Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Wu8WQRVyWf4dR14MBNkify9RskI.roa
File:                     Wu8WQRVyWf4dR14MBNkify9RskI.roa (raw, json)
Hash identifier:          PU4M/cVOTUtwax9h85GoON5TyJHJ6lA5ypoAgXY+m18=
Subject key identifier:   5A:EF:16:41:15:72:59:FE:1D:47:5E:0C:04:D9:22:7F:2F:51:B2:42
Certificate issuer:       /CN=56bd7f6adfec6d44d16d3e3f798e3f2bd20da3ff
Certificate serial:       018CC64B8A5DE307057D01240A05E5819CEF
Authority key identifier: 56:BD:7F:6A:DF:EC:6D:44:D1:6D:3E:3F:79:8E:3F:2B:D2:0D:A3:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vr1_at_sbUTRbT4_eY4_K9INo_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Wu8WQRVyWf4dR14MBNkify9RskI.roa
Signing time:             Mon 01 Jan 2024 18:31:28 +0000
ROA not before:           Mon 01 Jan 2024 18:31:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49544
IP address blocks:        212.18.230.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Vr1_at_sbUTRbT4_eY4_K9INo_8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Vr1_at_sbUTRbT4_eY4_K9INo_8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vr1_at_sbUTRbT4_eY4_K9INo_8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:8a:5d:e3:07:05:7d:01:24:0a:05:e5:81:9c:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56bd7f6adfec6d44d16d3e3f798e3f2bd20da3ff
        Validity
            Not Before: Jan  1 18:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5aef1641157259fe1d475e0c04d9227f2f51b242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b9:24:4e:3c:89:0e:39:eb:93:19:a6:dc:ce:
                    06:71:73:22:0e:3c:f5:4f:96:3f:e0:95:20:5b:9f:
                    03:a4:92:12:04:e3:e7:71:71:29:18:f8:bd:fe:86:
                    72:c1:e0:a4:b6:bc:11:aa:28:9e:bf:fa:64:5a:c5:
                    d9:3a:53:13:62:89:4b:13:ab:c5:f3:db:78:29:1a:
                    d9:8c:7f:f3:d5:12:53:d7:a6:ad:0d:77:59:f1:0f:
                    9a:bc:23:06:0e:b5:78:39:f1:01:c6:1a:4e:76:7a:
                    50:23:32:c3:0a:2a:04:91:f7:ba:e0:55:a7:6b:a0:
                    12:b8:98:85:b7:a7:b9:a6:50:9d:1d:20:6e:80:ac:
                    a8:34:42:44:d1:2b:ef:5e:b2:5f:46:e5:a2:79:aa:
                    21:d6:69:7a:29:5d:9f:57:27:72:ce:f1:e8:6f:5d:
                    7a:6e:f7:f2:e8:80:83:ea:22:9d:32:c5:bd:39:c2:
                    8c:e9:58:ee:4b:8c:1f:3d:4f:d5:d0:b3:cc:76:22:
                    a9:4f:f4:22:a6:59:d0:0a:59:e5:3f:88:70:68:aa:
                    62:10:62:fd:ac:0b:29:81:b9:da:3c:93:6b:84:59:
                    f9:c4:7e:14:09:5b:e1:60:f0:4d:bc:29:79:a8:df:
                    a1:20:79:b9:61:88:e5:0b:c9:c9:f7:3d:b4:7d:4b:
                    2a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:EF:16:41:15:72:59:FE:1D:47:5E:0C:04:D9:22:7F:2F:51:B2:42
            X509v3 Authority Key Identifier:
                keyid:56:BD:7F:6A:DF:EC:6D:44:D1:6D:3E:3F:79:8E:3F:2B:D2:0D:A3:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vr1_at_sbUTRbT4_eY4_K9INo_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Wu8WQRVyWf4dR14MBNkify9RskI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Vr1_at_sbUTRbT4_eY4_K9INo_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:90:56:56:5e:2f:08:f4:ed:8c:15:50:1c:bb:bd:7b:92:b4:
         79:df:92:26:53:02:96:0d:18:d2:e8:52:a6:b6:cc:fb:81:a4:
         c8:95:14:41:0c:91:e4:07:02:f8:0a:f6:12:8e:fc:ab:c8:67:
         ec:21:b4:83:df:a8:43:3f:82:31:4e:f6:89:21:70:05:5e:12:
         3c:25:36:da:79:b6:57:24:ee:53:6d:b0:3b:4e:f2:4b:cf:99:
         fd:ee:a0:04:c1:8e:f0:4b:ce:e8:85:3e:18:7f:fd:9d:d8:c3:
         e9:85:f7:bd:21:bf:40:a1:62:f4:89:a4:23:02:b3:48:52:97:
         c4:79:14:03:d5:f5:5e:3d:42:8d:bd:1f:ec:53:0c:20:6a:46:
         95:4e:ed:b4:de:00:e9:e9:4b:77:bf:b6:61:cc:86:43:2e:3a:
         32:4d:40:0d:99:0c:ce:fc:91:6f:14:9d:6a:74:03:82:85:aa:
         73:af:b1:72:52:f0:37:9c:c0:0e:86:65:0c:0c:b0:21:d2:67:
         9e:a4:ad:01:69:2c:0e:dd:2e:4e:b3:c9:f6:c6:0a:a9:c9:09:
         e4:5e:ff:a7:1f:a8:50:1a:11:7b:30:70:4c:2b:47:62:bc:1e:
         0c:96:9a:27:4e:19:83:77:a1:b8:34:19:ae:24:e7:d8:5a:ee:
         53:d2:d4:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS4pd4wcFfQEkCgXlgZzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YmQ3ZjZhZGZlYzZkNDRkMTZkM2UzZjc5OGUzZjJiZDIw
ZGEzZmYwHhcNMjQwMTAxMTgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWVmMTY0MTE1NzI1OWZlMWQ0NzVlMGMwNGQ5MjI3ZjJmNTFiMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7kkTjyJDjnrkxmm3M4GcXMiDjz1
T5Y/4JUgW58DpJISBOPncXEpGPi9/oZyweCktrwRqiiev/pkWsXZOlMTYolLE6vF
89t4KRrZjH/z1RJT16atDXdZ8Q+avCMGDrV4OfEBxhpOdnpQIzLDCioEkfe64FWn
a6ASuJiFt6e5plCdHSBugKyoNEJE0SvvXrJfRuWieaoh1ml6KV2fVydyzvHob116
bvfy6ICD6iKdMsW9OcKM6VjuS4wfPU/V0LPMdiKpT/QiplnQClnlP4hwaKpiEGL9
rAspgbnaPJNrhFn5xH4UCVvhYPBNvCl5qN+hIHm5YYjlC8nJ9z20fUsqRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrvFkEVcln+HUdeDATZIn8vUbJCMB8GA1UdIwQY
MBaAFFa9f2rf7G1E0W0+P3mOPyvSDaP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnIxX2F0X3NiVVRSYlQ0X2VZNF9LOUlOb184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC83NTRhZjktNzhkZi00YmQxLWI0ODAt
NTI3YzgxOTU4NjQ5LzEvV3U4V1FSVnlXZjRkUjE0TUJOa2lmeTlSc2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC83NTRhZjktNzhkZi00YmQxLWI0ODAtNTI3YzgxOTU4NjQ5
LzEvVnIxX2F0X3NiVVRSYlQ0X2VZNF9LOUlOb184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BLmMA0G
CSqGSIb3DQEBCwUAA4IBAQATkFZWXi8I9O2MFVAcu717krR535ImUwKWDRjS6FKm
tsz7gaTIlRRBDJHkBwL4CvYSjvyryGfsIbSD36hDP4IxTvaJIXAFXhI8JTbaebZX
JO5TbbA7TvJLz5n97qAEwY7wS87ohT4Yf/2d2MPphfe9Ib9AoWL0iaQjArNIUpfE
eRQD1fVePUKNvR/sUwwgakaVTu203gDp6Ut3v7ZhzIZDLjoyTUANmQzO/JFvFJ1q
dAOChapzr7FyUvA3nMAOhmUMDLAh0meepK0BaSwO3S5Os8n2xgqpyQnkXv+nH6hQ
GhF7MHBMK0divB4MlponThmDd6G4NBmuJOfYWu5T0tTD
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:24:27 2024 by rpki-client on console-ams.rpki-client.org