Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/FVpDEuxju6KasLhBFmztWVmDGgA.roa
File:                     FVpDEuxju6KasLhBFmztWVmDGgA.roa (raw, json)
Hash identifier:          xWfYpJPB3rgzGAi9nhdJp2rD0VRVgFjOnoZJC7aYnss=
Subject key identifier:   15:5A:43:12:EC:63:BB:A2:9A:B0:B8:41:16:6C:ED:59:59:83:1A:00
Certificate issuer:       /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial:       018CC4254B763D535048C2D450A67DA59631
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/FVpDEuxju6KasLhBFmztWVmDGgA.roa
Signing time:             Mon 01 Jan 2024 08:30:27 +0000
ROA not before:           Mon 01 Jan 2024 08:30:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201091
IP address blocks:        217.11.134.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 05:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:25:4b:76:3d:53:50:48:c2:d4:50:a6:7d:a5:96:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
        Validity
            Not Before: Jan  1 08:30:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=155a4312ec63bba29ab0b841166ced5959831a00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8e:7c:68:0e:9e:27:89:78:6a:2c:0e:12:3d:
                    b0:91:d5:0a:7c:4e:b1:fe:21:cd:b1:77:9d:b7:90:
                    1d:59:fb:9b:b1:e7:bc:a8:3a:6c:bc:58:c2:7e:8b:
                    7a:41:05:5b:fb:4f:13:5d:3d:d4:0b:63:fc:8e:55:
                    5c:0e:53:05:57:26:8c:f5:0e:07:13:6d:54:61:f6:
                    82:62:cf:c8:9b:f2:be:1a:cd:d8:25:4a:1a:ee:0c:
                    c2:f1:f9:94:d6:09:d4:59:81:e7:c4:e4:7d:aa:ef:
                    90:ca:49:7e:7f:88:bb:a3:eb:98:83:73:b8:de:66:
                    df:db:b7:32:20:04:9d:de:32:5c:37:22:1e:22:76:
                    eb:34:05:80:47:eb:cc:bc:38:e0:66:26:9a:96:a8:
                    22:8f:2c:ab:31:00:f6:bf:db:a9:be:6b:89:74:f6:
                    60:d5:1a:fe:2e:73:d4:7b:9c:ac:fa:75:8a:a0:67:
                    df:50:1b:6a:c8:84:0f:82:f5:c3:e1:49:e1:ca:e6:
                    08:98:02:95:a0:8c:69:cb:fe:cd:8f:dd:d9:3f:09:
                    d5:9b:8c:1d:23:f5:cb:f3:e7:a5:2b:9a:77:d0:b4:
                    2f:49:ca:38:0a:ac:a5:83:78:f0:d0:a8:90:a2:93:
                    00:91:9e:b0:ad:09:e3:94:a8:67:f4:f4:69:8c:0e:
                    05:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:5A:43:12:EC:63:BB:A2:9A:B0:B8:41:16:6C:ED:59:59:83:1A:00
            X509v3 Authority Key Identifier:
                keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/FVpDEuxju6KasLhBFmztWVmDGgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.11.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:17:00:a3:b5:35:5d:9b:f4:22:7e:48:99:7f:a7:7a:e2:f8:
         6c:96:70:dc:88:74:69:55:5c:eb:4e:b7:f2:69:a5:aa:94:d1:
         ca:37:2f:4e:e0:99:f9:97:04:3d:ab:d4:7a:38:6b:5e:78:a0:
         8d:46:12:b7:82:24:34:86:a5:83:31:bb:39:c6:42:69:2a:04:
         56:23:6b:1b:c7:14:fe:d2:84:e3:dd:81:0b:0e:2a:fc:fd:93:
         98:98:06:30:be:13:10:f1:15:f9:36:74:c5:25:3c:d1:4c:5f:
         9f:b4:91:60:5e:fd:c0:7a:2c:21:ff:cc:93:ca:f5:ae:ad:89:
         0b:7d:b0:f6:89:37:d6:e8:bd:35:63:4e:5f:33:8a:b6:39:5b:
         f8:15:1d:6b:63:d2:cf:89:27:ee:31:8d:ec:73:9e:86:63:e3:
         b7:ce:81:0f:04:71:6d:e2:9e:8e:01:01:36:24:2c:47:65:61:
         0b:d5:37:23:49:bf:e8:eb:b7:a7:68:8c:3f:ba:06:de:a6:d9:
         8a:3f:14:81:3d:33:dc:99:8b:62:9c:2a:35:01:4d:95:7d:8c:
         49:af:40:57:d9:1a:9d:34:9f:26:c7:9c:b7:d0:b4:78:77:cc:
         01:3f:76:e7:a9:e3:58:e2:b7:ad:a0:d2:ac:90:89:2a:63:d7:
         db:a0:b4:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJUt2PVNQSMLUUKZ9pZYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTVhNDMxMmVjNjNiYmEyOWFiMGI4NDExNjZjZWQ1OTU5ODMxYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo58aA6eJ4l4aiwOEj2wkdUKfE6x
/iHNsXedt5AdWfubsee8qDpsvFjCfot6QQVb+08TXT3UC2P8jlVcDlMFVyaM9Q4H
E21UYfaCYs/Im/K+Gs3YJUoa7gzC8fmU1gnUWYHnxOR9qu+Qykl+f4i7o+uYg3O4
3mbf27cyIASd3jJcNyIeInbrNAWAR+vMvDjgZiaalqgijyyrMQD2v9upvmuJdPZg
1Rr+LnPUe5ys+nWKoGffUBtqyIQPgvXD4UnhyuYImAKVoIxpy/7Nj93ZPwnVm4wd
I/XL8+elK5p30LQvSco4Cqylg3jw0KiQopMAkZ6wrQnjlKhn9PRpjA4F/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVaQxLsY7uimrC4QRZs7VlZgxoAMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvRlZwREV1eGp1Nkthc0xoQkZtenRXVm1ER2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QuGMA0G
CSqGSIb3DQEBCwUAA4IBAQBWFwCjtTVdm/QifkiZf6d64vhslnDciHRpVVzrTrfy
aaWqlNHKNy9O4Jn5lwQ9q9R6OGteeKCNRhK3giQ0hqWDMbs5xkJpKgRWI2sbxxT+
0oTj3YELDir8/ZOYmAYwvhMQ8RX5NnTFJTzRTF+ftJFgXv3Aeiwh/8yTyvWurYkL
fbD2iTfW6L01Y05fM4q2OVv4FR1rY9LPiSfuMY3sc56GY+O3zoEPBHFt4p6OAQE2
JCxHZWEL1TcjSb/o67enaIw/ugbeptmKPxSBPTPcmYtinCo1AU2VfYxJr0BX2Rqd
NJ8mx5y30LR4d8wBP3bnqeNY4retoNKskIkqY9fboLQM
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:13:13 2024 by rpki-client on console-fra.rpki-client.org