Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/08/e81781-ba83-47a3-aa6b-8cbd81aef494/1/

$ rpki-client -vvf eXTHBEjdhIp50DiJq3x5AwiQl64.roa
File:                     eXTHBEjdhIp50DiJq3x5AwiQl64.roa (download)
Hash identifier:          uExUGnTHPbC1E/iagGAEcsviO/PCVW9sFhP4XwVu4sA=
Subject key identifier:   79:74:C7:04:48:DD:84:8A:79:D0:38:89:AB:7C:79:03:08:90:97:AE
Certificate issuer:       /CN=05ccb1770ef70619bcad6baac7a8372bc900711f
Certificate serial:       A2849A
Authority key identifier: 05:CC:B1:77:0E:F7:06:19:BC:AD:6B:AA:C7:A8:37:2B:C9:00:71:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bcyxdw73Bhm8rWuqx6g3K8kAcR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/e81781-ba83-47a3-aa6b-8cbd81aef494/1/eXTHBEjdhIp50DiJq3x5AwiQl64.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 91.246.59.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10650778 (0xa2849a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ccb1770ef70619bcad6baac7a8372bc900711f
        Validity
            Not Before: Jan  1 05:06:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7974c70448dd848a79d03889ab7c7903089097ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5a:86:ac:e7:9f:36:13:02:88:06:93:fc:f6:
                    28:cd:c4:79:41:13:5c:82:be:01:04:32:73:16:b4:
                    ee:72:58:33:e7:a4:41:72:56:da:f4:fc:de:59:5e:
                    51:6f:fc:15:13:f1:c8:44:8b:67:24:d8:46:33:e3:
                    0f:0e:6b:67:28:5b:ba:48:8f:e4:d6:80:6d:94:28:
                    74:a2:a6:9d:c5:c4:26:89:9d:fe:c1:66:8c:c7:9f:
                    66:9e:6e:a5:83:3b:98:2d:5a:74:50:1a:33:c1:61:
                    4d:c5:3f:1f:7b:47:9b:99:0a:fa:f7:4f:95:bf:6e:
                    69:5d:c6:e4:19:cc:b7:59:bf:5f:db:1a:64:32:cf:
                    65:c3:bc:47:f8:57:25:24:36:95:02:d8:74:c1:7c:
                    09:10:80:c4:a2:e0:20:e0:74:38:0b:2f:2f:19:ff:
                    89:9f:20:96:df:50:89:7a:c3:2e:ec:af:17:79:74:
                    5e:a4:44:d4:01:bd:29:50:be:fc:a7:2a:f5:9e:63:
                    cb:5f:f6:58:79:9e:38:c1:28:81:88:a2:2e:c7:ea:
                    a9:2a:cf:cb:ff:29:52:0a:3f:2b:d6:f2:a4:25:1a:
                    bd:37:58:1f:bd:7c:67:37:3b:23:cb:85:ea:df:14:
                    bc:19:a4:58:79:7b:c0:f2:2b:39:a9:e6:6f:98:4d:
                    84:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                79:74:C7:04:48:DD:84:8A:79:D0:38:89:AB:7C:79:03:08:90:97:AE
            X509v3 Authority Key Identifier: 
                keyid:05:CC:B1:77:0E:F7:06:19:BC:AD:6B:AA:C7:A8:37:2B:C9:00:71:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bcyxdw73Bhm8rWuqx6g3K8kAcR8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/e81781-ba83-47a3-aa6b-8cbd81aef494/1/eXTHBEjdhIp50DiJq3x5AwiQl64.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/e81781-ba83-47a3-aa6b-8cbd81aef494/1/Bcyxdw73Bhm8rWuqx6g3K8kAcR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:88:ac:c3:b4:94:51:3b:75:60:da:bf:dc:b9:8d:a9:b8:c2:
         19:9c:03:0c:cd:f1:18:6d:36:79:ec:85:8a:35:3e:7d:c7:e3:
         49:a3:a7:c3:80:f2:3b:90:5d:65:66:a6:d8:ee:13:53:f8:b4:
         b0:84:1c:89:70:9c:db:38:a2:b6:6e:90:18:91:cc:d0:09:43:
         74:c8:d5:c1:80:6f:f2:bb:3d:f0:6d:ca:26:ff:50:3f:bc:e8:
         c5:f5:00:ce:00:a1:bb:2a:02:e2:9e:28:dd:60:6c:80:db:3a:
         11:07:c8:ce:c5:56:3f:f2:be:b1:2c:8f:bd:48:1f:07:98:07:
         9d:98:7c:ff:f8:1d:c2:6c:71:ec:c5:4d:87:d4:75:0c:ec:a3:
         88:94:19:ed:7a:02:83:cf:0d:87:e0:0b:86:1e:3b:d2:b3:d4:
         f0:9b:14:4d:9f:89:65:0b:bf:83:a8:77:8e:f7:aa:84:f2:35:
         c8:6c:7e:c2:d8:94:2e:3f:09:cc:88:2e:fb:43:95:24:9a:d2:
         7c:e1:5c:b2:65:22:e8:fb:d9:ec:b8:14:2b:e7:d8:d2:50:68:
         4a:4f:1d:cb:aa:aa:5e:f2:e2:a4:cf:84:72:ec:44:af:1f:b9:
         2e:e6:a1:48:a5:63:d6:19:9c:ff:0d:c0:8c:0f:b9:62:10:33:
         e3:e3:c5:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKKEmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWNjYjE3NzBlZjcwNjE5YmNhZDZiYWFjN2E4MzcyYmM5MDA3MTFmMB4XDTIyMDEw
MTA1MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk3NGM3MDQ0OGRk
ODQ4YTc5ZDAzODg5YWI3Yzc5MDMwODkwOTdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxahqznnzYTAogGk/z2KM3EeUETXIK+AQQycxa07nJYM+ek
QXJW2vT83lleUW/8FRPxyESLZyTYRjPjDw5rZyhbukiP5NaAbZQodKKmncXEJomd
/sFmjMefZp5upYM7mC1adFAaM8FhTcU/H3tHm5kK+vdPlb9uaV3G5BnMt1m/X9sa
ZDLPZcO8R/hXJSQ2lQLYdMF8CRCAxKLgIOB0OAsvLxn/iZ8glt9QiXrDLuyvF3l0
XqRE1AG9KVC+/Kcq9Z5jy1/2WHmeOMEogYiiLsfqqSrPy/8pUgo/K9bypCUavTdY
H718Zzc7I8uF6t8UvBmkWHl7wPIrOanmb5hNhG0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5dMcESN2EinnQOImrfHkDCJCXrjAfBgNVHSMEGDAWgBQFzLF3DvcGGbyt
a6rHqDcryQBxHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JjeXhkdzczQmhtOHJXdXF4NmczSzhrQWNSOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvZTgxNzgxLWJhODMtNDdhMy1hYTZiLThjYmQ4MWFlZjQ5NC8x
L2VYVEhCRWpkaElwNTBEaUpxM3g1QXdpUWw2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
ZTgxNzgxLWJhODMtNDdhMy1hYTZiLThjYmQ4MWFlZjQ5NC8xL0JjeXhkdzczQmht
OHJXdXF4NmczSzhrQWNSOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv2OzANBgkqhkiG9w0BAQsFAAOC
AQEAL4isw7SUUTt1YNq/3LmNqbjCGZwDDM3xGG02eeyFijU+fcfjSaOnw4DyO5Bd
ZWam2O4TU/i0sIQciXCc2ziitm6QGJHM0AlDdMjVwYBv8rs98G3KJv9QP7zoxfUA
zgChuyoC4p4o3WBsgNs6EQfIzsVWP/K+sSyPvUgfB5gHnZh8//gdwmxx7MVNh9R1
DOyjiJQZ7XoCg88Nh+ALhh470rPU8JsUTZ+JZQu/g6h3jveqhPI1yGx+wtiULj8J
zIgu+0OVJJrSfOFcsmUi6PvZ7LgUK+fY0lBoSk8dy6qqXvLipM+EcuxErx+5Luah
SKVj1hmc/w3AjA+5YhAz4+PFOg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:56:53 2022 by rpki-client.