Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa
File:                     O8gWDaOPLLQ8KGgHyopShfUhebs.roa (raw, json)
Hash identifier:          KRcaanOBSYmyw1kuSNJlq/X4pJnmqGxmeNdwss0hNWI=
Subject key identifier:   3B:C8:16:0D:A3:8F:2C:B4:3C:28:68:07:CA:8A:52:85:F5:21:79:BB
Certificate issuer:       /CN=cbeb5fb733abb3e07d75fa80d7be9cb1813cd3e0
Certificate serial:       018D838D409AA6FD0D12E58D4E79A9B380FB
Authority key identifier: CB:EB:5F:B7:33:AB:B3:E0:7D:75:FA:80:D7:BE:9C:B1:81:3C:D3:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa
Signing time:             Wed 07 Feb 2024 12:31:28 +0000
ROA not before:           Wed 07 Feb 2024 12:31:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6730
IP address blocks:        193.135.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 07:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:83:8d:40:9a:a6:fd:0d:12:e5:8d:4e:79:a9:b3:80:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbeb5fb733abb3e07d75fa80d7be9cb1813cd3e0
        Validity
            Not Before: Feb  7 12:31:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3bc8160da38f2cb43c286807ca8a5285f52179bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:95:c9:66:a0:e1:a6:b1:4e:ab:4a:ad:1b:1c:
                    b2:76:a2:39:99:da:12:f8:a6:d2:ae:d2:7f:1d:20:
                    bd:04:dd:4e:e1:30:cc:18:fc:33:27:54:88:89:2f:
                    d4:9f:30:02:13:a2:5c:0a:7b:58:d7:a3:37:83:b9:
                    5f:3b:fa:77:d6:c7:29:a4:c2:5e:22:45:13:32:35:
                    88:a2:8a:8e:f2:d2:9a:1b:d9:fc:87:10:ff:25:28:
                    0d:8f:36:26:da:a7:de:47:d7:31:b0:e2:8e:64:f5:
                    eb:e8:1c:e9:1b:20:ab:d1:84:cb:dd:12:a2:be:67:
                    08:9f:0f:db:2c:ba:a9:92:83:34:68:f2:48:17:52:
                    8b:e2:64:ca:fa:93:90:a0:36:d7:00:2b:72:0f:a4:
                    62:65:5d:d9:f3:97:3f:f2:03:40:44:4e:69:46:94:
                    99:be:0f:4f:6d:b9:ae:c2:e3:cb:52:6b:17:71:24:
                    3b:4a:a9:f7:a9:a5:e2:47:2f:30:b3:5f:6c:e5:01:
                    63:8d:7c:6a:7e:d9:40:4f:f2:1b:bf:97:74:92:d3:
                    a3:7c:53:98:ba:e1:a6:9b:99:3c:be:f5:1d:5a:92:
                    c6:3e:a0:26:b6:b1:b0:42:c8:f3:e5:f9:59:db:1e:
                    2c:e8:f9:b0:e4:e9:02:ef:3f:ff:51:f6:4e:74:93:
                    15:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C8:16:0D:A3:8F:2C:B4:3C:28:68:07:CA:8A:52:85:F5:21:79:BB
            X509v3 Authority Key Identifier:
                keyid:CB:EB:5F:B7:33:AB:B3:E0:7D:75:FA:80:D7:BE:9C:B1:81:3C:D3:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:28:37:f5:89:2d:86:95:36:8b:22:63:99:5c:87:d0:03:bd:
         65:06:a2:ba:a9:f6:25:77:24:35:72:41:03:68:04:9e:ce:0b:
         1c:3d:21:37:dc:fb:79:74:cf:96:7a:d8:3b:ac:83:2a:4c:d1:
         c3:32:15:23:b7:68:ed:06:5b:68:e2:ea:b5:b9:d8:9f:57:50:
         c5:26:c9:23:45:38:59:e2:90:13:35:5a:a6:52:d8:87:09:b7:
         39:01:87:51:a7:e4:2e:45:66:7a:f9:49:03:a5:93:54:04:ec:
         0d:56:55:1d:8d:6a:f0:e0:62:6b:60:8a:d8:d4:d0:bb:77:72:
         a0:58:b5:cd:c8:d8:98:cc:42:e5:6e:07:25:c2:7d:07:1d:76:
         fd:87:13:1a:3f:4e:7e:b9:ac:e4:32:6b:9f:0c:c2:13:c6:34:
         95:a7:cf:56:6f:01:84:8f:68:24:b3:18:34:44:08:72:e4:1e:
         9a:1f:b7:ae:6c:3b:9b:4f:37:42:a5:33:3a:85:64:b7:dc:5b:
         ce:15:de:23:73:86:09:c9:3f:32:92:c1:da:8b:f8:07:4e:35:
         5f:e8:b3:28:aa:06:96:18:3e:85:95:ed:06:22:16:46:6c:97:
         33:e2:ab:de:fc:f2:fa:d3:6a:e9:d2:46:3a:aa:d1:ae:b5:65:
         f2:d5:db:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2DjUCapv0NEuWNTnmps4D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZWI1ZmI3MzNhYmIzZTA3ZDc1ZmE4MGQ3YmU5Y2IxODEz
Y2QzZTAwHhcNMjQwMjA3MTIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM4MTYwZGEzOGYyY2I0M2MyODY4MDdjYThhNTI4NWY1MjE3OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15XJZqDhprFOq0qtGxyydqI5mdoS
+KbSrtJ/HSC9BN1O4TDMGPwzJ1SIiS/UnzACE6JcCntY16M3g7lfO/p31scppMJe
IkUTMjWIooqO8tKaG9n8hxD/JSgNjzYm2qfeR9cxsOKOZPXr6BzpGyCr0YTL3RKi
vmcInw/bLLqpkoM0aPJIF1KL4mTK+pOQoDbXACtyD6RiZV3Z85c/8gNARE5pRpSZ
vg9PbbmuwuPLUmsXcSQ7Sqn3qaXiRy8ws19s5QFjjXxqftlAT/Ibv5d0ktOjfFOY
uuGmm5k8vvUdWpLGPqAmtrGwQsjz5flZ2x4s6Pmw5OkC7z//UfZOdJMVwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvIFg2jjyy0PChoB8qKUoX1IXm7MB8GA1UdIwQY
MBaAFMvrX7czq7PgfXX6gNe+nLGBPNPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS10ZnR6T3JzLUI5ZGZxQTE3NmNzWUU4MC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wYTdjNGUtOTViYy00NTZiLThmNzQt
MmNjZmIzYjQxMjYwLzEvTzhnV0RhT1BMTFE4S0dnSHlvcFNoZlVoZWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wYTdjNGUtOTViYy00NTZiLThmNzQtMmNjZmIzYjQxMjYw
LzEveS10ZnR6T3JzLUI5ZGZxQTE3NmNzWUU4MC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYdqMA0G
CSqGSIb3DQEBCwUAA4IBAQCpKDf1iS2GlTaLImOZXIfQA71lBqK6qfYldyQ1ckED
aASezgscPSE33Pt5dM+Wetg7rIMqTNHDMhUjt2jtBlto4uq1udifV1DFJskjRThZ
4pATNVqmUtiHCbc5AYdRp+QuRWZ6+UkDpZNUBOwNVlUdjWrw4GJrYIrY1NC7d3Kg
WLXNyNiYzELlbgclwn0HHXb9hxMaP05+uazkMmufDMITxjSVp89WbwGEj2gksxg0
RAhy5B6aH7eubDubTzdCpTM6hWS33FvOFd4jc4YJyT8yksHai/gHTjVf6LMoqgaW
GD6Fle0GIhZGbJcz4qve/PL602rp0kY6qtGutWXy1duc
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:33:19 2024 by rpki-client on console-fra.rpki-client.org