Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/FUCBUnfq9vExPdSUZBigMwy19m4.roa
File:                     FUCBUnfq9vExPdSUZBigMwy19m4.roa (raw, json)
Hash identifier:          51xOrqTrTal3zhwIPYFb5tl4T5wPqsfGyNthayc+j9A=
Subject key identifier:   15:40:81:52:77:EA:F6:F1:31:3D:D4:94:64:18:A0:33:0C:B5:F6:6E
Certificate issuer:       /CN=1b22cdf53249049d04914b1837fc027d6964ce07
Certificate serial:       018CC7272C99D6AB87EAB96C2138D58EBABE
Authority key identifier: 1B:22:CD:F5:32:49:04:9D:04:91:4B:18:37:FC:02:7D:69:64:CE:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/FUCBUnfq9vExPdSUZBigMwy19m4.roa
Signing time:             Mon 01 Jan 2024 22:31:22 +0000
ROA not before:           Mon 01 Jan 2024 22:31:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48551
IP address blocks:        194.147.212.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 20:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:2c:99:d6:ab:87:ea:b9:6c:21:38:d5:8e:ba:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b22cdf53249049d04914b1837fc027d6964ce07
        Validity
            Not Before: Jan  1 22:31:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1540815277eaf6f1313dd4946418a0330cb5f66e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:7a:30:c8:95:c1:b9:4a:f7:0d:82:58:23:84:
                    dd:50:1e:ae:a3:6c:2e:89:13:2a:3b:57:b0:cc:31:
                    67:69:1e:1a:82:16:c6:f4:7b:03:73:df:67:91:e7:
                    51:28:62:0b:94:e5:98:8f:fd:15:df:18:a5:6f:6b:
                    27:cd:d5:b7:36:0e:76:ab:87:95:36:cd:ee:57:da:
                    ed:05:36:e3:8b:f6:2e:14:da:84:0a:a4:05:da:9b:
                    c3:cf:2e:b5:67:37:2a:bc:40:c2:f1:e0:b8:29:85:
                    57:f5:26:68:45:c5:bd:92:80:0b:83:a4:e9:14:55:
                    61:95:89:9d:c4:c5:89:ff:7b:67:a4:f4:2d:e7:dd:
                    46:46:d7:93:da:4f:76:1f:46:e6:fa:51:59:cc:fc:
                    00:ed:10:a6:cb:66:5e:ab:b1:cd:3b:3e:a6:56:c0:
                    18:c9:39:64:16:87:dd:c3:3c:d0:d0:46:b7:ef:79:
                    88:48:f5:e5:e9:58:1d:ae:a0:26:d8:70:e0:92:b8:
                    ec:a9:96:ec:f6:62:c2:0e:b4:6f:d0:4a:15:14:5b:
                    49:26:d9:ab:52:5e:a7:c4:d9:d9:73:56:5e:43:b7:
                    fb:b1:b5:24:95:cb:b8:74:1e:3d:7c:49:80:9d:e2:
                    ad:c8:d6:6f:22:bb:53:a9:49:86:81:19:e7:ac:d1:
                    9c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:40:81:52:77:EA:F6:F1:31:3D:D4:94:64:18:A0:33:0C:B5:F6:6E
            X509v3 Authority Key Identifier:
                keyid:1B:22:CD:F5:32:49:04:9D:04:91:4B:18:37:FC:02:7D:69:64:CE:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/FUCBUnfq9vExPdSUZBigMwy19m4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/0cd7cc-af08-417b-bd58-3e1bb1e29422/1/GyLN9TJJBJ0EkUsYN_wCfWlkzgc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.147.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:a3:24:57:d4:c6:74:49:e4:69:c1:ae:9b:26:34:49:54:06:
         bf:0a:76:59:b0:36:6a:b1:96:23:f8:9a:3b:b9:cc:49:95:2c:
         45:1c:6e:61:ba:49:2c:13:d5:74:98:6b:c9:44:61:bb:16:1d:
         9d:42:e6:47:2c:d3:12:d6:de:df:99:04:81:1e:c5:a0:68:3d:
         14:dd:de:d1:72:ca:b2:63:49:c2:1b:1d:75:2a:c7:e8:37:7f:
         a1:a5:0e:83:38:b6:4b:ae:d1:4d:c0:ea:ee:86:13:af:e1:75:
         69:e1:e3:b7:06:ea:d1:37:e6:37:f3:8b:40:ec:c3:9e:96:1b:
         7a:9d:17:f5:85:f6:f3:c4:0b:32:66:e9:44:56:60:61:e6:e5:
         b5:90:2c:46:00:7b:df:86:a9:09:07:d6:b2:a2:29:f4:ba:ca:
         7b:80:f8:e2:3b:bf:38:0e:7c:62:90:0d:c9:58:37:cd:02:fb:
         27:85:20:18:9a:0f:6f:41:3c:6d:fa:20:09:c0:a2:86:41:7f:
         e4:51:01:cc:c5:1e:c4:29:bb:48:73:e3:af:c8:b0:a3:1c:7d:
         2a:4d:fa:e1:33:55:74:d9:28:c1:b1:3b:6a:ba:22:49:40:4d:
         78:de:54:a2:aa:02:da:44:a0:01:42:d3:8f:0a:4f:e6:27:d2:
         ca:bd:51:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJyyZ1quH6rlsITjVjrq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjJjZGY1MzI0OTA0OWQwNDkxNGIxODM3ZmMwMjdkNjk2
NGNlMDcwHhcNMjQwMTAxMjIzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQwODE1Mjc3ZWFmNmYxMzEzZGQ0OTQ2NDE4YTAzMzBjYjVmNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HowyJXBuUr3DYJYI4TdUB6uo2wu
iRMqO1ewzDFnaR4aghbG9HsDc99nkedRKGILlOWYj/0V3xilb2snzdW3Ng52q4eV
Ns3uV9rtBTbji/YuFNqECqQF2pvDzy61ZzcqvEDC8eC4KYVX9SZoRcW9koALg6Tp
FFVhlYmdxMWJ/3tnpPQt591GRteT2k92H0bm+lFZzPwA7RCmy2Zeq7HNOz6mVsAY
yTlkFofdwzzQ0Ea373mISPXl6VgdrqAm2HDgkrjsqZbs9mLCDrRv0EoVFFtJJtmr
Ul6nxNnZc1ZeQ7f7sbUklcu4dB49fEmAneKtyNZvIrtTqUmGgRnnrNGcAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVAgVJ36vbxMT3UlGQYoDMMtfZuMB8GA1UdIwQY
MBaAFBsizfUySQSdBJFLGDf8An1pZM4HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3lMTjlUSkpCSjBFa1VzWU5fd0NmV2xremdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wY2Q3Y2MtYWYwOC00MTdiLWJkNTgt
M2UxYmIxZTI5NDIyLzEvRlVDQlVuZnE5dkV4UGRTVVpCaWdNd3kxOW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wY2Q3Y2MtYWYwOC00MTdiLWJkNTgtM2UxYmIxZTI5NDIy
LzEvR3lMTjlUSkpCSjBFa1VzWU5fd0NmV2xremdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpPUMA0G
CSqGSIb3DQEBCwUAA4IBAQBMoyRX1MZ0SeRpwa6bJjRJVAa/CnZZsDZqsZYj+Jo7
ucxJlSxFHG5hukksE9V0mGvJRGG7Fh2dQuZHLNMS1t7fmQSBHsWgaD0U3d7Rcsqy
Y0nCGx11KsfoN3+hpQ6DOLZLrtFNwOruhhOv4XVp4eO3BurRN+Y384tA7MOelht6
nRf1hfbzxAsyZulEVmBh5uW1kCxGAHvfhqkJB9ayoin0usp7gPjiO784DnxikA3J
WDfNAvsnhSAYmg9vQTxt+iAJwKKGQX/kUQHMxR7EKbtIc+OvyLCjHH0qTfrhM1V0
2SjBsTtquiJJQE143lSiqgLaRKABQtOPCk/mJ9LKvVE8
-----END CERTIFICATE-----
Generated at Sun May 19 00:45:34 2024 by rpki-client on console-ams.rpki-client.org