Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/EtDOiSCXoeNNTdnRDfE7baHiANc.roa
File:                     EtDOiSCXoeNNTdnRDfE7baHiANc.roa (raw, json)
Hash identifier:          ILTv3h8y3j+59ZTzCWgoMK6NKqix40g6GigeeisktW0=
Subject key identifier:   12:D0:CE:89:20:97:A1:E3:4D:4D:D9:D1:0D:F1:3B:6D:A1:E2:00:D7
Certificate issuer:       /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial:       018CC9BC6439282CE1986BF36FACB17E1689
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/EtDOiSCXoeNNTdnRDfE7baHiANc.roa
Signing time:             Tue 02 Jan 2024 10:33:35 +0000
ROA not before:           Tue 02 Jan 2024 10:33:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212435
IP address blocks:        212.30.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 13 May 2024 07:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:64:39:28:2c:e1:98:6b:f3:6f:ac:b1:7e:16:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
        Validity
            Not Before: Jan  2 10:33:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=12d0ce892097a1e34d4dd9d10df13b6da1e200d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:8b:01:b3:44:db:3e:05:f9:d3:df:3a:fa:32:
                    23:de:3c:fd:67:11:94:8b:21:41:7c:32:48:04:fc:
                    e7:c1:0f:95:fd:c1:2e:20:65:cb:99:dc:32:3e:6d:
                    1d:b2:77:43:1d:f7:fb:20:0e:e5:a9:cb:11:b3:07:
                    25:7b:20:c9:aa:7f:5a:25:36:e4:6d:6e:d4:a5:51:
                    1e:ce:32:2c:65:71:a9:7f:bf:4a:8b:3f:d9:5e:02:
                    bb:96:86:60:f5:34:4f:11:b7:a4:b3:9b:b0:05:e1:
                    e4:75:06:f4:53:2f:8b:da:6c:09:c2:8a:90:5f:64:
                    05:6d:ba:33:e8:c2:1e:d5:95:d4:b1:25:5f:f9:de:
                    cd:eb:d6:08:9f:9c:a5:53:ac:02:84:c7:d8:41:dc:
                    2e:3f:af:70:cf:c4:91:14:b8:c5:86:bf:be:67:0f:
                    45:c0:bc:df:37:8f:25:2e:ee:4d:13:d3:ca:85:5c:
                    76:ab:5f:a8:17:ef:0f:50:cc:13:3b:46:40:56:58:
                    a4:93:9c:5a:9f:f7:fe:69:ca:51:72:9d:7c:b0:e0:
                    5d:cf:e5:33:61:12:76:c8:73:22:5a:46:ae:5b:9d:
                    e5:02:57:b0:b9:cf:9a:fb:36:7b:24:bc:21:fd:56:
                    dd:44:6d:d6:57:01:6b:0c:68:7a:26:47:e9:c6:ca:
                    d1:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:D0:CE:89:20:97:A1:E3:4D:4D:D9:D1:0D:F1:3B:6D:A1:E2:00:D7
            X509v3 Authority Key Identifier:
                keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/EtDOiSCXoeNNTdnRDfE7baHiANc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.30.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:92:cc:74:e7:ea:10:5a:12:45:1b:ec:bc:56:ae:e2:7f:54:
         eb:ac:77:44:b3:1f:08:1a:8a:e1:f5:f4:6e:55:8a:bc:04:b8:
         24:ac:45:b5:e3:c9:90:47:ed:c8:96:42:a6:4a:cb:a2:a3:37:
         d1:bb:f4:fd:35:c2:e8:05:9a:8d:37:95:67:37:77:06:89:bd:
         3e:c8:be:9a:23:45:10:f1:f8:e2:1b:8c:4d:4f:4c:b7:83:b9:
         9a:8f:37:1a:b1:c1:06:f4:fb:cd:65:64:8d:3e:40:7b:d8:3b:
         8c:24:d8:f5:6a:b7:32:62:df:b4:de:b6:97:7b:c3:13:89:42:
         41:2a:15:17:e4:00:e3:a8:01:66:1c:05:31:63:89:f2:6c:71:
         ae:0d:4a:66:ee:79:a3:af:9d:ba:c6:8c:5f:53:9b:b0:75:83:
         33:bf:ff:30:00:e8:14:76:e4:76:c6:01:1c:4d:97:64:f4:28:
         8e:f1:22:ce:fd:b5:4b:da:07:ba:c9:2e:00:2d:49:ea:b4:d6:
         ba:dc:aa:f4:d3:e9:c9:3c:3f:01:ca:97:92:ba:3a:59:92:1a:
         01:e6:ba:1f:78:64:49:ac:8f:a1:8a:c1:dc:c3:6c:7e:9a:6e:
         ac:42:d1:91:23:10:15:c3:7f:e7:2b:a8:b8:cc:e7:3c:06:e4:
         0c:c0:be:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGQ5KCzhmGvzb6yxfhaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQwY2U4OTIwOTdhMWUzNGQ0ZGQ5ZDEwZGYxM2I2ZGExZTIwMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqosBs0TbPgX50986+jIj3jz9ZxGU
iyFBfDJIBPznwQ+V/cEuIGXLmdwyPm0dsndDHff7IA7lqcsRswcleyDJqn9aJTbk
bW7UpVEezjIsZXGpf79Kiz/ZXgK7loZg9TRPEbeks5uwBeHkdQb0Uy+L2mwJwoqQ
X2QFbboz6MIe1ZXUsSVf+d7N69YIn5ylU6wChMfYQdwuP69wz8SRFLjFhr++Zw9F
wLzfN48lLu5NE9PKhVx2q1+oF+8PUMwTO0ZAVlikk5xan/f+acpRcp18sOBdz+Uz
YRJ2yHMiWkauW53lAlewuc+a+zZ7JLwh/VbdRG3WVwFrDGh6JkfpxsrRHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBLQzokgl6HjTU3Z0Q3xO22h4gDXMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvRXRET2lTQ1hvZU5OVGRuUkRmRTdiYUhpQU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B4+MA0G
CSqGSIb3DQEBCwUAA4IBAQCqksx05+oQWhJFG+y8Vq7if1TrrHdEsx8IGorh9fRu
VYq8BLgkrEW148mQR+3IlkKmSsuiozfRu/T9NcLoBZqNN5VnN3cGib0+yL6aI0UQ
8fjiG4xNT0y3g7majzcascEG9PvNZWSNPkB72DuMJNj1arcyYt+03raXe8MTiUJB
KhUX5ADjqAFmHAUxY4nybHGuDUpm7nmjr526xoxfU5uwdYMzv/8wAOgUduR2xgEc
TZdk9CiO8SLO/bVL2ge6yS4ALUnqtNa63Kr00+nJPD8BypeSujpZkhoB5rofeGRJ
rI+hisHcw2x+mm6sQtGRIxAVw3/nK6i4zOc8BuQMwL5C
-----END CERTIFICATE-----
Generated at Sun May 12 15:09:24 2024 by rpki-client on console-fra.rpki-client.org