Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/UX5vgGjzVVxRms0VWkccgvdJguo.roa
File:                     UX5vgGjzVVxRms0VWkccgvdJguo.roa (raw, json)
Hash identifier:          oGB/EWXhpsZgDroa1rx7jRG/9/wGaY48PuJT505gRe8=
Subject key identifier:   51:7E:6F:80:68:F3:55:5C:51:9A:CD:15:5A:47:1C:82:F7:49:82:EA
Certificate issuer:       /CN=a3c8a0ca78984283fab986c9b80a5b040977e556
Certificate serial:       018CC5DC5DB6FD22ADA851E62C313718099C
Authority key identifier: A3:C8:A0:CA:78:98:42:83:FA:B9:86:C9:B8:0A:5B:04:09:77:E5:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o8igyniYQoP6uYbJuApbBAl35VY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/UX5vgGjzVVxRms0VWkccgvdJguo.roa
Signing time:             Mon 01 Jan 2024 16:30:02 +0000
ROA not before:           Mon 01 Jan 2024 16:30:02 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51061
IP address blocks:        193.110.178.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/o8igyniYQoP6uYbJuApbBAl35VY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/o8igyniYQoP6uYbJuApbBAl35VY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o8igyniYQoP6uYbJuApbBAl35VY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 09 Jun 2024 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:5d:b6:fd:22:ad:a8:51:e6:2c:31:37:18:09:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3c8a0ca78984283fab986c9b80a5b040977e556
        Validity
            Not Before: Jan  1 16:30:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=517e6f8068f3555c519acd155a471c82f74982ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5f:db:e2:cd:8e:c5:07:6b:b2:62:f2:67:94:
                    ba:fa:5c:33:54:56:54:c5:d0:fc:b4:40:a8:6c:fd:
                    ce:ff:e6:31:7e:64:80:9d:66:65:9b:87:35:47:88:
                    9f:ec:3d:bc:44:cc:89:07:eb:9f:5f:1f:ed:01:2a:
                    92:9c:fe:06:0f:13:f5:c5:b5:3c:f2:fc:18:35:f5:
                    19:a1:43:af:18:e2:39:e3:20:aa:16:91:b0:63:a9:
                    51:c3:be:18:e7:12:84:c8:a1:64:a7:99:fa:83:90:
                    51:b7:5a:35:6d:26:9b:2d:22:ba:0f:e9:e6:7b:06:
                    ef:90:e8:03:0c:b0:6e:39:8e:fd:28:9b:7b:f2:49:
                    63:91:ad:45:25:09:ca:38:22:42:7c:23:0d:b1:c4:
                    2a:63:e9:f4:d0:76:dd:ac:fa:44:51:f9:dc:0e:74:
                    e2:8c:89:d2:91:80:1d:70:59:ab:e5:0a:e3:ec:50:
                    1c:b4:a9:17:2b:6a:dc:48:b0:75:18:87:67:e4:70:
                    34:88:5d:5f:58:69:03:34:17:21:86:81:33:e7:33:
                    d4:b6:fc:3f:dd:b5:fd:5f:53:66:e4:37:dd:87:cf:
                    ff:5f:31:ba:d7:4d:13:fb:0c:6e:96:7b:b5:42:fc:
                    5f:d9:4e:6f:8c:8f:02:44:84:3f:a4:de:46:da:63:
                    ee:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:7E:6F:80:68:F3:55:5C:51:9A:CD:15:5A:47:1C:82:F7:49:82:EA
            X509v3 Authority Key Identifier:
                keyid:A3:C8:A0:CA:78:98:42:83:FA:B9:86:C9:B8:0A:5B:04:09:77:E5:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8igyniYQoP6uYbJuApbBAl35VY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/UX5vgGjzVVxRms0VWkccgvdJguo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c339dd-443f-4ba9-a959-66db25e1990c/1/o8igyniYQoP6uYbJuApbBAl35VY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:57:68:3a:1d:19:ba:30:2c:3d:f7:8f:22:36:e2:ff:e1:38:
         ba:aa:f4:19:16:96:76:97:d0:50:04:27:c5:a0:b4:50:24:90:
         eb:67:a1:d8:fd:38:c2:2f:2f:02:09:de:3d:fa:c5:14:3f:46:
         9f:d4:9d:58:7a:49:18:59:34:50:52:f3:79:3a:df:99:f0:e3:
         d3:30:db:1b:b6:a0:2a:d0:56:fd:b2:55:f9:87:09:c9:c2:a3:
         4e:26:82:d7:71:ab:d3:26:a3:1c:35:9d:e6:ae:39:9f:be:8c:
         33:1b:64:8f:0a:95:44:50:eb:58:31:ec:67:1b:99:f3:4f:c1:
         92:69:41:f5:3f:7b:eb:78:83:d0:6c:4d:cb:31:f4:e0:c8:9a:
         ab:b6:19:99:75:c7:36:8b:8a:20:05:89:c4:9d:05:ba:b5:9d:
         f7:3f:42:8b:f7:bf:f6:88:7c:9c:9e:bd:32:9d:2f:b1:b0:03:
         4c:30:c1:9e:44:cd:4b:d8:e2:f6:4b:93:6f:d0:06:43:6f:90:
         62:75:22:05:bf:fb:d3:a1:87:87:76:94:ef:e6:90:19:a4:ad:
         71:6e:bf:48:5a:b4:89:b4:be:ba:bb:b6:92:b2:7e:2c:d5:e4:
         ed:36:08:6e:c7:aa:43:cc:0f:d3:2a:45:d3:36:52:a3:d2:36:
         c4:c2:0c:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3F22/SKtqFHmLDE3GAmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYzhhMGNhNzg5ODQyODNmYWI5ODZjOWI4MGE1YjA0MDk3
N2U1NTYwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTdlNmY4MDY4ZjM1NTVjNTE5YWNkMTU1YTQ3MWM4MmY3NDk4MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV/b4s2OxQdrsmLyZ5S6+lwzVFZU
xdD8tECobP3O/+YxfmSAnWZlm4c1R4if7D28RMyJB+ufXx/tASqSnP4GDxP1xbU8
8vwYNfUZoUOvGOI54yCqFpGwY6lRw74Y5xKEyKFkp5n6g5BRt1o1bSabLSK6D+nm
ewbvkOgDDLBuOY79KJt78kljka1FJQnKOCJCfCMNscQqY+n00HbdrPpEUfncDnTi
jInSkYAdcFmr5Qrj7FActKkXK2rcSLB1GIdn5HA0iF1fWGkDNBchhoEz5zPUtvw/
3bX9X1Nm5Dfdh8//XzG6100T+wxulnu1Qvxf2U5vjI8CRIQ/pN5G2mPuAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFF+b4Bo81VcUZrNFVpHHIL3SYLqMB8GA1UdIwQY
MBaAFKPIoMp4mEKD+rmGybgKWwQJd+VWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzhpZ3luaVlRb1A2dVliSnVBcGJCQWwzNVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jMzM5ZGQtNDQzZi00YmE5LWE5NTkt
NjZkYjI1ZTE5OTBjLzEvVVg1dmdHanpWVnhSbXMwVldrY2NndmRKZ3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jMzM5ZGQtNDQzZi00YmE5LWE5NTktNjZkYjI1ZTE5OTBj
LzEvbzhpZ3luaVlRb1A2dVliSnVBcGJCQWwzNVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwW6yMA0G
CSqGSIb3DQEBCwUAA4IBAQCQV2g6HRm6MCw9948iNuL/4Ti6qvQZFpZ2l9BQBCfF
oLRQJJDrZ6HY/TjCLy8CCd49+sUUP0af1J1YekkYWTRQUvN5Ot+Z8OPTMNsbtqAq
0Fb9slX5hwnJwqNOJoLXcavTJqMcNZ3mrjmfvowzG2SPCpVEUOtYMexnG5nzT8GS
aUH1P3vreIPQbE3LMfTgyJqrthmZdcc2i4ogBYnEnQW6tZ33P0KL97/2iHycnr0y
nS+xsANMMMGeRM1L2OL2S5Nv0AZDb5BidSIFv/vToYeHdpTv5pAZpK1xbr9IWrSJ
tL66u7aSsn4s1eTtNghux6pDzA/TKkXTNlKj0jbEwgx5
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:23:40 2024 by rpki-client on console-ams.rpki-client.org