Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/Z5VZGPlXFfKQguTNUeAozbS3YMY.roa
File:                     Z5VZGPlXFfKQguTNUeAozbS3YMY.roa (raw, json)
Hash identifier:          kUygVd+pk10QGB/jbZDK+bpHyjK4MTOXKmkWPpz6nRY=
Subject key identifier:   67:95:59:18:F9:57:15:F2:90:82:E4:CD:51:E0:28:CD:B4:B7:60:C6
Certificate issuer:       /CN=c0fec178763a701e2211672e2e36e6d527f41f3d
Certificate serial:       018CC72761ACE22B265E306BDD1667CBE6D9
Authority key identifier: C0:FE:C1:78:76:3A:70:1E:22:11:67:2E:2E:36:E6:D5:27:F4:1F:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/Z5VZGPlXFfKQguTNUeAozbS3YMY.roa
Signing time:             Mon 01 Jan 2024 22:31:36 +0000
ROA not before:           Mon 01 Jan 2024 22:31:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     53667
IP address blocks:        176.124.70.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 19:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:61:ac:e2:2b:26:5e:30:6b:dd:16:67:cb:e6:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0fec178763a701e2211672e2e36e6d527f41f3d
        Validity
            Not Before: Jan  1 22:31:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=67955918f95715f29082e4cd51e028cdb4b760c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9f:54:ee:d9:ba:ee:58:96:99:50:e0:e5:41:
                    9b:6a:10:d4:88:60:02:ad:02:93:70:44:74:69:df:
                    32:ab:47:d2:1a:e8:5d:26:7f:bf:c7:bd:98:8f:80:
                    fc:d2:b3:cf:b7:31:e6:00:59:dd:f1:6a:4b:ce:2f:
                    ca:bc:95:47:47:19:f9:ab:1d:99:c4:aa:18:25:7b:
                    c2:3e:cc:be:41:1a:1a:4b:05:f4:16:08:3b:d1:9a:
                    43:f2:ae:00:32:3e:47:6a:39:4d:ea:0f:18:ca:3c:
                    b8:d5:fe:6f:92:c2:57:10:7a:52:34:01:8e:75:c5:
                    f1:1c:53:32:81:9e:f5:9d:eb:75:03:85:cd:68:6e:
                    bf:1c:51:94:b9:f0:d5:78:c8:cd:22:31:2e:01:0f:
                    0a:05:c9:78:6b:0b:fc:c3:37:b2:e5:34:76:e0:5d:
                    83:bb:d8:68:ee:94:a1:40:54:bd:d5:af:81:eb:99:
                    5f:b2:f0:1e:72:83:8e:8a:91:ba:de:e0:84:10:6a:
                    35:a2:83:c0:fc:4a:fb:d6:2f:da:24:f0:c1:cb:62:
                    22:ce:33:a9:1a:d2:ca:bb:3a:8e:0c:d0:4f:08:60:
                    f4:aa:53:0f:90:47:34:38:9a:44:ca:a0:57:76:d7:
                    8b:db:9c:97:8a:e2:83:95:aa:64:46:39:93:dc:d8:
                    69:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:95:59:18:F9:57:15:F2:90:82:E4:CD:51:E0:28:CD:B4:B7:60:C6
            X509v3 Authority Key Identifier:
                keyid:C0:FE:C1:78:76:3A:70:1E:22:11:67:2E:2E:36:E6:D5:27:F4:1F:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/Z5VZGPlXFfKQguTNUeAozbS3YMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/492e56-0bae-461a-8f65-0390ed7732a5/1/wP7BeHY6cB4iEWcuLjbm1Sf0Hz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.124.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:c1:3f:ab:68:82:da:37:6e:06:9b:de:be:12:42:17:60:e4:
         42:63:21:e2:7a:ff:2f:c9:d2:4f:ae:b6:7a:4d:99:85:a9:83:
         95:c1:79:67:07:15:79:20:60:8e:23:94:90:10:a8:fd:76:6c:
         7c:8d:58:ee:6a:2e:7f:f4:ed:11:d2:bd:be:a6:83:45:b6:40:
         25:14:4f:19:4b:38:00:d7:ef:a4:10:da:88:cf:a2:86:85:fd:
         21:d2:f2:6e:bf:e6:9a:a3:b7:40:ee:1a:a2:b8:5e:e7:b1:4f:
         d5:39:40:74:29:d6:64:02:f9:fa:77:4d:21:e3:93:5d:0c:1f:
         fa:09:44:98:7b:49:a7:38:5d:b1:24:72:13:53:78:be:2a:62:
         a3:46:af:50:82:63:49:77:0c:1e:e7:d1:fa:42:f0:46:7d:c0:
         f0:a8:1e:9a:72:fa:5b:25:b0:25:13:03:78:28:70:60:1b:83:
         13:fe:2e:90:8b:3e:58:8c:bb:6c:47:59:7a:07:44:ed:28:0b:
         e6:34:af:08:66:a6:3e:09:c0:3e:52:dd:dd:f0:3f:25:dd:27:
         e1:20:c7:b1:95:69:26:a9:23:a6:0e:78:bb:ea:6c:9d:0a:33:
         b5:d0:ef:24:9f:f7:b2:18:77:0d:a6:b8:4b:e3:fa:42:e2:57:
         bb:5f:78:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2Gs4ismXjBr3RZny+bZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZmVjMTc4NzYzYTcwMWUyMjExNjcyZTJlMzZlNmQ1Mjdm
NDFmM2QwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk1NTkxOGY5NTcxNWYyOTA4MmU0Y2Q1MWUwMjhjZGI0Yjc2MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp9U7tm67liWmVDg5UGbahDUiGAC
rQKTcER0ad8yq0fSGuhdJn+/x72Yj4D80rPPtzHmAFnd8WpLzi/KvJVHRxn5qx2Z
xKoYJXvCPsy+QRoaSwX0Fgg70ZpD8q4AMj5HajlN6g8Yyjy41f5vksJXEHpSNAGO
dcXxHFMygZ71net1A4XNaG6/HFGUufDVeMjNIjEuAQ8KBcl4awv8wzey5TR24F2D
u9ho7pShQFS91a+B65lfsvAecoOOipG63uCEEGo1ooPA/Er71i/aJPDBy2IizjOp
GtLKuzqODNBPCGD0qlMPkEc0OJpEyqBXdteL25yXiuKDlapkRjmT3Nhp+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeVWRj5VxXykILkzVHgKM20t2DGMB8GA1UdIwQY
MBaAFMD+wXh2OnAeIhFnLi425tUn9B89MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1A3QmVIWTZjQjRpRVdjdUxqYm0xU2YwSHowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80OTJlNTYtMGJhZS00NjFhLThmNjUt
MDM5MGVkNzczMmE1LzEvWjVWWkdQbFhGZktRZ3VUTlVlQW96YlMzWU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80OTJlNTYtMGJhZS00NjFhLThmNjUtMDM5MGVkNzczMmE1
LzEvd1A3QmVIWTZjQjRpRVdjdUxqYm0xU2YwSHowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHxGMA0G
CSqGSIb3DQEBCwUAA4IBAQCPwT+raILaN24Gm96+EkIXYORCYyHiev8vydJPrrZ6
TZmFqYOVwXlnBxV5IGCOI5SQEKj9dmx8jVjuai5/9O0R0r2+poNFtkAlFE8ZSzgA
1++kENqIz6KGhf0h0vJuv+aao7dA7hqiuF7nsU/VOUB0KdZkAvn6d00h45NdDB/6
CUSYe0mnOF2xJHITU3i+KmKjRq9QgmNJdwwe59H6QvBGfcDwqB6acvpbJbAlEwN4
KHBgG4MT/i6Qiz5YjLtsR1l6B0TtKAvmNK8IZqY+CcA+Ut3d8D8l3SfhIMexlWkm
qSOmDni76mydCjO10O8kn/eyGHcNprhL4/pC4le7X3iz
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:40:01 2024 by rpki-client on console-ams.rpki-client.org