Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa
File:                     nMV7FHTmQTH2xrNw2izoaEsP9-k.roa (raw, json)
Hash identifier:          mR8sadg5gLmaLb+Z4272P6QgRhAJrd+Tc9THWDecH2U=
Subject key identifier:   9C:C5:7B:14:74:E6:41:31:F6:C6:B3:70:DA:2C:E8:68:4B:0F:F7:E9
Certificate issuer:       /CN=79d10f728d6499a749ae5902e8fa883f1add4517
Certificate serial:       018CC56F01C863E4237CBF5CCADFA0AFAE8F
Authority key identifier: 79:D1:0F:72:8D:64:99:A7:49:AE:59:02:E8:FA:88:3F:1A:DD:45:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/edEPco1kmadJrlkC6PqIPxrdRRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa
Signing time:             Mon 01 Jan 2024 14:30:35 +0000
ROA not before:           Mon 01 Jan 2024 14:30:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        185.236.142.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/edEPco1kmadJrlkC6PqIPxrdRRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/edEPco1kmadJrlkC6PqIPxrdRRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/edEPco1kmadJrlkC6PqIPxrdRRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6f:01:c8:63:e4:23:7c:bf:5c:ca:df:a0:af:ae:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79d10f728d6499a749ae5902e8fa883f1add4517
        Validity
            Not Before: Jan  1 14:30:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9cc57b1474e64131f6c6b370da2ce8684b0ff7e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:fd:de:77:17:4a:bc:67:ce:52:b0:94:e3:ff:
                    80:b3:5c:ab:e7:98:e7:35:50:76:21:3e:a7:6a:57:
                    9e:85:34:8c:ce:83:d5:f6:26:bf:3c:8e:e7:06:80:
                    d5:41:4a:95:61:63:af:b1:bc:8a:39:6f:7b:92:b1:
                    41:1c:c7:83:a5:e3:8e:13:99:bb:e4:a4:17:de:e5:
                    2e:bb:bf:2d:a2:32:91:d5:a8:8f:e8:3b:e4:e4:6e:
                    b5:9c:33:ec:86:2b:45:32:96:5a:60:03:c7:77:0d:
                    a3:8a:05:67:22:da:3d:7f:1b:96:c3:40:ac:08:41:
                    ce:2b:70:1f:3b:d9:45:61:99:67:41:11:e3:9c:39:
                    ac:4a:63:95:1a:dd:9a:62:e3:d2:8c:c1:5b:f1:56:
                    10:e1:95:09:24:15:98:75:ec:e5:56:d5:72:3a:2c:
                    31:20:b4:21:30:6b:4e:09:e9:64:66:07:c1:5a:84:
                    41:c4:ec:14:5e:33:1b:d1:d1:dc:f4:09:22:20:41:
                    34:1f:fc:1c:83:91:51:2e:3b:c4:ff:fe:0d:6b:f2:
                    e4:04:73:b2:3c:8f:13:6e:24:cd:45:9d:ec:0f:7d:
                    af:7b:01:18:13:76:05:44:ea:17:8b:e8:be:49:0d:
                    af:35:e9:68:c1:3e:55:ea:35:78:e1:94:96:b6:9e:
                    dc:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C5:7B:14:74:E6:41:31:F6:C6:B3:70:DA:2C:E8:68:4B:0F:F7:E9
            X509v3 Authority Key Identifier:
                keyid:79:D1:0F:72:8D:64:99:A7:49:AE:59:02:E8:FA:88:3F:1A:DD:45:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edEPco1kmadJrlkC6PqIPxrdRRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/nMV7FHTmQTH2xrNw2izoaEsP9-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0b2641-bfb5-4e75-a3e8-b9f05e31523a/1/edEPco1kmadJrlkC6PqIPxrdRRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:d1:15:8d:3f:d3:00:6b:57:ae:80:ac:49:ae:9b:e4:fc:4f:
         c5:4a:b3:e3:af:da:8c:db:d3:74:ce:bf:7f:33:09:db:4e:07:
         f7:51:f6:e1:d4:f6:b0:7e:4e:03:52:d7:31:72:2c:a8:82:d0:
         33:e5:35:02:d4:b0:a2:21:7e:92:67:7e:20:f8:ab:89:05:f1:
         24:49:ef:1f:7a:a4:ee:63:cb:a4:2d:7e:df:b7:11:10:37:46:
         5f:e4:24:90:99:df:c5:86:ea:14:3e:5c:38:44:44:f4:96:f4:
         0f:1c:d8:81:87:a8:b4:54:de:6d:4a:75:be:f7:04:de:af:a1:
         06:8d:36:da:fd:70:ed:32:12:12:c6:59:09:04:15:df:0f:2b:
         63:d5:ec:d4:24:1c:68:93:13:76:f4:03:f0:3c:c0:31:c0:11:
         8c:e3:6a:01:d2:78:41:24:e7:2d:80:8b:06:45:fb:cb:0b:42:
         ff:43:9b:cb:0d:0c:0e:45:8e:c2:d4:53:08:a4:ab:ce:99:fe:
         39:2e:99:70:6d:61:4a:bd:c7:ac:09:0e:5e:69:cf:e2:5f:6c:
         13:4d:a2:43:72:5b:8d:a6:01:e1:a1:1a:33:69:2d:22:f5:b0:
         a3:62:bc:99:d6:d5:64:f0:5f:f7:ae:e9:7f:65:04:d7:82:bf:
         40:76:33:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwHIY+QjfL9cyt+gr66PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDEwZjcyOGQ2NDk5YTc0OWFlNTkwMmU4ZmE4ODNmMWFk
ZDQ1MTcwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M1N2IxNDc0ZTY0MTMxZjZjNmIzNzBkYTJjZTg2ODRiMGZmN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/3edxdKvGfOUrCU4/+As1yr55jn
NVB2IT6naleehTSMzoPV9ia/PI7nBoDVQUqVYWOvsbyKOW97krFBHMeDpeOOE5m7
5KQX3uUuu78tojKR1aiP6Dvk5G61nDPshitFMpZaYAPHdw2jigVnIto9fxuWw0Cs
CEHOK3AfO9lFYZlnQRHjnDmsSmOVGt2aYuPSjMFb8VYQ4ZUJJBWYdezlVtVyOiwx
ILQhMGtOCelkZgfBWoRBxOwUXjMb0dHc9AkiIEE0H/wcg5FRLjvE//4Na/LkBHOy
PI8TbiTNRZ3sD32vewEYE3YFROoXi+i+SQ2vNelowT5V6jV44ZSWtp7cOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzFexR05kEx9sazcNos6GhLD/fpMB8GA1UdIwQY
MBaAFHnRD3KNZJmnSa5ZAuj6iD8a3UUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRFUGNvMWttYWRKcmxrQzZQcUlQeHJkUlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wYjI2NDEtYmZiNS00ZTc1LWEzZTgt
YjlmMDVlMzE1MjNhLzEvbk1WN0ZIVG1RVEgyeHJOdzJpem9hRXNQOS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wYjI2NDEtYmZiNS00ZTc1LWEzZTgtYjlmMDVlMzE1MjNh
LzEvZWRFUGNvMWttYWRKcmxrQzZQcUlQeHJkUlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueyOMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ0RWNP9MAa1eugKxJrpvk/E/FSrPjr9qM29N0zr9/
MwnbTgf3Ufbh1Pawfk4DUtcxciyogtAz5TUC1LCiIX6SZ34g+KuJBfEkSe8feqTu
Y8ukLX7ftxEQN0Zf5CSQmd/FhuoUPlw4RET0lvQPHNiBh6i0VN5tSnW+9wTer6EG
jTba/XDtMhISxlkJBBXfDytj1ezUJBxokxN29APwPMAxwBGM42oB0nhBJOctgIsG
RfvLC0L/Q5vLDQwORY7C1FMIpKvOmf45LplwbWFKvcesCQ5eac/iX2wTTaJDcluN
pgHhoRozaS0i9bCjYryZ1tVk8F/3rul/ZQTXgr9AdjOC
-----END CERTIFICATE-----
Generated at Fri May 3 03:31:32 2024 by rpki-client on console-fra.rpki-client.org