Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/

$ rpki-client -vvf d2n2nah4IaT6Sves5H1A8ZUMADo.roa
File:                     d2n2nah4IaT6Sves5H1A8ZUMADo.roa (download)
Hash identifier:          BoEXpsGwQ7nNhDTnHBuH1FVlmd0hOzPc7oKZEMs00Kw=
Subject key identifier:   77:69:F6:9D:A8:78:21:A4:FA:4A:F7:AC:E4:7D:40:F1:95:0C:00:3A
Certificate issuer:       /CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
Certificate serial:       010968C5
Authority key identifier: D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/d2n2nah4IaT6Sves5H1A8ZUMADo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 91.224.141.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17393861 (0x10968c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2e35af3deb53a317fb0e7365a5a4ffe2fad9635
        Validity
            Not Before: Jan  1 13:00:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7769f69da87821a4fa4af7ace47d40f1950c003a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1f:8b:06:15:0f:80:b0:86:dd:44:ca:b6:6a:
                    8e:1a:d3:e0:15:8d:96:61:81:1f:2a:97:85:4b:da:
                    86:09:a8:bb:dc:43:57:e5:ee:10:fe:95:a8:14:d9:
                    4d:51:04:e8:fe:b6:17:d5:09:92:03:59:ef:aa:6e:
                    01:f6:b6:66:7c:f1:1b:be:12:78:3b:b2:d4:32:ea:
                    94:6f:14:7c:99:ca:a3:0b:c3:26:1a:0e:5a:5d:72:
                    40:c9:27:21:b3:82:6b:2a:e6:16:80:9e:ba:43:f1:
                    65:9d:d0:62:14:7f:c4:33:52:bc:93:42:a7:85:7b:
                    a7:fb:ba:a0:52:69:61:e7:f9:7d:91:e6:fd:5c:ea:
                    85:18:fe:4c:1a:69:6d:e9:95:a1:fd:bc:c7:f5:ba:
                    99:1d:0a:15:1a:f2:ce:b4:9d:30:ae:9f:db:7b:51:
                    0a:80:5b:62:0f:6e:8f:93:73:f3:dd:62:d5:86:9e:
                    cf:1f:b2:2d:c5:57:92:97:16:c6:b6:3f:b3:04:59:
                    98:ea:6d:d5:5c:1b:be:ba:f2:0e:24:24:7d:be:51:
                    29:c3:69:db:52:87:09:6f:d1:1d:73:cf:83:fe:86:
                    5e:50:77:4f:d5:37:66:07:7e:58:c9:43:9a:07:1f:
                    8d:c8:8d:2c:61:47:ef:c3:ab:68:e8:60:55:8c:79:
                    ee:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                77:69:F6:9D:A8:78:21:A4:FA:4A:F7:AC:E4:7D:40:F1:95:0C:00:3A
            X509v3 Authority Key Identifier: 
                keyid:D2:E3:5A:F3:DE:B5:3A:31:7F:B0:E7:36:5A:5A:4F:FE:2F:AD:96:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0uNa8961OjF_sOc2WlpP_i-tljU.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/d2n2nah4IaT6Sves5H1A8ZUMADo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/034b47-9f88-4b1a-839a-f758129b8e73/1/0uNa8961OjF_sOc2WlpP_i-tljU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.224.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dd:bf:a1:9e:f2:bf:6b:16:0d:f3:b5:9d:21:dc:e3:d7:10:ff:
         5f:4e:23:e4:be:07:d5:08:bf:92:7c:c6:0e:0e:6f:29:8f:ee:
         01:d5:ef:e5:e5:91:25:83:f7:67:6d:00:65:ea:33:52:7d:19:
         f7:bb:42:f1:ab:ab:fe:4a:6e:6e:3a:87:e6:b4:fd:4d:2e:2a:
         b1:c7:30:fa:5d:cd:b3:9c:b3:b5:f4:2c:b5:63:c2:01:dc:1d:
         fa:b8:29:af:dd:5d:10:79:0d:a3:81:7b:20:00:b2:c6:ec:fd:
         23:10:4c:4a:5a:92:b4:bd:c0:30:ee:c7:87:0f:12:6a:dd:8c:
         95:60:bc:55:c9:6f:d0:f4:fe:f7:ec:ca:0a:21:94:f4:4c:59:
         35:80:f6:d5:a5:ac:10:64:94:7e:37:ee:0c:8c:42:18:84:08:
         f6:2f:9a:8a:12:07:b8:38:d6:b7:aa:f5:e1:44:22:73:df:99:
         00:a0:d6:9a:66:74:b6:c6:7a:77:30:59:94:78:e1:cd:c6:0d:
         bf:b0:98:6c:d8:34:e8:cf:71:e8:75:5b:68:26:6f:a3:e1:eb:
         bc:c4:1a:b2:3a:1e:d6:fe:3f:20:68:a0:c5:65:af:bd:95:35:
         9b:7f:69:65:ce:37:06:43:a8:41:21:cc:02:cc:9f:32:4b:90:
         4b:4b:eb:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQloxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmUzNWFmM2RlYjUzYTMxN2ZiMGU3MzY1YTVhNGZmZTJmYWQ5NjM1MB4XDTIyMDEw
MTEzMDAxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzc2OWY2OWRhODc4
MjFhNGZhNGFmN2FjZTQ3ZDQwZjE5NTBjMDAzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUfiwYVD4Cwht1EyrZqjhrT4BWNlmGBHyqXhUvahgmou9xD
V+XuEP6VqBTZTVEE6P62F9UJkgNZ76puAfa2ZnzxG74SeDuy1DLqlG8UfJnKowvD
JhoOWl1yQMknIbOCayrmFoCeukPxZZ3QYhR/xDNSvJNCp4V7p/u6oFJpYef5fZHm
/VzqhRj+TBppbemVof28x/W6mR0KFRryzrSdMK6f23tRCoBbYg9uj5Nz891i1Yae
zx+yLcVXkpcWxrY/swRZmOpt1VwbvrryDiQkfb5RKcNp21KHCW/RHXPPg/6GXlB3
T9U3Zgd+WMlDmgcfjciNLGFH78OraOhgVYx57iUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3afadqHghpPpK96zkfUDxlQwAOjAfBgNVHSMEGDAWgBTS41rz3rU6MX+w
5zZaWk/+L62WNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB1TmE4OTYxT2pGX3NPYzJXbHBQX2ktdGxqVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvMDM0YjQ3LTlmODgtNGIxYS04MzlhLWY3NTgxMjliOGU3My8x
L2QybjJuYWg0SWFUNlN2ZXM1SDFBOFpVTUFEby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
MDM0YjQ3LTlmODgtNGIxYS04MzlhLWY3NTgxMjliOGU3My8xLzB1TmE4OTYxT2pG
X3NPYzJXbHBQX2ktdGxqVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvgjTANBgkqhkiG9w0BAQsFAAOC
AQEA3b+hnvK/axYN87WdIdzj1xD/X04j5L4H1Qi/knzGDg5vKY/uAdXv5eWRJYP3
Z20AZeozUn0Z97tC8aur/kpubjqH5rT9TS4qsccw+l3Ns5yztfQstWPCAdwd+rgp
r91dEHkNo4F7IACyxuz9IxBMSlqStL3AMO7Hhw8Sat2MlWC8Vclv0PT+9+zKCiGU
9ExZNYD21aWsEGSUfjfuDIxCGIQI9i+aihIHuDjWt6r14UQic9+ZAKDWmmZ0tsZ6
dzBZlHjhzcYNv7CYbNg06M9x6HVbaCZvo+HrvMQasjoe1v4/IGigxWWvvZU1m39p
Zc43BkOoQSHMAsyfMkuQS0vr6Q==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:21:40 2022 by rpki-client.