Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/TVMfQtcT19WMgZg4tvhLCibwlr8.roa
File:                     TVMfQtcT19WMgZg4tvhLCibwlr8.roa (raw, json)
Hash identifier:          jMjBg50fdg5S3Rs6Ddqs71Es4BqereT6/1uLiMPF7Q0=
Subject key identifier:   4D:53:1F:42:D7:13:D7:D5:8C:81:98:38:B6:F8:4B:0A:26:F0:96:BF
Certificate issuer:       /CN=81523888eed5311f92a16615ef2cf0175c6fe41e
Certificate serial:       018CC9BBAFC6AA55D89BABADA51798B386AD
Authority key identifier: 81:52:38:88:EE:D5:31:1F:92:A1:66:15:EF:2C:F0:17:5C:6F:E4:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gVI4iO7VMR-SoWYV7yzwF1xv5B4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/TVMfQtcT19WMgZg4tvhLCibwlr8.roa
Signing time:             Tue 02 Jan 2024 10:32:49 +0000
ROA not before:           Tue 02 Jan 2024 10:32:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202619
IP address blocks:        193.105.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/gVI4iO7VMR-SoWYV7yzwF1xv5B4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/gVI4iO7VMR-SoWYV7yzwF1xv5B4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gVI4iO7VMR-SoWYV7yzwF1xv5B4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 04:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:af:c6:aa:55:d8:9b:ab:ad:a5:17:98:b3:86:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81523888eed5311f92a16615ef2cf0175c6fe41e
        Validity
            Not Before: Jan  2 10:32:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d531f42d713d7d58c819838b6f84b0a26f096bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b0:99:1f:65:79:b2:2a:eb:83:2c:b8:83:6f:
                    0b:fb:13:6d:f5:9c:40:ce:b1:13:3a:e0:d4:14:c3:
                    ee:18:4f:62:f9:a1:94:a8:7b:3f:88:86:6f:7f:fb:
                    eb:01:4b:8d:47:3b:33:60:57:4b:ba:8b:fb:c3:6f:
                    31:87:12:b2:7a:91:12:04:c0:cb:92:84:fb:34:32:
                    8a:a3:8c:78:f5:1c:94:b7:66:3b:90:ba:5a:95:18:
                    54:6c:e7:bb:c3:f2:25:b6:a9:30:c8:d8:46:f9:f4:
                    72:83:7c:e0:44:c4:68:e4:43:99:42:d3:5f:5d:33:
                    14:00:23:14:0b:65:ae:22:95:4e:ba:a7:51:71:18:
                    12:e2:5f:b6:43:df:b4:8d:75:7b:68:1a:5e:27:9e:
                    55:ae:49:b4:a1:da:c7:f3:7a:25:97:b0:39:ad:c6:
                    84:02:93:ab:ce:3d:54:e7:2e:fb:d7:aa:9b:b1:71:
                    0e:33:e8:fa:36:a8:5f:a8:d2:28:4b:73:e5:fe:fe:
                    af:e9:78:10:1f:59:79:10:1f:60:bd:6d:c6:51:2a:
                    06:ee:f0:44:dd:48:c0:61:63:e1:95:58:15:ce:81:
                    5c:5d:7d:af:0e:54:64:a6:38:8d:cd:de:d5:6f:68:
                    8a:35:fd:95:1a:59:2b:f7:f0:64:69:df:47:49:e7:
                    f6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:53:1F:42:D7:13:D7:D5:8C:81:98:38:B6:F8:4B:0A:26:F0:96:BF
            X509v3 Authority Key Identifier:
                keyid:81:52:38:88:EE:D5:31:1F:92:A1:66:15:EF:2C:F0:17:5C:6F:E4:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVI4iO7VMR-SoWYV7yzwF1xv5B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/TVMfQtcT19WMgZg4tvhLCibwlr8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/880b00-58ab-47de-9728-0cad6ca7ecd7/1/gVI4iO7VMR-SoWYV7yzwF1xv5B4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:55:68:6a:b9:94:32:89:a9:f3:c8:2a:88:84:04:91:73:1d:
         a5:b8:93:20:cc:69:03:09:ab:5e:ea:c0:ff:01:0f:af:10:2f:
         81:9d:3c:2e:5e:d4:a5:ac:50:5e:9b:f5:2e:4b:70:4e:36:03:
         8f:b4:7e:8b:21:b5:2a:47:09:94:78:49:93:d2:ed:7a:31:67:
         35:bc:16:fe:f3:0c:b6:61:63:99:2c:91:92:a8:f5:ec:a0:10:
         6e:7a:b3:15:87:5e:8e:30:f8:b7:22:22:d4:b9:42:be:50:29:
         97:c2:c6:2d:b8:10:23:f6:39:85:33:f2:72:46:7a:43:35:93:
         ca:81:56:65:a5:35:20:6d:8e:b4:98:bb:5b:47:e8:ef:04:84:
         ab:81:82:78:9e:61:c6:e0:d2:af:16:f3:55:39:a8:dd:ec:72:
         aa:20:3c:33:4d:59:c0:c2:ec:71:48:33:cd:de:ce:38:ea:d8:
         82:cb:1d:c5:a7:d3:a2:39:f5:0b:5b:ec:a4:5c:8d:51:42:6d:
         9b:14:84:97:f3:c5:b0:61:1b:8e:4a:19:ee:62:03:ab:a4:6f:
         6f:16:82:ae:48:be:77:91:8c:99:ba:eb:28:5e:da:d8:42:30:
         a3:82:a9:87:08:b0:72:0d:2f:5a:1b:b3:f4:dc:7f:b1:10:2f:
         86:a5:93:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu6/GqlXYm6utpReYs4atMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTIzODg4ZWVkNTMxMWY5MmExNjYxNWVmMmNmMDE3NWM2
ZmU0MWUwHhcNMjQwMTAyMTAzMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUzMWY0MmQ3MTNkN2Q1OGM4MTk4MzhiNmY4NGIwYTI2ZjA5NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7CZH2V5sirrgyy4g28L+xNt9ZxA
zrETOuDUFMPuGE9i+aGUqHs/iIZvf/vrAUuNRzszYFdLuov7w28xhxKyepESBMDL
koT7NDKKo4x49RyUt2Y7kLpalRhUbOe7w/IltqkwyNhG+fRyg3zgRMRo5EOZQtNf
XTMUACMUC2WuIpVOuqdRcRgS4l+2Q9+0jXV7aBpeJ55Vrkm0odrH83oll7A5rcaE
ApOrzj1U5y7716qbsXEOM+j6NqhfqNIoS3Pl/v6v6XgQH1l5EB9gvW3GUSoG7vBE
3UjAYWPhlVgVzoFcXX2vDlRkpjiNzd7Vb2iKNf2VGlkr9/Bkad9HSef2IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1TH0LXE9fVjIGYOLb4Swom8Ja/MB8GA1UdIwQY
MBaAFIFSOIju1TEfkqFmFe8s8Bdcb+QeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZJNGlPN1ZNUi1Tb1dZVjd5endGMXh2NUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84ODBiMDAtNThhYi00N2RlLTk3Mjgt
MGNhZDZjYTdlY2Q3LzEvVFZNZlF0Y1QxOVdNZ1pnNHR2aExDaWJ3bHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84ODBiMDAtNThhYi00N2RlLTk3MjgtMGNhZDZjYTdlY2Q3
LzEvZ1ZJNGlPN1ZNUi1Tb1dZVjd5endGMXh2NUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWlcMA0G
CSqGSIb3DQEBCwUAA4IBAQBsVWhquZQyianzyCqIhASRcx2luJMgzGkDCate6sD/
AQ+vEC+BnTwuXtSlrFBem/UuS3BONgOPtH6LIbUqRwmUeEmT0u16MWc1vBb+8wy2
YWOZLJGSqPXsoBBuerMVh16OMPi3IiLUuUK+UCmXwsYtuBAj9jmFM/JyRnpDNZPK
gVZlpTUgbY60mLtbR+jvBISrgYJ4nmHG4NKvFvNVOajd7HKqIDwzTVnAwuxxSDPN
3s446tiCyx3Fp9OiOfULW+ykXI1RQm2bFISX88WwYRuOShnuYgOrpG9vFoKuSL53
kYyZuusoXtrYQjCjgqmHCLByDS9aG7P03H+xEC+GpZMz
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:19:39 2024 by rpki-client on console-ams.rpki-client.org