Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/7WW1r4h3bsbhoy2bNq4CgGVkViM.roa
File:                     7WW1r4h3bsbhoy2bNq4CgGVkViM.roa (raw, json)
Hash identifier:          BwJoiPQIS4l/4R/AcYnmQt/UTiOXvgMe4/axzE1X9i4=
Subject key identifier:   ED:65:B5:AF:88:77:6E:C6:E1:A3:2D:9B:36:AE:02:80:65:64:56:23
Certificate issuer:       /CN=6167999645e15b65268a0d93bb14c4f51724451b
Certificate serial:       018CCA99B5935EBDDC560505C88A14C36809
Authority key identifier: 61:67:99:96:45:E1:5B:65:26:8A:0D:93:BB:14:C4:F5:17:24:45:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YWeZlkXhW2Umig2TuxTE9RckRRs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/7WW1r4h3bsbhoy2bNq4CgGVkViM.roa
Signing time:             Tue 02 Jan 2024 14:35:20 +0000
ROA not before:           Tue 02 Jan 2024 14:35:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6750
IP address blocks:        194.145.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/YWeZlkXhW2Umig2TuxTE9RckRRs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/YWeZlkXhW2Umig2TuxTE9RckRRs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YWeZlkXhW2Umig2TuxTE9RckRRs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:b5:93:5e:bd:dc:56:05:05:c8:8a:14:c3:68:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6167999645e15b65268a0d93bb14c4f51724451b
        Validity
            Not Before: Jan  2 14:35:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ed65b5af88776ec6e1a32d9b36ae028065645623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f0:c7:61:75:df:9b:38:49:85:dc:00:8f:03:
                    99:48:24:08:d8:a4:7e:b2:55:c9:a1:72:40:02:50:
                    87:b2:a6:17:14:cc:15:33:60:60:3c:cc:f2:88:a3:
                    10:bb:70:f0:df:63:9b:13:e3:08:a9:02:cc:8e:0a:
                    af:75:94:34:a6:a5:03:2b:c5:f3:fe:7d:07:3b:b1:
                    b9:a3:95:db:27:b1:60:1e:e7:59:4c:fc:f9:ea:c7:
                    ec:8e:8a:62:fc:26:dd:91:c9:c7:78:a2:88:50:22:
                    5f:fc:60:93:3f:97:4b:cd:68:10:4b:3d:c1:71:2c:
                    0c:98:4f:8d:28:14:04:4c:81:bb:10:25:e0:ce:27:
                    71:5f:42:81:a5:8e:fe:f5:12:cc:d6:77:ce:c1:82:
                    1d:6f:9b:e1:39:8e:25:99:5e:18:34:18:67:20:7c:
                    79:b6:13:25:c0:1d:b8:9a:f8:06:b0:c4:97:a1:0f:
                    1c:31:28:0a:91:33:73:cc:f8:5c:b4:6e:c6:88:aa:
                    78:62:40:ea:15:ac:03:e9:97:1a:73:c7:ee:08:c5:
                    15:82:14:e9:44:90:1d:42:76:f7:03:06:23:67:4f:
                    ec:9f:ff:95:77:8c:f7:dc:02:fa:35:39:90:d2:55:
                    51:f8:00:f2:41:81:bf:e6:70:24:b0:71:0d:15:7b:
                    1c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:65:B5:AF:88:77:6E:C6:E1:A3:2D:9B:36:AE:02:80:65:64:56:23
            X509v3 Authority Key Identifier:
                keyid:61:67:99:96:45:E1:5B:65:26:8A:0D:93:BB:14:C4:F5:17:24:45:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWeZlkXhW2Umig2TuxTE9RckRRs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/7WW1r4h3bsbhoy2bNq4CgGVkViM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d31a25-2507-471d-adc7-8807f95ae75d/1/YWeZlkXhW2Umig2TuxTE9RckRRs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.145.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:78:01:e6:03:b5:69:5d:5c:12:07:11:2a:c4:68:48:e8:55:
         0e:a8:70:fa:22:da:26:34:0f:aa:0c:07:0b:53:bd:e6:31:a6:
         41:db:98:0c:b8:cc:1c:99:12:f0:41:ae:9e:9e:37:02:d9:5d:
         77:53:9c:d9:11:d1:f9:89:23:fb:65:c3:b5:6e:80:cf:b5:e7:
         9d:10:9b:88:87:90:dd:77:0a:cd:40:ac:23:12:f6:0a:54:33:
         72:fb:76:66:3b:35:3d:31:14:26:96:47:24:46:2c:1b:f2:89:
         ca:b3:af:79:cf:93:98:4d:97:2a:76:ac:2a:45:4a:94:38:80:
         f2:4c:05:1d:6e:30:b6:3d:36:4b:e6:33:75:2e:64:16:e7:c1:
         fe:79:64:85:01:7d:56:e4:ef:49:f2:a6:29:c6:96:1a:9c:8b:
         b1:38:90:97:1c:67:ba:bb:2e:6d:be:a4:82:8d:91:c7:69:84:
         75:68:5d:e3:de:1a:58:de:85:0c:1b:6b:d4:f7:89:4e:67:6d:
         77:c7:7d:11:57:31:94:59:fc:c5:c6:6d:3c:4e:39:40:1c:a7:
         89:db:e9:90:85:e5:31:b1:b5:3c:7d:29:60:e3:2d:31:36:d0:
         2e:fa:25:3b:93:f2:7f:b7:6c:f9:d7:45:ed:cd:59:35:0b:83:
         16:c5:27:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmbWTXr3cVgUFyIoUw2gJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjc5OTk2NDVlMTViNjUyNjhhMGQ5M2JiMTRjNGY1MTcy
NDQ1MWIwHhcNMjQwMTAyMTQzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDY1YjVhZjg4Nzc2ZWM2ZTFhMzJkOWIzNmFlMDI4MDY1NjQ1NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/DHYXXfmzhJhdwAjwOZSCQI2KR+
slXJoXJAAlCHsqYXFMwVM2BgPMzyiKMQu3Dw32ObE+MIqQLMjgqvdZQ0pqUDK8Xz
/n0HO7G5o5XbJ7FgHudZTPz56sfsjopi/CbdkcnHeKKIUCJf/GCTP5dLzWgQSz3B
cSwMmE+NKBQETIG7ECXgzidxX0KBpY7+9RLM1nfOwYIdb5vhOY4lmV4YNBhnIHx5
thMlwB24mvgGsMSXoQ8cMSgKkTNzzPhctG7GiKp4YkDqFawD6Zcac8fuCMUVghTp
RJAdQnb3AwYjZ0/sn/+Vd4z33AL6NTmQ0lVR+ADyQYG/5nAksHENFXscOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1lta+Id27G4aMtmzauAoBlZFYjMB8GA1UdIwQY
MBaAFGFnmZZF4VtlJooNk7sUxPUXJEUbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdlWmxrWGhXMlVtaWcyVHV4VEU5UmNrUlJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kMzFhMjUtMjUwNy00NzFkLWFkYzct
ODgwN2Y5NWFlNzVkLzEvN1dXMXI0aDNic2Job3kyYk5xNENnR1ZrVmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kMzFhMjUtMjUwNy00NzFkLWFkYzctODgwN2Y5NWFlNzVk
LzEvWVdlWmxrWGhXMlVtaWcyVHV4VEU5UmNrUlJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpGMMA0G
CSqGSIb3DQEBCwUAA4IBAQCeeAHmA7VpXVwSBxEqxGhI6FUOqHD6ItomNA+qDAcL
U73mMaZB25gMuMwcmRLwQa6enjcC2V13U5zZEdH5iSP7ZcO1boDPteedEJuIh5Dd
dwrNQKwjEvYKVDNy+3ZmOzU9MRQmlkckRiwb8onKs695z5OYTZcqdqwqRUqUOIDy
TAUdbjC2PTZL5jN1LmQW58H+eWSFAX1W5O9J8qYpxpYanIuxOJCXHGe6uy5tvqSC
jZHHaYR1aF3j3hpY3oUMG2vU94lOZ213x30RVzGUWfzFxm08TjlAHKeJ2+mQheUx
sbU8fSlg4y0xNtAu+iU7k/J/t2z510XtzVk1C4MWxSfe
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:20:02 2024 by rpki-client on console-ams.rpki-client.org