Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/5HW0EoKcgpPITqyxtBRRad0y440.roa
File:                     5HW0EoKcgpPITqyxtBRRad0y440.roa (raw, json)
Hash identifier:          qPqX/27lGvMFAJPihoYjIUfBEZKwBMHuSo1NheQ5y3g=
Subject key identifier:   E4:75:B4:12:82:9C:82:93:C8:4E:AC:B1:B4:14:51:69:DD:32:E3:8D
Certificate issuer:       /CN=68c0f2d0776f7e1d349075881c35e9d387463405
Certificate serial:       019129359B51D40E664AAD94C0C03123D44F
Authority key identifier: 68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/5HW0EoKcgpPITqyxtBRRad0y440.roa
Signing time:             Tue 06 Aug 2024 19:41:04 +0000
ROA not before:           Tue 06 Aug 2024 19:41:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58192
IP address blocks:        194.0.234.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:29:35:9b:51:d4:0e:66:4a:ad:94:c0:c0:31:23:d4:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c0f2d0776f7e1d349075881c35e9d387463405
        Validity
            Not Before: Aug  6 19:41:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e475b412829c8293c84eacb1b4145169dd32e38d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b0:fb:5c:8f:e8:ad:ae:11:b8:1d:dd:fb:ea:
                    85:db:7c:e0:27:49:32:c6:f0:5c:10:c4:4f:50:92:
                    fe:a8:31:07:68:c5:b2:7f:71:65:0b:02:2f:90:81:
                    9f:ed:24:d6:78:34:53:06:7d:a7:87:dc:6f:82:49:
                    94:f1:7f:53:8d:f3:9b:f7:b1:4b:31:5c:25:aa:fe:
                    15:79:63:ae:25:fa:bf:c6:df:17:76:69:1b:4a:e9:
                    aa:5c:bc:fb:6a:37:ad:74:25:f7:4b:b0:e0:8a:31:
                    16:38:ce:68:22:5a:a1:1d:df:7b:92:ee:7a:a3:73:
                    40:c5:be:97:c5:55:2e:e2:75:4a:4a:da:be:a8:69:
                    96:c5:59:c8:0d:0d:0a:53:c4:7f:a8:d1:5b:63:a4:
                    27:1c:ab:db:c8:ac:55:59:7a:bf:92:ee:07:a8:85:
                    6a:b2:20:f7:6d:3f:66:28:31:ff:b0:d4:02:3c:ed:
                    d0:d5:c0:e5:b4:02:c0:8c:66:b7:81:0a:3a:6c:42:
                    ac:fa:c9:44:c2:91:fc:14:66:1b:9c:0d:e0:52:5f:
                    1a:6c:f7:69:06:5f:27:f3:b5:12:81:45:b3:4f:ec:
                    fc:6f:00:36:6b:c5:06:ca:22:77:13:66:60:b0:64:
                    62:21:b8:7f:10:7b:9d:8d:c5:e6:3e:81:49:ac:a7:
                    d6:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:75:B4:12:82:9C:82:93:C8:4E:AC:B1:B4:14:51:69:DD:32:E3:8D
            X509v3 Authority Key Identifier:
                keyid:68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/5HW0EoKcgpPITqyxtBRRad0y440.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.0.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:65:e0:35:58:99:1d:d8:e0:3d:00:d4:44:9f:80:27:01:cb:
         1e:b9:4a:d0:8d:ad:71:a2:df:51:1e:8b:68:18:00:e9:09:77:
         0d:73:da:28:f1:46:6b:6c:da:b8:e7:8a:65:a8:0a:55:2f:fb:
         6b:1a:69:f4:68:c2:fa:18:e0:2c:b1:4c:22:03:a4:95:69:00:
         45:ce:6b:c5:f7:c8:01:25:09:3f:51:0e:91:51:0f:20:8c:7d:
         f8:97:d1:29:bf:15:4d:32:b8:09:e8:32:a3:91:c0:03:3f:c7:
         f2:39:e2:9e:1d:bc:78:99:cf:99:8c:b7:8f:87:fc:87:e1:61:
         6a:aa:ed:2e:d7:25:55:9d:65:18:29:a5:99:ff:a3:91:12:b9:
         6e:45:c5:d1:c1:78:fd:b0:75:d5:eb:0b:76:38:d7:ed:dc:42:
         10:62:c9:fc:00:3e:c4:47:12:24:13:a2:12:8d:08:a3:a1:d9:
         28:d0:b7:1a:7a:5a:2b:1d:24:18:27:cc:f2:c8:ae:f9:a9:4b:
         1a:aa:54:95:b5:0f:fe:b0:c0:f8:19:8a:df:40:1a:fb:5d:5d:
         e7:e8:8e:af:42:96:a3:f3:84:4e:ed:4d:82:5b:b7:0b:6c:88:
         99:2a:59:92:2e:d0:bd:d2:f9:fd:fb:3f:9c:9c:5a:1b:77:73:
         fe:6f:07:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEpNZtR1A5mSq2UwMAxI9RPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzBmMmQwNzc2ZjdlMWQzNDkwNzU4ODFjMzVlOWQzODc0
NjM0MDUwHhcNMjQwODA2MTk0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc1YjQxMjgyOWM4MjkzYzg0ZWFjYjFiNDE0NTE2OWRkMzJlMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLD7XI/ora4RuB3d++qF23zgJ0ky
xvBcEMRPUJL+qDEHaMWyf3FlCwIvkIGf7STWeDRTBn2nh9xvgkmU8X9TjfOb97FL
MVwlqv4VeWOuJfq/xt8XdmkbSumqXLz7ajetdCX3S7DgijEWOM5oIlqhHd97ku56
o3NAxb6XxVUu4nVKStq+qGmWxVnIDQ0KU8R/qNFbY6QnHKvbyKxVWXq/ku4HqIVq
siD3bT9mKDH/sNQCPO3Q1cDltALAjGa3gQo6bEKs+slEwpH8FGYbnA3gUl8abPdp
Bl8n87USgUWzT+z8bwA2a8UGyiJ3E2ZgsGRiIbh/EHudjcXmPoFJrKfW7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOR1tBKCnIKTyE6ssbQUUWndMuONMB8GA1UdIwQY
MBaAFGjA8tB3b34dNJB1iBw16dOHRjQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgt
ZjlkOWMwM2Q0YjRjLzEvNUhXMEVvS2NncFBJVHF5eHRCUlJhZDB5NDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgtZjlkOWMwM2Q0YjRj
LzEvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDqMA0G
CSqGSIb3DQEBCwUAA4IBAQBRZeA1WJkd2OA9ANREn4AnAcseuUrQja1xot9RHoto
GADpCXcNc9oo8UZrbNq454plqApVL/trGmn0aML6GOAssUwiA6SVaQBFzmvF98gB
JQk/UQ6RUQ8gjH34l9EpvxVNMrgJ6DKjkcADP8fyOeKeHbx4mc+ZjLePh/yH4WFq
qu0u1yVVnWUYKaWZ/6ORErluRcXRwXj9sHXV6wt2ONft3EIQYsn8AD7ERxIkE6IS
jQijodko0LcaelorHSQYJ8zyyK75qUsaqlSVtQ/+sMD4GYrfQBr7XV3n6I6vQpaj
84RO7U2CW7cLbIiZKlmSLtC90vn9+z+cnFobd3P+bwf5
-----END CERTIFICATE-----
Generated at Tue Nov 26 12:33:36 2024 by rpki-client on console-ams.rpki-client.org