Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jHOciv7MtMRlAx97GggR9ADHlZc.roa
File:                     jHOciv7MtMRlAx97GggR9ADHlZc.roa (raw, json)
Hash identifier:          q3X4EuykKh/7sGjd5L9iIaxZcoeEyU/bPZaBs4A/mwY=
Subject key identifier:   8C:73:9C:8A:FE:CC:B4:C4:65:03:1F:7B:1A:08:11:F4:00:C7:95:97
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       018CC2DB5C4536539EE56FB71D0A826E7BCA
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jHOciv7MtMRlAx97GggR9ADHlZc.roa
Signing time:             Mon 01 Jan 2024 02:30:05 +0000
ROA not before:           Mon 01 Jan 2024 02:30:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     393560
IP address blocks:        93.191.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:5c:45:36:53:9e:e5:6f:b7:1d:0a:82:6e:7b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Jan  1 02:30:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8c739c8afeccb4c465031f7b1a0811f400c79597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:35:22:41:b6:25:3f:17:48:af:56:7a:70:7b:
                    c1:1f:46:d8:99:f1:dc:89:f8:5b:48:44:15:3d:78:
                    ba:9b:0a:fc:17:ef:fe:3f:dd:eb:73:e5:fc:eb:c8:
                    38:c0:36:2a:20:69:e3:e6:51:6c:94:f2:92:00:3a:
                    ba:e8:db:5e:fe:50:89:a3:f5:cf:7f:93:49:a7:3e:
                    e9:27:95:72:bd:94:a6:0b:8c:8d:cd:d2:c1:eb:77:
                    f1:39:39:7e:3b:31:9f:d3:bf:3a:68:97:5c:a0:86:
                    94:9d:82:10:6b:6d:2b:f5:2b:5f:04:cb:2c:53:54:
                    0f:73:91:3a:32:f8:5c:8d:cf:6a:5f:09:48:23:9e:
                    a2:a2:55:cd:34:55:be:65:97:2d:ad:0b:5c:ef:ba:
                    b6:4a:ed:53:ae:7c:c0:6b:93:d2:cb:14:30:bc:32:
                    25:83:ab:7c:37:1f:b0:40:90:10:a5:7b:2e:da:82:
                    7b:d5:53:a6:d5:62:44:16:1a:23:6e:d7:64:74:74:
                    38:84:b2:ba:90:7e:ed:c8:0f:23:74:98:8a:be:f6:
                    52:e1:34:bb:f8:c8:9b:ae:aa:97:83:a7:c8:f9:db:
                    1f:db:5d:62:da:47:41:a9:b2:fe:cc:5f:49:e0:cd:
                    d5:05:7e:f4:d0:f9:ac:8d:53:2b:6c:c2:d0:44:75:
                    8c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:73:9C:8A:FE:CC:B4:C4:65:03:1F:7B:1A:08:11:F4:00:C7:95:97
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/jHOciv7MtMRlAx97GggR9ADHlZc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.191.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:be:28:a8:32:c9:8e:6e:6b:91:6c:d0:8f:b2:db:47:4f:c9:
         e3:14:f3:fa:20:84:7c:8b:8a:f1:6e:f3:a7:c3:e2:7a:8a:df:
         10:b1:6c:1a:7e:69:59:60:36:9f:ec:6b:1d:c3:c0:5f:be:0d:
         3c:ad:04:de:66:9e:73:a3:84:40:dd:8f:ed:9f:9c:98:7c:2f:
         56:54:b0:ad:0a:6e:74:23:d6:57:92:f3:83:03:66:98:5a:17:
         0e:9d:47:1a:c4:de:50:88:e8:55:18:21:d8:22:fe:78:c3:6a:
         51:de:eb:69:74:84:62:69:47:0f:63:98:62:43:cd:c0:11:27:
         62:c4:82:a8:67:69:d2:bc:09:9b:8d:5e:69:e9:fc:15:a3:4b:
         cf:ec:fd:d0:61:f4:bc:2e:63:b2:07:c7:11:df:3b:8a:5a:91:
         05:40:84:fe:3c:72:86:9a:f2:7e:30:98:ee:17:65:ba:b0:5d:
         0b:03:41:f8:38:cb:7c:eb:4d:8d:7f:d0:61:81:ef:c4:e8:cf:
         f4:76:7b:8a:d4:4e:59:99:6e:b5:34:1c:d9:b7:34:f4:0e:f5:
         f9:d6:83:bb:c8:a2:84:01:d6:16:18:b0:b2:6b:ce:0f:c1:21:
         f3:aa:8e:b0:dd:57:89:d2:79:98:29:e2:8f:28:14:aa:42:8b:
         0e:90:7b:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21xFNlOe5W+3HQqCbnvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzczOWM4YWZlY2NiNGM0NjUwMzFmN2IxYTA4MTFmNDAwYzc5NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjUiQbYlPxdIr1Z6cHvBH0bYmfHc
ifhbSEQVPXi6mwr8F+/+P93rc+X868g4wDYqIGnj5lFslPKSADq66Nte/lCJo/XP
f5NJpz7pJ5VyvZSmC4yNzdLB63fxOTl+OzGf0786aJdcoIaUnYIQa20r9StfBMss
U1QPc5E6Mvhcjc9qXwlII56iolXNNFW+ZZctrQtc77q2Su1TrnzAa5PSyxQwvDIl
g6t8Nx+wQJAQpXsu2oJ71VOm1WJEFhojbtdkdHQ4hLK6kH7tyA8jdJiKvvZS4TS7
+MibrqqXg6fI+dsf211i2kdBqbL+zF9J4M3VBX700PmsjVMrbMLQRHWM5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxznIr+zLTEZQMfexoIEfQAx5WXMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvakhPY2l2N010TVJsQXg5N0dnZ1I5QURIbFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXb+vMA0G
CSqGSIb3DQEBCwUAA4IBAQA0viioMsmObmuRbNCPsttHT8njFPP6IIR8i4rxbvOn
w+J6it8QsWwafmlZYDaf7Gsdw8Bfvg08rQTeZp5zo4RA3Y/tn5yYfC9WVLCtCm50
I9ZXkvODA2aYWhcOnUcaxN5QiOhVGCHYIv54w2pR3utpdIRiaUcPY5hiQ83AESdi
xIKoZ2nSvAmbjV5p6fwVo0vP7P3QYfS8LmOyB8cR3zuKWpEFQIT+PHKGmvJ+MJju
F2W6sF0LA0H4OMt8602Nf9Bhge/E6M/0dnuK1E5ZmW61NBzZtzT0DvX51oO7yKKE
AdYWGLCya84PwSHzqo6w3VeJ0nmYKeKPKBSqQosOkHtK
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:10:11 2024 by rpki-client on console-ams.rpki-client.org