Route Origin Authorization

$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
File:                     AS20473.roa (download)
Hash identifier:          FvC2ABabqnJ+fftWVqn/Dkqa6HW/z+AN5ydZVsilwV4=
Subject key identifier:   27:CB:16:4B:3B:B2:7D:2F:F1:F5:71:7E:C8:BA:84:34:2F:20:36:B0
Certificate issuer:       /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial:       169A5399CDC9776194AA1A12E4549297D44B60AE
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access:      rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa
ROA valid until:          Oct 13 15:02:55 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a0f:9400:750a::/48 maxlen: 48
    2: 2a0f:9400:8020::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:9a:53:99:cd:c9:77:61:94:aa:1a:12:e4:54:92:97:d4:4b:60:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
        Validity
            Not Before: Oct 14 14:57:55 2022 GMT
            Not After : Oct 13 15:02:55 2023 GMT
        Subject: CN=27CB164B3BB27D2FF1F5717EC8BA84342F2036B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:83:7a:79:6a:87:0d:07:32:e2:da:73:28:29:
                    44:8e:d6:11:5a:86:64:cc:8e:75:fd:04:3f:fa:b6:
                    3b:d1:5c:c7:dc:49:28:87:5d:17:28:bf:50:c4:29:
                    29:4f:d7:a0:a5:c8:4f:04:c0:c1:cc:37:56:e2:aa:
                    bc:4c:e8:d8:71:41:20:67:80:7c:bb:20:49:6b:2d:
                    30:30:b0:c9:ec:0a:71:c1:61:03:bc:8c:19:95:85:
                    74:2e:ab:d6:35:a1:eb:05:b6:bb:86:0a:8e:64:48:
                    9f:16:7c:42:22:fb:21:c2:d3:c9:b7:d6:4f:dd:7f:
                    b8:e0:54:34:5d:6a:dc:13:c8:54:cc:9e:98:be:c2:
                    b5:9a:1c:68:14:a4:46:a9:51:b4:07:a1:3c:94:c0:
                    89:17:93:a9:e5:c9:3d:9b:bb:f0:c8:ea:ca:23:12:
                    79:e0:15:cf:26:ab:9c:e6:5d:43:da:bd:24:d7:eb:
                    da:7b:83:1e:9a:5d:57:d3:1f:bc:80:0e:eb:3b:a7:
                    ea:cb:57:47:6f:f5:0a:7c:30:a6:19:6a:a3:7c:72:
                    cd:a8:ce:aa:e9:9b:20:d8:63:d8:73:f1:c8:29:c6:
                    df:1b:c6:e5:0c:38:3f:c2:0c:8e:e6:40:f1:e5:29:
                    4c:11:6a:17:22:10:4c:8e:20:ae:70:13:50:6d:93:
                    a1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                27:CB:16:4B:3B:B2:7D:2F:F1:F5:71:7E:C8:BA:84:34:2F:20:36:B0
            X509v3 Authority Key Identifier: 
                keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS20473.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:9400:750a::/48
                  2a0f:9400:8020::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:6b:7b:c0:55:fe:da:6f:25:b8:7f:b1:20:47:2d:60:38:e2:
         82:67:78:43:78:bd:f7:07:49:8e:9f:e5:64:72:ed:83:d1:99:
         b9:ee:5d:90:b4:91:51:d8:69:ed:cb:7b:6f:09:b6:de:3e:92:
         32:2a:07:1d:fa:84:3c:21:1f:c9:9d:af:9a:8b:98:38:ee:e4:
         9d:81:f3:f9:d3:b1:0a:5f:7f:f9:ce:9c:8e:be:ec:a1:d7:f5:
         eb:92:2f:32:81:a7:3a:b0:2e:45:80:77:88:00:d0:4b:79:be:
         17:bc:d6:08:07:16:a2:14:f7:7f:f8:f6:34:ec:f4:7d:93:b1:
         c8:9c:c4:83:81:fd:d0:39:a8:75:d6:fc:8c:6e:a6:9f:47:37:
         bc:95:4e:2a:c5:95:92:9f:f7:1a:2c:4d:9b:bf:12:0c:ce:92:
         02:5e:96:4a:07:16:9a:7f:b2:a2:11:b5:53:a6:50:aa:4d:c3:
         a5:03:87:ed:da:0d:f8:a1:a9:f3:e9:ba:17:52:a2:c7:04:76:
         2f:0c:e3:35:8f:06:cb:1e:1b:e6:d3:df:1a:21:bb:35:59:95:
         bc:3f:f3:df:7d:5e:cb:db:cb:45:bf:4f:9a:e1:db:b6:9a:97:
         43:1c:20:03:85:f0:af:6a:77:5e:4c:35:f0:af:2a:c3:bb:63:
         06:6f:4f:6d
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUFppTmc3Jd2GUqhoS5FSSl9RLYK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yMjEwMTQxNDU3NTVaFw0yMzEwMTMxNTAyNTVaMDMxMTAvBgNV
BAMTKDI3Q0IxNjRCM0JCMjdEMkZGMUY1NzE3RUM4QkE4NDM0MkYyMDM2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+g3p5aocNBzLi2nMoKUSO1hFa
hmTMjnX9BD/6tjvRXMfcSSiHXRcov1DEKSlP16ClyE8EwMHMN1biqrxM6NhxQSBn
gHy7IElrLTAwsMnsCnHBYQO8jBmVhXQuq9Y1oesFtruGCo5kSJ8WfEIi+yHC08m3
1k/df7jgVDRdatwTyFTMnpi+wrWaHGgUpEapUbQHoTyUwIkXk6nlyT2bu/DI6soj
EnngFc8mq5zmXUPavSTX69p7gx6aXVfTH7yADus7p+rLV0dv9Qp8MKYZaqN8cs2o
zqrpmyDYY9hz8cgpxt8bxuUMOD/CDI7mQPHlKUwRahciEEyOIK5wE1Btk6E1AgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUJ8sWSzuyfS/x9XF+yLqENC8gNrAwHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBbBggrBgEFBQcBCwRPME0wSwYIKwYBBQUHMAuG
P3JzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzIwNDczLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsG
AQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+UAHUKAwcAKg+UAIAgMA0GCSqGSIb3
DQEBCwUAA4IBAQCMa3vAVf7abyW4f7EgRy1gOOKCZ3hDeL33B0mOn+Vkcu2D0Zm5
7l2QtJFR2Gnty3tvCbbePpIyKgcd+oQ8IR/Jna+ai5g47uSdgfP507EKX3/5zpyO
vuyh1/Xrki8ygac6sC5FgHeIANBLeb4XvNYIBxaiFPd/+PY07PR9k7HInMSDgf3Q
Oah11vyMbqafRze8lU4qxZWSn/caLE2bvxIMzpICXpZKBxaaf7KiEbVTplCqTcOl
A4ft2g34oanz6boXUqLHBHYvDOM1jwbLHhvm098aIbs1WZW8P/PffV7L28tFv0+a
4du2mpdDHCADhfCvandeTDXwryrDu2MGb09t
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:08:44 2022 by rpki-client.