Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/_Y8CXxWQXCx60kx34wzvwcPiND4.roa
File:                     _Y8CXxWQXCx60kx34wzvwcPiND4.roa (raw, json)
Hash identifier:          K1df3+nprg2E+DL4nyKtfbz1t/nI4savr4ymfB12WOE=
Subject key identifier:   FD:8F:02:5F:15:90:5C:2C:7A:D2:4C:77:E3:0C:EF:C1:C3:E2:34:3E
Certificate issuer:       /CN=5f0226a704cf620eb2000f27e7a919ce730991be
Certificate serial:       018CC795369C973E0C4322D437A8462BF178
Authority key identifier: 5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/_Y8CXxWQXCx60kx34wzvwcPiND4.roa
Signing time:             Tue 02 Jan 2024 00:31:33 +0000
ROA not before:           Tue 02 Jan 2024 00:31:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59253
IP address blocks:        194.127.192.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:36:9c:97:3e:0c:43:22:d4:37:a8:46:2b:f1:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f0226a704cf620eb2000f27e7a919ce730991be
        Validity
            Not Before: Jan  2 00:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd8f025f15905c2c7ad24c77e30cefc1c3e2343e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d5:a6:10:08:9f:8b:82:ee:e0:cc:94:c3:9e:
                    e2:54:7e:89:de:3f:80:56:94:e1:11:c9:40:69:5a:
                    49:c0:c9:90:9a:72:11:c2:90:f7:7d:cd:1a:53:0b:
                    b8:17:6d:89:69:9d:54:f7:a9:39:3b:57:3b:14:57:
                    86:a3:6b:56:ad:28:6a:b4:34:a0:7e:48:05:d1:0e:
                    46:41:30:c3:b7:57:ba:53:34:25:35:e3:d4:38:f9:
                    cf:dd:21:f1:8a:66:bd:42:0f:24:b9:dc:0a:57:77:
                    1e:04:75:c6:a4:1e:dc:b8:81:7a:0b:d7:b9:c3:ee:
                    8c:5d:75:ed:91:39:3f:16:a2:0d:fc:46:85:ae:0e:
                    45:3b:06:de:d2:ce:de:3a:7c:93:a3:d9:31:18:88:
                    05:f3:eb:18:e9:d5:24:f8:65:cb:77:5c:37:43:8f:
                    21:29:88:17:55:16:ec:77:bf:cc:23:34:78:7b:c3:
                    3e:86:66:01:be:7d:95:b2:e3:be:ae:c6:7e:6c:f0:
                    92:54:54:7a:ea:3b:61:38:77:6d:0b:f4:df:85:74:
                    f8:22:7d:ba:c9:43:70:82:8b:2f:d5:6c:f8:58:8d:
                    2d:3d:ab:4e:57:5f:b6:49:cb:86:37:1c:82:50:27:
                    73:b5:f3:cc:10:f5:9b:43:96:5d:c3:50:fd:35:49:
                    74:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8F:02:5F:15:90:5C:2C:7A:D2:4C:77:E3:0C:EF:C1:C3:E2:34:3E
            X509v3 Authority Key Identifier:
                keyid:5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/_Y8CXxWQXCx60kx34wzvwcPiND4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.127.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:01:57:30:64:24:38:e3:9b:0e:14:8e:b7:ca:65:11:31:b9:
         3f:71:65:47:9e:9f:6d:61:7d:1c:11:27:16:a9:e8:97:91:76:
         bc:7c:63:db:17:15:3c:16:f5:97:32:b7:0d:08:be:fe:24:52:
         2a:c8:de:3f:8c:94:22:17:7f:43:dd:f4:b4:20:ae:98:27:e4:
         ea:f0:bd:cf:07:56:f2:58:ec:39:32:69:2f:c1:30:31:fb:ac:
         ce:79:f8:b4:91:1f:d0:50:97:70:47:00:78:86:dd:72:41:25:
         b8:50:84:e2:77:c3:85:1b:d2:23:bd:72:1b:46:23:d8:57:e4:
         fa:d0:12:8e:14:d1:80:58:a1:03:07:aa:d4:0a:09:57:bd:80:
         16:b3:b9:71:68:95:ab:60:91:f4:08:ef:5b:ed:cc:95:e9:ec:
         66:1e:18:49:5c:78:de:fa:f7:93:c5:a1:4c:8d:df:ba:9a:96:
         47:d3:19:aa:ee:67:b7:75:ee:7d:c0:de:6a:e0:9a:3e:05:12:
         f9:1e:5f:65:29:15:c0:75:77:1d:42:0d:57:90:0b:eb:6c:95:
         ca:1f:35:4e:df:f4:45:ad:5b:18:9c:d3:c4:df:87:7d:18:d7:
         f5:db:81:7a:5c:47:e7:f2:5c:2f:2e:50:41:61:e3:4d:73:ed:
         e8:2b:8d:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTaclz4MQyLUN6hGK/F4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDIyNmE3MDRjZjYyMGViMjAwMGYyN2U3YTkxOWNlNzMw
OTkxYmUwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhmMDI1ZjE1OTA1YzJjN2FkMjRjNzdlMzBjZWZjMWMzZTIzNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNWmEAifi4Lu4MyUw57iVH6J3j+A
VpThEclAaVpJwMmQmnIRwpD3fc0aUwu4F22JaZ1U96k5O1c7FFeGo2tWrShqtDSg
fkgF0Q5GQTDDt1e6UzQlNePUOPnP3SHxima9Qg8kudwKV3ceBHXGpB7cuIF6C9e5
w+6MXXXtkTk/FqIN/EaFrg5FOwbe0s7eOnyTo9kxGIgF8+sY6dUk+GXLd1w3Q48h
KYgXVRbsd7/MIzR4e8M+hmYBvn2VsuO+rsZ+bPCSVFR66jthOHdtC/TfhXT4In26
yUNwgosv1Wz4WI0tPatOV1+2ScuGNxyCUCdztfPMEPWbQ5Zdw1D9NUl0IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2PAl8VkFwsetJMd+MM78HD4jQ+MB8GA1UdIwQY
MBaAFF8CJqcEz2IOsgAPJ+epGc5zCZG+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAt
NzVkOWNlNWI4ZDljLzEvX1k4Q1h4V1FYQ3g2MGt4MzR3enZ3Y1BpTkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAtNzVkOWNlNWI4ZDlj
LzEvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwn/AMA0G
CSqGSIb3DQEBCwUAA4IBAQA2AVcwZCQ445sOFI63ymURMbk/cWVHnp9tYX0cEScW
qeiXkXa8fGPbFxU8FvWXMrcNCL7+JFIqyN4/jJQiF39D3fS0IK6YJ+Tq8L3PB1by
WOw5MmkvwTAx+6zOefi0kR/QUJdwRwB4ht1yQSW4UITid8OFG9IjvXIbRiPYV+T6
0BKOFNGAWKEDB6rUCglXvYAWs7lxaJWrYJH0CO9b7cyV6exmHhhJXHje+veTxaFM
jd+6mpZH0xmq7me3de59wN5q4Jo+BRL5Hl9lKRXAdXcdQg1XkAvrbJXKHzVO3/RF
rVsYnNPE34d9GNf124F6XEfn8lwvLlBBYeNNc+3oK429
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:45:09 2024 by rpki-client on console-fra.rpki-client.org