Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/6U8Nvk2WYajtMYqPYsV72FHgfWM.roa
File:                     6U8Nvk2WYajtMYqPYsV72FHgfWM.roa (raw, json)
Hash identifier:          KeEkh46fNyRm+xaTyY2HcsQzZDEsR2SCv/VrEmyODIU=
Subject key identifier:   E9:4F:0D:BE:4D:96:61:A8:ED:31:8A:8F:62:C5:7B:D8:51:E0:7D:63
Certificate issuer:       /CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515
Certificate serial:       018CC9BCEB7AA1BDE574DD9A55791D7139F0
Authority key identifier: 60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/6U8Nvk2WYajtMYqPYsV72FHgfWM.roa
Signing time:             Tue 02 Jan 2024 10:34:10 +0000
ROA not before:           Tue 02 Jan 2024 10:34:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60118
IP address blocks:        185.230.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:eb:7a:a1:bd:e5:74:dd:9a:55:79:1d:71:39:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60c64b04fa8f5fee6866f5c79f8f7dcea5012515
        Validity
            Not Before: Jan  2 10:34:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e94f0dbe4d9661a8ed318a8f62c57bd851e07d63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:78:6e:f4:ac:d7:39:c4:32:a2:31:12:4e:a1:
                    88:e8:85:ee:0c:8a:6a:6f:0b:b1:26:39:aa:24:dd:
                    dc:1f:50:67:d5:a2:fa:8c:f3:44:bc:26:ab:87:2e:
                    82:63:6f:7b:46:c7:ea:ce:f7:a3:b1:80:c0:09:9c:
                    e8:bc:55:fb:9d:51:13:72:8e:21:bc:2e:5d:f7:0f:
                    ea:d0:d4:11:1e:63:0c:e3:ed:e6:f3:9c:eb:42:54:
                    d0:bc:0c:a0:4b:3f:ac:45:e1:1b:32:18:48:6c:f0:
                    13:25:84:97:2d:62:e0:cc:eb:c5:4e:a7:3e:f1:5d:
                    62:9f:99:21:91:11:6b:6c:65:0e:e2:8d:cc:cb:90:
                    8f:41:90:68:b2:fb:f2:ef:2b:c3:13:26:aa:21:f6:
                    ae:05:c7:17:40:81:a2:7e:b7:ff:5e:b4:6d:85:91:
                    9d:01:9f:dd:47:3c:f2:b4:bd:64:d6:d7:9c:49:db:
                    81:9d:98:37:04:03:10:0b:8d:fc:0b:74:71:de:9e:
                    80:1d:0f:41:45:2b:e9:e6:15:ff:74:3e:e5:f0:7c:
                    f6:e2:80:b3:f2:f1:a0:9b:1e:26:25:12:b1:84:0a:
                    3b:1f:8a:47:09:ae:f0:88:69:35:99:51:78:9f:7a:
                    52:d3:ed:39:6d:59:5f:60:3a:da:f0:d0:c5:de:d3:
                    c6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:4F:0D:BE:4D:96:61:A8:ED:31:8A:8F:62:C5:7B:D8:51:E0:7D:63
            X509v3 Authority Key Identifier:
                keyid:60:C6:4B:04:FA:8F:5F:EE:68:66:F5:C7:9F:8F:7D:CE:A5:01:25:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMZLBPqPX-5oZvXHn499zqUBJRU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/6U8Nvk2WYajtMYqPYsV72FHgfWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/82491b-8caf-481b-b146-601a58f63393/1/YMZLBPqPX-5oZvXHn499zqUBJRU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:e4:00:0a:87:6b:66:58:36:40:0f:25:28:1b:e3:53:19:95:
         a2:ce:ab:2b:fc:30:bc:cc:e2:6a:3d:fd:8e:5a:ac:81:15:40:
         f0:e9:28:e5:3e:d6:28:a9:15:82:86:b6:28:33:33:95:37:4a:
         a7:67:16:95:b8:4c:c8:73:3c:4f:09:eb:0a:47:79:5a:3a:34:
         c7:d2:5c:aa:b9:ea:1f:24:dc:0a:8c:96:0d:d0:45:1b:70:c2:
         39:69:a5:48:ed:b1:64:d9:fd:08:0d:5d:4b:26:82:5f:e9:71:
         10:4a:cc:03:03:19:6e:a3:38:bb:97:85:7d:df:82:84:bb:11:
         21:d1:05:c4:50:0b:d2:4c:7f:bc:97:98:71:10:73:37:10:8e:
         88:d4:93:ad:b4:a6:e4:04:f1:e1:5a:ad:4c:c2:31:74:2c:e7:
         b9:65:01:bc:70:99:25:19:3d:30:1e:50:94:11:2f:4e:35:ab:
         24:50:c4:6d:34:a8:92:30:d5:31:78:0e:e9:c1:cf:9c:7b:19:
         a4:dd:20:7a:1b:69:27:b8:78:7b:5a:d9:f9:21:55:56:28:42:
         c5:eb:ef:e0:c4:7d:9f:fa:e2:f3:87:a3:32:4a:47:f6:ef:60:
         5d:f8:d4:ea:d4:46:c0:f7:21:8f:45:bf:33:f8:a2:93:c5:c3:
         81:3a:ad:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOt6ob3ldN2aVXkdcTnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzY0YjA0ZmE4ZjVmZWU2ODY2ZjVjNzlmOGY3ZGNlYTUw
MTI1MTUwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTRmMGRiZTRkOTY2MWE4ZWQzMThhOGY2MmM1N2JkODUxZTA3ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3hu9KzXOcQyojESTqGI6IXuDIpq
bwuxJjmqJN3cH1Bn1aL6jPNEvCarhy6CY297RsfqzvejsYDACZzovFX7nVETco4h
vC5d9w/q0NQRHmMM4+3m85zrQlTQvAygSz+sReEbMhhIbPATJYSXLWLgzOvFTqc+
8V1in5khkRFrbGUO4o3My5CPQZBosvvy7yvDEyaqIfauBccXQIGifrf/XrRthZGd
AZ/dRzzytL1k1tecSduBnZg3BAMQC438C3Rx3p6AHQ9BRSvp5hX/dD7l8Hz24oCz
8vGgmx4mJRKxhAo7H4pHCa7wiGk1mVF4n3pS0+05bVlfYDra8NDF3tPGAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOlPDb5NlmGo7TGKj2LFe9hR4H1jMB8GA1UdIwQY
MBaAFGDGSwT6j1/uaGb1x5+Pfc6lASUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYt
NjAxYTU4ZjYzMzkzLzEvNlU4TnZrMldZYWp0TVlxUFlzVjcyRkhnZldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84MjQ5MWItOGNhZi00ODFiLWIxNDYtNjAxYTU4ZjYzMzkz
LzEvWU1aTEJQcVBYLTVvWnZYSG40OTl6cVVCSlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueYSMA0G
CSqGSIb3DQEBCwUAA4IBAQAF5AAKh2tmWDZADyUoG+NTGZWizqsr/DC8zOJqPf2O
WqyBFUDw6SjlPtYoqRWChrYoMzOVN0qnZxaVuEzIczxPCesKR3laOjTH0lyqueof
JNwKjJYN0EUbcMI5aaVI7bFk2f0IDV1LJoJf6XEQSswDAxluozi7l4V934KEuxEh
0QXEUAvSTH+8l5hxEHM3EI6I1JOttKbkBPHhWq1MwjF0LOe5ZQG8cJklGT0wHlCU
ES9ONaskUMRtNKiSMNUxeA7pwc+cexmk3SB6G2knuHh7Wtn5IVVWKELF6+/gxH2f
+uLzh6MySkf272Bd+NTq1EbA9yGPRb8z+KKTxcOBOq1H
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:46:11 2024 by rpki-client on console-fra.rpki-client.org