Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5FrrCUdRBeaXCyPloinbo5uzrvM.roa
File:                     5FrrCUdRBeaXCyPloinbo5uzrvM.roa (raw, json)
Hash identifier:          cpMgnEPKnILciJk+Zd8XOFvqgwnuPwNRptZ8/VlHKWo=
Subject key identifier:   E4:5A:EB:09:47:51:05:E6:97:0B:23:E5:A2:29:DB:A3:9B:B3:AE:F3
Certificate issuer:       /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial:       018F3D0F32134209FD4A8BA7BE4706EFB30E
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5FrrCUdRBeaXCyPloinbo5uzrvM.roa
Signing time:             Fri 03 May 2024 06:05:56 +0000
ROA not before:           Fri 03 May 2024 06:05:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     14315
IP address blocks:        195.114.192.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3d:0f:32:13:42:09:fd:4a:8b:a7:be:47:06:ef:b3:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
        Validity
            Not Before: May  3 06:05:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e45aeb09475105e6970b23e5a229dba39bb3aef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:af:45:77:94:ed:d3:12:5d:62:31:65:b7:5e:
                    a4:63:9f:c4:11:64:a9:94:77:e8:9d:42:e1:56:6e:
                    27:ad:3f:92:1f:58:a2:33:2d:e9:1f:ff:16:91:a1:
                    e7:ff:df:66:e9:7f:e1:b8:b1:ed:08:81:dc:18:17:
                    02:5a:d2:76:a1:ca:ea:06:5a:0b:9e:62:28:0f:33:
                    55:d7:3f:3d:bc:ce:56:c9:af:fe:74:16:1c:32:bd:
                    27:25:61:97:32:b9:f4:d8:6c:f1:41:4e:57:22:d5:
                    ec:7e:cc:99:8c:b6:21:9e:1b:63:2d:03:5d:bf:42:
                    dd:d8:8e:93:7b:38:30:f1:33:a6:10:bc:ba:26:98:
                    95:ba:9a:86:91:03:27:7b:a7:f2:c1:43:ba:4c:fa:
                    ce:58:6b:16:7f:30:a5:7b:82:93:78:47:6f:2b:c2:
                    ab:05:74:95:b2:34:28:c1:84:1f:65:f3:2a:c8:37:
                    ab:fb:cc:ff:07:80:04:f4:8c:37:19:e1:d6:bd:b2:
                    fc:e3:d4:84:56:6c:85:77:11:ca:8f:8c:45:a3:2f:
                    e5:ae:f4:64:f4:9f:3e:72:31:19:1b:1d:09:1b:ec:
                    9f:c7:7b:59:85:25:b6:84:dc:80:8e:bb:ab:fa:a4:
                    da:04:99:8c:ee:cc:4d:6d:e1:8c:62:de:37:8e:44:
                    cf:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:5A:EB:09:47:51:05:E6:97:0B:23:E5:A2:29:DB:A3:9B:B3:AE:F3
            X509v3 Authority Key Identifier:
                keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5FrrCUdRBeaXCyPloinbo5uzrvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.114.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:8b:b0:f5:72:7a:a6:ad:cc:8d:59:1b:e0:7a:22:33:b4:56:
         45:74:8b:ae:70:be:f1:45:45:0a:19:f2:e7:8a:62:39:33:63:
         42:db:b2:5f:1e:03:15:51:a7:fb:61:24:9c:10:5a:47:13:f3:
         21:a5:d0:dd:ef:6b:04:bc:b0:ee:3f:94:0e:a8:10:f2:9f:95:
         43:7a:ba:16:ed:9e:4e:31:c4:4b:df:37:2a:75:5a:3c:d8:7b:
         d1:61:87:43:4a:b8:6d:9c:29:95:08:9b:2a:bc:4b:cf:16:76:
         e8:ba:c4:b2:30:6d:e9:fa:48:a4:3d:0f:12:e6:d4:ea:d5:6a:
         61:d2:a8:d3:60:e9:ef:9e:d7:f9:92:13:61:29:91:e9:96:a0:
         8a:5d:b0:9a:9a:43:8d:df:12:ce:98:e6:5d:6d:b3:c2:43:d8:
         f6:23:80:31:b9:19:2f:c0:47:c6:83:04:02:9c:73:12:e5:1c:
         c5:07:36:dc:5e:72:d7:b3:e4:32:9a:bf:ea:d3:f4:0c:26:1a:
         69:47:5a:6c:95:7d:aa:de:98:f1:c7:fa:cf:a5:85:38:65:f8:
         ef:f3:cf:96:9f:98:12:96:e6:a4:3d:25:c4:03:63:40:e1:72:
         58:68:3e:83:0b:4f:d9:af:47:50:d1:57:8b:e5:55:ba:99:e8:
         60:89:32:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY89DzITQgn9SounvkcG77MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNTAzMDYwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDVhZWIwOTQ3NTEwNWU2OTcwYjIzZTVhMjI5ZGJhMzliYjNhZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA969Fd5Tt0xJdYjFlt16kY5/EEWSp
lHfonULhVm4nrT+SH1iiMy3pH/8WkaHn/99m6X/huLHtCIHcGBcCWtJ2ocrqBloL
nmIoDzNV1z89vM5Wya/+dBYcMr0nJWGXMrn02GzxQU5XItXsfsyZjLYhnhtjLQNd
v0Ld2I6Tezgw8TOmELy6JpiVupqGkQMne6fywUO6TPrOWGsWfzCle4KTeEdvK8Kr
BXSVsjQowYQfZfMqyDer+8z/B4AE9Iw3GeHWvbL849SEVmyFdxHKj4xFoy/lrvRk
9J8+cjEZGx0JG+yfx3tZhSW2hNyAjrur+qTaBJmM7sxNbeGMYt43jkTPrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFORa6wlHUQXmlwsj5aIp26Obs67zMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvNUZyckNVZFJCZWFYQ3lQbG9pbmJvNXV6cnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBi7D1cnqmrcyNWRvgeiIztFZFdIuucL7xRUUKGfLn
imI5M2NC27JfHgMVUaf7YSScEFpHE/MhpdDd72sEvLDuP5QOqBDyn5VDeroW7Z5O
McRL3zcqdVo82HvRYYdDSrhtnCmVCJsqvEvPFnbousSyMG3p+kikPQ8S5tTq1Wph
0qjTYOnvntf5khNhKZHplqCKXbCamkON3xLOmOZdbbPCQ9j2I4AxuRkvwEfGgwQC
nHMS5RzFBzbcXnLXs+Qymr/q0/QMJhppR1pslX2q3pjxx/rPpYU4Zfjv88+Wn5gS
luakPSXEA2NA4XJYaD6DC0/Zr0dQ0VeL5VW6mehgiTKf
-----END CERTIFICATE-----
Generated at Sat May 18 02:48:42 2024 by rpki-client on console-fra.rpki-client.org