Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vXDjVL6RtO27ptots43P9vUcwDQ.roa
File:                     vXDjVL6RtO27ptots43P9vUcwDQ.roa (raw, json)
Hash identifier:          HuRohOBUeYAO3sEia20bZrDhRcXa8As311MB/xeUF8E=
Subject key identifier:   BD:70:E3:54:BE:91:B4:ED:BB:A6:DA:2D:B3:8D:CF:F6:F5:1C:C0:34
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018CC4256869F58236AC18A08975197947F5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vXDjVL6RtO27ptots43P9vUcwDQ.roa
Signing time:             Mon 01 Jan 2024 08:30:35 +0000
ROA not before:           Mon 01 Jan 2024 08:30:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205203
IP address blocks:        194.56.227.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 May 2024 14:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:68:69:f5:82:36:ac:18:a0:89:75:19:79:47:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 08:30:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bd70e354be91b4edbba6da2db38dcff6f51cc034
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fa:6d:3d:91:30:59:2d:e9:6c:b9:7a:b5:ed:
                    51:c3:98:1d:59:7a:a9:f3:8f:34:3e:52:fc:6c:9f:
                    02:bb:de:2a:9a:98:73:a6:a7:88:99:4b:39:42:f1:
                    f6:92:5e:16:20:a9:23:99:49:c4:af:82:5c:c1:67:
                    a1:de:c3:38:6f:bf:f5:ba:59:64:85:25:88:9e:ba:
                    4e:23:f8:6d:d7:d5:0d:5a:49:4a:3d:7a:dc:5e:9f:
                    e9:f5:04:53:96:41:f9:ae:88:1c:3f:e2:37:0f:08:
                    e7:d2:cb:51:7b:7e:76:e9:be:9e:2b:e9:7e:15:e2:
                    9e:a5:2d:c0:df:f6:9b:45:bc:0f:3d:ef:11:83:c2:
                    01:06:05:be:15:ca:ef:fb:8f:97:d4:93:64:e7:5e:
                    fd:4c:31:aa:4c:40:24:aa:d3:5b:b4:dc:45:b8:d9:
                    76:15:d9:78:08:bc:97:52:61:ec:fb:99:61:a2:b0:
                    50:4e:cb:c5:0d:79:56:40:2c:f1:d8:7d:25:fd:11:
                    6d:cf:46:09:c9:99:d5:c1:af:aa:00:b0:6f:15:d2:
                    74:c9:57:0b:1e:11:6d:0b:b5:f7:06:ae:74:e7:d1:
                    26:85:4b:40:0e:96:ba:1d:2e:b8:63:dd:e8:e9:52:
                    0d:7c:71:c9:9b:68:92:00:29:28:9e:7e:5c:20:1b:
                    aa:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:70:E3:54:BE:91:B4:ED:BB:A6:DA:2D:B3:8D:CF:F6:F5:1C:C0:34
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vXDjVL6RtO27ptots43P9vUcwDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.56.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:b1:2e:44:e8:03:76:5c:20:0f:c3:92:ad:95:6f:d1:7d:b9:
         99:c3:62:aa:6d:a7:e8:43:89:2b:d7:fe:87:9b:02:3e:25:1e:
         95:b3:d7:c3:16:bc:bd:2f:32:64:d5:f4:ed:3b:19:84:ea:e2:
         4d:16:d8:6f:f2:96:3b:c5:fc:c4:50:1b:1d:39:83:98:77:36:
         eb:c1:70:7b:7a:64:fa:cd:55:04:0a:4a:b0:8b:eb:a9:95:2b:
         ef:28:54:02:cf:bd:d1:59:06:55:86:a2:db:09:29:8d:ee:c4:
         a0:8e:f4:1a:63:23:31:f9:70:48:3b:d9:fe:27:3a:02:46:85:
         6f:0b:73:54:ad:f9:16:95:42:5c:1e:7e:ac:31:97:c1:62:4b:
         63:ec:5e:bc:14:b0:76:3a:13:5e:b5:ba:68:53:38:62:30:85:
         7a:af:dc:97:4e:9c:65:31:9c:ec:c6:70:51:9a:5a:7b:a0:4c:
         2a:6a:bf:68:d8:76:ff:71:98:af:24:87:e1:c5:89:c1:ad:ef:
         a5:ba:26:31:f9:5f:70:e1:6d:f0:53:95:d0:0b:9f:bf:ff:1b:
         05:4e:9e:eb:4e:09:60:6d:99:74:46:47:85:0b:b3:9c:a8:66:
         d1:9d:04:92:0b:2c:50:55:c3:6a:96:7f:5a:30:8f:00:4c:32:
         e8:90:5b:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWhp9YI2rBigiXUZeUf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDcwZTM1NGJlOTFiNGVkYmJhNmRhMmRiMzhkY2ZmNmY1MWNjMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/ptPZEwWS3pbLl6te1Rw5gdWXqp
8480PlL8bJ8Cu94qmphzpqeImUs5QvH2kl4WIKkjmUnEr4JcwWeh3sM4b7/1ullk
hSWInrpOI/ht19UNWklKPXrcXp/p9QRTlkH5rogcP+I3Dwjn0stRe3526b6eK+l+
FeKepS3A3/abRbwPPe8Rg8IBBgW+Fcrv+4+X1JNk5179TDGqTEAkqtNbtNxFuNl2
Fdl4CLyXUmHs+5lhorBQTsvFDXlWQCzx2H0l/RFtz0YJyZnVwa+qALBvFdJ0yVcL
HhFtC7X3Bq5059EmhUtADpa6HS64Y93o6VINfHHJm2iSACkonn5cIBuqSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1w41S+kbTtu6baLbONz/b1HMA0MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdlhEalZMNlJ0TzI3cHRvdHM0M1A5dlVjd0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjjjMA0G
CSqGSIb3DQEBCwUAA4IBAQAssS5E6AN2XCAPw5KtlW/RfbmZw2KqbafoQ4kr1/6H
mwI+JR6Vs9fDFry9LzJk1fTtOxmE6uJNFthv8pY7xfzEUBsdOYOYdzbrwXB7emT6
zVUECkqwi+uplSvvKFQCz73RWQZVhqLbCSmN7sSgjvQaYyMx+XBIO9n+JzoCRoVv
C3NUrfkWlUJcHn6sMZfBYktj7F68FLB2OhNetbpoUzhiMIV6r9yXTpxlMZzsxnBR
mlp7oEwqar9o2Hb/cZivJIfhxYnBre+luiYx+V9w4W3wU5XQC5+//xsFTp7rTglg
bZl0RkeFC7OcqGbRnQSSCyxQVcNqln9aMI8ATDLokFsy
-----END CERTIFICATE-----
Generated at Wed May 15 17:59:06 2024 by rpki-client on console-fra.rpki-client.org