Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/cdCrb0vfVZpyP4FNBu0T4PvJFSo.roa
File:                     cdCrb0vfVZpyP4FNBu0T4PvJFSo.roa (raw, json)
Hash identifier:          nlUDi3TS6ikCwsHmMaCRI4qsH0A9e5Q5uzQBKTaeVc4=
Subject key identifier:   71:D0:AB:6F:4B:DF:55:9A:72:3F:81:4D:06:ED:13:E0:FB:C9:15:2A
Certificate issuer:       /CN=ea1c951d61b87da19439784d23667a89cb3290a4
Certificate serial:       018E0D43F4F84ADD39A78C01CC8D1ED4FA01
Authority key identifier: EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/cdCrb0vfVZpyP4FNBu0T4PvJFSo.roa
Signing time:             Tue 05 Mar 2024 06:19:01 +0000
ROA not before:           Tue 05 Mar 2024 06:19:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203936
IP address blocks:        213.226.84.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 May 2024 02:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0d:43:f4:f8:4a:dd:39:a7:8c:01:cc:8d:1e:d4:fa:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea1c951d61b87da19439784d23667a89cb3290a4
        Validity
            Not Before: Mar  5 06:19:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=71d0ab6f4bdf559a723f814d06ed13e0fbc9152a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:da:84:df:e4:a3:e0:9c:14:9b:40:68:4a:12:
                    87:e2:a6:a0:18:1c:68:1a:72:97:42:ae:b5:e0:9a:
                    80:45:b6:3e:20:6e:d0:08:5d:f2:96:eb:05:22:9f:
                    b5:e1:da:3f:43:71:e1:e4:be:85:16:07:aa:c9:6a:
                    1b:99:e0:f5:37:00:1f:d0:aa:9f:7d:d1:8d:e3:d6:
                    6c:a8:9d:fc:97:1d:a5:60:d5:7b:d1:92:2a:8d:6e:
                    52:2d:55:63:74:fa:84:21:a1:42:7e:82:be:44:a0:
                    32:d1:0e:18:d3:cf:8f:5d:24:67:a0:fa:c8:0d:8e:
                    71:07:ae:94:94:39:c4:7e:67:b6:af:6f:16:98:29:
                    8a:c8:bb:f8:3c:b7:4d:b5:7f:53:14:d1:08:a6:79:
                    a2:fe:84:e7:84:c3:08:da:4f:ce:5d:47:e3:22:57:
                    58:7e:b8:10:cf:6e:52:4e:58:b8:00:7d:6a:28:04:
                    87:d4:fe:c5:1f:cb:ac:01:e2:5e:18:e0:70:c0:ea:
                    7d:31:29:f3:e3:13:51:99:65:35:a4:26:af:fd:d4:
                    f7:5b:b5:f8:a3:d8:8a:aa:14:26:27:13:f4:a0:7b:
                    46:22:35:7f:ee:1f:b7:96:d9:98:82:70:9c:c1:ee:
                    de:7c:91:0f:ec:57:e4:2b:08:65:25:f2:1d:ae:9d:
                    0d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D0:AB:6F:4B:DF:55:9A:72:3F:81:4D:06:ED:13:E0:FB:C9:15:2A
            X509v3 Authority Key Identifier:
                keyid:EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/cdCrb0vfVZpyP4FNBu0T4PvJFSo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.226.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:67:44:b4:7a:09:f5:94:76:e9:f6:a6:69:ad:27:92:c8:36:
         79:30:d7:60:ca:36:a5:e1:70:e1:12:15:e4:6f:13:b3:0b:64:
         7f:9b:25:1e:1b:d7:ac:70:fe:fd:58:45:41:30:ec:f4:a8:1f:
         85:14:b0:45:5a:c3:a4:4b:d5:0a:38:0f:05:d9:9d:7d:f5:cf:
         2a:d2:a5:8a:87:41:19:6c:1e:b2:4e:63:c0:8d:2a:47:7e:15:
         56:95:8b:3f:db:62:b6:8d:94:a5:77:eb:5d:e9:bd:e9:21:63:
         ed:4c:53:a5:cf:e3:48:94:13:60:ca:9e:21:4c:30:30:f8:e6:
         05:3f:34:fd:27:ab:f4:7a:70:69:70:06:d6:6b:3a:b3:41:49:
         ad:1b:44:ae:8e:35:3a:9b:3d:ef:4d:7d:b4:f8:3d:aa:b2:9d:
         8d:43:ac:e2:6a:98:61:16:d3:26:ba:d3:cd:b9:16:10:57:22:
         3c:35:cd:5d:5e:31:97:11:fa:44:bd:17:d6:89:b5:90:dd:af:
         f9:a1:f1:91:dd:92:f3:f3:0b:3d:f0:9c:f7:85:17:19:6a:ac:
         cc:95:7d:00:cb:c9:e7:2c:92:dc:a8:fe:05:3d:8b:33:be:20:
         4c:d0:9e:a6:f2:ce:91:25:50:24:7e:13:96:4f:1b:27:b7:0c:
         38:4c:70:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4NQ/T4St05p4wBzI0e1PoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMWM5NTFkNjFiODdkYTE5NDM5Nzg0ZDIzNjY3YTg5Y2Iz
MjkwYTQwHhcNMjQwMzA1MDYxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQwYWI2ZjRiZGY1NTlhNzIzZjgxNGQwNmVkMTNlMGZiYzkxNTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNqE3+Sj4JwUm0BoShKH4qagGBxo
GnKXQq614JqARbY+IG7QCF3ylusFIp+14do/Q3Hh5L6FFgeqyWobmeD1NwAf0Kqf
fdGN49ZsqJ38lx2lYNV70ZIqjW5SLVVjdPqEIaFCfoK+RKAy0Q4Y08+PXSRnoPrI
DY5xB66UlDnEfme2r28WmCmKyLv4PLdNtX9TFNEIpnmi/oTnhMMI2k/OXUfjIldY
frgQz25STli4AH1qKASH1P7FH8usAeJeGOBwwOp9MSnz4xNRmWU1pCav/dT3W7X4
o9iKqhQmJxP0oHtGIjV/7h+3ltmYgnCcwe7efJEP7FfkKwhlJfIdrp0NFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHQq29L31Wacj+BTQbtE+D7yRUqMB8GA1UdIwQY
MBaAFOoclR1huH2hlDl4TSNmeonLMpCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMt
NzI0YjFhMDIxMmQ0LzEvY2RDcmIwdmZWWnB5UDRGTkJ1MFQ0UHZKRlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMtNzI0YjFhMDIxMmQ0
LzEvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1eJUMA0G
CSqGSIb3DQEBCwUAA4IBAQBmZ0S0egn1lHbp9qZprSeSyDZ5MNdgyjal4XDhEhXk
bxOzC2R/myUeG9escP79WEVBMOz0qB+FFLBFWsOkS9UKOA8F2Z199c8q0qWKh0EZ
bB6yTmPAjSpHfhVWlYs/22K2jZSld+td6b3pIWPtTFOlz+NIlBNgyp4hTDAw+OYF
PzT9J6v0enBpcAbWazqzQUmtG0SujjU6mz3vTX20+D2qsp2NQ6ziaphhFtMmutPN
uRYQVyI8Nc1dXjGXEfpEvRfWibWQ3a/5ofGR3ZLz8ws98Jz3hRcZaqzMlX0Ay8nn
LJLcqP4FPYszviBM0J6m8s6RJVAkfhOWTxsntww4THAS
-----END CERTIFICATE-----
Generated at Tue May 21 08:59:38 2024 by rpki-client on console-fra.rpki-client.org