Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KwVWYJHTOoxunB09B5Ga8hoO-YY.roa
File:                     KwVWYJHTOoxunB09B5Ga8hoO-YY.roa (download)
Hash identifier:          DHp+P0bxWrRbfg7474j3eCopOo/bhjIbMJ+HWA88itA=
Subject key identifier:   2B:05:56:60:91:D3:3A:8C:6E:9C:1D:3D:07:91:9A:F2:1A:0E:F9:86
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       1C94E121
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KwVWYJHTOoxunB09B5Ga8hoO-YY.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     400031
IP address blocks:
    1: 81.31.192.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 479519009 (0x1c94e121)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 01:02:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2b05566091d33a8c6e9c1d3d07919af21a0ef986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:22:cb:fb:7a:45:40:5b:cb:e1:25:c6:cd:
                    f3:c7:8f:fa:ab:0b:25:20:49:0e:49:0f:c6:ae:d9:
                    8b:c6:df:60:bb:c3:e4:1d:19:1b:c5:d2:a3:ec:b2:
                    36:25:5f:7d:06:f3:09:d2:b6:64:76:fa:bf:b4:b9:
                    c3:ba:5f:d2:64:24:26:16:50:90:33:18:6d:3d:25:
                    6b:8c:cb:d6:83:d7:8c:88:31:45:4c:c0:b5:6b:0a:
                    81:5f:e6:b6:20:74:6d:24:5b:ab:1e:dc:41:32:dc:
                    fc:f8:db:e0:0e:92:1b:56:65:81:63:41:5d:71:5a:
                    44:44:5c:59:b8:71:ca:9e:03:29:e5:f9:95:d9:9b:
                    c7:0a:c0:5e:9c:8c:bb:96:6b:67:c3:56:de:d2:1f:
                    7b:1a:70:17:79:0f:14:dc:a8:e4:60:ef:7c:57:59:
                    16:b0:9f:35:9d:8a:5e:3c:0f:00:73:89:5b:65:b5:
                    7e:ff:c7:e4:ad:9f:ac:20:00:6f:7b:de:81:1b:e0:
                    a5:cf:45:30:5c:37:a3:87:86:51:03:4c:96:bd:8c:
                    e5:89:04:c6:77:82:96:87:f0:86:87:22:da:f6:c0:
                    25:60:6a:c8:f2:ce:d3:c6:e0:ce:1f:b7:4e:ab:71:
                    65:82:98:24:b6:1e:81:2d:03:ae:af:5a:d6:00:4d:
                    67:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2B:05:56:60:91:D3:3A:8C:6E:9C:1D:3D:07:91:9A:F2:1A:0E:F9:86
            X509v3 Authority Key Identifier: 
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KwVWYJHTOoxunB09B5Ga8hoO-YY.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:88:7b:bb:13:02:f8:15:6b:a4:dc:ff:90:0b:1d:b0:bd:8c:
         7a:ee:3c:dc:9f:87:3d:f5:c9:97:f8:e1:83:58:31:a1:69:f1:
         b5:3e:de:50:e9:4f:05:64:76:59:3f:e0:7c:0f:ac:ec:d1:c9:
         4d:d4:81:1d:9b:39:ca:75:27:4b:fc:6f:5b:a5:69:4e:7f:12:
         4b:65:f1:62:a6:e6:96:9c:52:9d:d2:cd:67:4b:dd:9d:27:e8:
         b6:d8:c0:cd:d2:93:ee:d4:88:7a:7a:c9:1a:ab:d4:64:fe:75:
         1e:96:8b:25:33:63:9b:49:aa:72:44:64:0b:21:cb:f7:16:32:
         7c:fb:3e:c6:04:ec:1b:60:8d:7c:15:a7:a3:ee:80:1b:96:7a:
         63:87:5b:42:95:15:83:54:96:ee:0f:91:0c:72:09:b2:d1:6a:
         f4:93:24:a5:d2:c2:2f:a9:b8:45:68:d1:be:3d:ed:2a:4c:4a:
         ca:b4:93:45:ef:af:ae:56:6f:05:fd:a4:04:45:9c:70:76:01:
         e1:53:ec:60:97:bc:90:ae:6f:53:b1:47:ea:1a:dc:2f:de:92:
         c1:4e:36:a3:e1:04:94:a3:2b:bb:30:70:34:2c:3a:a3:7b:39:
         ae:05:b2:5b:15:40:cf:57:11:19:76:87:00:b4:ac:6e:90:e9:
         25:d2:1f:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHJThITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDEw
MTAxMDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIwNTU2NjA5MWQz
M2E4YzZlOWMxZDNkMDc5MTlhZjIxYTBlZjk4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhhIsv7ekVAW8vhJcbN88eP+qsLJSBJDkkPxq7Zi8bfYLvD
5B0ZG8XSo+yyNiVffQbzCdK2ZHb6v7S5w7pf0mQkJhZQkDMYbT0la4zL1oPXjIgx
RUzAtWsKgV/mtiB0bSRbqx7cQTLc/Pjb4A6SG1ZlgWNBXXFaRERcWbhxyp4DKeX5
ldmbxwrAXpyMu5ZrZ8NW3tIfexpwF3kPFNyo5GDvfFdZFrCfNZ2KXjwPAHOJW2W1
fv/H5K2frCAAb3vegRvgpc9FMFw3o4eGUQNMlr2M5YkExneClofwhoci2vbAJWBq
yPLO08bgzh+3TqtxZYKYJLYegS0Drq9a1gBNZ88CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQrBVZgkdM6jG6cHT0HkZryGg75hjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L0t3VldZSkhUT294dW5CMDlCNUdhOGhvTy1ZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlEfwDANBgkqhkiG9w0BAQsFAAOC
AQEAIYh7uxMC+BVrpNz/kAsdsL2Meu483J+HPfXJl/jhg1gxoWnxtT7eUOlPBWR2
WT/gfA+s7NHJTdSBHZs5ynUnS/xvW6VpTn8SS2XxYqbmlpxSndLNZ0vdnSfottjA
zdKT7tSIenrJGqvUZP51HpaLJTNjm0mqckRkCyHL9xYyfPs+xgTsG2CNfBWno+6A
G5Z6Y4dbQpUVg1SW7g+RDHIJstFq9JMkpdLCL6m4RWjRvj3tKkxKyrSTRe+vrlZv
Bf2kBEWccHYB4VPsYJe8kK5vU7FH6hrcL96SwU42o+EElKMruzBwNCw6o3s5rgWy
WxVAz1cRGXaHALSsbpDpJdIfqw==
-----END CERTIFICATE-----
Generated at Wed Dec 7 03:47:00 2022 by rpki-client.