Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/6LGGKWxklOO9v3UCX0yIubTdJEc.roa
File:                     6LGGKWxklOO9v3UCX0yIubTdJEc.roa (raw, json)
Hash identifier:          W33KDx6S9Bqe34QzhumRZ5pQKlJYBwbX97Uv+ZBKwBo=
Subject key identifier:   E8:B1:86:29:6C:64:94:E3:BD:BF:75:02:5F:4C:88:B9:B4:DD:24:47
Certificate issuer:       /CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
Certificate serial:       018CC42482553437384004F3DD9708BA7CD0
Authority key identifier: 72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/6LGGKWxklOO9v3UCX0yIubTdJEc.roa
Signing time:             Mon 01 Jan 2024 08:29:36 +0000
ROA not before:           Mon 01 Jan 2024 08:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48409
IP address blocks:        91.207.238.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/csOpo60yCo_GG1-HifUl0H5b4lE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/csOpo60yCo_GG1-HifUl0H5b4lE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:82:55:34:37:38:40:04:f3:dd:97:08:ba:7c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72c3a9a3ad320a8fc61b5f8789f525d07e5be251
        Validity
            Not Before: Jan  1 08:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e8b186296c6494e3bdbf75025f4c88b9b4dd2447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c9:f4:a5:15:52:f2:57:16:5b:0b:b0:cd:fd:
                    2a:21:ba:a0:fa:3a:44:cf:e1:2a:48:2e:24:46:cf:
                    4b:cf:87:e4:a3:8a:29:f8:6b:2b:3b:02:04:66:2b:
                    0d:16:e9:71:57:f8:5a:df:8f:5c:5f:70:9f:90:ab:
                    e7:19:30:70:6a:34:1d:af:f2:f8:98:58:bd:47:2b:
                    f1:be:7d:e4:54:b7:7b:49:d6:31:d2:9f:2b:40:84:
                    44:17:6c:90:5f:2d:d0:36:00:87:66:47:3f:25:ab:
                    bf:bb:c0:28:78:c7:da:25:ed:17:44:34:46:c9:30:
                    96:85:a5:a6:f9:7e:40:45:7b:19:79:37:7d:9c:e6:
                    1c:f4:e8:ac:8c:ec:88:f3:af:33:4b:33:a2:79:fa:
                    fd:c8:26:ed:55:48:b6:9e:7d:67:26:3c:59:ec:10:
                    4f:d6:d7:97:04:5a:8a:9c:f6:0f:3d:43:59:86:7b:
                    bb:48:2c:a0:e9:9f:ac:e5:a2:d1:4f:98:40:99:59:
                    22:14:a1:73:07:29:be:fb:eb:57:a4:70:78:ce:55:
                    9d:90:f1:b9:0d:06:f9:36:cb:ac:6e:af:86:36:b5:
                    fa:9f:3f:6b:9a:c5:32:9c:82:70:0f:d2:3c:2c:ce:
                    95:26:5d:45:ab:c4:70:cf:c4:0b:74:3d:84:05:ad:
                    9d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:B1:86:29:6C:64:94:E3:BD:BF:75:02:5F:4C:88:B9:B4:DD:24:47
            X509v3 Authority Key Identifier:
                keyid:72:C3:A9:A3:AD:32:0A:8F:C6:1B:5F:87:89:F5:25:D0:7E:5B:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csOpo60yCo_GG1-HifUl0H5b4lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/6LGGKWxklOO9v3UCX0yIubTdJEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/efa4d7-99a7-4c18-80fd-d29f45f793c7/1/csOpo60yCo_GG1-HifUl0H5b4lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.207.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:1f:2d:64:a1:7d:16:22:38:de:16:c3:6e:69:d9:40:d0:37:
         89:6c:83:f2:ec:6c:70:63:ab:d1:8a:f2:c4:c0:c5:b7:33:9a:
         af:ee:b2:17:fd:b8:84:98:ca:03:d8:f3:de:e6:a6:a5:2f:ba:
         3d:02:9b:41:10:7c:12:a3:00:56:a9:e6:c0:a3:49:e5:4e:6b:
         ba:92:29:83:68:44:db:d0:e1:c7:e3:59:f6:3c:69:18:c9:46:
         85:38:18:72:9f:de:ff:f3:64:fa:85:39:25:b5:81:87:64:98:
         3a:8c:af:52:10:fa:c3:0a:e6:97:b5:77:9d:84:b5:98:7f:93:
         9b:04:2e:fc:71:75:15:e3:0e:b0:43:1d:b6:35:c1:84:fe:20:
         fc:fa:bc:a8:c3:ad:47:4a:33:1d:e2:3b:aa:d2:96:ed:f6:ee:
         c9:66:f3:1d:9b:a7:16:11:c1:ae:80:c6:50:d1:c7:07:38:cd:
         46:24:17:cf:84:8c:2b:77:1a:4a:e5:f9:a0:4e:5c:7e:71:8a:
         21:2c:35:26:41:93:8e:83:91:41:f3:06:87:ef:f7:2a:6f:ce:
         2e:e7:93:fe:ad:e8:8a:1f:30:31:0a:4b:5b:66:76:f9:ad:6f:
         c1:ce:83:31:41:7e:b2:72:4a:51:f0:65:a6:57:69:23:4f:bf:
         66:c3:72:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJIJVNDc4QATz3ZcIunzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzNhOWEzYWQzMjBhOGZjNjFiNWY4Nzg5ZjUyNWQwN2U1
YmUyNTEwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGIxODYyOTZjNjQ5NGUzYmRiZjc1MDI1ZjRjODhiOWI0ZGQyNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsn0pRVS8lcWWwuwzf0qIbqg+jpE
z+EqSC4kRs9Lz4fko4op+GsrOwIEZisNFulxV/ha349cX3CfkKvnGTBwajQdr/L4
mFi9Ryvxvn3kVLd7SdYx0p8rQIREF2yQXy3QNgCHZkc/Jau/u8AoeMfaJe0XRDRG
yTCWhaWm+X5ARXsZeTd9nOYc9OisjOyI868zSzOiefr9yCbtVUi2nn1nJjxZ7BBP
1teXBFqKnPYPPUNZhnu7SCyg6Z+s5aLRT5hAmVkiFKFzBym+++tXpHB4zlWdkPG5
DQb5Nsusbq+GNrX6nz9rmsUynIJwD9I8LM6VJl1Fq8Rwz8QLdD2EBa2dQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOixhilsZJTjvb91Al9MiLm03SRHMB8GA1UdIwQY
MBaAFHLDqaOtMgqPxhtfh4n1JdB+W+JRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQt
ZDI5ZjQ1Zjc5M2M3LzEvNkxHR0tXeGtsT085djNVQ1gweUl1YlRkSkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lZmE0ZDctOTlhNy00YzE4LTgwZmQtZDI5ZjQ1Zjc5M2M3
LzEvY3NPcG82MHlDb19HRzEtSGlmVWwwSDViNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8/uMA0G
CSqGSIb3DQEBCwUAA4IBAQCFHy1koX0WIjjeFsNuadlA0DeJbIPy7GxwY6vRivLE
wMW3M5qv7rIX/biEmMoD2PPe5qalL7o9AptBEHwSowBWqebAo0nlTmu6kimDaETb
0OHH41n2PGkYyUaFOBhyn97/82T6hTkltYGHZJg6jK9SEPrDCuaXtXedhLWYf5Ob
BC78cXUV4w6wQx22NcGE/iD8+ryow61HSjMd4juq0pbt9u7JZvMdm6cWEcGugMZQ
0ccHOM1GJBfPhIwrdxpK5fmgTlx+cYohLDUmQZOOg5FB8waH7/cqb84u55P+reiK
HzAxCktbZnb5rW/BzoMxQX6yckpR8GWmV2kjT79mw3Jt
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:14:30 2024 by rpki-client on console-fra.rpki-client.org