Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/S5oC7yOVKORrlcp3bKYQDjGxL4c.roa
File:                     S5oC7yOVKORrlcp3bKYQDjGxL4c.roa (raw, json)
Hash identifier:          jJbXcj6DeopIZyQUhtudnGVluKqgIiPtN05vMIR+PX0=
Subject key identifier:   4B:9A:02:EF:23:95:28:E4:6B:95:CA:77:6C:A6:10:0E:31:B1:2F:87
Certificate issuer:       /CN=f651dc9875e35ec580c571fd0416f4d5f5d4158a
Certificate serial:       018CC6B77D4F467BF7E6E75B215B5C544CFA
Authority key identifier: F6:51:DC:98:75:E3:5E:C5:80:C5:71:FD:04:16:F4:D5:F5:D4:15:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lHcmHXjXsWAxXH9BBb01fXUFYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/S5oC7yOVKORrlcp3bKYQDjGxL4c.roa
Signing time:             Mon 01 Jan 2024 20:29:23 +0000
ROA not before:           Mon 01 Jan 2024 20:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212609
IP address blocks:        193.30.102.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/9lHcmHXjXsWAxXH9BBb01fXUFYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/9lHcmHXjXsWAxXH9BBb01fXUFYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lHcmHXjXsWAxXH9BBb01fXUFYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:7d:4f:46:7b:f7:e6:e7:5b:21:5b:5c:54:4c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f651dc9875e35ec580c571fd0416f4d5f5d4158a
        Validity
            Not Before: Jan  1 20:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b9a02ef239528e46b95ca776ca6100e31b12f87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:e6:f5:0d:9d:e5:8d:b4:aa:37:1f:57:af:9a:
                    67:42:6f:76:dd:e7:c6:ad:00:54:3a:79:f9:79:3c:
                    22:c9:9e:18:2d:1b:70:06:e2:f2:a8:a3:5b:58:60:
                    04:d6:99:3b:7e:a0:f6:df:51:1d:3a:02:98:07:13:
                    81:e2:41:e3:94:f9:a2:2d:68:03:a8:92:85:b7:f4:
                    b6:34:9b:dc:8b:bf:7a:21:b4:57:87:28:e8:25:9d:
                    48:a8:a1:38:ad:47:d7:d5:30:7d:c2:12:d8:2b:9e:
                    9c:85:33:8c:dd:00:88:6c:99:f2:79:14:e1:a9:1d:
                    f8:b3:10:55:3f:c8:6e:10:de:7a:e6:09:86:32:9e:
                    ae:e8:66:0f:c9:cf:5f:58:75:bd:e8:5c:80:91:c8:
                    03:71:a3:9b:aa:df:85:96:cb:4f:65:ee:81:0e:3e:
                    6a:44:ea:4a:08:65:64:cd:2f:02:3e:71:a3:00:34:
                    13:3a:d7:a4:4c:1a:a2:89:77:d1:4b:0b:fa:75:d1:
                    71:98:31:43:c8:1a:80:63:06:f9:ef:7d:cd:0c:3b:
                    01:1c:44:2a:bc:8b:4c:c2:3d:df:0d:50:71:5e:2b:
                    c5:ad:28:c3:56:15:be:18:9c:98:2f:c6:01:36:86:
                    4e:4e:9f:bf:2b:9e:09:d0:7e:43:7a:fd:42:db:5d:
                    d8:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9A:02:EF:23:95:28:E4:6B:95:CA:77:6C:A6:10:0E:31:B1:2F:87
            X509v3 Authority Key Identifier:
                keyid:F6:51:DC:98:75:E3:5E:C5:80:C5:71:FD:04:16:F4:D5:F5:D4:15:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lHcmHXjXsWAxXH9BBb01fXUFYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/S5oC7yOVKORrlcp3bKYQDjGxL4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b4d9d7-6703-4b06-b3ee-07510381420a/1/9lHcmHXjXsWAxXH9BBb01fXUFYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.30.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:c6:c8:e8:5d:74:fa:83:7e:0c:03:b6:0f:5b:d9:71:78:df:
         4c:4c:96:e4:d7:da:89:aa:05:7b:a6:52:35:37:af:91:b3:da:
         00:8d:f4:a8:af:28:f9:01:56:20:b7:75:6a:bc:81:4a:95:ff:
         a5:5c:9d:a2:16:92:29:ee:25:2c:a2:4e:78:03:c8:dc:f3:5d:
         99:a4:c9:7d:51:6b:5a:ff:c0:59:0e:7f:73:36:1f:28:39:57:
         6f:ab:b1:a6:49:4f:5a:b0:9f:ed:10:8b:da:9b:bd:7a:c8:1e:
         2b:04:66:5e:3e:7f:75:cb:f2:6d:b1:cf:fc:5c:e9:30:5b:a5:
         42:ae:8c:20:3e:67:ab:8a:34:be:70:6e:f0:47:0f:b4:98:3e:
         ea:4f:8f:e9:31:88:67:7f:3e:20:f7:28:4c:ff:0a:5b:12:13:
         da:cd:5f:19:bc:ad:b3:1a:26:71:61:97:a8:38:bc:49:52:db:
         e0:52:c6:ab:08:9e:3a:26:c2:11:a8:45:1a:ce:17:7e:03:2d:
         51:6c:21:c7:ff:3b:04:63:dc:6f:e2:44:fd:29:4a:e3:24:b6:
         9b:54:94:42:35:95:1b:05:23:13:8e:43:97:8d:b5:38:6f:1a:
         18:cc:86:03:3a:0f:10:09:26:42:23:90:63:57:46:3a:42:1c:
         19:9e:ad:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt31PRnv35udbIVtcVEz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTFkYzk4NzVlMzVlYzU4MGM1NzFmZDA0MTZmNGQ1ZjVk
NDE1OGEwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlhMDJlZjIzOTUyOGU0NmI5NWNhNzc2Y2E2MTAwZTMxYjEyZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgub1DZ3ljbSqNx9Xr5pnQm923efG
rQBUOnn5eTwiyZ4YLRtwBuLyqKNbWGAE1pk7fqD231EdOgKYBxOB4kHjlPmiLWgD
qJKFt/S2NJvci796IbRXhyjoJZ1IqKE4rUfX1TB9whLYK56chTOM3QCIbJnyeRTh
qR34sxBVP8huEN565gmGMp6u6GYPyc9fWHW96FyAkcgDcaObqt+FlstPZe6BDj5q
ROpKCGVkzS8CPnGjADQTOtekTBqiiXfRSwv6ddFxmDFDyBqAYwb5733NDDsBHEQq
vItMwj3fDVBxXivFrSjDVhW+GJyYL8YBNoZOTp+/K54J0H5Dev1C213Y4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuaAu8jlSjka5XKd2ymEA4xsS+HMB8GA1UdIwQY
MBaAFPZR3Jh1417FgMVx/QQW9NX11BWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxIY21IWGpYc1dBeFhIOUJCYjAxZlhVRllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNGQ5ZDctNjcwMy00YjA2LWIzZWUt
MDc1MTAzODE0MjBhLzEvUzVvQzd5T1ZLT1JybGNwM2JLWVFEakd4TDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iNGQ5ZDctNjcwMy00YjA2LWIzZWUtMDc1MTAzODE0MjBh
LzEvOWxIY21IWGpYc1dBeFhIOUJCYjAxZlhVRllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR5mMA0G
CSqGSIb3DQEBCwUAA4IBAQAJxsjoXXT6g34MA7YPW9lxeN9MTJbk19qJqgV7plI1
N6+Rs9oAjfSoryj5AVYgt3VqvIFKlf+lXJ2iFpIp7iUsok54A8jc812ZpMl9UWta
/8BZDn9zNh8oOVdvq7GmSU9asJ/tEIvam716yB4rBGZePn91y/Jtsc/8XOkwW6VC
rowgPmerijS+cG7wRw+0mD7qT4/pMYhnfz4g9yhM/wpbEhPazV8ZvK2zGiZxYZeo
OLxJUtvgUsarCJ46JsIRqEUazhd+Ay1RbCHH/zsEY9xv4kT9KUrjJLabVJRCNZUb
BSMTjkOXjbU4bxoYzIYDOg8QCSZCI5BjV0Y6QhwZnq1c
-----END CERTIFICATE-----
Generated at Fri May 17 11:11:18 2024 by rpki-client on console-ams.rpki-client.org