Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/FJZjpSGKilP5OycZunwqKrYvqw0.roa
File:                     FJZjpSGKilP5OycZunwqKrYvqw0.roa (raw, json)
Hash identifier:          9pvM6u5aBw+PuGiYS3Z9ai+BgAsLj5dGFTxkozyaujE=
Subject key identifier:   14:96:63:A5:21:8A:8A:53:F9:3B:27:19:BA:7C:2A:2A:B6:2F:AB:0D
Certificate issuer:       /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial:       018F385970579D80D47B4551D489B6EFA9E9
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/FJZjpSGKilP5OycZunwqKrYvqw0.roa
Signing time:             Thu 02 May 2024 08:08:56 +0000
ROA not before:           Thu 02 May 2024 08:08:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     52194
IP address blocks:        194.176.118.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:38:59:70:57:9d:80:d4:7b:45:51:d4:89:b6:ef:a9:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
        Validity
            Not Before: May  2 08:08:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=149663a5218a8a53f93b2719ba7c2a2ab62fab0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:bf:dc:64:da:ea:bb:60:89:d8:3f:ac:eb:e8:
                    77:92:94:a6:3a:64:af:3c:3a:e9:66:1f:9b:84:0d:
                    ec:65:5d:17:25:4b:6d:e3:ad:ff:a6:f2:d3:7f:6a:
                    82:bb:94:9a:68:70:90:57:15:e5:01:ca:70:53:9d:
                    bf:a0:ea:9a:39:82:e3:fc:a0:72:22:d4:a9:6b:a0:
                    c5:01:92:2e:38:33:03:63:bb:22:8b:37:f8:0d:46:
                    23:36:07:b2:64:06:40:06:c9:9b:45:9f:d0:f8:9c:
                    f4:c4:f5:12:f7:3e:e2:60:a3:47:38:f3:75:46:b5:
                    03:36:d7:74:8a:66:7a:6c:78:cc:cd:02:17:6f:81:
                    2b:55:89:f7:b9:85:8d:3c:7e:e0:b4:49:80:fa:66:
                    04:97:8c:61:9e:74:a7:74:04:a6:a8:f7:e7:0c:f1:
                    f7:f2:c7:df:85:de:e4:ad:65:2f:d7:eb:d5:63:43:
                    e7:a3:0e:59:34:8b:d9:3e:65:8e:ed:80:91:82:37:
                    8e:9c:a6:e3:ab:c0:50:35:ef:4d:e6:49:3e:c5:00:
                    1f:23:bb:29:9f:ba:d0:4e:98:f8:4e:4f:d7:d2:38:
                    eb:1e:23:93:46:6d:8d:9c:3e:59:45:af:c4:0f:c6:
                    7b:4b:a3:39:75:fc:11:76:75:84:29:42:48:e2:e8:
                    62:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:96:63:A5:21:8A:8A:53:F9:3B:27:19:BA:7C:2A:2A:B6:2F:AB:0D
            X509v3 Authority Key Identifier:
                keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/FJZjpSGKilP5OycZunwqKrYvqw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.176.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:39:4c:c7:d7:f3:22:2f:00:41:a5:4b:2d:b2:fe:25:ee:89:
         2f:c3:8d:62:9d:be:e4:8e:0d:5c:ef:ea:f5:af:ef:c4:d8:6b:
         48:93:6e:77:a0:c5:4c:6c:43:62:9c:42:a2:8b:db:69:2d:5b:
         e6:82:67:d7:95:54:f0:06:2f:1b:c7:a1:73:37:ca:b6:84:e1:
         d8:4a:1f:d4:37:b1:c4:d5:ba:4d:2b:26:85:a3:7c:1d:dd:6f:
         07:6b:14:de:e6:58:1f:9a:27:51:a7:5c:72:92:f7:45:b9:07:
         21:c8:85:e0:f9:97:a8:51:ed:4b:cd:91:51:93:ca:f6:16:49:
         93:7a:bb:71:7d:74:ad:db:59:95:31:15:b1:a2:f8:bc:3a:6e:
         0f:70:2c:50:6f:0f:a1:63:1e:43:5f:f5:ba:0b:7c:62:fe:2d:
         94:33:b3:66:e0:a8:b8:d9:9e:c3:89:6a:33:c9:12:40:b3:e0:
         d7:fa:ca:5f:6a:20:85:63:87:dc:78:8e:5a:79:36:86:12:9c:
         fd:09:71:77:ea:c6:d3:3b:32:fc:f5:a5:77:25:72:0d:8e:7a:
         53:48:2f:41:ea:be:7f:01:88:26:83:11:60:83:24:ae:c5:a1:
         d3:cd:7a:a6:38:bb:53:62:26:f7:29:45:56:d3:e4:d8:26:58:
         81:bd:57:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY84WXBXnYDUe0VR1Im276npMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwNTAyMDgwODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk2NjNhNTIxOGE4YTUzZjkzYjI3MTliYTdjMmEyYWI2MmZhYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb/cZNrqu2CJ2D+s6+h3kpSmOmSv
PDrpZh+bhA3sZV0XJUtt463/pvLTf2qCu5SaaHCQVxXlAcpwU52/oOqaOYLj/KBy
ItSpa6DFAZIuODMDY7siizf4DUYjNgeyZAZABsmbRZ/Q+Jz0xPUS9z7iYKNHOPN1
RrUDNtd0imZ6bHjMzQIXb4ErVYn3uYWNPH7gtEmA+mYEl4xhnnSndASmqPfnDPH3
8sffhd7krWUv1+vVY0Pnow5ZNIvZPmWO7YCRgjeOnKbjq8BQNe9N5kk+xQAfI7sp
n7rQTpj4Tk/X0jjrHiOTRm2NnD5ZRa/ED8Z7S6M5dfwRdnWEKUJI4uhiBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSWY6UhiopT+TsnGbp8Kiq2L6sNMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvRkpaanBTR0tpbFA1T3ljWnVud3FLcll2cXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrB2MA0G
CSqGSIb3DQEBCwUAA4IBAQBHOUzH1/MiLwBBpUstsv4l7okvw41inb7kjg1c7+r1
r+/E2GtIk253oMVMbENinEKii9tpLVvmgmfXlVTwBi8bx6FzN8q2hOHYSh/UN7HE
1bpNKyaFo3wd3W8HaxTe5lgfmidRp1xykvdFuQchyIXg+ZeoUe1LzZFRk8r2FkmT
ertxfXSt21mVMRWxovi8Om4PcCxQbw+hYx5DX/W6C3xi/i2UM7Nm4Ki42Z7DiWoz
yRJAs+DX+spfaiCFY4fceI5aeTaGEpz9CXF36sbTOzL89aV3JXINjnpTSC9B6r5/
AYgmgxFggySuxaHTzXqmOLtTYib3KUVW0+TYJliBvVf5
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:08 2024 by rpki-client on console-fra.rpki-client.org