Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/flfCU2KhRI7Td3_kH1C2-ZKCycw.roa
File:                     flfCU2KhRI7Td3_kH1C2-ZKCycw.roa (raw, json)
Hash identifier:          hAtMdN+oFwMVCh8+oLii9Q3NfNEfqi0V1JaZsok1FlY=
Subject key identifier:   7E:57:C2:53:62:A1:44:8E:D3:77:7F:E4:1F:50:B6:F9:92:82:C9:CC
Certificate issuer:       /CN=548f757a56d17680d6d6690b19d9f39061980033
Certificate serial:       018CCA2AE1027EA1E6C738601E3A51AEEBA0
Authority key identifier: 54:8F:75:7A:56:D1:76:80:D6:D6:69:0B:19:D9:F3:90:61:98:00:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VI91elbRdoDW1mkLGdnzkGGYADM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/flfCU2KhRI7Td3_kH1C2-ZKCycw.roa
Signing time:             Tue 02 Jan 2024 12:34:16 +0000
ROA not before:           Tue 02 Jan 2024 12:34:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207557
IP address blocks:        194.9.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/VI91elbRdoDW1mkLGdnzkGGYADM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/VI91elbRdoDW1mkLGdnzkGGYADM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VI91elbRdoDW1mkLGdnzkGGYADM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 08 Jun 2024 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:e1:02:7e:a1:e6:c7:38:60:1e:3a:51:ae:eb:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=548f757a56d17680d6d6690b19d9f39061980033
        Validity
            Not Before: Jan  2 12:34:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7e57c25362a1448ed3777fe41f50b6f99282c9cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1c:9c:ff:15:d2:58:bd:ea:be:bd:97:0d:6f:
                    8b:2a:56:c3:b5:89:de:df:03:5a:89:4f:7a:8d:e9:
                    88:24:d4:3e:bb:a1:bc:04:0d:dd:32:e0:b3:6e:80:
                    4b:d5:8c:6d:1f:6b:86:80:ce:19:d1:96:9e:d0:81:
                    f9:a8:0d:ed:f8:68:b4:e0:68:ed:0e:5f:c0:e3:a3:
                    ce:49:2a:1b:c9:27:57:fb:cc:46:f6:40:90:f6:eb:
                    8f:71:f9:6f:79:e2:f4:5e:b7:1f:e8:0f:c1:dc:6c:
                    72:16:b6:9e:e5:90:ae:e7:be:4f:df:a6:14:32:50:
                    72:05:b6:b7:8c:b9:ae:06:0e:89:c6:ad:2e:f0:e1:
                    1c:cc:f5:6f:08:9d:8d:bd:94:55:0d:a6:1b:7c:37:
                    64:f2:10:1b:a7:e4:78:a3:9c:ae:24:36:05:e4:27:
                    e4:f1:28:f1:0e:7e:05:a2:7e:e2:21:94:82:e5:c0:
                    96:17:c6:c7:ba:fa:af:f5:a9:e1:38:74:eb:8a:15:
                    0e:59:5b:f2:13:93:ce:19:bd:85:e4:a3:a9:9f:ed:
                    b4:09:da:b5:d2:30:db:86:52:af:d5:85:79:67:ba:
                    b6:e1:b3:2d:b4:1f:40:f9:71:31:cb:0a:52:e0:40:
                    b3:dd:c9:36:f6:f8:f2:7d:05:50:77:32:2c:54:3d:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:57:C2:53:62:A1:44:8E:D3:77:7F:E4:1F:50:B6:F9:92:82:C9:CC
            X509v3 Authority Key Identifier:
                keyid:54:8F:75:7A:56:D1:76:80:D6:D6:69:0B:19:D9:F3:90:61:98:00:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VI91elbRdoDW1mkLGdnzkGGYADM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/flfCU2KhRI7Td3_kH1C2-ZKCycw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cf93ac-dedd-4130-b365-b8e6566a279a/1/VI91elbRdoDW1mkLGdnzkGGYADM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.9.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:30:65:cf:d4:98:9b:07:07:8b:f2:e6:60:87:44:d5:0e:73:
         c4:3e:43:f0:9e:ae:d1:38:67:99:23:8d:be:0e:b9:d4:08:26:
         71:0d:29:0e:ec:f0:2e:f2:a8:17:02:93:3a:5e:88:df:88:c5:
         b8:ed:29:0d:3c:7c:15:be:e7:44:21:20:c3:71:1c:0e:d4:45:
         09:23:bd:60:eb:ef:51:96:01:5f:15:88:b7:3d:c4:5d:8f:81:
         75:2e:aa:ac:ea:87:3b:56:08:8a:a2:25:ab:dd:76:25:33:ba:
         e9:a9:3f:22:ba:b3:cd:b0:85:b3:3b:97:33:0b:c8:91:4a:26:
         d9:ba:cd:8c:ed:23:f2:e6:c8:82:21:cb:0b:3b:83:a4:7a:b8:
         78:c4:bc:ad:40:f0:b7:0b:61:63:5c:de:a7:d9:b8:11:3e:b4:
         d7:5a:fb:f1:a8:24:79:d2:cd:ba:b2:81:12:e8:bf:00:9b:aa:
         46:cb:13:c8:8b:2e:d9:de:a6:10:e3:29:9a:28:c4:8a:5e:0b:
         cd:be:16:0f:93:14:52:3e:19:18:42:03:b8:f1:1a:fb:2e:c1:
         e0:f4:35:1d:29:0d:6f:62:b6:03:98:ea:15:50:2a:b9:a0:88:
         9d:80:24:fa:09:50:7c:fb:04:fe:d5:92:7f:c6:85:f4:90:7d:
         d3:f9:e9:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKuECfqHmxzhgHjpRruugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OGY3NTdhNTZkMTc2ODBkNmQ2NjkwYjE5ZDlmMzkwNjE5
ODAwMzMwHhcNMjQwMTAyMTIzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU3YzI1MzYyYTE0NDhlZDM3NzdmZTQxZjUwYjZmOTkyODJjOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxyc/xXSWL3qvr2XDW+LKlbDtYne
3wNaiU96jemIJNQ+u6G8BA3dMuCzboBL1YxtH2uGgM4Z0Zae0IH5qA3t+Gi04Gjt
Dl/A46POSSobySdX+8xG9kCQ9uuPcflveeL0Xrcf6A/B3GxyFrae5ZCu575P36YU
MlByBba3jLmuBg6Jxq0u8OEczPVvCJ2NvZRVDaYbfDdk8hAbp+R4o5yuJDYF5Cfk
8SjxDn4Fon7iIZSC5cCWF8bHuvqv9anhOHTrihUOWVvyE5POGb2F5KOpn+20Cdq1
0jDbhlKv1YV5Z7q24bMttB9A+XExywpS4ECz3ck29vjyfQVQdzIsVD0pSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5XwlNioUSO03d/5B9QtvmSgsnMMB8GA1UdIwQY
MBaAFFSPdXpW0XaA1tZpCxnZ85BhmAAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkk5MWVsYlJkb0RXMW1rTEdkbnprR0dZQURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jZjkzYWMtZGVkZC00MTMwLWIzNjUt
YjhlNjU2NmEyNzlhLzEvZmxmQ1UyS2hSSTdUZDNfa0gxQzItWktDeWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jZjkzYWMtZGVkZC00MTMwLWIzNjUtYjhlNjU2NmEyNzlh
LzEvVkk5MWVsYlJkb0RXMW1rTEdkbnprR0dZQURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgm8MA0G
CSqGSIb3DQEBCwUAA4IBAQB/MGXP1JibBweL8uZgh0TVDnPEPkPwnq7ROGeZI42+
DrnUCCZxDSkO7PAu8qgXApM6XojfiMW47SkNPHwVvudEISDDcRwO1EUJI71g6+9R
lgFfFYi3PcRdj4F1Lqqs6oc7VgiKoiWr3XYlM7rpqT8iurPNsIWzO5czC8iRSibZ
us2M7SPy5siCIcsLO4Okerh4xLytQPC3C2FjXN6n2bgRPrTXWvvxqCR50s26soES
6L8Am6pGyxPIiy7Z3qYQ4ymaKMSKXgvNvhYPkxRSPhkYQgO48Rr7LsHg9DUdKQ1v
YrYDmOoVUCq5oIidgCT6CVB8+wT+1ZJ/xoX0kH3T+enx
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:43:30 2024 by rpki-client on console-fra.rpki-client.org