Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/8mmNt595WHcUIEeGNY75hVXkdnE.roa
File:                     8mmNt595WHcUIEeGNY75hVXkdnE.roa (raw, json)
Hash identifier:          quZnr0Zx3qqLWBr0e4jZpCjbpg1txO8wbovXpUGAX8Q=
Subject key identifier:   F2:69:8D:B7:9F:79:58:77:14:20:47:86:35:8E:F9:85:55:E4:76:71
Certificate issuer:       /CN=aebc33d5ba585234cccef8a57ad86ca1eafc4aa2
Certificate serial:       018D78908F211E069B685AC627B3FD7B2CC0
Authority key identifier: AE:BC:33:D5:BA:58:52:34:CC:CE:F8:A5:7A:D8:6C:A1:EA:FC:4A:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrwz1bpYUjTMzvilethsoer8SqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/8mmNt595WHcUIEeGNY75hVXkdnE.roa
Signing time:             Mon 05 Feb 2024 09:19:16 +0000
ROA not before:           Mon 05 Feb 2024 09:19:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198333
IP address blocks:        91.217.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/rrwz1bpYUjTMzvilethsoer8SqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/rrwz1bpYUjTMzvilethsoer8SqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrwz1bpYUjTMzvilethsoer8SqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 09:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:78:90:8f:21:1e:06:9b:68:5a:c6:27:b3:fd:7b:2c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aebc33d5ba585234cccef8a57ad86ca1eafc4aa2
        Validity
            Not Before: Feb  5 09:19:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2698db79f79587714204786358ef98555e47671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:a9:16:fb:33:b8:ff:cd:96:7d:bf:5d:9c:
                    41:00:34:4e:db:78:7f:52:8c:06:fe:df:a8:6f:c7:
                    bc:02:99:ca:1d:20:3d:19:93:a5:09:bd:42:83:db:
                    5e:92:42:29:27:fe:26:1d:0a:fb:c6:b0:ce:20:bd:
                    45:73:d3:9e:80:c8:b6:7b:d4:f8:15:2d:b7:38:87:
                    95:38:28:34:7a:b4:16:d0:90:93:25:78:db:3b:b3:
                    76:a6:2b:4f:2d:b4:86:64:0e:69:c9:4d:ea:2e:4a:
                    8a:1b:f2:01:3a:23:fd:20:1c:5e:a9:7d:99:cb:2b:
                    eb:4c:d2:b0:73:ed:1b:10:16:22:f4:74:02:cf:58:
                    ce:97:29:ed:c2:fa:6d:c7:48:49:15:2f:e1:06:b0:
                    dc:9d:ce:17:a9:2a:4e:1b:60:46:1b:8d:6d:66:a0:
                    d9:d4:ac:9a:68:5f:a8:7b:1d:9f:53:f3:db:6d:c8:
                    e6:24:ad:bf:36:4e:f4:15:4c:ca:3f:91:48:b2:57:
                    e7:5f:2c:1e:fb:70:f7:ce:6c:a2:58:33:2b:be:41:
                    06:83:2a:b3:21:e0:c2:61:3e:76:8b:f1:c2:7c:fd:
                    be:bf:6d:bc:ed:db:43:d7:b4:1a:81:42:80:b8:56:
                    b0:fc:5c:0c:04:7b:23:d7:b3:5a:0d:5b:85:68:63:
                    88:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:69:8D:B7:9F:79:58:77:14:20:47:86:35:8E:F9:85:55:E4:76:71
            X509v3 Authority Key Identifier:
                keyid:AE:BC:33:D5:BA:58:52:34:CC:CE:F8:A5:7A:D8:6C:A1:EA:FC:4A:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrwz1bpYUjTMzvilethsoer8SqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/8mmNt595WHcUIEeGNY75hVXkdnE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b67551-35e3-42f1-912b-96a5b5dad671/1/rrwz1bpYUjTMzvilethsoer8SqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.217.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:42:70:25:39:3f:08:7f:be:18:dc:3c:a8:19:a3:01:f6:e4:
         34:56:db:a8:68:58:ea:6b:b7:43:4c:4e:d0:a7:2a:bb:6c:1d:
         96:af:72:ab:9c:b2:87:e9:32:e9:c6:e0:07:d6:4a:0b:b5:94:
         57:db:52:c4:b5:b8:6d:ce:03:1d:65:d0:c8:02:61:b7:37:ee:
         c3:ba:73:36:27:4c:c4:00:47:4e:cc:10:a9:8c:8f:b3:da:c9:
         07:ac:e5:cd:cc:a0:17:42:98:7c:7b:73:49:b5:d6:f9:91:1d:
         ee:f4:c7:60:f2:9f:18:f8:3f:76:18:ff:cc:2f:58:8d:d7:f1:
         ee:2c:4c:bb:96:c2:17:ba:be:bd:8e:a2:c8:5c:73:33:7e:0b:
         35:80:16:02:f9:43:00:02:89:df:92:08:b4:a0:a3:5a:77:34:
         36:24:42:38:0a:3f:26:b8:f5:19:3a:81:d0:32:47:32:a9:ac:
         17:e2:88:f2:ff:20:10:00:b0:e4:bc:23:17:e0:48:84:0a:55:
         f2:9f:85:ce:2b:9e:90:f0:2c:dc:fd:e0:36:a2:69:b2:58:fe:
         f6:5e:1b:c8:76:34:e9:c2:df:8e:7f:4f:fd:8a:9c:72:6d:58:
         47:b2:e7:e7:ea:d5:33:2a:1a:0c:e5:84:be:96:7e:8c:91:cd:
         bf:98:ac:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY14kI8hHgabaFrGJ7P9eyzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmMzM2Q1YmE1ODUyMzRjY2NlZjhhNTdhZDg2Y2ExZWFm
YzRhYTIwHhcNMjQwMjA1MDkxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY5OGRiNzlmNzk1ODc3MTQyMDQ3ODYzNThlZjk4NTU1ZTQ3NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVapFvszuP/Nln2/XZxBADRO23h/
UowG/t+ob8e8ApnKHSA9GZOlCb1Cg9tekkIpJ/4mHQr7xrDOIL1Fc9OegMi2e9T4
FS23OIeVOCg0erQW0JCTJXjbO7N2pitPLbSGZA5pyU3qLkqKG/IBOiP9IBxeqX2Z
yyvrTNKwc+0bEBYi9HQCz1jOlyntwvptx0hJFS/hBrDcnc4XqSpOG2BGG41tZqDZ
1KyaaF+oex2fU/PbbcjmJK2/Nk70FUzKP5FIslfnXywe+3D3zmyiWDMrvkEGgyqz
IeDCYT52i/HCfP2+v2287dtD17QagUKAuFaw/FwMBHsj17NaDVuFaGOI4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJpjbefeVh3FCBHhjWO+YVV5HZxMB8GA1UdIwQY
MBaAFK68M9W6WFI0zM74pXrYbKHq/EqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJ3ejFicFlValRNenZpbGV0aHNvZXI4U3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNjc1NTEtMzVlMy00MmYxLTkxMmIt
OTZhNWI1ZGFkNjcxLzEvOG1tTnQ1OTVXSGNVSUVlR05ZNzVoVlhrZG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNjc1NTEtMzVlMy00MmYxLTkxMmItOTZhNWI1ZGFkNjcx
LzEvcnJ3ejFicFlValRNenZpbGV0aHNvZXI4U3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mNMA0G
CSqGSIb3DQEBCwUAA4IBAQByQnAlOT8If74Y3DyoGaMB9uQ0VtuoaFjqa7dDTE7Q
pyq7bB2Wr3KrnLKH6TLpxuAH1koLtZRX21LEtbhtzgMdZdDIAmG3N+7DunM2J0zE
AEdOzBCpjI+z2skHrOXNzKAXQph8e3NJtdb5kR3u9Mdg8p8Y+D92GP/ML1iN1/Hu
LEy7lsIXur69jqLIXHMzfgs1gBYC+UMAAonfkgi0oKNadzQ2JEI4Cj8muPUZOoHQ
MkcyqawX4ojy/yAQALDkvCMX4EiEClXyn4XOK56Q8Czc/eA2ommyWP72XhvIdjTp
wt+Of0/9ipxybVhHsufn6tUzKhoM5YS+ln6Mkc2/mKxG
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:40:59 2024 by rpki-client on console-fra.rpki-client.org