936893414bbdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:98:92:0a:81:18:ad:86:f9:f9:8c:0c:29:fa:
                    2d:32:2c:b5:35:d3:1e:15:79:0b:2e:92:c3:38:ed:
                    ce:09:f1:b6:13:36:46:cb:49:80:20:d4:52:92:04:
                    26:74:e6:35:1b:42:32:83:9e:b6:8e:1d:ac:05:38:
                    64:c7:86:8b:d4:33:da:5a:af:05:8c:43:a0:6b:98:
                    13:73:dc:42:ef:1f:18:40:79:0f:b8:a0:5c:ee:23:
                    52:ff:a2:a8:17:f2:1a:90:64:e0:60:61:25:e5:d1:
                    da:dd:10:72:8d:a9:85:03:ed:13:ac:67:c6:1c:50:
                    2f:86:3a:c2:98:de:cb:11:3f:a6:ec:0a:8a:f8:29:
                    f4:c2:8c:ee:e8:38:0e:93:a2:0f:2b:fb:fa:7f:1a:
                    c7:81:91:bf:c9:f6:fc:b5:1e:41:d6:40:4c:bd:de:
                    59:07:9a:9b:7b:b0:4c:3f:1f:79:be:1f:8c:3c:89:
                    9c:01:38:28:0f:81:a2:d7:9f:d6:ef:50:62:af:d8:
                    0b:2f:5e:cd:20:59:2e:ef:84:21:d1:5c:7c:07:ec:
                    1c:3b:8c:f4:1f:ef:f5:35:76:7f:7e:9e:7a:7a:89:
                    ff:0f:68:76:6f:95:0a:a8:b9:b0:c8:e6:06:c3:b0:
                    2e:6f:7b:70:3b:76:2a:24:91:9e:aa:0c:39:28:ab:
                    e1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A6:B2:39:C4:81:70:0D:B8:1C:D1:92:AA:89:36:89:34:14:BB:DB
            X509v3 Authority Key Identifier:
                keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/EqayOcSBcA24HNGSqok2iTQUu9s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.190.250.0-194.190.253.255

    Signature Algorithm: sha256WithRSAEncryption
         2a:8a:24:f9:1b:46:ac:6b:b0:57:88:65:f3:73:a9:29:24:0a:
         00:62:56:56:57:d4:84:c0:ed:02:d9:75:bb:f0:7c:c5:f2:db:
         38:89:c1:9e:1c:1a:6c:12:95:f7:a9:f2:5f:49:38:e4:6b:60:
         a0:56:98:94:29:51:87:ed:1b:26:c9:71:5a:a1:d6:bf:3d:84:
         d5:1b:65:e3:de:f3:ef:3d:e7:2b:e6:df:e9:51:c6:da:38:60:
         ac:ea:47:52:fd:c2:fd:7b:6f:48:2b:d0:66:09:0c:49:84:33:
         2d:55:b0:bf:98:f3:f1:20:7c:2b:cb:7f:d9:6f:5a:3d:2a:c9:
         ca:ba:27:a2:cd:62:67:86:65:f5:e7:ee:a7:76:c0:b7:fe:ef:
         15:4c:ac:dc:99:bd:7d:f2:fa:c6:8c:c3:79:39:4a:35:b1:0c:
         db:39:ea:51:d9:ab:09:ca:67:b6:fb:61:ff:e5:db:31:f3:0c:
         53:38:c7:0f:26:3f:d3:0b:d0:ed:3e:43:9e:32:c9:84:a6:71:
         ab:f9:b3:d2:51:ec:0d:33:74:43:90:f4:80:26:dc:44:84:1c:
         0f:e0:de:36:3b:8d:12:ec:a2:b4:42:cf:ae:fe:b2:93:b6:0e:
         72:30:df:94:7d:cd:a2:d8:66:52:76:51:e0:48:6c:87:e3:a5:
         ca:e4:46:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY7cdvPNV1cGCj8PHflJq0EYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNDE0MTE1NjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE2YjIzOWM0ODE3MDBkYjgxY2QxOTJhYTg5MzY4OTM0MTRiYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJiSCoEYrYb5+YwMKfotMiy1NdMe
FXkLLpLDOO3OCfG2EzZGy0mAINRSkgQmdOY1G0Iyg562jh2sBThkx4aL1DPaWq8F
jEOga5gTc9xC7x8YQHkPuKBc7iNS/6KoF/IakGTgYGEl5dHa3RByjamFA+0TrGfG
HFAvhjrCmN7LET+m7AqK+Cn0wozu6DgOk6IPK/v6fxrHgZG/yfb8tR5B1kBMvd5Z
B5qbe7BMPx95vh+MPImcATgoD4Gi15/W71Bir9gLL17NIFku74Qh0Vx8B+wcO4z0
H+/1NXZ/fp56eon/D2h2b5UKqLmwyOYGw7Aub3twO3YqJJGeqgw5KKvhnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBKmsjnEgXANuBzRkqqJNok0FLvbMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvRXFheU9jU0JjQTI0SE5HU3FvazJpVFFVdTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCvvoD
BAHCvvwwDQYJKoZIhvcNAQELBQADggEBACqKJPkbRqxrsFeIZfNzqSkkCgBiVlZX
1ITA7QLZdbvwfMXy2ziJwZ4cGmwSlfep8l9JOORrYKBWmJQpUYftGybJcVqh1r89
hNUbZePe8+895yvm3+lRxto4YKzqR1L9wv17b0gr0GYJDEmEMy1VsL+Y8/EgfCvL
f9lvWj0qycq6J6LNYmeGZfXn7qd2wLf+7xVMrNyZvX3y+saMw3k5SjWxDNs56lHZ
qwnKZ7b7Yf/l2zHzDFM4xw8mP9ML0O0+Q54yyYSmcav5s9JR7A0zdEOQ9IAm3ESE
HA/g3jY7jRLsorRCz67+spO2DnIw35R9zaLYZlJ2UeBIbIfjpcrkRgk=
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:27:48 2024 by rpki-client on console-fra.rpki-client.org