Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Bm5hf8yJaOBtYtIP9Ae8AWXI_tU.roa
File:                     Bm5hf8yJaOBtYtIP9Ae8AWXI_tU.roa (download)
Hash identifier:          JOGexZc9liwYsuPRkhRt5eSH5+CjGlln0dqvnSiJNWQ=
Subject key identifier:   06:6E:61:7F:CC:89:68:E0:6D:62:D2:0F:F4:07:BC:01:65:C8:FE:D5
Certificate issuer:       /CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
Certificate serial:       03286B4D
Authority key identifier: 58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Bm5hf8yJaOBtYtIP9Ae8AWXI_tU.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 185.235.32.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 52980557 (0x3286b4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58bf7f3ad53f29a3c43f0ad82017a05368c0104a
        Validity
            Not Before: Jan  1 11:04:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=066e617fcc8968e06d62d20ff407bc0165c8fed5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:64:33:e5:63:74:a4:fb:f2:11:4f:13:04:4a:
                    65:01:b6:4b:65:42:85:5f:bd:bc:a7:e3:6d:95:4e:
                    8e:bb:67:1b:77:2d:6d:3a:7b:ab:24:e2:d9:8f:ed:
                    fb:a3:6b:1e:f2:8f:2b:89:94:40:65:89:1a:2f:49:
                    88:ad:d6:4c:72:f7:ad:93:7b:19:bf:18:64:fd:47:
                    08:fa:db:a7:38:71:81:a8:4f:2e:eb:21:d5:df:f5:
                    ed:c5:f6:d0:a5:11:13:1b:89:4b:9a:b5:cb:96:ba:
                    cb:a7:5d:f1:d4:4f:db:51:ed:ea:92:ca:6f:59:44:
                    6d:03:4f:75:db:b7:58:44:6c:53:a2:93:9f:69:95:
                    11:e3:95:3f:e7:9f:45:be:c6:81:e4:1e:74:65:87:
                    8e:1c:06:a9:6b:00:bb:3c:ea:e8:96:aa:82:0d:1a:
                    81:3d:70:d1:74:9a:34:4d:a7:d9:ee:ff:ca:df:57:
                    96:7c:c4:1c:33:59:aa:2d:fe:01:06:2e:13:9c:79:
                    65:21:a2:de:18:d2:df:e7:01:4d:29:9e:6d:f3:f9:
                    e4:ac:a3:12:4f:7e:97:54:4a:af:8c:4b:df:81:42:
                    17:46:02:f5:20:8d:0b:18:57:29:82:16:b5:6d:3a:
                    d6:dc:e4:3e:cc:71:c2:ab:33:3e:c6:ef:04:a3:d1:
                    15:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                06:6E:61:7F:CC:89:68:E0:6D:62:D2:0F:F4:07:BC:01:65:C8:FE:D5
            X509v3 Authority Key Identifier: 
                keyid:58:BF:7F:3A:D5:3F:29:A3:C4:3F:0A:D8:20:17:A0:53:68:C0:10:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WL9_OtU_KaPEPwrYIBegU2jAEEo.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/Bm5hf8yJaOBtYtIP9Ae8AWXI_tU.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/364b94-6ca4-4f9a-88a5-8b3d527c49e4/1/WL9_OtU_KaPEPwrYIBegU2jAEEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:9b:54:6a:81:d2:aa:3c:52:10:f6:65:6b:62:a5:eb:14:94:
         e3:1c:d1:6c:4b:d3:76:a4:9b:b5:c7:63:ec:40:00:e1:ec:a8:
         45:c0:b0:96:ac:69:67:a7:78:be:d7:85:fc:b1:d1:af:fc:b0:
         f7:1f:4f:f6:7b:76:6a:45:18:ce:c3:e9:02:68:da:67:0f:a4:
         84:b1:b5:d1:d1:e1:af:a4:0e:1d:2f:6e:b8:53:56:0e:52:c5:
         f3:24:65:f1:4e:9d:c8:2e:d8:76:a6:4a:d7:4a:e7:a1:eb:40:
         2d:db:d6:02:43:5c:f1:93:9c:b3:9d:ff:ee:2f:99:25:07:bd:
         a0:6e:02:c9:69:ab:1a:fd:11:5d:6b:79:ca:40:7b:e8:d2:9d:
         a2:b9:f4:97:3d:66:e2:42:a8:1d:b7:fa:b1:02:9e:51:fb:40:
         d9:a7:23:c0:2c:44:53:6e:c2:e7:d9:c9:57:0d:02:fa:ce:cd:
         f7:b1:a5:68:47:0f:80:2a:33:1e:50:af:8c:7f:b6:dc:b3:c0:
         bc:75:7f:4e:58:d0:a7:8d:41:14:fe:db:77:26:37:e2:98:63:
         3c:ec:0e:d6:da:2f:c3:1a:e2:ff:cf:14:b8:f6:8e:d3:01:0f:
         f0:6b:9c:48:24:09:22:85:f0:80:be:88:79:b3:bb:f1:37:4d:
         e5:01:68:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyhrTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGJmN2YzYWQ1M2YyOWEzYzQzZjBhZDgyMDE3YTA1MzY4YzAxMDRhMB4XDTIyMDEw
MTExMDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY2ZTYxN2ZjYzg5
NjhlMDZkNjJkMjBmZjQwN2JjMDE2NWM4ZmVkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1kM+VjdKT78hFPEwRKZQG2S2VChV+9vKfjbZVOjrtnG3ct
bTp7qyTi2Y/t+6NrHvKPK4mUQGWJGi9JiK3WTHL3rZN7Gb8YZP1HCPrbpzhxgahP
Lush1d/17cX20KURExuJS5q1y5a6y6dd8dRP21Ht6pLKb1lEbQNPddu3WERsU6KT
n2mVEeOVP+efRb7GgeQedGWHjhwGqWsAuzzq6Jaqgg0agT1w0XSaNE2n2e7/yt9X
lnzEHDNZqi3+AQYuE5x5ZSGi3hjS3+cBTSmebfP55KyjEk9+l1RKr4xL34FCF0YC
9SCNCxhXKYIWtW061tzkPsxxwqszPsbvBKPRFS8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGbmF/zIlo4G1i0g/0B7wBZcj+1TAfBgNVHSMEGDAWgBRYv3861T8po8Q/
CtggF6BTaMAQSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dMOV9PdFVfS2FQRVB3cllJQmVnVTJqQUVFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMzY0Yjk0LTZjYTQtNGY5YS04OGE1LThiM2Q1MjdjNDllNC8x
L0JtNWhmOHlKYU9CdFl0SVA5QWU4QVdYSV90VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MzY0Yjk0LTZjYTQtNGY5YS04OGE1LThiM2Q1MjdjNDllNC8xL1dMOV9PdFVfS2FQ
RVB3cllJQmVnVTJqQUVFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnrIDANBgkqhkiG9w0BAQsFAAOC
AQEArptUaoHSqjxSEPZla2Kl6xSU4xzRbEvTdqSbtcdj7EAA4eyoRcCwlqxpZ6d4
vteF/LHRr/yw9x9P9nt2akUYzsPpAmjaZw+khLG10dHhr6QOHS9uuFNWDlLF8yRl
8U6dyC7YdqZK10rnoetALdvWAkNc8ZOcs53/7i+ZJQe9oG4CyWmrGv0RXWt5ykB7
6NKdorn0lz1m4kKoHbf6sQKeUftA2acjwCxEU27C59nJVw0C+s7N97GlaEcPgCoz
HlCvjH+23LPAvHV/TljQp41BFP7bdyY34phjPOwO1tovwxri/88UuPaO0wEP8Guc
SCQJIoXwgL6IebO78TdN5QFo2g==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:14:51 2022 by rpki-client.