Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jfcVPGaEaiMUNVgSUjzen2cSwTU.roa
File:                     jfcVPGaEaiMUNVgSUjzen2cSwTU.roa (raw, json)
Hash identifier:          m02TniJf8RZq2smYJpfr05CzcK2vNZaCW84cZDg8zes=
Subject key identifier:   8D:F7:15:3C:66:84:6A:23:14:35:58:12:52:3C:DE:9F:67:12:C1:35
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018CC64AD5A988F09D25DD327F25FDAC1A39
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jfcVPGaEaiMUNVgSUjzen2cSwTU.roa
Signing time:             Mon 01 Jan 2024 18:30:42 +0000
ROA not before:           Mon 01 Jan 2024 18:30:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2614
IP address blocks:        194.102.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:d5:a9:88:f0:9d:25:dd:32:7f:25:fd:ac:1a:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Jan  1 18:30:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8df7153c66846a2314355812523cde9f6712c135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:28:30:2d:f2:7e:24:b7:c5:71:73:5b:e9:29:
                    58:b6:1a:13:c1:22:5d:81:e7:ca:18:cf:34:95:2d:
                    6b:c4:2b:be:91:83:fa:f5:1d:4d:06:2b:a3:a1:c4:
                    91:97:71:fc:8c:f8:5c:0d:10:31:7f:6d:40:1d:59:
                    c4:e9:87:5d:96:ea:2f:00:7e:d2:7a:19:b5:e0:db:
                    eb:f6:35:77:27:e9:5d:e5:c2:c6:62:77:d9:52:44:
                    53:04:82:15:3c:a2:5d:24:31:92:c2:b9:76:d5:95:
                    4d:b4:b7:09:22:53:b4:81:58:5a:df:1c:40:97:aa:
                    94:53:df:31:11:47:a9:c2:f9:38:86:87:72:1e:d5:
                    a9:e7:32:f9:30:cd:8f:58:5c:b3:0c:65:03:f6:80:
                    ec:a6:e9:c7:60:28:22:46:58:a4:b3:78:06:6c:29:
                    dc:65:66:60:89:63:f8:95:f9:ec:b7:2e:2b:57:a2:
                    a6:b2:57:85:42:3d:43:c5:9f:5a:c0:1d:70:9e:63:
                    2e:ad:8c:d4:40:40:1e:bc:66:42:eb:33:39:f5:9a:
                    b2:54:0a:b5:99:68:e1:2a:30:7b:c4:1c:11:b7:45:
                    5a:61:93:7a:5e:d4:e3:43:3c:2d:5d:94:d1:78:95:
                    dd:29:a9:25:ce:2b:38:5a:85:71:8f:7f:46:4e:6a:
                    6c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:F7:15:3C:66:84:6A:23:14:35:58:12:52:3C:DE:9F:67:12:C1:35
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/jfcVPGaEaiMUNVgSUjzen2cSwTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.102.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:41:dd:6d:a1:70:b2:88:64:50:06:12:23:e5:bf:9d:8e:50:
         4d:0d:d4:36:59:9b:97:f6:f7:06:0d:47:45:db:b6:bd:5c:ae:
         a6:9f:ad:4e:e6:86:e3:6d:ed:88:57:84:fa:1a:50:ab:3a:ad:
         aa:4d:c7:a9:65:01:fc:8f:69:65:63:26:ab:6b:f7:42:41:6d:
         e8:36:a1:32:67:35:31:9e:a6:cf:dd:78:19:7d:33:61:ac:c9:
         b4:b6:bb:b9:90:cc:84:1b:b2:0f:ea:8e:a0:e1:7d:6c:d2:24:
         cf:0e:72:67:bc:4a:77:7f:e3:99:d0:7b:1a:8b:bc:37:7e:72:
         d6:c3:3f:7c:24:e5:2c:75:85:da:67:36:e7:02:d9:9b:7b:6f:
         d1:f1:81:ef:95:67:be:22:1e:35:ad:4a:cd:12:cf:af:5b:8b:
         94:a8:16:fd:cb:cf:87:de:14:fd:ba:0c:70:59:97:2f:fb:82:
         8f:26:b8:9a:f1:f8:a4:9a:9a:f7:16:cb:3f:4a:e8:0c:65:b8:
         b3:3c:eb:b8:2a:6d:7a:16:a5:d1:80:9e:17:0d:43:c1:7c:3f:
         85:88:ab:7b:a0:3f:ae:66:01:38:32:2d:b1:53:92:28:1e:7b:
         d5:b3:22:01:8c:51:a3:a4:e3:74:64:2d:76:e6:e7:30:a7:db:
         ba:7c:2f:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGStWpiPCdJd0yfyX9rBo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY3MTUzYzY2ODQ2YTIzMTQzNTU4MTI1MjNjZGU5ZjY3MTJjMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSgwLfJ+JLfFcXNb6SlYthoTwSJd
gefKGM80lS1rxCu+kYP69R1NBiujocSRl3H8jPhcDRAxf21AHVnE6YddluovAH7S
ehm14Nvr9jV3J+ld5cLGYnfZUkRTBIIVPKJdJDGSwrl21ZVNtLcJIlO0gVha3xxA
l6qUU98xEUepwvk4hodyHtWp5zL5MM2PWFyzDGUD9oDspunHYCgiRliks3gGbCnc
ZWZgiWP4lfnsty4rV6KmsleFQj1DxZ9awB1wnmMurYzUQEAevGZC6zM59ZqyVAq1
mWjhKjB7xBwRt0VaYZN6XtTjQzwtXZTReJXdKaklzis4WoVxj39GTmps1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI33FTxmhGojFDVYElI83p9nEsE1MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvamZjVlBHYUVhaU1VTlZnU1VqemVuMmNTd1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmY9MA0G
CSqGSIb3DQEBCwUAA4IBAQBMQd1toXCyiGRQBhIj5b+djlBNDdQ2WZuX9vcGDUdF
27a9XK6mn61O5objbe2IV4T6GlCrOq2qTcepZQH8j2llYyara/dCQW3oNqEyZzUx
nqbP3XgZfTNhrMm0tru5kMyEG7IP6o6g4X1s0iTPDnJnvEp3f+OZ0Hsai7w3fnLW
wz98JOUsdYXaZzbnAtmbe2/R8YHvlWe+Ih41rUrNEs+vW4uUqBb9y8+H3hT9ugxw
WZcv+4KPJria8fikmpr3Fss/SugMZbizPOu4Km16FqXRgJ4XDUPBfD+FiKt7oD+u
ZgE4Mi2xU5IoHnvVsyIBjFGjpON0ZC125ucwp9u6fC+o
-----END CERTIFICATE-----
Generated at Mon May 20 17:28:50 2024 by rpki-client on console-fra.rpki-client.org