Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/JvUFOfSVsnDAGZxPRCWYzSHfSgY.roa
File:                     JvUFOfSVsnDAGZxPRCWYzSHfSgY.roa (raw, json)
Hash identifier:          wgyR09LlS2UVjtXAbsEL/iE310+EVSRfVUGEYn78P2o=
Subject key identifier:   26:F5:05:39:F4:95:B2:70:C0:19:9C:4F:44:25:98:CD:21:DF:4A:06
Certificate issuer:       /CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
Certificate serial:       018CC5DD0BE4D1301FCE0937299CC4A4E0C9
Authority key identifier: 58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/JvUFOfSVsnDAGZxPRCWYzSHfSgY.roa
Signing time:             Mon 01 Jan 2024 16:30:47 +0000
ROA not before:           Mon 01 Jan 2024 16:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207995
IP address blocks:        217.198.48.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 18 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dd:0b:e4:d1:30:1f:ce:09:37:29:9c:c4:a4:e0:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58bb8ee3a747ed8b578657cdd4737586f5fdb931
        Validity
            Not Before: Jan  1 16:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=26f50539f495b270c0199c4f442598cd21df4a06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5b:cb:8a:f9:f2:c3:b8:1e:c9:2a:59:b7:f8:
                    58:8f:f7:be:28:a6:bd:46:8a:be:21:0a:7e:1d:af:
                    25:51:bb:a5:25:00:cd:b7:74:e8:19:86:98:68:2b:
                    29:f3:9c:cf:f0:2c:cb:53:52:ee:79:d3:e7:7b:d4:
                    cd:75:41:15:8e:99:e1:97:68:a2:48:b4:b1:5c:5a:
                    11:f3:58:a7:70:3a:0f:41:01:f3:bd:ad:6a:aa:5b:
                    5e:c7:01:fd:04:c4:f5:63:f5:1f:09:09:8c:bb:6f:
                    a3:cd:db:43:d2:b5:c5:f4:22:bd:50:3f:62:9b:2f:
                    e6:fb:1b:23:d2:05:76:7b:f7:98:39:62:28:1f:95:
                    8c:f3:b9:7f:fc:b0:e9:59:55:ab:44:44:8a:19:26:
                    b2:5c:ef:0e:96:5f:a8:6d:c9:e0:a6:fa:cb:28:12:
                    1d:ab:2e:65:4f:34:cf:6f:31:8e:6a:67:e1:1d:cd:
                    ac:57:45:2d:f2:80:c8:b0:fd:26:9a:01:5e:8b:2d:
                    77:33:e9:7b:c4:d0:47:ac:11:09:b5:9a:7d:ba:6c:
                    5a:1a:80:d2:ef:23:e6:04:46:b5:fa:da:2e:23:ae:
                    41:71:1e:2b:b1:34:38:ef:a7:39:07:3f:21:8c:3e:
                    ac:a1:56:8c:f4:34:fe:6e:72:88:bf:f1:04:b0:eb:
                    b3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F5:05:39:F4:95:B2:70:C0:19:9C:4F:44:25:98:CD:21:DF:4A:06
            X509v3 Authority Key Identifier:
                keyid:58:BB:8E:E3:A7:47:ED:8B:57:86:57:CD:D4:73:75:86:F5:FD:B9:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLuO46dH7YtXhlfN1HN1hvX9uTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/JvUFOfSVsnDAGZxPRCWYzSHfSgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/03a70b-3bc6-4339-9e49-a83f914035b3/1/WLuO46dH7YtXhlfN1HN1hvX9uTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.198.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         21:48:f8:72:42:33:ea:b5:c5:01:33:34:22:e6:9a:ce:6d:2b:
         f3:35:e8:56:c3:ca:44:cc:c1:03:9d:28:d7:f5:eb:51:c0:bf:
         94:0d:81:2f:36:ce:1d:26:7c:8c:10:fb:e8:ea:aa:9c:75:0e:
         09:d3:ab:ea:c4:96:76:08:5f:ce:dc:df:d5:19:d9:34:4c:1a:
         90:35:95:a4:2c:65:b5:0e:c7:d1:71:ed:d6:1a:5b:29:01:ee:
         22:23:12:79:75:b3:ec:07:7d:d2:0b:73:a5:17:b2:2d:ad:1c:
         db:0c:3d:a2:05:4f:8a:c2:30:6f:2e:57:15:33:14:9e:0e:5b:
         ea:3b:8b:db:64:3a:65:d1:0a:4c:9f:db:a3:7c:09:3d:97:90:
         1a:f0:36:1a:56:00:d2:be:d1:ba:12:e0:fb:0b:16:a3:0f:b1:
         9a:9a:e3:0e:7f:95:56:c0:f8:3b:d9:f7:ed:c0:18:c9:a8:77:
         c5:e3:54:21:14:5a:4e:89:50:60:71:ee:9c:ae:8e:d3:2c:5a:
         e0:0c:4d:0f:1d:93:8e:92:4a:3e:f7:63:c4:8c:ac:87:0b:e1:
         29:83:6d:ce:1a:9d:59:38:dd:20:4b:32:9f:f4:ad:f1:ce:eb:
         85:60:4b:4a:a6:f9:05:61:af:ec:54:18:a1:a2:f0:9b:b3:4e:
         8c:08:86:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Qvk0TAfzgk3KZzEpODJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI4ZWUzYTc0N2VkOGI1Nzg2NTdjZGQ0NzM3NTg2ZjVm
ZGI5MzEwHhcNMjQwMTAxMTYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY1MDUzOWY0OTViMjcwYzAxOTljNGY0NDI1OThjZDIxZGY0YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1vLivnyw7geySpZt/hYj/e+KKa9
Roq+IQp+Ha8lUbulJQDNt3ToGYaYaCsp85zP8CzLU1LuedPne9TNdUEVjpnhl2ii
SLSxXFoR81incDoPQQHzva1qqltexwH9BMT1Y/UfCQmMu2+jzdtD0rXF9CK9UD9i
my/m+xsj0gV2e/eYOWIoH5WM87l//LDpWVWrRESKGSayXO8Oll+obcngpvrLKBId
qy5lTzTPbzGOamfhHc2sV0Ut8oDIsP0mmgFeiy13M+l7xNBHrBEJtZp9umxaGoDS
7yPmBEa1+touI65BcR4rsTQ476c5Bz8hjD6soVaM9DT+bnKIv/EEsOuzlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCb1BTn0lbJwwBmcT0QlmM0h30oGMB8GA1UdIwQY
MBaAFFi7juOnR+2LV4ZXzdRzdYb1/bkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDkt
YTgzZjkxNDAzNWIzLzEvSnZVRk9mU1ZzbkRBR1p4UFJDV1l6U0hmU2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wM2E3MGItM2JjNi00MzM5LTllNDktYTgzZjkxNDAzNWIz
LzEvV0x1TzQ2ZEg3WXRYaGxmTjFITjFodlg5dVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2cYwMA0G
CSqGSIb3DQEBCwUAA4IBAQAhSPhyQjPqtcUBMzQi5prObSvzNehWw8pEzMEDnSjX
9etRwL+UDYEvNs4dJnyMEPvo6qqcdQ4J06vqxJZ2CF/O3N/VGdk0TBqQNZWkLGW1
DsfRce3WGlspAe4iIxJ5dbPsB33SC3OlF7ItrRzbDD2iBU+KwjBvLlcVMxSeDlvq
O4vbZDpl0QpMn9ujfAk9l5Aa8DYaVgDSvtG6EuD7CxajD7GamuMOf5VWwPg72fft
wBjJqHfF41QhFFpOiVBgce6cro7TLFrgDE0PHZOOkko+92PEjKyHC+Epg23OGp1Z
ON0gSzKf9K3xzuuFYEtKpvkFYa/sVBihovCbs06MCIbd
-----END CERTIFICATE-----
Generated at Mon Jun 17 10:23:33 2024 by rpki-client on console-ams.rpki-client.org