Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/g5LlRSU4E8S6azZAt5UAVrzGFRU.roa
File:                     g5LlRSU4E8S6azZAt5UAVrzGFRU.roa (raw, json)
Hash identifier:          s3jwD32liOIdpFA0scK8Acf7QDqHXacwx/485jUjbGU=
Subject key identifier:   83:92:E5:45:25:38:13:C4:BA:6B:36:40:B7:95:00:56:BC:C6:15:15
Certificate issuer:       /CN=9c3cfcde13b660b5c831dafbe1bfbf68df9fbe39
Certificate serial:       019105306A681827653EC5E74A158E807083
Authority key identifier: 9C:3C:FC:DE:13:B6:60:B5:C8:31:DA:FB:E1:BF:BF:68:DF:9F:BE:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nDz83hO2YLXIMdr74b-_aN-fvjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/g5LlRSU4E8S6azZAt5UAVrzGFRU.roa
Signing time:             Tue 30 Jul 2024 19:49:04 +0000
ROA not before:           Tue 30 Jul 2024 19:49:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212508
IP address blocks:        176.97.212.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/nDz83hO2YLXIMdr74b-_aN-fvjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/nDz83hO2YLXIMdr74b-_aN-fvjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nDz83hO2YLXIMdr74b-_aN-fvjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:05:30:6a:68:18:27:65:3e:c5:e7:4a:15:8e:80:70:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3cfcde13b660b5c831dafbe1bfbf68df9fbe39
        Validity
            Not Before: Jul 30 19:49:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8392e545253813c4ba6b3640b7950056bcc61515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:46:c5:71:a3:55:8d:42:d8:bd:8d:6c:aa:53:
                    fe:4a:d2:b0:9c:24:e4:24:6a:1f:cc:cf:14:48:90:
                    37:ec:46:04:33:bf:df:94:9f:06:9b:e3:2d:df:cc:
                    d2:23:99:77:94:64:7c:bf:b8:32:b7:d8:1e:cf:0f:
                    24:05:11:06:af:71:bc:8a:05:22:7b:cb:76:ed:bf:
                    58:3a:7c:cd:86:82:64:27:1e:df:12:9a:22:10:24:
                    7f:ad:f3:ef:63:b6:8f:aa:96:fa:44:c5:03:4d:52:
                    c0:02:7a:38:5c:b1:3d:61:05:cd:be:bb:de:e4:7b:
                    f2:a2:76:bf:98:06:0a:b2:d8:2d:e9:6f:ee:2b:41:
                    90:2e:fb:c0:14:be:b1:a9:71:7e:eb:13:8a:58:b7:
                    2a:8b:ae:ca:21:44:b5:4f:9a:48:9a:a3:d4:3c:30:
                    c9:03:15:92:6e:4a:bd:a0:ce:c1:a1:11:09:52:88:
                    fe:61:c0:71:e4:7c:47:95:2e:b8:c1:2c:95:33:04:
                    e6:db:0e:39:2d:f1:d5:76:bc:5e:62:87:33:b7:13:
                    94:48:19:e7:f1:fe:35:32:eb:7b:06:18:ba:dd:df:
                    2d:11:25:4d:1b:bd:02:85:05:de:14:e1:54:d0:4b:
                    10:ca:d6:8d:52:b0:b1:cd:f9:75:fe:f4:18:35:51:
                    6d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:92:E5:45:25:38:13:C4:BA:6B:36:40:B7:95:00:56:BC:C6:15:15
            X509v3 Authority Key Identifier:
                keyid:9C:3C:FC:DE:13:B6:60:B5:C8:31:DA:FB:E1:BF:BF:68:DF:9F:BE:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDz83hO2YLXIMdr74b-_aN-fvjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/g5LlRSU4E8S6azZAt5UAVrzGFRU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3c034f-c243-4a88-9070-6879cc26d7b6/1/nDz83hO2YLXIMdr74b-_aN-fvjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:b4:0e:e2:e7:d6:14:be:2c:0f:b1:e4:c4:6c:00:de:b4:34:
         48:b4:0f:dc:56:39:05:d5:aa:90:62:40:12:90:98:16:9d:66:
         bd:d7:3e:29:75:e6:6d:2a:25:24:c2:cd:18:59:8a:c1:16:01:
         15:04:94:25:ec:95:16:d7:f9:74:4a:8f:72:82:fe:90:a4:26:
         8a:18:70:28:43:63:e5:32:df:a4:32:64:57:8d:60:d3:9c:10:
         70:be:af:05:ca:f6:77:3e:54:d6:06:62:e5:f3:ba:d6:24:5c:
         f6:a8:a7:0a:1f:c5:58:ae:87:23:61:7d:77:b3:3f:2d:dc:08:
         b6:61:02:34:04:fa:ee:3c:ba:be:b4:59:9f:88:cb:82:27:8b:
         ac:73:59:94:47:7e:75:30:35:9d:b1:c4:6a:7e:a2:cd:ff:74:
         2b:1c:d3:65:b1:10:b1:f9:71:11:6b:0e:85:ca:16:0f:bc:e2:
         ec:5f:e5:c4:ec:40:28:4e:7a:5d:01:af:97:e0:1f:55:45:46:
         84:23:d2:22:c1:23:22:aa:d1:e8:c3:3e:da:1b:a1:20:61:37:
         a3:b0:16:71:92:73:d1:c0:12:85:29:72:bf:37:63:4e:85:47:
         05:93:35:ec:ec:75:e5:e3:08:ac:0f:70:d2:98:35:67:28:90:
         59:0c:5a:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEFMGpoGCdlPsXnShWOgHCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2NmY2RlMTNiNjYwYjVjODMxZGFmYmUxYmZiZjY4ZGY5
ZmJlMzkwHhcNMjQwNzMwMTk0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzkyZTU0NTI1MzgxM2M0YmE2YjM2NDBiNzk1MDA1NmJjYzYxNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEbFcaNVjULYvY1sqlP+StKwnCTk
JGofzM8USJA37EYEM7/flJ8Gm+Mt38zSI5l3lGR8v7gyt9gezw8kBREGr3G8igUi
e8t27b9YOnzNhoJkJx7fEpoiECR/rfPvY7aPqpb6RMUDTVLAAno4XLE9YQXNvrve
5Hvyona/mAYKstgt6W/uK0GQLvvAFL6xqXF+6xOKWLcqi67KIUS1T5pImqPUPDDJ
AxWSbkq9oM7BoREJUoj+YcBx5HxHlS64wSyVMwTm2w45LfHVdrxeYocztxOUSBnn
8f41Mut7Bhi63d8tESVNG70ChQXeFOFU0EsQytaNUrCxzfl1/vQYNVFt6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOS5UUlOBPEums2QLeVAFa8xhUVMB8GA1UdIwQY
MBaAFJw8/N4TtmC1yDHa++G/v2jfn745MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkR6ODNoTzJZTFhJTWRyNzRiLV9hTi1mdmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zYzAzNGYtYzI0My00YTg4LTkwNzAt
Njg3OWNjMjZkN2I2LzEvZzVMbFJTVTRFOFM2YXpaQXQ1VUFWcnpHRlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zYzAzNGYtYzI0My00YTg4LTkwNzAtNjg3OWNjMjZkN2I2
LzEvbkR6ODNoTzJZTFhJTWRyNzRiLV9hTi1mdmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHUMA0G
CSqGSIb3DQEBCwUAA4IBAQCktA7i59YUviwPseTEbADetDRItA/cVjkF1aqQYkAS
kJgWnWa91z4pdeZtKiUkws0YWYrBFgEVBJQl7JUW1/l0So9ygv6QpCaKGHAoQ2Pl
Mt+kMmRXjWDTnBBwvq8FyvZ3PlTWBmLl87rWJFz2qKcKH8VYrocjYX13sz8t3Ai2
YQI0BPruPLq+tFmfiMuCJ4usc1mUR351MDWdscRqfqLN/3QrHNNlsRCx+XERaw6F
yhYPvOLsX+XE7EAoTnpdAa+X4B9VRUaEI9IiwSMiqtHowz7aG6EgYTejsBZxknPR
wBKFKXK/N2NOhUcFkzXs7HXl4wisD3DSmDVnKJBZDFrF
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:54 2024 by rpki-client on console-fra.rpki-client.org