Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/fwvmfmmBZl32sbizLzdplJj0JK4.roa
File:                     fwvmfmmBZl32sbizLzdplJj0JK4.roa (raw, json)
Hash identifier:          DUC9ddIbU6/XI8Jf++L7YHsOMlwxgPRnihG0K6ILIes=
Subject key identifier:   7F:0B:E6:7E:69:81:66:5D:F6:B1:B8:B3:2F:37:69:94:98:F4:24:AE
Certificate issuer:       /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial:       018CC348AA7576E738BA496DF9B271C060C6
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/fwvmfmmBZl32sbizLzdplJj0JK4.roa
Signing time:             Mon 01 Jan 2024 04:29:28 +0000
ROA not before:           Mon 01 Jan 2024 04:29:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60881
IP address blocks:        193.140.127.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:aa:75:76:e7:38:ba:49:6d:f9:b2:71:c0:60:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
        Validity
            Not Before: Jan  1 04:29:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7f0be67e6981665df6b1b8b32f37699498f424ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a0:a3:c9:8b:cd:26:3d:0c:54:de:6d:a8:e0:
                    a9:27:1d:3e:ff:ef:f5:7c:ef:41:97:42:1a:5b:d2:
                    85:ae:05:0f:59:db:06:dc:28:9b:ec:54:2a:78:8b:
                    55:8b:20:71:91:42:1c:70:9f:29:27:1b:95:fa:7e:
                    b0:c5:2e:10:17:68:7d:d0:11:9b:1e:76:cf:28:76:
                    4c:62:cf:5d:a1:ae:35:47:bd:16:28:e2:2f:14:22:
                    a3:4d:34:91:c6:17:e8:1d:34:78:ab:05:d2:4e:56:
                    c0:2e:65:c7:5f:f5:9e:d8:2e:3f:3b:7f:7b:7b:62:
                    9a:e6:a2:24:e5:21:ac:9b:3c:a3:64:ef:ce:5f:3a:
                    ea:08:9c:39:c2:2f:88:85:cb:a9:58:b3:95:4d:4b:
                    1a:2e:8c:fe:be:5f:b1:b5:3e:42:fe:0b:5d:eb:3c:
                    2a:fd:0d:0f:62:cc:e8:35:52:3b:fe:fa:1c:30:01:
                    37:09:da:0c:6b:df:c7:49:f4:50:c9:73:f3:70:0c:
                    09:d7:d0:64:fa:ee:b4:8f:a5:4a:6b:d2:e6:b4:6d:
                    06:e4:3e:a2:2f:00:d5:9a:f4:1d:94:46:8b:7f:2b:
                    df:53:71:e1:c3:d0:82:87:f9:b0:0e:5a:a1:83:d7:
                    06:2f:4b:39:30:6e:71:5d:6d:bf:93:d5:cc:f0:54:
                    9b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:0B:E6:7E:69:81:66:5D:F6:B1:B8:B3:2F:37:69:94:98:F4:24:AE
            X509v3 Authority Key Identifier:
                keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/fwvmfmmBZl32sbizLzdplJj0JK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.140.127.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:00:88:7a:57:ff:9e:d8:83:1b:d4:07:87:02:c1:d6:64:d7:
         c9:4c:4b:08:a7:f0:c8:be:db:cc:c0:9a:03:8f:29:fd:6f:dc:
         e8:37:08:b0:83:7b:36:0e:5b:a0:dc:70:63:2e:f7:46:53:e4:
         e8:69:21:c9:a1:0e:a3:bd:14:b4:9c:7d:6b:db:57:96:5b:25:
         7f:e9:a4:7c:fc:1c:f8:3a:f0:40:73:53:da:c5:9a:69:9d:66:
         44:21:37:0a:5c:c5:86:5e:ac:38:e3:e1:30:e1:a7:60:6c:7d:
         e7:f7:11:93:3a:ad:39:7f:f7:6c:be:7c:e8:52:5e:f9:82:aa:
         fd:99:08:8e:5d:7a:08:f6:e8:a3:f7:86:f4:13:46:cb:65:13:
         3f:f7:1a:84:2c:7b:bc:a7:ce:b9:5b:0c:b7:3a:3d:64:19:d3:
         b1:ca:e2:75:fd:5f:7a:3f:02:98:70:61:32:d4:1c:a1:88:a8:
         f9:d3:e5:18:27:13:16:97:85:44:e6:16:db:a1:45:b1:b7:cf:
         00:3c:d1:7d:86:ba:20:a1:4d:24:2e:3b:24:bd:1b:69:0c:23:
         8d:b5:0c:b2:e5:7e:b5:36:68:bc:03:d6:af:ac:59:c1:dc:df:
         68:41:76:a4:1c:2b:29:17:7c:9c:42:ed:a8:c4:ad:66:bb:0b:
         27:3c:db:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKp1duc4uklt+bJxwGDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBiZTY3ZTY5ODE2NjVkZjZiMWI4YjMyZjM3Njk5NDk4ZjQyNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqCjyYvNJj0MVN5tqOCpJx0+/+/1
fO9Bl0IaW9KFrgUPWdsG3Cib7FQqeItViyBxkUIccJ8pJxuV+n6wxS4QF2h90BGb
HnbPKHZMYs9doa41R70WKOIvFCKjTTSRxhfoHTR4qwXSTlbALmXHX/We2C4/O397
e2Ka5qIk5SGsmzyjZO/OXzrqCJw5wi+IhcupWLOVTUsaLoz+vl+xtT5C/gtd6zwq
/Q0PYszoNVI7/vocMAE3CdoMa9/HSfRQyXPzcAwJ19Bk+u60j6VKa9LmtG0G5D6i
LwDVmvQdlEaLfyvfU3Hhw9CCh/mwDlqhg9cGL0s5MG5xXW2/k9XM8FSbWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8L5n5pgWZd9rG4sy83aZSY9CSuMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvZnd2bWZtbUJabDMyc2Jpekx6ZHBsSmowSks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYx/MA0G
CSqGSIb3DQEBCwUAA4IBAQC1AIh6V/+e2IMb1AeHAsHWZNfJTEsIp/DIvtvMwJoD
jyn9b9zoNwiwg3s2Dlug3HBjLvdGU+ToaSHJoQ6jvRS0nH1r21eWWyV/6aR8/Bz4
OvBAc1PaxZppnWZEITcKXMWGXqw44+Ew4adgbH3n9xGTOq05f/dsvnzoUl75gqr9
mQiOXXoI9uij94b0E0bLZRM/9xqELHu8p865Wwy3Oj1kGdOxyuJ1/V96PwKYcGEy
1ByhiKj50+UYJxMWl4VE5hbboUWxt88APNF9hrogoU0kLjskvRtpDCONtQyy5X61
Nmi8A9avrFnB3N9oQXakHCspF3ycQu2oxK1muwsnPNs1
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:58:16 2024 by rpki-client on console-ams.rpki-client.org