Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCszhdJdmXW05O2isyrld44lHFA.roa
File:                     fCszhdJdmXW05O2isyrld44lHFA.roa (raw, json)
Hash identifier:          TAtIA29zBvv4N/UCeCTpG4mTXU+ROa+bpdg4ILzBAnY=
Subject key identifier:   7C:2B:33:85:D2:5D:99:75:B4:E4:ED:A2:B3:2A:E5:77:8E:25:1C:50
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64AE127D1A0C839369C816A0C42E034
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCszhdJdmXW05O2isyrld44lHFA.roa
Signing time:             Mon 01 Jan 2024 18:30:45 +0000
ROA not before:           Mon 01 Jan 2024 18:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     33875
IP address blocks:        81.180.92.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:e1:27:d1:a0:c8:39:36:9c:81:6a:0c:42:e0:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7c2b3385d25d9975b4e4eda2b32ae5778e251c50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a8:7f:02:99:ea:aa:27:d8:04:38:be:0c:96:
                    fb:48:f2:3f:eb:bb:9d:b7:10:ad:6d:f7:cd:23:83:
                    ae:0f:82:ac:b4:f8:3d:38:3f:2e:92:aa:29:ed:05:
                    e6:b7:b1:8a:9e:8b:c5:b4:08:ae:0e:49:64:62:9b:
                    39:9e:1e:f4:f1:e5:73:33:3c:e5:a0:2b:20:0a:a9:
                    19:8a:00:63:c7:91:8b:a1:fe:83:ce:aa:ce:3b:6c:
                    2b:d4:e8:f4:de:a8:a5:73:21:30:04:91:39:ba:6c:
                    13:50:f3:2f:49:86:18:51:c3:17:d0:1f:a3:f4:02:
                    a8:12:27:06:dd:2d:a4:2f:6f:7c:3d:6b:61:ce:c8:
                    78:f9:f2:e8:6b:7f:e1:c7:83:15:45:22:c5:26:6b:
                    cf:29:ac:c4:ed:af:6d:0d:e7:49:6e:99:f7:88:82:
                    18:0d:66:fe:19:5e:33:86:87:ab:3c:e3:07:9f:89:
                    26:36:72:3c:3b:20:ea:1d:72:41:37:1b:5f:7c:3d:
                    b1:10:12:51:7a:d4:98:7a:92:bb:47:36:f6:d2:ac:
                    8a:60:f9:9b:3f:79:36:92:77:5a:5f:ea:92:4e:f8:
                    f6:4d:e6:cc:53:00:10:6e:40:fa:7e:55:1f:91:22:
                    3d:f6:e0:51:d1:7b:76:b5:49:f1:7b:f7:1e:e1:7d:
                    e8:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:2B:33:85:D2:5D:99:75:B4:E4:ED:A2:B3:2A:E5:77:8E:25:1C:50
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/fCszhdJdmXW05O2isyrld44lHFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.180.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:82:ed:3e:dc:2f:fc:c4:b3:4e:44:35:1e:5d:91:56:33:c7:
         ce:11:ff:23:03:8d:99:83:37:e9:97:52:9f:94:1e:6e:82:64:
         29:c2:1c:fc:d1:5d:6a:e6:92:65:ce:99:3c:ec:8e:f1:bf:bc:
         dd:98:fa:cb:08:8d:76:ed:eb:b0:ea:c3:c1:f2:fc:c8:cf:3e:
         ea:0b:db:18:ce:9a:40:c4:2a:b6:de:40:f3:04:22:b0:63:60:
         58:a8:1a:ca:2a:ad:db:9e:5c:86:7b:ea:94:87:9a:99:6c:48:
         07:01:bd:70:60:17:e4:e4:cc:94:af:94:c6:86:96:b2:ea:f4:
         46:08:25:0a:50:9d:81:46:11:64:36:c7:63:97:dd:98:cb:08:
         1f:50:da:15:4e:b5:5e:f8:97:f0:64:e6:f1:6c:ab:91:ec:d4:
         f7:26:88:f9:aa:52:4b:2a:0c:a7:bf:cc:25:99:93:30:3e:75:
         c8:26:74:24:ae:6c:85:4f:02:69:44:76:be:41:c0:1f:c4:6c:
         73:66:92:1f:11:d0:6b:a0:cf:67:48:9e:b7:43:35:3c:1a:6d:
         f7:d8:97:1f:38:14:ff:5f:65:e9:dc:af:24:1f:fe:8b:10:60:
         b2:d9:cb:7a:a5:76:a1:dd:9f:8d:ea:4a:4f:4f:05:c7:a2:29:
         20:72:83:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSuEn0aDIOTacgWoMQuA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJiMzM4NWQyNWQ5OTc1YjRlNGVkYTJiMzJhZTU3NzhlMjUxYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqh/ApnqqifYBDi+DJb7SPI/67ud
txCtbffNI4OuD4KstPg9OD8ukqop7QXmt7GKnovFtAiuDklkYps5nh708eVzMzzl
oCsgCqkZigBjx5GLof6DzqrOO2wr1Oj03qilcyEwBJE5umwTUPMvSYYYUcMX0B+j
9AKoEicG3S2kL298PWthzsh4+fLoa3/hx4MVRSLFJmvPKazE7a9tDedJbpn3iIIY
DWb+GV4zhoerPOMHn4kmNnI8OyDqHXJBNxtffD2xEBJRetSYepK7Rzb20qyKYPmb
P3k2kndaX+qSTvj2TebMUwAQbkD6flUfkSI99uBR0Xt2tUnxe/ce4X3ogwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwrM4XSXZl1tOTtorMq5XeOJRxQMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZkNzemhkSmRtWFcwNU8yaXN5cmxkNDRsSEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUbRcMA0G
CSqGSIb3DQEBCwUAA4IBAQBGgu0+3C/8xLNORDUeXZFWM8fOEf8jA42Zgzfpl1Kf
lB5ugmQpwhz80V1q5pJlzpk87I7xv7zdmPrLCI127euw6sPB8vzIzz7qC9sYzppA
xCq23kDzBCKwY2BYqBrKKq3bnlyGe+qUh5qZbEgHAb1wYBfk5MyUr5TGhpay6vRG
CCUKUJ2BRhFkNsdjl92YywgfUNoVTrVe+JfwZObxbKuR7NT3Joj5qlJLKgynv8wl
mZMwPnXIJnQkrmyFTwJpRHa+QcAfxGxzZpIfEdBroM9nSJ63QzU8Gm332JcfOBT/
X2Xp3K8kH/6LEGCy2ct6pXah3Z+N6kpPTwXHoikgcoNt
-----END CERTIFICATE-----
Generated at Mon May 20 17:32:13 2024 by rpki-client on console-ams.rpki-client.org