Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/fdf732-d660-4de7-a6e8-66e309d062ff/1/LumyB7fcs4RVOtctkcQk1eNGuI0.roa
File:                     LumyB7fcs4RVOtctkcQk1eNGuI0.roa (download)
Hash identifier:          fqSwRrwbHpdb4V1mG9aNr83IMlUOnS1pB3CFvQhC3eM=
Subject key identifier:   2E:E9:B2:07:B7:DC:B3:84:55:3A:D7:2D:91:C4:24:D5:E3:46:B8:8D
Certificate issuer:       /CN=7c4d3af99d66f3905632f49e3517524dc56851d2
Certificate serial:       013BC23C
Authority key identifier: 7C:4D:3A:F9:9D:66:F3:90:56:32:F4:9E:35:17:52:4D:C5:68:51:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fE06-Z1m85BWMvSeNRdSTcVoUdI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/fdf732-d660-4de7-a6e8-66e309d062ff/1/LumyB7fcs4RVOtctkcQk1eNGuI0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.149.150.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20693564 (0x13bc23c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4d3af99d66f3905632f49e3517524dc56851d2
        Validity
            Not Before: Jan  1 04:55:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ee9b207b7dcb384553ad72d91c424d5e346b88d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:53:d7:59:90:c0:1c:3b:75:55:c8:ea:8e:af:
                    0b:c2:1a:d6:80:10:20:c7:a7:35:55:7d:aa:1a:85:
                    4a:61:ac:ce:f1:e0:23:df:89:46:cc:3c:0a:a2:db:
                    bb:60:9f:08:2e:4c:37:82:0a:36:1b:78:b6:2d:59:
                    43:c7:84:2f:eb:61:b6:cd:66:eb:94:69:85:57:00:
                    17:4d:d8:07:1f:4b:e3:fe:44:09:ec:b4:13:37:43:
                    31:c2:97:61:51:45:29:d4:ac:ba:e3:b2:ca:2e:eb:
                    31:a9:9f:ab:de:14:33:40:93:8f:ce:93:02:06:ff:
                    94:c2:b1:c3:0f:70:92:27:3a:3d:29:f4:76:a8:20:
                    96:28:2e:15:a1:fc:17:19:e2:59:99:df:80:66:fd:
                    0a:6a:d8:76:e2:cb:49:ba:63:33:28:8a:07:81:38:
                    32:56:66:a4:33:94:dc:13:48:57:2c:d2:e3:6d:13:
                    45:cb:1e:54:38:af:92:68:88:a4:1e:61:c1:45:8a:
                    45:51:cb:0a:ad:b1:35:88:90:1f:c0:be:1f:61:41:
                    b3:01:c1:d7:84:e2:3a:e1:ed:9a:25:b8:e6:54:ce:
                    5d:fd:d2:89:0d:85:72:55:d1:dd:62:fc:e9:bd:a7:
                    d4:2e:cc:91:bb:d4:8e:40:f9:f9:84:01:70:15:bf:
                    da:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2E:E9:B2:07:B7:DC:B3:84:55:3A:D7:2D:91:C4:24:D5:E3:46:B8:8D
            X509v3 Authority Key Identifier: 
                keyid:7C:4D:3A:F9:9D:66:F3:90:56:32:F4:9E:35:17:52:4D:C5:68:51:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fE06-Z1m85BWMvSeNRdSTcVoUdI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/fdf732-d660-4de7-a6e8-66e309d062ff/1/LumyB7fcs4RVOtctkcQk1eNGuI0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/fdf732-d660-4de7-a6e8-66e309d062ff/1/fE06-Z1m85BWMvSeNRdSTcVoUdI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.149.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:e7:64:5c:db:7e:82:f3:bd:8d:f6:e9:aa:e1:51:59:02:c0:
         25:2d:33:14:88:c1:f1:34:ae:85:6f:6d:cd:cd:a8:b7:2c:2f:
         77:33:32:4b:00:be:8a:8c:53:07:f0:f1:42:42:4b:15:e6:b2:
         b8:60:4c:44:46:b1:28:56:23:5d:50:64:10:bb:43:25:47:e0:
         d0:e7:ba:91:cf:07:d9:6b:0a:84:26:a4:54:7e:ec:08:f7:b1:
         64:00:cd:b1:37:42:de:3c:4f:0a:c5:13:68:f4:f8:69:97:47:
         83:db:ff:5c:df:80:34:2b:d5:10:48:73:49:a4:de:f7:64:2a:
         6b:4a:27:64:62:cb:4f:a1:ab:98:74:95:46:4d:3d:31:19:76:
         ad:fe:b3:21:f8:1d:a0:ad:73:c5:9a:b6:1f:c1:19:04:34:83:
         c2:cc:3f:6b:77:00:b7:60:e3:3d:fc:62:ac:8a:72:ff:53:7a:
         4f:46:e0:b5:6f:5e:38:9e:82:43:79:4d:bf:e8:a9:83:3d:37:
         46:7a:bb:b3:71:81:de:e4:da:bd:bf:af:42:6a:93:6e:ee:69:
         f1:27:b4:e9:03:fb:66:c5:4c:7c:6b:55:fe:a3:e8:59:e5:df:
         2a:9d:74:c6:c4:0d:07:39:7c:2c:1e:e3:4d:a5:98:73:08:9c:
         33:92:5b:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATvCPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YzRkM2FmOTlkNjZmMzkwNTYzMmY0OWUzNTE3NTI0ZGM1Njg1MWQyMB4XDTIyMDEw
MTA0NTU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVlOWIyMDdiN2Rj
YjM4NDU1M2FkNzJkOTFjNDI0ZDVlMzQ2Yjg4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtT11mQwBw7dVXI6o6vC8Ia1oAQIMenNVV9qhqFSmGszvHg
I9+JRsw8CqLbu2CfCC5MN4IKNht4ti1ZQ8eEL+thts1m65RphVcAF03YBx9L4/5E
Cey0EzdDMcKXYVFFKdSsuuOyyi7rMamfq94UM0CTj86TAgb/lMKxww9wkic6PSn0
dqggliguFaH8FxniWZnfgGb9CmrYduLLSbpjMyiKB4E4MlZmpDOU3BNIVyzS420T
RcseVDivkmiIpB5hwUWKRVHLCq2xNYiQH8C+H2FBswHB14TiOuHtmiW45lTOXf3S
iQ2FclXR3WL86b2n1C7MkbvUjkD5+YQBcBW/2uUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQu6bIHt9yzhFU61y2RxCTV40a4jTAfBgNVHSMEGDAWgBR8TTr5nWbzkFYy
9J41F1JNxWhR0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZFMDYtWjFtODVCV012U2VOUmRTVGNWb1VkSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvZmRmNzMyLWQ2NjAtNGRlNy1hNmU4LTY2ZTMwOWQwNjJmZi8x
L0x1bXlCN2ZjczRSVk90Y3RrY1FrMWVOR3VJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
ZmRmNzMyLWQ2NjAtNGRlNy1hNmU4LTY2ZTMwOWQwNjJmZi8xL2ZFMDYtWjFtODVC
V012U2VOUmRTVGNWb1VkSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmVljANBgkqhkiG9w0BAQsFAAOC
AQEAWedkXNt+gvO9jfbpquFRWQLAJS0zFIjB8TSuhW9tzc2otywvdzMySwC+ioxT
B/DxQkJLFeayuGBMREaxKFYjXVBkELtDJUfg0Oe6kc8H2WsKhCakVH7sCPexZADN
sTdC3jxPCsUTaPT4aZdHg9v/XN+ANCvVEEhzSaTe92Qqa0onZGLLT6GrmHSVRk09
MRl2rf6zIfgdoK1zxZq2H8EZBDSDwsw/a3cAt2DjPfxirIpy/1N6T0bgtW9eOJ6C
Q3lNv+ipgz03Rnq7s3GB3uTavb+vQmqTbu5p8Se06QP7ZsVMfGtV/qPoWeXfKp10
xsQNBzl8LB7jTaWYcwicM5JbAw==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:22:55 2022 by rpki-client.