Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/

$ rpki-client -vvf oZ31HAoudQfkExrXSdOI7M3TRCc.roa
File:                     oZ31HAoudQfkExrXSdOI7M3TRCc.roa (download)
Hash identifier:          wSn/9aUqODH9J8ygVZBUdr5b7leka+vKBPkxUlfdSJI=
Subject key identifier:   A1:9D:F5:1C:0A:2E:75:07:E4:13:1A:D7:49:D3:88:EC:CD:D3:44:27
Certificate issuer:       /CN=07d0ba368232da095070a9fc7572465858f7af13
Certificate serial:       CAF995
Authority key identifier: 07:D0:BA:36:82:32:DA:09:50:70:A9:FC:75:72:46:58:58:F7:AF:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B9C6NoIy2glQcKn8dXJGWFj3rxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/oZ31HAoudQfkExrXSdOI7M3TRCc.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 188.244.126.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13302165 (0xcaf995)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07d0ba368232da095070a9fc7572465858f7af13
        Validity
            Not Before: Jan  1 00:58:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a19df51c0a2e7507e4131ad749d388eccdd34427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:14:4b:7c:74:8a:7d:61:34:7c:d8:db:3e:d9:
                    57:3d:67:09:e7:d0:a9:99:9f:24:1d:6f:f9:c1:c0:
                    00:ec:2b:40:9b:85:42:7f:fc:92:08:c0:2a:ef:71:
                    23:f1:ab:9b:54:48:d2:9b:74:c9:55:95:0d:df:db:
                    2b:44:c6:dc:2d:8d:16:e4:2e:17:47:94:32:0b:0c:
                    f9:60:48:4c:24:c9:53:b0:88:3b:c6:73:fd:a0:6d:
                    7c:f5:c9:29:8b:e4:8f:14:fe:88:4c:3f:c3:ed:30:
                    83:aa:ec:3a:b2:d2:81:f2:ce:28:bf:5e:e6:26:0e:
                    30:41:75:f5:d9:4b:d6:88:23:31:b4:9b:d5:1b:1a:
                    9b:e3:4d:e5:c6:c8:8c:6a:05:12:d3:e4:e1:41:8b:
                    a3:ab:20:72:a6:c3:db:2a:b8:83:3a:e8:95:6e:cc:
                    38:8e:ad:c1:45:91:6d:f8:e4:ab:3e:0a:9d:bc:0a:
                    d9:dc:be:e4:5c:e3:22:f8:cc:40:e4:e1:1b:d1:d2:
                    0b:17:99:91:5c:7a:e9:4d:f4:17:68:a0:59:a1:01:
                    38:e1:29:24:7e:69:3f:ef:48:ee:7b:93:9d:2c:15:
                    09:27:86:5b:b3:00:13:df:66:bd:f2:1a:47:42:ef:
                    e4:56:8a:c9:53:d0:39:a8:ab:ba:f0:be:60:3c:91:
                    66:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A1:9D:F5:1C:0A:2E:75:07:E4:13:1A:D7:49:D3:88:EC:CD:D3:44:27
            X509v3 Authority Key Identifier: 
                keyid:07:D0:BA:36:82:32:DA:09:50:70:A9:FC:75:72:46:58:58:F7:AF:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9C6NoIy2glQcKn8dXJGWFj3rxM.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/oZ31HAoudQfkExrXSdOI7M3TRCc.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f72e47-42ab-43ca-a6f3-f8e0640e53d8/1/B9C6NoIy2glQcKn8dXJGWFj3rxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:4a:3b:c5:04:41:68:19:b2:6e:95:7a:7b:47:d7:ea:f8:d5:
         5a:76:52:6a:7a:dd:be:07:91:66:cd:a8:4e:d4:c6:83:a3:48:
         26:c5:03:49:35:81:9c:c1:49:7d:68:67:1c:ad:0f:a2:2f:65:
         c1:22:c0:1b:8e:ab:eb:bd:86:5f:e9:a5:b0:0d:69:11:81:f4:
         ce:f0:f0:ff:ea:ea:71:6d:8b:4e:2c:e9:4a:ca:fe:73:d2:14:
         f7:fc:59:b4:80:9d:52:c5:d1:68:98:c7:aa:10:0b:7b:0d:c5:
         c4:e2:25:ba:6d:ab:ad:f8:b4:8f:2f:ab:59:08:dd:6a:ed:34:
         02:d4:45:88:be:2a:ec:ef:f5:93:7f:18:15:7a:7c:f2:4f:39:
         b2:fe:53:5e:ad:f4:2c:6f:fa:6a:c5:4e:7e:80:76:cd:71:f5:
         35:05:7f:a9:37:53:21:1f:d1:ac:6e:29:3e:2d:97:ef:17:41:
         55:0d:2c:d9:58:2e:ba:4f:92:b8:f3:a9:0b:6e:c7:b0:55:4a:
         1f:81:9d:2c:fd:c1:61:3e:6a:3d:9b:63:a0:d8:f1:ef:3b:39:
         ba:0f:f1:64:9a:c7:99:69:3f:c6:f1:0c:7f:f7:83:64:9a:69:
         40:49:a2:36:ef:d9:2d:e8:07:94:bc:78:5c:78:2e:f7:20:91:
         7b:a1:0b:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMr5lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2QwYmEzNjgyMzJkYTA5NTA3MGE5ZmM3NTcyNDY1ODU4ZjdhZjEzMB4XDTIyMDEw
MTAwNTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE5ZGY1MWMwYTJl
NzUwN2U0MTMxYWQ3NDlkMzg4ZWNjZGQzNDQyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoUS3x0in1hNHzY2z7ZVz1nCefQqZmfJB1v+cHAAOwrQJuF
Qn/8kgjAKu9xI/Grm1RI0pt0yVWVDd/bK0TG3C2NFuQuF0eUMgsM+WBITCTJU7CI
O8Zz/aBtfPXJKYvkjxT+iEw/w+0wg6rsOrLSgfLOKL9e5iYOMEF19dlL1ogjMbSb
1Rsam+NN5cbIjGoFEtPk4UGLo6sgcqbD2yq4gzrolW7MOI6twUWRbfjkqz4KnbwK
2dy+5FzjIvjMQOThG9HSCxeZkVx66U30F2igWaEBOOEpJH5pP+9I7nuTnSwVCSeG
W7MAE99mvfIaR0Lv5FaKyVPQOairuvC+YDyRZv8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShnfUcCi51B+QTGtdJ04jszdNEJzAfBgNVHSMEGDAWgBQH0Lo2gjLaCVBw
qfx1ckZYWPevEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I5QzZOb0l5MmdsUWNLbjhkWEpHV0ZqM3J4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvZjcyZTQ3LTQyYWItNDNjYS1hNmYzLWY4ZTA2NDBlNTNkOC8x
L29aMzFIQW91ZFFma0V4clhTZE9JN00zVFJDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
ZjcyZTQ3LTQyYWItNDNjYS1hNmYzLWY4ZTA2NDBlNTNkOC8xL0I5QzZOb0l5Mmds
UWNLbjhkWEpHV0ZqM3J4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALz0fjANBgkqhkiG9w0BAQsFAAOC
AQEAFEo7xQRBaBmybpV6e0fX6vjVWnZSanrdvgeRZs2oTtTGg6NIJsUDSTWBnMFJ
fWhnHK0Poi9lwSLAG46r672GX+mlsA1pEYH0zvDw/+rqcW2LTizpSsr+c9IU9/xZ
tICdUsXRaJjHqhALew3FxOIlum2rrfi0jy+rWQjdau00AtRFiL4q7O/1k38YFXp8
8k85sv5TXq30LG/6asVOfoB2zXH1NQV/qTdTIR/RrG4pPi2X7xdBVQ0s2Vguuk+S
uPOpC27HsFVKH4GdLP3BYT5qPZtjoNjx7zs5ug/xZJrHmWk/xvEMf/eDZJppQEmi
Nu/ZLegHlLx4XHgu9yCRe6ELGA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 14:06:19 2022 by rpki-client.