Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa
File:                     hEo9zbmVQrkrCNyARQdMAH5m9iE.roa (raw, json)
Hash identifier:          vJ3YKyFMz2BZuQLNVyICL3CJ5n7CJCDSsWSMCQ6XYwo=
Subject key identifier:   84:4A:3D:CD:B9:95:42:B9:2B:08:DC:80:45:07:4C:00:7E:66:F6:21
Certificate issuer:       /CN=db8d08edc4393a8671296f8eacbbecf94d76562a
Certificate serial:       018CC7951C05ABE196652324163DA50E4024
Authority key identifier: DB:8D:08:ED:C4:39:3A:86:71:29:6F:8E:AC:BB:EC:F9:4D:76:56:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/240I7cQ5OoZxKW-OrLvs-U12Vio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa
Signing time:             Tue 02 Jan 2024 00:31:27 +0000
ROA not before:           Tue 02 Jan 2024 00:31:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212338
IP address blocks:        185.213.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/240I7cQ5OoZxKW-OrLvs-U12Vio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/240I7cQ5OoZxKW-OrLvs-U12Vio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/240I7cQ5OoZxKW-OrLvs-U12Vio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 May 2024 22:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:1c:05:ab:e1:96:65:23:24:16:3d:a5:0e:40:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8d08edc4393a8671296f8eacbbecf94d76562a
        Validity
            Not Before: Jan  2 00:31:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=844a3dcdb99542b92b08dc8045074c007e66f621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:69:f6:78:9e:bc:4b:6d:5b:9c:58:f0:80:b8:
                    2d:c4:eb:d3:84:6f:c6:37:d1:f7:3d:e0:22:56:00:
                    31:ea:f8:26:b3:a6:10:68:7d:52:19:16:a8:b2:26:
                    7a:58:9c:ad:93:eb:cd:4e:e5:8e:9d:c3:f4:10:b6:
                    8e:e1:36:7c:ec:60:d5:e1:27:02:cc:b1:d9:ee:bb:
                    d3:f9:72:eb:08:35:1c:5b:56:fd:fa:cc:a5:ac:29:
                    92:3c:ff:ea:3f:01:25:e9:5b:62:90:a7:f4:1d:49:
                    f8:6f:14:6b:ff:5a:97:38:d3:44:a2:7c:e8:01:57:
                    f3:8f:4a:42:99:e8:3b:ac:7a:39:1f:2b:52:5e:60:
                    7c:54:58:95:8c:b4:cc:89:a3:31:59:09:23:72:da:
                    d5:ad:2a:48:e9:0e:0e:6d:b7:3c:a2:8c:6a:03:93:
                    48:2c:e7:ad:5a:fe:a1:f1:24:eb:3a:85:8f:85:43:
                    63:eb:90:fc:62:d6:02:93:68:a5:f7:61:dc:1d:e9:
                    5e:1e:97:1a:d6:95:65:89:ec:ac:7b:26:12:8f:fe:
                    f5:e3:39:ae:99:1e:e7:93:44:68:f9:84:e0:34:84:
                    7a:70:93:04:0b:59:44:d2:0d:72:43:95:9b:a9:63:
                    f9:16:07:3b:1d:35:66:8b:51:ca:aa:f9:ac:9d:e2:
                    1b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:4A:3D:CD:B9:95:42:B9:2B:08:DC:80:45:07:4C:00:7E:66:F6:21
            X509v3 Authority Key Identifier:
                keyid:DB:8D:08:ED:C4:39:3A:86:71:29:6F:8E:AC:BB:EC:F9:4D:76:56:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/240I7cQ5OoZxKW-OrLvs-U12Vio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/hEo9zbmVQrkrCNyARQdMAH5m9iE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7d5607-0a8a-4447-8651-c6349db9499b/1/240I7cQ5OoZxKW-OrLvs-U12Vio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:5a:4c:a9:fd:13:bb:7e:8c:e2:ab:b4:74:d3:b7:2c:bb:03:
         ec:99:a1:5b:9d:03:15:d5:4f:db:88:54:c2:a5:96:5d:bb:bc:
         bd:59:dc:91:00:dc:17:0b:fd:52:b6:96:98:37:e4:f2:89:96:
         92:b6:7a:4f:db:99:ef:24:fe:0d:44:d1:c9:16:6a:28:00:0d:
         2e:d9:c3:63:10:12:81:e5:03:38:52:d7:11:bf:63:36:0f:cf:
         f0:06:00:fe:fb:b6:67:77:d8:24:ec:e7:4b:ff:ca:6a:e5:48:
         2e:92:9c:ad:88:df:0a:73:ad:50:dd:ca:d0:19:84:8d:07:e7:
         d7:20:57:a2:f3:8c:ff:4e:65:c7:ce:14:f4:b2:bf:8d:5c:ce:
         32:54:15:8f:9a:7c:80:3d:02:df:bf:9e:f8:ba:d3:67:36:31:
         f9:85:73:05:a8:59:57:17:d7:d9:f8:68:b4:de:40:f1:1f:e7:
         cd:bb:77:27:fc:58:25:9b:aa:be:60:59:00:d1:c1:5d:43:76:
         75:cd:87:19:27:23:4e:ad:ad:cd:88:ca:ab:bc:6b:11:07:4c:
         bd:8c:7a:6d:9b:2d:94:1c:31:42:28:eb:a2:21:a0:d6:b3:13:
         91:a0:d3:be:19:80:97:15:09:4a:1a:6d:20:0f:03:6d:9c:f9:
         13:30:28:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRwFq+GWZSMkFj2lDkAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGQwOGVkYzQzOTNhODY3MTI5NmY4ZWFjYmJlY2Y5NGQ3
NjU2MmEwHhcNMjQwMTAyMDAzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRhM2RjZGI5OTU0MmI5MmIwOGRjODA0NTA3NGMwMDdlNjZmNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWn2eJ68S21bnFjwgLgtxOvThG/G
N9H3PeAiVgAx6vgms6YQaH1SGRaosiZ6WJytk+vNTuWOncP0ELaO4TZ87GDV4ScC
zLHZ7rvT+XLrCDUcW1b9+sylrCmSPP/qPwEl6VtikKf0HUn4bxRr/1qXONNEonzo
AVfzj0pCmeg7rHo5HytSXmB8VFiVjLTMiaMxWQkjctrVrSpI6Q4Obbc8ooxqA5NI
LOetWv6h8STrOoWPhUNj65D8YtYCk2il92HcHeleHpca1pVlieyseyYSj/714zmu
mR7nk0Ro+YTgNIR6cJMEC1lE0g1yQ5WbqWP5Fgc7HTVmi1HKqvmsneIbZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRKPc25lUK5KwjcgEUHTAB+ZvYhMB8GA1UdIwQY
MBaAFNuNCO3EOTqGcSlvjqy77PlNdlYqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQwSTdjUTVPb1p4S1ctT3JMdnMtVTEyVmlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83ZDU2MDctMGE4YS00NDQ3LTg2NTEt
YzYzNDlkYjk0OTliLzEvaEVvOXpibVZRcmtyQ055QVJRZE1BSDVtOWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83ZDU2MDctMGE4YS00NDQ3LTg2NTEtYzYzNDlkYjk0OTli
LzEvMjQwSTdjUTVPb1p4S1ctT3JMdnMtVTEyVmlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudUvMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Wkyp/RO7foziq7R007csuwPsmaFbnQMV1U/biFTC
pZZdu7y9WdyRANwXC/1StpaYN+TyiZaStnpP25nvJP4NRNHJFmooAA0u2cNjEBKB
5QM4UtcRv2M2D8/wBgD++7Znd9gk7OdL/8pq5UgukpytiN8Kc61Q3crQGYSNB+fX
IFei84z/TmXHzhT0sr+NXM4yVBWPmnyAPQLfv574utNnNjH5hXMFqFlXF9fZ+Gi0
3kDxH+fNu3cn/Fglm6q+YFkA0cFdQ3Z1zYcZJyNOra3NiMqrvGsRB0y9jHptmy2U
HDFCKOuiIaDWsxORoNO+GYCXFQlKGm0gDwNtnPkTMCgK
-----END CERTIFICATE-----
Generated at Wed May 1 03:49:24 2024 by rpki-client on console-fra.rpki-client.org