Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/f_yS8wyTnF4H0u7JPqgHYHP7oRk.roa
File:                     f_yS8wyTnF4H0u7JPqgHYHP7oRk.roa (raw, json)
Hash identifier:          rIhYSNZ7XxoVo+X7LocGmxHXasQDo9UnOT0yZ3VswpM=
Subject key identifier:   7F:FC:92:F3:0C:93:9C:5E:07:D2:EE:C9:3E:A8:07:60:73:FB:A1:19
Certificate issuer:       /CN=7c5dbb0b9e3538185f3e6d6e3c7da2f8922c8ce0
Certificate serial:       018CEDABAEA63BB0B21CCE99516A0F1CE02E
Authority key identifier: 7C:5D:BB:0B:9E:35:38:18:5F:3E:6D:6E:3C:7D:A2:F8:92:2C:8C:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fF27C541OBhfPm1uPH2i-JIsjOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/f_yS8wyTnF4H0u7JPqgHYHP7oRk.roa
Signing time:             Tue 09 Jan 2024 10:01:40 +0000
ROA not before:           Tue 09 Jan 2024 10:01:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12703
IP address blocks:        185.71.184.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/fF27C541OBhfPm1uPH2i-JIsjOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/fF27C541OBhfPm1uPH2i-JIsjOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fF27C541OBhfPm1uPH2i-JIsjOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 09 Jun 2024 04:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ed:ab:ae:a6:3b:b0:b2:1c:ce:99:51:6a:0f:1c:e0:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c5dbb0b9e3538185f3e6d6e3c7da2f8922c8ce0
        Validity
            Not Before: Jan  9 10:01:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7ffc92f30c939c5e07d2eec93ea8076073fba119
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ca:5f:fa:f5:48:b0:e6:d0:b5:c6:83:61:0e:
                    89:66:c2:0f:8a:49:4e:82:51:6b:65:0b:e7:75:de:
                    25:01:9c:8b:6c:79:53:87:3d:2c:d8:bb:6d:fc:b0:
                    8d:97:3e:d7:b1:82:84:9e:c9:ef:4a:ea:91:fe:51:
                    7f:2d:11:23:27:46:7a:94:7c:d6:5c:45:df:ae:26:
                    09:a1:c0:76:47:07:3e:9f:8f:bd:be:88:50:67:3f:
                    4f:17:21:5e:ea:07:06:49:d3:16:f6:aa:67:80:cb:
                    7f:ac:eb:61:83:8e:98:0b:2d:c2:1f:a9:9f:6e:33:
                    4b:9a:f3:c3:0a:06:29:90:7d:cc:ed:56:a9:6e:d4:
                    26:3f:cc:be:28:b7:ff:9b:fb:85:5e:b8:fc:5d:0e:
                    e7:b1:79:13:66:82:a3:3a:93:b7:66:78:05:66:bf:
                    0b:a9:ba:b1:be:b7:b3:aa:67:00:2d:bd:81:c9:d7:
                    c6:72:35:fd:d2:60:cd:3b:e5:ab:77:4c:95:9f:1c:
                    03:01:e0:8f:b3:8d:fd:53:74:e8:13:50:24:26:bb:
                    50:dc:af:18:4a:39:2f:fe:cf:f2:60:fb:6c:6e:e5:
                    ac:58:e6:8b:23:da:38:84:a5:34:34:b3:ad:16:8c:
                    46:f2:94:89:31:2f:0e:25:ea:20:96:00:06:5e:66:
                    19:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:FC:92:F3:0C:93:9C:5E:07:D2:EE:C9:3E:A8:07:60:73:FB:A1:19
            X509v3 Authority Key Identifier:
                keyid:7C:5D:BB:0B:9E:35:38:18:5F:3E:6D:6E:3C:7D:A2:F8:92:2C:8C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fF27C541OBhfPm1uPH2i-JIsjOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/f_yS8wyTnF4H0u7JPqgHYHP7oRk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e8120c-7451-45ae-89b0-75f6e529186f/1/fF27C541OBhfPm1uPH2i-JIsjOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:57:93:c4:81:97:35:d1:4e:c8:ab:f1:fd:eb:98:b8:33:10:
         ab:22:ec:fb:15:d3:a0:8d:ca:91:54:a2:9f:68:54:95:88:83:
         1b:8b:b8:0c:fb:1a:56:61:25:dd:94:e2:57:d1:4d:c2:9a:58:
         a7:39:0f:0d:37:10:b3:74:4d:78:b4:74:44:8a:68:23:51:7a:
         3a:3d:65:2e:41:6c:f3:a1:d2:be:d0:27:01:1e:e6:99:e1:74:
         39:48:68:6b:0a:e2:49:c2:b4:9f:0a:20:62:18:3a:3b:49:7b:
         8a:61:b7:3c:ca:ee:73:5d:90:c7:b0:42:66:9e:33:66:d7:d7:
         f2:46:91:dd:20:0a:70:a0:b9:18:c9:90:0c:66:ba:a3:8f:51:
         84:d0:81:81:8f:70:ca:aa:78:4d:94:77:be:c8:d3:7b:2e:3c:
         db:b7:9d:81:64:e2:e6:80:c3:0d:b1:9e:52:10:45:2b:bf:d4:
         9c:fd:f1:01:fd:15:ab:83:ac:5e:08:99:6c:6b:3f:20:e2:c2:
         58:fa:f3:41:00:7a:a0:c7:0d:d5:fb:ba:5d:68:bd:09:08:80:
         c4:d9:40:d1:e0:53:b6:40:a6:72:ce:33:c6:d6:17:81:c0:40:
         10:2d:5f:9b:df:d0:e0:0f:dc:85:de:aa:66:bb:74:a2:ec:d4:
         c3:0f:3d:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYztq66mO7CyHM6ZUWoPHOAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNWRiYjBiOWUzNTM4MTg1ZjNlNmQ2ZTNjN2RhMmY4OTIy
YzhjZTAwHhcNMjQwMTA5MTAwMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmZjOTJmMzBjOTM5YzVlMDdkMmVlYzkzZWE4MDc2MDczZmJhMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsspf+vVIsObQtcaDYQ6JZsIPiklO
glFrZQvndd4lAZyLbHlThz0s2Ltt/LCNlz7XsYKEnsnvSuqR/lF/LREjJ0Z6lHzW
XEXfriYJocB2Rwc+n4+9vohQZz9PFyFe6gcGSdMW9qpngMt/rOthg46YCy3CH6mf
bjNLmvPDCgYpkH3M7VapbtQmP8y+KLf/m/uFXrj8XQ7nsXkTZoKjOpO3ZngFZr8L
qbqxvrezqmcALb2BydfGcjX90mDNO+Wrd0yVnxwDAeCPs439U3ToE1AkJrtQ3K8Y
Sjkv/s/yYPtsbuWsWOaLI9o4hKU0NLOtFoxG8pSJMS8OJeoglgAGXmYZeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/8kvMMk5xeB9LuyT6oB2Bz+6EZMB8GA1UdIwQY
MBaAFHxduwueNTgYXz5tbjx9oviSLIzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkYyN0M1NDFPQmhmUG0xdVBIMmktSklzak9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lODEyMGMtNzQ1MS00NWFlLTg5YjAt
NzVmNmU1MjkxODZmLzEvZl95Uzh3eVRuRjRIMHU3SlBxZ0hZSFA3b1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lODEyMGMtNzQ1MS00NWFlLTg5YjAtNzVmNmU1MjkxODZm
LzEvZkYyN0M1NDFPQmhmUG0xdVBIMmktSklzak9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUe4MA0G
CSqGSIb3DQEBCwUAA4IBAQCRV5PEgZc10U7Iq/H965i4MxCrIuz7FdOgjcqRVKKf
aFSViIMbi7gM+xpWYSXdlOJX0U3CmlinOQ8NNxCzdE14tHREimgjUXo6PWUuQWzz
odK+0CcBHuaZ4XQ5SGhrCuJJwrSfCiBiGDo7SXuKYbc8yu5zXZDHsEJmnjNm19fy
RpHdIApwoLkYyZAMZrqjj1GE0IGBj3DKqnhNlHe+yNN7Ljzbt52BZOLmgMMNsZ5S
EEUrv9Sc/fEB/RWrg6xeCJlsaz8g4sJY+vNBAHqgxw3V+7pdaL0JCIDE2UDR4FO2
QKZyzjPG1heBwEAQLV+b39DgD9yF3qpmu3Si7NTDDz1X
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:38:44 2024 by rpki-client on console-ams.rpki-client.org