Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/B0FGg804ellbBK0luHmJHMcIeCM.roa
File:                     B0FGg804ellbBK0luHmJHMcIeCM.roa (raw, json)
Hash identifier:          RjQNBPXgb5cNzcikLy0Dd2pQhxT1Q4r6SjAoj2xFFcs=
Subject key identifier:   07:41:46:83:CD:38:7A:59:5B:04:AD:25:B8:79:89:1C:C7:08:78:23
Certificate issuer:       /CN=405d645741215677b7748d1fdefd416207adb12d
Certificate serial:       018CC56E40FAD87CD2947E6B44713690D8D7
Authority key identifier: 40:5D:64:57:41:21:56:77:B7:74:8D:1F:DE:FD:41:62:07:AD:B1:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QF1kV0EhVne3dI0f3v1BYgetsS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/B0FGg804ellbBK0luHmJHMcIeCM.roa
Signing time:             Mon 01 Jan 2024 14:29:46 +0000
ROA not before:           Mon 01 Jan 2024 14:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15576
IP address blocks:        193.8.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/QF1kV0EhVne3dI0f3v1BYgetsS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/QF1kV0EhVne3dI0f3v1BYgetsS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QF1kV0EhVne3dI0f3v1BYgetsS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 11:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:40:fa:d8:7c:d2:94:7e:6b:44:71:36:90:d8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=405d645741215677b7748d1fdefd416207adb12d
        Validity
            Not Before: Jan  1 14:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=07414683cd387a595b04ad25b879891cc7087823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7f:88:f9:a3:1e:15:67:af:c9:ff:b8:5d:42:
                    fe:92:2c:98:a3:6f:40:ee:80:c7:aa:9b:50:7b:91:
                    26:86:9b:c3:96:da:f5:b8:74:f1:fd:87:0b:5b:21:
                    82:18:1a:af:aa:d6:45:73:23:dd:d2:e5:a9:23:2e:
                    f8:9d:46:01:7d:6d:d6:c7:cb:80:37:1f:1c:83:0b:
                    61:e8:7e:d2:7b:2b:bf:10:fd:01:d2:f6:3c:b1:26:
                    14:6f:ed:9f:28:31:96:1d:ba:ff:91:d9:97:cd:bb:
                    92:ff:31:66:bc:91:86:04:f2:81:2d:e0:9c:5b:e6:
                    df:e2:c2:c0:9f:c0:a6:22:28:68:b4:ae:8b:da:7a:
                    eb:7d:fc:00:2a:4b:0f:08:8f:d8:fa:e6:75:f0:e4:
                    34:f4:21:00:8e:bd:60:fb:ca:59:c4:2a:79:db:7b:
                    f4:7a:20:ec:97:f2:dd:c8:86:fe:4b:09:17:44:67:
                    17:42:4c:98:a1:e8:be:ae:23:8b:67:80:e5:47:85:
                    dd:73:b3:a9:dc:c8:2b:6e:0e:d2:4a:c4:d5:6e:95:
                    b0:7e:30:3c:0d:ba:20:11:c3:33:05:bc:b9:b4:91:
                    ce:62:02:84:aa:44:43:da:33:48:72:47:4e:df:99:
                    50:d4:26:f0:77:28:4f:39:15:67:fe:d9:c2:d9:fc:
                    dc:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:41:46:83:CD:38:7A:59:5B:04:AD:25:B8:79:89:1C:C7:08:78:23
            X509v3 Authority Key Identifier:
                keyid:40:5D:64:57:41:21:56:77:B7:74:8D:1F:DE:FD:41:62:07:AD:B1:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QF1kV0EhVne3dI0f3v1BYgetsS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/B0FGg804ellbBK0luHmJHMcIeCM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/43d830-9811-4599-8349-440dd012b141/1/QF1kV0EhVne3dI0f3v1BYgetsS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.8.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:f4:50:25:36:f6:47:55:2c:7f:74:61:91:5c:17:88:e4:72:
         b4:3e:e4:a6:d0:4e:43:72:3e:66:e7:bf:a4:3c:b5:68:61:66:
         59:71:10:74:0c:9d:ae:82:fd:e7:b5:ef:75:f2:ae:f3:b5:2d:
         20:3c:18:03:8c:bb:be:57:6d:25:9f:6e:55:9b:80:4f:89:28:
         8b:46:3c:c0:18:16:ac:b9:4c:02:5a:d4:09:84:b7:ed:b6:b3:
         9a:44:25:e2:87:d3:28:a0:eb:f0:10:4d:db:e2:f7:a0:8b:c2:
         f1:7c:4b:e3:57:df:b0:33:f4:2e:2d:3e:8e:78:ad:68:e2:16:
         22:4a:b0:52:a1:7f:d0:17:17:fc:31:d8:38:8b:71:03:b8:fa:
         d4:3b:c9:3f:dc:bd:90:05:ea:05:a3:9d:fe:d2:c7:b8:97:94:
         03:95:98:dc:d6:93:10:c0:cf:74:ee:bd:c7:16:a2:c3:68:d3:
         a1:37:d5:81:45:d5:37:2d:72:d7:55:07:ec:9c:3f:58:f9:4b:
         87:3e:2d:0f:32:c2:21:59:3a:02:ae:56:b0:e2:1c:e4:68:cc:
         0c:83:5b:5b:a8:07:ba:2e:51:16:31:f5:43:c7:53:16:04:82:
         e9:4a:cb:50:8e:1e:7f:1c:d6:21:22:22:9e:51:40:a6:45:58:
         53:7f:ed:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbkD62HzSlH5rRHE2kNjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNWQ2NDU3NDEyMTU2NzdiNzc0OGQxZmRlZmQ0MTYyMDdh
ZGIxMmQwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQxNDY4M2NkMzg3YTU5NWIwNGFkMjViODc5ODkxY2M3MDg3ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3X+I+aMeFWevyf+4XUL+kiyYo29A
7oDHqptQe5EmhpvDltr1uHTx/YcLWyGCGBqvqtZFcyPd0uWpIy74nUYBfW3Wx8uA
Nx8cgwth6H7Seyu/EP0B0vY8sSYUb+2fKDGWHbr/kdmXzbuS/zFmvJGGBPKBLeCc
W+bf4sLAn8CmIihotK6L2nrrffwAKksPCI/Y+uZ18OQ09CEAjr1g+8pZxCp523v0
eiDsl/LdyIb+SwkXRGcXQkyYoei+riOLZ4DlR4Xdc7Op3Mgrbg7SSsTVbpWwfjA8
DbogEcMzBby5tJHOYgKEqkRD2jNIckdO35lQ1CbwdyhPORVn/tnC2fzc4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdBRoPNOHpZWwStJbh5iRzHCHgjMB8GA1UdIwQY
MBaAFEBdZFdBIVZ3t3SNH979QWIHrbEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUYxa1YwRWhWbmUzZEkwZjN2MUJZZ2V0c1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni80M2Q4MzAtOTgxMS00NTk5LTgzNDkt
NDQwZGQwMTJiMTQxLzEvQjBGR2c4MDRlbGxiQkswbHVIbUpITWNJZUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni80M2Q4MzAtOTgxMS00NTk5LTgzNDktNDQwZGQwMTJiMTQx
LzEvUUYxa1YwRWhWbmUzZEkwZjN2MUJZZ2V0c1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQhNMA0G
CSqGSIb3DQEBCwUAA4IBAQBU9FAlNvZHVSx/dGGRXBeI5HK0PuSm0E5Dcj5m57+k
PLVoYWZZcRB0DJ2ugv3nte918q7ztS0gPBgDjLu+V20ln25Vm4BPiSiLRjzAGBas
uUwCWtQJhLfttrOaRCXih9MooOvwEE3b4vegi8LxfEvjV9+wM/QuLT6OeK1o4hYi
SrBSoX/QFxf8Mdg4i3EDuPrUO8k/3L2QBeoFo53+0se4l5QDlZjc1pMQwM907r3H
FqLDaNOhN9WBRdU3LXLXVQfsnD9Y+UuHPi0PMsIhWToCrlaw4hzkaMwMg1tbqAe6
LlEWMfVDx1MWBILpSstQjh5/HNYhIiKeUUCmRVhTf+0D
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:45:48 2024 by rpki-client on console-ams.rpki-client.org