Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/BXFsTtG9DflVaL53ShkCzXhNABE.roa
File:                     BXFsTtG9DflVaL53ShkCzXhNABE.roa (raw, json)
Hash identifier:          y2fSfWkpwpRnGZPtUWGQScCa1z9GEf34wtyZqz/plKU=
Subject key identifier:   05:71:6C:4E:D1:BD:0D:F9:55:68:BE:77:4A:19:02:CD:78:4D:00:11
Certificate issuer:       /CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
Certificate serial:       018CC8024DB428E726F0786B6B720633304F
Authority key identifier: F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/BXFsTtG9DflVaL53ShkCzXhNABE.roa
Signing time:             Tue 02 Jan 2024 02:30:43 +0000
ROA not before:           Tue 02 Jan 2024 02:30:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47692
IP address blocks:        185.12.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/1-F0AREYYLVH9OPf3X-KlyGCLyG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/1-F0AREYYLVH9OPf3X-KlyGCLyG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 07:03:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:02:4d:b4:28:e7:26:f0:78:6b:6b:72:06:33:30:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
        Validity
            Not Before: Jan  2 02:30:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=05716c4ed1bd0df95568be774a1902cd784d0011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:21:33:4e:37:15:30:2b:bf:b8:47:92:5f:f4:
                    7b:bc:fc:ae:2d:e3:72:a4:6c:f9:58:f0:ca:9b:f5:
                    88:e3:67:24:02:e1:34:8c:c0:50:6a:95:8f:3e:da:
                    26:a6:72:6a:6d:ee:51:6f:e0:db:79:47:54:53:32:
                    82:77:7e:d4:24:9c:3a:88:d4:88:cf:69:c1:8d:22:
                    9e:c2:da:51:92:91:92:a1:49:f1:fa:3c:12:1c:07:
                    0f:28:ef:ca:85:00:e9:2b:0d:40:12:cc:41:94:b4:
                    9c:02:b7:73:d8:20:64:25:2d:40:95:b9:e7:59:24:
                    97:57:ea:f0:e8:2a:1b:76:8d:9f:21:f8:f9:b3:86:
                    19:fa:fa:06:20:ac:2d:14:f6:d2:e0:fc:dc:89:6c:
                    2f:46:20:cb:bf:e5:4f:b5:ae:c6:86:76:b4:92:a3:
                    cc:8c:46:76:71:56:a3:36:6c:bf:3e:5b:94:f3:94:
                    4e:fb:44:92:09:12:cf:59:79:8f:55:02:79:f3:0a:
                    13:66:b1:a2:e5:85:a5:14:67:a1:65:24:4a:59:99:
                    ca:63:25:41:a9:c5:6b:d1:9d:d1:c5:dd:d6:8e:4a:
                    ad:da:08:84:b2:2c:65:18:28:4e:b5:e7:45:a6:cc:
                    17:56:b0:8d:94:f6:a7:55:74:db:f3:65:7d:8e:57:
                    04:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:71:6C:4E:D1:BD:0D:F9:55:68:BE:77:4A:19:02:CD:78:4D:00:11
            X509v3 Authority Key Identifier:
                keyid:F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/BXFsTtG9DflVaL53ShkCzXhNABE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/1-F0AREYYLVH9OPf3X-KlyGCLyG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:ab:06:e7:d8:a2:a4:11:f4:0f:4d:61:e2:6c:59:bc:f2:3c:
         e7:af:fb:1b:b2:c4:75:45:6e:ae:d7:06:eb:60:f0:3f:7d:85:
         33:20:4c:82:f2:5c:8c:df:a8:68:a7:b8:de:19:33:40:3d:3f:
         14:8b:6e:89:1b:7c:84:eb:a4:56:3c:f9:18:2b:0d:52:e9:6f:
         97:d1:a8:a1:be:44:14:7c:93:ec:d1:36:8d:f8:19:ab:f4:c9:
         fd:5a:e8:ab:5d:c9:be:4b:4d:eb:26:5a:d1:4b:5e:5f:06:5f:
         ed:34:ba:2a:8b:2e:3c:1f:7d:0f:33:4c:ab:1c:c0:e8:d5:86:
         37:fd:2f:ed:5c:0c:91:50:a3:69:c7:63:79:de:8b:8b:26:6f:
         52:55:b1:8d:af:70:0c:42:a4:85:86:9b:10:3e:34:a9:b0:4c:
         ba:47:9a:4d:7d:13:56:f2:e7:f9:79:d3:6e:09:05:c3:c7:21:
         b2:80:78:0d:e6:7e:e1:8e:ca:a6:33:0a:91:0d:f0:39:f0:64:
         5c:f2:9a:df:cd:44:eb:89:24:a3:58:98:1a:21:a9:7a:51:53:
         6c:4d:a3:98:e8:63:14:8a:58:54:a0:65:db:92:92:8a:42:3c:
         d5:31:b9:19:00:47:cc:01:54:bc:50:f9:1a:03:91:fb:9a:78:
         ba:42:12:f0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAk20KOcm8Hhra3IGMzBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NWQwMDQ0NDYxODJkNTFmZDM4ZjdmNzVmZTJhNWM4NjA4
YmM4NmQwHhcNMjQwMTAyMDIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTcxNmM0ZWQxYmQwZGY5NTU2OGJlNzc0YTE5MDJjZDc4NGQwMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyEzTjcVMCu/uEeSX/R7vPyuLeNy
pGz5WPDKm/WI42ckAuE0jMBQapWPPtompnJqbe5Rb+DbeUdUUzKCd37UJJw6iNSI
z2nBjSKewtpRkpGSoUnx+jwSHAcPKO/KhQDpKw1AEsxBlLScArdz2CBkJS1Albnn
WSSXV+rw6Cobdo2fIfj5s4YZ+voGIKwtFPbS4PzciWwvRiDLv+VPta7Ghna0kqPM
jEZ2cVajNmy/PluU85RO+0SSCRLPWXmPVQJ58woTZrGi5YWlFGehZSRKWZnKYyVB
qcVr0Z3Rxd3Wjkqt2giEsixlGChOtedFpswXVrCNlPanVXTb82V9jlcErwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAVxbE7RvQ35VWi+d0oZAs14TQARMB8GA1UdIwQY
MBaAFPhdAERGGC1R/Tj391/ipchgi8htMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GMEFSRVlZTFZIOU9QZjNYLUtseUdDTHlHMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzlkYjUyLWFjOTEtNDA2YS05Zjk1
LTA4MGVlMGE5N2Y2YS8xL0JYRnNUdEc5RGZsVmFMNTNTaGtDelhoTkFCRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzlkYjUyLWFjOTEtNDA2YS05Zjk1LTA4MGVlMGE5N2Y2
YS8xLzEtRjBBUkVZWUxWSDlPUGYzWC1LbHlHQ0x5RzAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5DLcw
DQYJKoZIhvcNAQELBQADggEBAGWrBufYoqQR9A9NYeJsWbzyPOev+xuyxHVFbq7X
Butg8D99hTMgTILyXIzfqGinuN4ZM0A9PxSLbokbfITrpFY8+RgrDVLpb5fRqKG+
RBR8k+zRNo34Gav0yf1a6Ktdyb5LTesmWtFLXl8GX+00uiqLLjwffQ8zTKscwOjV
hjf9L+1cDJFQo2nHY3nei4smb1JVsY2vcAxCpIWGmxA+NKmwTLpHmk19E1by5/l5
024JBcPHIbKAeA3mfuGOyqYzCpEN8DnwZFzymt/NROuJJKNYmBohqXpRU2xNo5jo
YxSKWFSgZduSkopCPNUxuRkAR8wBVLxQ+RoDkfuaeLpCEvA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:38:20 2024 by rpki-client on console-ams.rpki-client.org