Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/flSkx7weCg_UmmbyqA2JVU2ca6I.roa
File:                     flSkx7weCg_UmmbyqA2JVU2ca6I.roa (raw, json)
Hash identifier:          neuEjNExr/VJukOnCOJUj2oCGEE/UkbOcaycQ3UlCdA=
Subject key identifier:   7E:54:A4:C7:BC:1E:0A:0F:D4:9A:66:F2:A8:0D:89:55:4D:9C:6B:A2
Certificate issuer:       /CN=cc7e90c9e536c53a08eacc0817bef63fb7068fee
Certificate serial:       018CC727512B3C5E6BF7CE50DA2277D210AF
Authority key identifier: CC:7E:90:C9:E5:36:C5:3A:08:EA:CC:08:17:BE:F6:3F:B7:06:8F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zH6QyeU2xToI6swIF772P7cGj-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/flSkx7weCg_UmmbyqA2JVU2ca6I.roa
Signing time:             Mon 01 Jan 2024 22:31:31 +0000
ROA not before:           Mon 01 Jan 2024 22:31:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        193.33.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/zH6QyeU2xToI6swIF772P7cGj-4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/zH6QyeU2xToI6swIF772P7cGj-4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zH6QyeU2xToI6swIF772P7cGj-4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:27:51:2b:3c:5e:6b:f7:ce:50:da:22:77:d2:10:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc7e90c9e536c53a08eacc0817bef63fb7068fee
        Validity
            Not Before: Jan  1 22:31:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7e54a4c7bc1e0a0fd49a66f2a80d89554d9c6ba2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5c:ce:90:60:33:c6:16:79:7d:b5:91:19:6e:
                    dd:50:51:80:8e:02:84:e7:47:76:8d:04:4a:21:75:
                    aa:1a:33:6c:ae:22:07:21:d0:0f:e0:ed:34:d5:bf:
                    eb:bc:59:6f:a7:4d:0a:f8:ea:17:35:fd:d0:7f:45:
                    1f:f6:59:62:86:1d:ec:17:d7:75:54:be:fa:fa:76:
                    78:94:3b:b7:f4:f3:6f:3f:78:2c:8d:58:9e:92:43:
                    ad:89:11:e2:81:c8:64:c8:f1:9f:45:70:79:3d:f1:
                    89:72:32:b2:85:27:50:09:a5:c9:d0:00:d8:d1:5b:
                    39:f8:75:1b:e6:27:4a:55:5a:89:c7:bc:f6:ef:6b:
                    e1:47:10:5b:88:e2:6a:f3:52:c0:3d:0f:f7:79:a0:
                    15:6c:be:8c:89:9c:ed:76:be:8d:01:b0:b7:a5:a6:
                    6e:63:43:0c:3a:1a:52:96:c7:d6:09:3d:4e:39:83:
                    11:e0:bd:76:73:d9:51:a7:81:5d:43:0d:57:37:d0:
                    68:ab:2e:10:fe:3f:ea:3d:82:cd:52:c7:ca:1e:2f:
                    94:cb:d7:fa:55:b7:fc:62:71:22:db:51:f1:d7:4d:
                    0d:7b:f1:4c:cc:27:35:d4:43:64:8c:38:9e:e1:2c:
                    06:09:65:36:0b:56:15:c9:b0:01:35:19:e6:87:de:
                    2b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:54:A4:C7:BC:1E:0A:0F:D4:9A:66:F2:A8:0D:89:55:4D:9C:6B:A2
            X509v3 Authority Key Identifier:
                keyid:CC:7E:90:C9:E5:36:C5:3A:08:EA:CC:08:17:BE:F6:3F:B7:06:8F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zH6QyeU2xToI6swIF772P7cGj-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/flSkx7weCg_UmmbyqA2JVU2ca6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7494cf-3bdb-4fc7-9093-4e4abedc809f/1/zH6QyeU2xToI6swIF772P7cGj-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.33.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:b3:f3:1c:ac:c4:7b:5d:79:27:a6:7b:56:29:2b:67:2b:37:
         1f:77:72:e0:c3:1a:de:6a:81:85:73:83:df:76:13:2e:62:4b:
         30:9f:87:e0:9e:d2:8a:d8:c1:96:8e:be:33:51:e8:20:1a:7c:
         13:cc:9f:45:41:dd:7a:87:bc:67:57:de:6c:e0:ba:0e:c6:e8:
         65:6c:0f:44:3b:d3:87:fe:71:b5:f3:08:24:2d:91:c0:eb:4c:
         dc:02:86:2b:06:68:4f:68:a7:a7:e3:b7:16:b2:61:8c:a2:64:
         23:e1:21:99:30:a4:26:18:7c:52:51:5e:4b:2f:6d:8c:66:2c:
         f8:eb:3c:2e:91:38:c3:c4:09:18:e7:f4:14:c7:d6:e7:ca:5f:
         52:3e:d9:cd:46:85:54:c6:e9:7c:1c:2b:db:d1:68:e3:78:ec:
         d9:af:50:3c:a2:aa:f5:38:7e:e4:8b:8d:d9:0d:aa:00:d5:ba:
         0f:45:64:ef:30:27:ed:67:be:85:1d:ce:56:30:9a:3e:e7:ea:
         7d:7d:c0:a1:66:fd:ab:d8:6e:e9:99:f6:1b:db:0b:d9:63:be:
         44:f8:09:72:c7:d2:c8:f1:11:8e:63:89:8d:cb:7f:88:dc:81:
         40:ca:71:70:a5:90:3c:f9:11:44:3c:fb:44:b2:33:98:a9:17:
         22:b7:cb:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1ErPF5r985Q2iJ30hCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjN2U5MGM5ZTUzNmM1M2EwOGVhY2MwODE3YmVmNjNmYjcw
NjhmZWUwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU0YTRjN2JjMWUwYTBmZDQ5YTY2ZjJhODBkODk1NTRkOWM2YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylzOkGAzxhZ5fbWRGW7dUFGAjgKE
50d2jQRKIXWqGjNsriIHIdAP4O001b/rvFlvp00K+OoXNf3Qf0Uf9llihh3sF9d1
VL76+nZ4lDu39PNvP3gsjViekkOtiRHigchkyPGfRXB5PfGJcjKyhSdQCaXJ0ADY
0Vs5+HUb5idKVVqJx7z272vhRxBbiOJq81LAPQ/3eaAVbL6MiZztdr6NAbC3paZu
Y0MMOhpSlsfWCT1OOYMR4L12c9lRp4FdQw1XN9Boqy4Q/j/qPYLNUsfKHi+Uy9f6
Vbf8YnEi21Hx100Ne/FMzCc11ENkjDie4SwGCWU2C1YVybABNRnmh94riwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5UpMe8HgoP1Jpm8qgNiVVNnGuiMB8GA1UdIwQY
MBaAFMx+kMnlNsU6COrMCBe+9j+3Bo/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekg2UXllVTJ4VG9JNnN3SUY3NzJQN2NHai00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDk0Y2YtM2JkYi00ZmM3LTkwOTMt
NGU0YWJlZGM4MDlmLzEvZmxTa3g3d2VDZ19VbW1ieXFBMkpWVTJjYTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDk0Y2YtM2JkYi00ZmM3LTkwOTMtNGU0YWJlZGM4MDlm
LzEvekg2UXllVTJ4VG9JNnN3SUY3NzJQN2NHai00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSG8MA0G
CSqGSIb3DQEBCwUAA4IBAQCss/McrMR7XXknpntWKStnKzcfd3LgwxreaoGFc4Pf
dhMuYkswn4fgntKK2MGWjr4zUeggGnwTzJ9FQd16h7xnV95s4LoOxuhlbA9EO9OH
/nG18wgkLZHA60zcAoYrBmhPaKen47cWsmGMomQj4SGZMKQmGHxSUV5LL22MZiz4
6zwukTjDxAkY5/QUx9bnyl9SPtnNRoVUxul8HCvb0WjjeOzZr1A8oqr1OH7ki43Z
DaoA1boPRWTvMCftZ76FHc5WMJo+5+p9fcChZv2r2G7pmfYb2wvZY75E+Alyx9LI
8RGOY4mNy3+I3IFAynFwpZA8+RFEPPtEsjOYqRcit8vB
-----END CERTIFICATE-----
Generated at Sun May 5 21:23:19 2024 by rpki-client on console-fra.rpki-client.org