Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/6L_KAQ7nbR112vnCPGHtAmU7SO4.roa
File:                     6L_KAQ7nbR112vnCPGHtAmU7SO4.roa (raw, json)
Hash identifier:          FsIaCtNRekukst5oZVMVyucTR3c09DInm6F5xHXebxw=
Subject key identifier:   E8:BF:CA:01:0E:E7:6D:1D:75:DA:F9:C2:3C:61:ED:02:65:3B:48:EE
Certificate issuer:       /CN=375c742259ff900857d13689d8d48db20edf4603
Certificate serial:       018CC4246BD452C2C004522314DC61BEB6F0
Authority key identifier: 37:5C:74:22:59:FF:90:08:57:D1:36:89:D8:D4:8D:B2:0E:DF:46:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/6L_KAQ7nbR112vnCPGHtAmU7SO4.roa
Signing time:             Mon 01 Jan 2024 08:29:30 +0000
ROA not before:           Mon 01 Jan 2024 08:29:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43621
IP address blocks:        195.214.234.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 01:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:6b:d4:52:c2:c0:04:52:23:14:dc:61:be:b6:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=375c742259ff900857d13689d8d48db20edf4603
        Validity
            Not Before: Jan  1 08:29:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e8bfca010ee76d1d75daf9c23c61ed02653b48ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1b:ad:e9:1d:16:6d:3f:36:ea:31:af:cd:91:
                    71:31:ea:59:ac:cf:33:30:72:6a:c1:65:48:fa:8e:
                    ee:d9:c3:ac:20:03:3b:c2:4e:f9:7e:c9:0c:0b:44:
                    5a:4b:e4:5d:0a:7c:c4:ca:2e:b7:5f:d3:7d:8a:56:
                    4b:98:d5:0e:39:44:6c:88:82:67:ff:97:77:cd:6f:
                    53:8f:4a:8e:eb:24:76:44:dd:4c:80:d3:cb:d0:e3:
                    23:2b:d1:9e:69:09:a9:21:85:61:40:aa:e5:e4:1a:
                    f6:39:dd:15:0c:26:ba:21:28:6b:c9:3c:c1:6b:e2:
                    2a:01:c0:bf:5d:b8:6d:d0:73:76:b4:fa:d6:8d:1e:
                    7b:f7:b3:f5:85:41:43:65:e0:8e:2a:42:9d:0d:b0:
                    10:be:b1:7a:74:93:55:ae:91:4c:f5:67:b1:b7:42:
                    f0:f4:cd:ba:5e:38:99:c1:ef:35:b6:f3:1d:d9:5b:
                    85:e6:c3:ee:fa:18:9a:16:39:5b:f1:53:27:33:8a:
                    83:76:ed:5c:18:67:9e:02:e4:b3:d7:1f:64:a8:3f:
                    fb:0c:88:2a:3e:ef:98:f4:59:6b:b3:d5:87:bd:0c:
                    34:95:98:fa:81:54:70:17:30:09:12:84:16:26:d8:
                    eb:fb:3a:98:ca:3d:72:31:c1:73:22:36:8b:25:68:
                    a4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:BF:CA:01:0E:E7:6D:1D:75:DA:F9:C2:3C:61:ED:02:65:3B:48:EE
            X509v3 Authority Key Identifier:
                keyid:37:5C:74:22:59:FF:90:08:57:D1:36:89:D8:D4:8D:B2:0E:DF:46:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/6L_KAQ7nbR112vnCPGHtAmU7SO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/8a5ee7-b638-4b70-8a8e-f97745d13b8d/1/N1x0Iln_kAhX0TaJ2NSNsg7fRgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.214.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:9d:2f:1b:46:12:ba:51:5b:6a:8d:1a:9a:72:ff:85:6c:d0:
         0a:af:3b:5d:f9:c9:ae:f3:2d:b9:45:20:ac:7b:e3:43:2f:06:
         d1:f8:ba:19:12:d2:39:6a:59:e4:1e:6e:fd:de:89:33:51:7b:
         9a:c5:b3:63:51:96:12:44:e6:9e:59:22:10:ec:1b:b6:77:60:
         79:94:0c:3d:93:d5:af:63:fd:68:01:b1:5c:fb:ad:39:33:ce:
         4f:1a:9f:df:ca:bd:90:cc:d6:70:e9:e4:b2:18:46:0e:75:9b:
         8c:7e:2d:ab:30:f5:bf:2d:76:76:a6:9f:a4:99:55:ae:fb:23:
         34:53:b9:44:82:49:59:0f:af:64:4b:d5:4f:a8:29:e7:97:ee:
         1e:49:7e:e7:39:67:de:8a:34:d1:95:d8:c3:f8:d7:ea:3d:bd:
         2b:25:d6:61:bb:8f:f1:d0:0f:4c:fa:73:a3:37:d1:e2:76:bf:
         84:ef:31:55:d1:66:b4:3b:c5:95:f1:00:13:a0:96:79:91:67:
         20:7f:d8:1d:22:28:89:27:0a:1c:43:8a:c6:b3:80:25:d1:2a:
         1a:5e:57:40:e9:ff:4e:1d:9e:f8:8c:79:75:a4:7c:10:b9:4c:
         1f:c1:85:24:b4:20:76:9a:d9:2d:40:0c:10:94:7b:f8:e0:bd:
         41:b3:c7:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGvUUsLABFIjFNxhvrbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWM3NDIyNTlmZjkwMDg1N2QxMzY4OWQ4ZDQ4ZGIyMGVk
ZjQ2MDMwHhcNMjQwMTAxMDgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGJmY2EwMTBlZTc2ZDFkNzVkYWY5YzIzYzYxZWQwMjY1M2I0OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRut6R0WbT826jGvzZFxMepZrM8z
MHJqwWVI+o7u2cOsIAM7wk75fskMC0RaS+RdCnzEyi63X9N9ilZLmNUOOURsiIJn
/5d3zW9Tj0qO6yR2RN1MgNPL0OMjK9GeaQmpIYVhQKrl5Br2Od0VDCa6IShryTzB
a+IqAcC/Xbht0HN2tPrWjR5797P1hUFDZeCOKkKdDbAQvrF6dJNVrpFM9Wext0Lw
9M26XjiZwe81tvMd2VuF5sPu+hiaFjlb8VMnM4qDdu1cGGeeAuSz1x9kqD/7DIgq
Pu+Y9Flrs9WHvQw0lZj6gVRwFzAJEoQWJtjr+zqYyj1yMcFzIjaLJWikOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOi/ygEO520dddr5wjxh7QJlO0juMB8GA1UdIwQY
MBaAFDdcdCJZ/5AIV9E2idjUjbIO30YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjF4MElsbl9rQWhYMFRhSjJOU05zZzdmUmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84YTVlZTctYjYzOC00YjcwLThhOGUt
Zjk3NzQ1ZDEzYjhkLzEvNkxfS0FRN25iUjExMnZuQ1BHSHRBbVU3U080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84YTVlZTctYjYzOC00YjcwLThhOGUtZjk3NzQ1ZDEzYjhk
LzEvTjF4MElsbl9rQWhYMFRhSjJOU05zZzdmUmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9bqMA0G
CSqGSIb3DQEBCwUAA4IBAQCAnS8bRhK6UVtqjRqacv+FbNAKrztd+cmu8y25RSCs
e+NDLwbR+LoZEtI5alnkHm793okzUXuaxbNjUZYSROaeWSIQ7Bu2d2B5lAw9k9Wv
Y/1oAbFc+605M85PGp/fyr2QzNZw6eSyGEYOdZuMfi2rMPW/LXZ2pp+kmVWu+yM0
U7lEgklZD69kS9VPqCnnl+4eSX7nOWfeijTRldjD+NfqPb0rJdZhu4/x0A9M+nOj
N9Hidr+E7zFV0Wa0O8WV8QAToJZ5kWcgf9gdIiiJJwocQ4rGs4Al0SoaXldA6f9O
HZ74jHl1pHwQuUwfwYUktCB2mtktQAwQlHv44L1Bs8d3
-----END CERTIFICATE-----
Generated at Mon Jun 17 06:01:51 2024 by rpki-client on console-fra.rpki-client.org