Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/M_jnh0abgBwroSVIrww6via6vuA.roa
File:                     M_jnh0abgBwroSVIrww6via6vuA.roa (raw, json)
Hash identifier:          e/LAhrVzGuCicp8Fpw7Y007Qlc9wUPlsDB02pWwBfsI=
Subject key identifier:   33:F8:E7:87:46:9B:80:1C:2B:A1:25:48:AF:0C:3A:BE:26:BA:BE:E0
Certificate issuer:       /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial:       01912BCC72DF6B404D66D57CF8EC1A586F95
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/M_jnh0abgBwroSVIrww6via6vuA.roa
Signing time:             Wed 07 Aug 2024 07:45:04 +0000
ROA not before:           Wed 07 Aug 2024 07:45:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57944
IP address blocks:        194.147.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 01:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:2b:cc:72:df:6b:40:4d:66:d5:7c:f8:ec:1a:58:6f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
        Validity
            Not Before: Aug  7 07:45:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=33f8e787469b801c2ba12548af0c3abe26babee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1f:47:d2:7c:0c:b6:1e:90:4a:34:0f:3b:51:
                    77:10:bd:c8:40:14:8c:03:7a:b6:68:1d:6c:ec:67:
                    88:74:20:35:e7:b9:7f:0f:ce:8c:73:71:79:5e:87:
                    04:ea:4f:3e:94:4a:d7:c8:5c:d5:8e:15:ee:32:27:
                    ba:9e:dc:85:8d:ae:28:80:32:e5:19:93:65:e8:e1:
                    27:05:2f:74:f3:c2:8f:a9:18:95:46:78:8b:5b:50:
                    de:f2:44:05:42:64:58:9a:24:09:75:28:c0:8e:b1:
                    16:eb:f4:51:71:1a:a1:a1:cb:68:d9:ed:d2:01:c6:
                    33:78:d7:32:2a:e6:c4:30:80:4f:0a:e0:f5:41:97:
                    37:47:83:01:7a:bd:e8:55:1d:2d:2b:5e:d3:8c:e9:
                    21:b8:33:1d:bc:ba:16:aa:24:e3:85:a7:42:4f:77:
                    05:c9:44:07:5d:6d:82:ad:cd:23:01:92:9c:78:d7:
                    be:a4:81:20:8b:ff:4d:31:3e:d8:17:ef:8d:29:04:
                    ff:e9:92:67:90:a8:05:60:81:2d:5d:a3:55:79:c1:
                    0a:65:26:42:43:e2:46:d3:c8:2e:e5:a9:1c:c5:30:
                    a5:f2:83:53:ae:6d:28:6c:7e:88:52:9a:90:49:98:
                    f5:1d:e8:f2:24:d1:00:f8:51:2b:ec:a3:74:d1:18:
                    61:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F8:E7:87:46:9B:80:1C:2B:A1:25:48:AF:0C:3A:BE:26:BA:BE:E0
            X509v3 Authority Key Identifier:
                keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/M_jnh0abgBwroSVIrww6via6vuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:47:48:b8:4c:0b:b5:0e:52:f5:b3:f7:88:b0:d7:c3:76:bd:
         67:86:6e:a3:bd:90:7f:b5:33:f6:8a:69:1d:d0:ee:18:97:81:
         06:3b:76:aa:44:a9:77:cb:96:91:89:47:90:5d:2b:79:67:6e:
         f0:80:a7:19:10:62:bb:24:56:e7:4c:95:fa:77:49:1d:5c:6c:
         4c:06:23:0e:46:8d:f2:2d:96:1a:8d:b7:eb:e8:00:2d:6e:1e:
         d1:72:db:fc:f6:42:90:03:93:fe:f8:7d:df:e1:25:e8:78:ec:
         e8:8e:da:15:9b:0e:e3:7d:e5:5a:0e:70:ae:22:83:96:20:7c:
         e5:3d:f3:7d:6b:68:97:31:c1:d0:6e:90:c4:dd:98:37:9e:6b:
         eb:b7:2d:20:3f:d0:40:8e:60:5d:f2:64:a1:48:d9:b7:e1:dc:
         f2:3d:67:63:a5:04:11:b6:51:15:10:b9:99:53:b8:82:4c:85:
         6b:cf:21:32:91:ef:ef:2b:b8:3c:fe:1c:bb:2c:d2:3d:26:69:
         e1:73:04:50:07:6f:1d:a0:b3:bf:51:70:ae:53:69:d8:13:f1:
         8a:f7:24:c4:12:18:88:01:83:cc:9e:22:9c:7b:19:51:dc:57:
         c9:ce:5f:50:ce:34:5d:40:42:cd:1a:92:f6:1e:bf:94:31:98:
         24:dd:fd:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZErzHLfa0BNZtV8+OwaWG+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwODA3MDc0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y4ZTc4NzQ2OWI4MDFjMmJhMTI1NDhhZjBjM2FiZTI2YmFiZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx9H0nwMth6QSjQPO1F3EL3IQBSM
A3q2aB1s7GeIdCA157l/D86Mc3F5XocE6k8+lErXyFzVjhXuMie6ntyFja4ogDLl
GZNl6OEnBS9088KPqRiVRniLW1De8kQFQmRYmiQJdSjAjrEW6/RRcRqhocto2e3S
AcYzeNcyKubEMIBPCuD1QZc3R4MBer3oVR0tK17TjOkhuDMdvLoWqiTjhadCT3cF
yUQHXW2Crc0jAZKceNe+pIEgi/9NMT7YF++NKQT/6ZJnkKgFYIEtXaNVecEKZSZC
Q+JG08gu5akcxTCl8oNTrm0obH6IUpqQSZj1HejyJNEA+FEr7KN00RhhFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDP454dGm4AcK6ElSK8MOr4mur7gMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvTV9qbmgwYWJnQndyb1NWSXJ3dzZ2aWE2dnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpOMMA0G
CSqGSIb3DQEBCwUAA4IBAQAUR0i4TAu1DlL1s/eIsNfDdr1nhm6jvZB/tTP2imkd
0O4Yl4EGO3aqRKl3y5aRiUeQXSt5Z27wgKcZEGK7JFbnTJX6d0kdXGxMBiMORo3y
LZYajbfr6AAtbh7Rctv89kKQA5P++H3f4SXoeOzojtoVmw7jfeVaDnCuIoOWIHzl
PfN9a2iXMcHQbpDE3Zg3nmvrty0gP9BAjmBd8mShSNm34dzyPWdjpQQRtlEVELmZ
U7iCTIVrzyEyke/vK7g8/hy7LNI9JmnhcwRQB28doLO/UXCuU2nYE/GK9yTEEhiI
AYPMniKcexlR3FfJzl9QzjRdQELNGpL2Hr+UMZgk3f0w
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:43:45 2024 by rpki-client on console-ams.rpki-client.org