Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/atcsCPIr6L2eTtcdMno8iQ6NFRw.roa
File:                     atcsCPIr6L2eTtcdMno8iQ6NFRw.roa (raw, json)
Hash identifier:          8J3IPA5v8bopFJhFLcG15/HLdmSNKUZLg6aOHxhA6/w=
Subject key identifier:   6A:D7:2C:08:F2:2B:E8:BD:9E:4E:D7:1D:32:7A:3C:89:0E:8D:15:1C
Certificate issuer:       /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial:       018CC94E03576CF18A36BC3B7D43C6221179
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/atcsCPIr6L2eTtcdMno8iQ6NFRw.roa
Signing time:             Tue 02 Jan 2024 08:33:02 +0000
ROA not before:           Tue 02 Jan 2024 08:33:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200188
IP address blocks:        194.181.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4e:03:57:6c:f1:8a:36:bc:3b:7d:43:c6:22:11:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
        Validity
            Not Before: Jan  2 08:33:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6ad72c08f22be8bd9e4ed71d327a3c890e8d151c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:4e:f0:89:a6:14:08:01:db:fe:b9:9b:11:3a:
                    09:41:b7:b7:d8:71:b8:0e:ad:ac:c6:c3:82:7d:7b:
                    2e:60:8f:50:be:fa:7b:9f:02:7d:77:be:b7:5c:c4:
                    f6:7f:53:9b:07:3e:1b:3a:57:2c:3f:56:12:b3:73:
                    4e:6a:66:3d:1c:a7:4f:ee:27:95:b5:c9:12:9e:94:
                    aa:78:fc:76:87:fb:92:4c:fe:2c:99:0a:56:d9:d3:
                    a0:b4:3a:1e:7c:4c:9a:0e:01:12:f6:a7:2f:3e:7c:
                    82:23:b4:0b:ab:9b:99:cc:01:1a:ed:32:79:6e:b5:
                    90:30:db:98:a6:f5:8c:a9:b2:50:1d:a3:fe:ec:7a:
                    91:d9:85:25:7d:40:d1:15:0c:ca:50:5f:5a:bf:15:
                    94:91:b4:d6:06:58:32:90:cd:f1:94:99:ec:77:77:
                    65:77:cd:9e:b2:c1:c2:80:10:1c:c5:bb:b4:2e:c0:
                    d6:a9:d9:21:01:03:6a:07:ff:69:36:fc:7f:15:c9:
                    e2:c8:cb:3a:61:eb:9b:f6:90:8a:ca:2d:a8:63:a7:
                    23:4f:bd:8c:09:5e:8d:38:36:5a:41:ce:e7:73:2f:
                    3e:a6:6d:e2:cd:60:a7:00:f4:ff:a9:70:6c:74:3a:
                    b0:da:17:0b:5a:bc:2f:2c:64:7c:9c:d8:1a:fe:5e:
                    4d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D7:2C:08:F2:2B:E8:BD:9E:4E:D7:1D:32:7A:3C:89:0E:8D:15:1C
            X509v3 Authority Key Identifier:
                keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/atcsCPIr6L2eTtcdMno8iQ6NFRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.181.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:dc:9a:1e:f3:fc:9a:6d:56:af:5f:d0:39:95:23:d5:92:c9:
         5e:87:b3:50:d2:76:39:5b:8e:12:a5:9a:23:00:7e:fa:f5:c6:
         11:ae:c9:0a:ed:2b:1a:9d:3a:0a:39:8d:99:02:a8:3c:df:80:
         1d:26:16:7d:74:3f:c2:08:2e:18:28:82:f8:c0:24:df:61:b9:
         4f:b1:ab:b6:21:44:a9:36:4d:f4:ae:0a:99:60:34:8d:15:96:
         fd:30:de:df:d7:3b:bf:7b:ae:3d:24:23:df:25:1a:dd:9e:53:
         80:73:a6:66:83:73:19:df:59:3d:6b:d2:51:d9:4b:b5:02:6e:
         24:b8:89:56:2c:ac:ee:24:0b:6e:44:45:f1:de:13:aa:01:4f:
         fd:c6:57:90:81:eb:2e:a4:cb:4c:07:c3:4d:c5:96:b8:f5:42:
         2c:58:e7:5c:5c:94:7d:16:2a:c9:95:10:bd:c2:5c:da:23:6c:
         6b:1e:85:29:a7:d7:e9:e8:6d:73:eb:e0:3e:89:c9:7b:57:23:
         58:0e:a0:5c:17:98:7a:cd:8d:06:e5:b0:42:2c:6c:96:19:a8:
         6a:2c:99:f4:a9:51:2f:06:a5:a2:ac:dc:4c:0e:dc:2d:ea:a1:
         0a:37:22:db:1c:98:9d:91:4b:18:f6:1b:65:f4:98:f9:98:40:
         cd:3c:b0:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTgNXbPGKNrw7fUPGIhF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjQwMTAyMDgzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ3MmMwOGYyMmJlOGJkOWU0ZWQ3MWQzMjdhM2M4OTBlOGQxNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk07wiaYUCAHb/rmbEToJQbe32HG4
Dq2sxsOCfXsuYI9Qvvp7nwJ9d763XMT2f1ObBz4bOlcsP1YSs3NOamY9HKdP7ieV
tckSnpSqePx2h/uSTP4smQpW2dOgtDoefEyaDgES9qcvPnyCI7QLq5uZzAEa7TJ5
brWQMNuYpvWMqbJQHaP+7HqR2YUlfUDRFQzKUF9avxWUkbTWBlgykM3xlJnsd3dl
d82essHCgBAcxbu0LsDWqdkhAQNqB/9pNvx/FcniyMs6Yeub9pCKyi2oY6cjT72M
CV6NODZaQc7ncy8+pm3izWCnAPT/qXBsdDqw2hcLWrwvLGR8nNga/l5NhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrXLAjyK+i9nk7XHTJ6PIkOjRUcMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvYXRjc0NQSXI2TDJlVHRjZE1ubzhpUTZORlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrU8MA0G
CSqGSIb3DQEBCwUAA4IBAQBP3Joe8/yabVavX9A5lSPVksleh7NQ0nY5W44SpZoj
AH769cYRrskK7SsanToKOY2ZAqg834AdJhZ9dD/CCC4YKIL4wCTfYblPsau2IUSp
Nk30rgqZYDSNFZb9MN7f1zu/e649JCPfJRrdnlOAc6Zmg3MZ31k9a9JR2Uu1Am4k
uIlWLKzuJAtuREXx3hOqAU/9xleQgesupMtMB8NNxZa49UIsWOdcXJR9FirJlRC9
wlzaI2xrHoUpp9fp6G1z6+A+icl7VyNYDqBcF5h6zY0G5bBCLGyWGahqLJn0qVEv
BqWirNxMDtwt6qEKNyLbHJidkUsY9htl9Jj5mEDNPLB9
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:44:17 2024 by rpki-client on console-ams.rpki-client.org