Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/5BSBYHQxzMFexwDZi0j4fcP4wKM.roa
File:                     5BSBYHQxzMFexwDZi0j4fcP4wKM.roa (raw, json)
Hash identifier:          Jyd1+ZpjF3fg7xSZuq9ureCZjS1kX632RpemQX1wbyA=
Subject key identifier:   E4:14:81:60:74:31:CC:C1:5E:C7:00:D9:8B:48:F8:7D:C3:F8:C0:A3
Certificate issuer:       /CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
Certificate serial:       018CC86F2955AD5679166651844165E2643C
Authority key identifier: 40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/5BSBYHQxzMFexwDZi0j4fcP4wKM.roa
Signing time:             Tue 02 Jan 2024 04:29:37 +0000
ROA not before:           Tue 02 Jan 2024 04:29:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20712
IP address blocks:        193.239.174.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:6f:29:55:ad:56:79:16:66:51:84:41:65:e2:64:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40c3d37be435a9c33f1c63e50d0d6464ed161004
        Validity
            Not Before: Jan  2 04:29:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e41481607431ccc15ec700d98b48f87dc3f8c0a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c6:b1:3c:c8:8e:bb:44:82:f1:14:84:99:95:
                    1c:59:92:c2:9c:10:45:c6:50:4b:49:ea:cd:58:d8:
                    cd:b6:4a:c4:20:26:6a:cb:1c:46:01:c6:c4:2f:61:
                    be:71:8d:cf:28:29:ad:d4:da:0c:e6:84:53:89:62:
                    44:ed:cf:c8:d4:81:94:96:3c:4a:3e:3f:61:70:4b:
                    08:c4:e3:b9:7d:e9:a6:92:ef:e0:40:25:37:e1:0b:
                    1a:0d:16:5e:2c:00:51:8e:23:2a:24:af:da:4a:5c:
                    0c:3e:43:ea:70:86:4b:bd:af:e1:0b:b6:b5:2c:e0:
                    17:b7:e0:af:0d:6d:03:a7:39:b2:b8:10:21:22:b8:
                    e7:c7:80:1a:e9:3e:49:37:13:a8:09:4c:0e:f8:be:
                    a1:06:ae:2f:39:bf:38:34:1f:c1:e3:e0:cc:13:14:
                    dc:5b:aa:1c:0c:d2:3b:8b:e8:d0:44:60:2c:23:67:
                    19:a7:5c:0d:9c:24:66:42:13:26:fa:ba:78:5a:e0:
                    a7:a4:8c:db:a0:68:dd:55:bf:77:a8:ef:a5:14:14:
                    8c:c7:ff:d2:5d:f6:32:88:b3:3b:e4:65:6e:66:61:
                    62:78:76:78:62:f4:2a:92:a1:0b:3d:97:d1:53:85:
                    ea:d0:22:9b:d6:73:2d:dd:77:3a:ff:e9:f5:63:e7:
                    60:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:14:81:60:74:31:CC:C1:5E:C7:00:D9:8B:48:F8:7D:C3:F8:C0:A3
            X509v3 Authority Key Identifier:
                keyid:40:C3:D3:7B:E4:35:A9:C3:3F:1C:63:E5:0D:0D:64:64:ED:16:10:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/5BSBYHQxzMFexwDZi0j4fcP4wKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7e3c7f-2184-403d-80cf-6e4b3c92a827/1/QMPTe-Q1qcM_HGPlDQ1kZO0WEAQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.239.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         51:0a:c3:40:74:66:a0:54:b0:32:d6:cf:ca:36:74:de:68:e4:
         b7:9d:88:79:0f:b6:22:69:0b:52:43:e8:85:59:d0:58:96:47:
         78:85:b0:b2:17:d5:cc:48:7e:7b:82:51:c9:20:41:c1:69:9a:
         61:82:15:de:df:c1:d9:40:51:cd:8f:5d:dd:6d:ed:c9:9a:03:
         73:8f:ed:d5:2c:3c:eb:52:46:9d:7e:b5:3d:b0:2b:39:5c:a8:
         59:3d:21:13:6b:87:44:69:13:42:45:84:38:6a:70:e1:d1:68:
         c8:c8:23:9f:10:0b:e8:41:77:30:5f:f8:95:13:38:0f:43:02:
         64:bb:d5:25:40:b4:ea:75:40:ca:04:f8:86:82:72:ff:fc:da:
         fb:8e:ca:b3:e1:41:bc:e3:3c:45:9d:ce:c8:3f:5f:0f:f9:96:
         93:4e:c4:fa:ed:3e:a2:05:d3:1a:a2:38:84:92:b1:bc:4b:92:
         1a:74:08:93:98:38:57:a8:4d:47:3c:ef:2e:a4:e0:3d:f6:59:
         68:be:65:8c:07:52:ce:73:ad:9f:13:26:2c:c8:31:32:a9:75:
         0b:a7:e4:a3:e1:2c:09:a8:4a:eb:c9:89:b0:f1:ad:4b:d6:51:
         7d:f1:d7:c1:0a:e8:aa:68:a8:62:41:d4:43:86:0e:e9:98:f7:
         dc:ba:d0:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbylVrVZ5FmZRhEFl4mQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYzNkMzdiZTQzNWE5YzMzZjFjNjNlNTBkMGQ2NDY0ZWQx
NjEwMDQwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE0ODE2MDc0MzFjY2MxNWVjNzAwZDk4YjQ4Zjg3ZGMzZjhjMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcaxPMiOu0SC8RSEmZUcWZLCnBBF
xlBLSerNWNjNtkrEICZqyxxGAcbEL2G+cY3PKCmt1NoM5oRTiWJE7c/I1IGUljxK
Pj9hcEsIxOO5femmku/gQCU34QsaDRZeLABRjiMqJK/aSlwMPkPqcIZLva/hC7a1
LOAXt+CvDW0DpzmyuBAhIrjnx4Aa6T5JNxOoCUwO+L6hBq4vOb84NB/B4+DMExTc
W6ocDNI7i+jQRGAsI2cZp1wNnCRmQhMm+rp4WuCnpIzboGjdVb93qO+lFBSMx//S
XfYyiLM75GVuZmFieHZ4YvQqkqELPZfRU4Xq0CKb1nMt3Xc6/+n1Y+dg8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQUgWB0MczBXscA2YtI+H3D+MCjMB8GA1UdIwQY
MBaAFEDD03vkNanDPxxj5Q0NZGTtFhAEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU1QVGUtUTFxY01fSEdQbERRMWtaTzBXRUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83ZTNjN2YtMjE4NC00MDNkLTgwY2Yt
NmU0YjNjOTJhODI3LzEvNUJTQllIUXh6TUZleHdEWmkwajRmY1A0d0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83ZTNjN2YtMjE4NC00MDNkLTgwY2YtNmU0YjNjOTJhODI3
LzEvUU1QVGUtUTFxY01fSEdQbERRMWtaTzBXRUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe+uMA0G
CSqGSIb3DQEBCwUAA4IBAQBRCsNAdGagVLAy1s/KNnTeaOS3nYh5D7YiaQtSQ+iF
WdBYlkd4hbCyF9XMSH57glHJIEHBaZphghXe38HZQFHNj13dbe3JmgNzj+3VLDzr
UkadfrU9sCs5XKhZPSETa4dEaRNCRYQ4anDh0WjIyCOfEAvoQXcwX/iVEzgPQwJk
u9UlQLTqdUDKBPiGgnL//Nr7jsqz4UG84zxFnc7IP18P+ZaTTsT67T6iBdMaojiE
krG8S5IadAiTmDhXqE1HPO8upOA99llovmWMB1LOc62fEyYsyDEyqXULp+Sj4SwJ
qErryYmw8a1L1lF98dfBCuiqaKhiQdRDhg7pmPfcutDZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:24 2024 by rpki-client on console-ams.rpki-client.org