Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/

$ rpki-client -vvf 1-S4WZrZf1BDbbGGh5U2bLNCj-8.roa
File:                     1-S4WZrZf1BDbbGGh5U2bLNCj-8.roa (download)
Hash identifier:          hT8TZxdDA3vbQHKMtizBxWjvbTA5a1h+J4xsCq4IUfY=
Subject key identifier:   D7:E4:B8:59:9A:D9:7F:50:43:6D:B1:86:87:95:36:6C:B3:42:8F:EF
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       0182C20619B4E5A88FFF096C078C099752B7
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1-S4WZrZf1BDbbGGh5U2bLNCj-8.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     398549
IP address blocks:
    1: 2a0c:9a40:8d00::/40 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c2:06:19:b4:e5:a8:8f:ff:09:6c:07:8c:09:97:52:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Aug 21 20:09:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7e4b8599ad97f50436db1868795366cb3428fef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:cf:d8:b3:47:28:4e:b8:05:9b:45:d5:63:b2:
                    03:97:a7:ce:64:9c:4c:7e:14:7a:06:8c:ae:97:53:
                    2c:24:bf:10:f9:09:9b:88:24:b9:82:f8:b9:6e:aa:
                    f0:17:07:7a:f5:08:2e:b0:13:b8:f7:df:a5:8e:9e:
                    c6:30:48:16:14:2f:6f:6c:6c:92:71:46:6c:28:23:
                    b1:8e:78:2c:81:26:5a:5d:34:6b:05:e9:01:a1:bf:
                    18:b5:de:43:8c:d7:ac:9f:e0:5f:1f:36:f6:77:71:
                    c4:5e:7b:5c:4d:40:a5:ca:37:82:34:f8:98:1a:2f:
                    5d:d7:fc:85:22:91:b2:f8:cc:91:8a:b1:6b:52:68:
                    8b:df:16:41:b6:d1:15:98:b3:93:b3:dd:33:6e:7f:
                    6e:45:f1:07:42:50:01:04:6d:7f:41:43:f3:96:81:
                    54:bf:63:98:74:ea:6a:ce:05:5e:b7:87:55:ad:f6:
                    fd:33:e0:d1:cd:89:28:3e:7e:14:1d:d9:74:f1:29:
                    a3:12:34:13:b6:c3:26:7c:e3:1b:e8:85:4a:ff:ec:
                    78:35:39:cb:77:c6:5b:e0:87:eb:93:c8:04:ac:11:
                    d5:44:d6:8f:c4:7c:f9:04:c6:7f:2c:78:ff:f5:87:
                    3a:cb:47:41:ed:b1:6a:08:c0:53:c9:b4:ae:98:6d:
                    30:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                D7:E4:B8:59:9A:D9:7F:50:43:6D:B1:86:87:95:36:6C:B3:42:8F:EF
            X509v3 Authority Key Identifier: 
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1-S4WZrZf1BDbbGGh5U2bLNCj-8.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:9a40:8d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         4d:0b:a7:27:68:88:80:e7:48:43:ed:01:b0:c5:1c:b3:d9:7a:
         40:6b:b2:a4:7a:42:a9:61:e3:ac:23:32:34:ce:88:fe:bd:5f:
         cf:e2:da:f1:8d:15:36:20:5e:20:d4:5d:31:59:82:8a:5d:9b:
         63:61:9d:1c:0e:25:66:3e:5c:20:9f:fd:1b:4c:06:63:b6:f7:
         a6:d5:21:25:65:da:99:f5:21:b1:9d:39:e1:d1:c1:eb:c3:31:
         73:bd:1e:72:49:72:ce:90:dd:53:7d:9a:08:7e:71:9f:22:db:
         fa:47:d1:ea:b1:b3:78:17:4b:78:f2:59:e3:3a:ae:dc:f3:3f:
         ce:b4:62:0a:9b:da:68:57:91:71:6c:2a:08:81:59:b6:a2:f5:
         ed:ef:43:ea:e9:cd:6e:f7:7e:89:1f:a8:a7:b5:4c:b1:06:a8:
         4c:33:97:05:47:46:43:2e:43:f2:37:06:22:fe:bc:c5:08:88:
         37:f0:d2:34:38:dd:90:e2:17:ec:fe:f6:a1:22:85:f7:72:78:
         d2:4d:d9:76:c7:cb:d6:32:d8:41:f9:2c:05:e5:e3:60:ff:3e:
         54:4b:ea:ec:46:3b:dc:d6:be:ba:64:56:ef:f1:74:c7:63:7e:
         1d:58:77:25:3b:6b:0f:30:81:21:05:9d:18:97:ae:ae:bf:e2:
         b4:54:79:7f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYLCBhm05aiP/wlsB4wJl1K3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjIwODIxMjAwOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U0Yjg1OTlhZDk3ZjUwNDM2ZGIxODY4Nzk1MzY2Y2IzNDI4ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8/Ys0coTrgFm0XVY7IDl6fOZJxM
fhR6Boyul1MsJL8Q+QmbiCS5gvi5bqrwFwd69QgusBO499+ljp7GMEgWFC9vbGyS
cUZsKCOxjngsgSZaXTRrBekBob8Ytd5DjNesn+BfHzb2d3HEXntcTUClyjeCNPiY
Gi9d1/yFIpGy+MyRirFrUmiL3xZBttEVmLOTs90zbn9uRfEHQlABBG1/QUPzloFU
v2OYdOpqzgVet4dVrfb9M+DRzYkoPn4UHdl08SmjEjQTtsMmfOMb6IVK/+x4NTnL
d8Zb4Ifrk8gErBHVRNaPxHz5BMZ/LHj/9Yc6y0dB7bFqCMBTybSumG0wXwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNfkuFma2X9QQ22xhoeVNmyzQo/vMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMS1TNFdaclpmMUJEYmJHR2g1VTJiTE5Dai04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQI0w
DQYJKoZIhvcNAQELBQADggEBAE0LpydoiIDnSEPtAbDFHLPZekBrsqR6Qqlh46wj
MjTOiP69X8/i2vGNFTYgXiDUXTFZgopdm2NhnRwOJWY+XCCf/RtMBmO296bVISVl
2pn1IbGdOeHRwevDMXO9HnJJcs6Q3VN9mgh+cZ8i2/pH0eqxs3gXS3jyWeM6rtzz
P860Ygqb2mhXkXFsKgiBWbai9e3vQ+rpzW73fokfqKe1TLEGqEwzlwVHRkMuQ/I3
BiL+vMUIiDfw0jQ43ZDiF+z+9qEihfdyeNJN2XbHy9Yy2EH5LAXl42D/PlRL6uxG
O9zWvrpkVu/xdMdjfh1YdyU7aw8wgSEFnRiXrq6/4rRUeX8=
-----END CERTIFICATE-----
Generated at Sat Dec 3 18:39:08 2022 by rpki-client.