Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/

$ rpki-client -vvf fnnIIbI58FMcQHJ3aa-JBaNA8F0.roa
File:                     fnnIIbI58FMcQHJ3aa-JBaNA8F0.roa (download)
Hash identifier:          AZ6Nnpb9lYzVWPy8LLsPArq3WRuTqqOKn/qRqw8hj8Y=
Subject key identifier:   7E:79:C8:21:B2:39:F0:53:1C:40:72:77:69:AF:89:05:A3:40:F0:5D
Certificate issuer:       /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial:       02B51672
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/fnnIIbI58FMcQHJ3aa-JBaNA8F0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 83.136.208.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 45422194 (0x2b51672)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
        Validity
            Not Before: Jan  1 03:57:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7e79c821b239f0531c40727769af8905a340f05d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ed:ad:44:4d:85:3f:75:f0:07:3c:78:16:a8:
                    99:f4:e5:fa:d4:d8:79:6b:8c:4f:12:fc:bf:f7:4e:
                    53:9f:db:35:a8:54:ef:32:5e:e9:01:d9:78:b6:50:
                    68:40:4b:d4:c6:fb:8b:5d:fe:95:c8:9b:6b:7d:72:
                    5b:fc:22:b5:70:7a:23:5c:19:20:d8:c3:a1:07:2c:
                    7f:d1:57:f8:68:76:54:f1:3a:0b:87:9a:c5:a3:02:
                    ec:5a:66:2e:66:d3:c9:2c:85:75:a7:3d:74:05:90:
                    2c:94:87:c2:f4:60:fa:45:14:ab:07:83:0c:0f:0e:
                    7a:3f:4d:bb:5d:49:f0:27:09:d5:a0:ee:af:b9:25:
                    40:b6:48:e5:a3:54:33:6a:41:0b:3c:0c:75:5f:8b:
                    25:83:60:a8:60:9b:c3:4c:dc:7b:7c:05:47:89:52:
                    1f:7e:6d:95:d4:d2:97:f0:f5:9a:8a:cb:d8:d8:b4:
                    7b:01:0c:19:35:0a:bb:ad:28:63:1e:25:cc:e2:09:
                    39:72:c5:cd:bb:da:7a:19:81:aa:d0:13:e4:e2:04:
                    c8:f8:bd:b1:b9:ac:02:a8:36:c6:31:be:0f:ee:05:
                    7d:30:1f:b5:40:a8:bd:48:be:39:00:0f:94:ba:14:
                    ae:86:62:e2:db:16:82:13:44:ae:01:0a:c1:d9:b2:
                    33:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7E:79:C8:21:B2:39:F0:53:1C:40:72:77:69:AF:89:05:A3:40:F0:5D
            X509v3 Authority Key Identifier: 
                keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/fnnIIbI58FMcQHJ3aa-JBaNA8F0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.136.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:ac:31:db:20:42:ee:05:d6:6a:7c:98:90:6f:98:95:ec:bc:
         02:ee:97:cc:46:16:3e:1f:f3:9b:f5:e8:c0:ff:6d:3b:18:96:
         94:38:f8:b3:21:f2:04:66:fb:37:e5:ea:4f:57:91:eb:9a:02:
         9b:9d:9e:01:e5:27:28:de:e3:36:9f:df:55:ab:49:4a:d2:53:
         59:ca:10:78:08:d0:c8:8e:2a:fe:11:18:bb:84:b5:58:8f:f0:
         02:65:23:64:c5:1c:22:84:1e:e0:13:af:7f:5b:0a:02:f4:7b:
         96:e8:8b:35:62:0c:64:58:03:4c:66:24:43:6d:49:a5:82:34:
         1a:c1:90:e9:bf:04:0a:14:71:32:7b:2c:6f:04:ec:1a:99:8a:
         a0:9d:ec:6d:69:0f:7b:0d:c0:a3:b2:13:ab:d7:37:81:a2:bd:
         ef:42:04:99:e7:78:d6:0f:b0:03:69:65:f1:80:be:96:e6:44:
         63:34:d3:12:a5:cf:df:f2:63:8d:80:31:3a:0c:dd:1d:59:b9:
         73:24:aa:35:44:38:59:68:e3:db:17:88:1e:b2:c7:8c:ac:b0:
         b8:60:00:12:af:23:a3:48:40:89:63:58:8d:0e:57:42:2c:01:
         7f:58:e4:8a:05:0c:06:7c:f8:96:26:d0:77:99:eb:df:69:cb:
         91:b6:fd:5a
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEArUWcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODc5OTg4ZTBmNDk5NzFhMzI2ZjQxOWU1Y2ZhY2JmZGRjYzk5M2U3MB4XDTIyMDEw
MTAzNTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U3OWM4MjFiMjM5
ZjA1MzFjNDA3Mjc3NjlhZjg5MDVhMzQwZjA1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXtrURNhT918Ac8eBaomfTl+tTYeWuMTxL8v/dOU5/bNahU
7zJe6QHZeLZQaEBL1Mb7i13+lciba31yW/witXB6I1wZINjDoQcsf9FX+Gh2VPE6
C4eaxaMC7FpmLmbTySyFdac9dAWQLJSHwvRg+kUUqweDDA8Oej9Nu11J8CcJ1aDu
r7klQLZI5aNUM2pBCzwMdV+LJYNgqGCbw0zce3wFR4lSH35tldTSl/D1morL2Ni0
ewEMGTUKu60oYx4lzOIJOXLFzbvaehmBqtAT5OIEyPi9sbmsAqg2xjG+D+4FfTAf
tUCovUi+OQAPlLoUroZi4tsWghNErgEKwdmyM1cCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBR+ecghsjnwUxxAcndpr4kFo0DwXTAfBgNVHSMEGDAWgBT4eZiOD0mXGjJv
QZ5c+sv93MmT5zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzA1L2FmM2Q4MS0wMDQ3LTQxM2MtOTFmNC0wNDcwYjRiYjMwZGIv
MS9mbm5JSWJJNThGTWNRSEozYWEtSkJhTkE4RjAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1
L2FmM2Q4MS0wMDQ3LTQxM2MtOTFmNC0wNDcwYjRiYjMwZGIvMS8xLUhtWWpnOUps
eG95YjBHZVhQckxfZHpKay1jLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU4jQMA0GCSqGSIb3DQEBCwUA
A4IBAQACrDHbIELuBdZqfJiQb5iV7LwC7pfMRhY+H/Ob9ejA/207GJaUOPizIfIE
Zvs35epPV5HrmgKbnZ4B5Sco3uM2n99Vq0lK0lNZyhB4CNDIjir+ERi7hLVYj/AC
ZSNkxRwihB7gE69/WwoC9HuW6Is1YgxkWANMZiRDbUmlgjQawZDpvwQKFHEyeyxv
BOwamYqgnextaQ97DcCjshOr1zeBor3vQgSZ53jWD7ADaWXxgL6W5kRjNNMSpc/f
8mONgDE6DN0dWblzJKo1RDhZaOPbF4gesseMrLC4YAASryOjSECJY1iNDldCLAF/
WOSKBQwGfPiWJtB3mevfacuRtv1a
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:31:35 2022 by rpki-client.