Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/pfN8ACbUBerPD82qHLHUaN0bqAg.roa
File:                     pfN8ACbUBerPD82qHLHUaN0bqAg.roa (download)
Hash identifier:          Hkze8z1tBme8EVVijeNnU0ItDscEAMHRL+7ARprCOoI=
Subject key identifier:   A5:F3:7C:00:26:D4:05:EA:CF:0F:CD:AA:1C:B1:D4:68:DD:1B:A8:08
Certificate issuer:       /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial:       0FE0C4C8
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/pfN8ACbUBerPD82qHLHUaN0bqAg.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a06:4c00::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 266388680 (0xfe0c4c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
        Validity
            Not Before: Jan  1 06:52:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a5f37c0026d405eacf0fcdaa1cb1d468dd1ba808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:42:51:b7:da:fa:a2:24:32:14:4c:be:d3:a6:
                    ce:11:50:a7:fc:5f:3e:67:bd:2f:d7:2b:81:2f:fa:
                    ad:c4:96:cc:0e:90:ac:98:e4:ad:9a:94:98:71:4e:
                    ee:45:9a:df:3b:a6:84:ad:f4:a5:45:53:23:ba:f3:
                    72:38:3d:57:71:51:55:04:46:4d:d2:9a:61:4f:60:
                    ab:6c:92:ce:26:2f:a7:39:50:3a:75:77:b0:70:95:
                    71:1b:2f:fd:40:7c:81:ac:23:af:92:1b:43:6e:25:
                    eb:ad:8a:84:63:cf:b0:3a:58:e8:ee:51:5e:aa:9c:
                    e0:17:e8:6b:c7:0c:ab:1c:b3:28:b1:71:b2:bc:cd:
                    2f:9a:e0:39:25:c3:e0:b8:f1:6b:b7:7a:76:34:f6:
                    e9:d6:cd:3e:6f:35:7d:f1:1a:8d:a0:6e:0c:f9:39:
                    f1:91:4c:70:c8:df:f5:3c:cb:f5:c0:f8:18:38:f7:
                    e1:9f:f1:49:b7:19:30:46:15:82:90:b8:cc:17:36:
                    8d:af:85:66:76:e8:81:22:00:8e:98:7f:35:73:d8:
                    83:55:66:4c:64:3c:95:19:d9:72:a0:10:c7:72:83:
                    49:8c:e7:99:8a:d5:b4:28:bc:d1:8b:36:17:2f:ab:
                    cf:3f:4a:66:ce:c0:26:b7:4d:53:04:49:7c:56:5e:
                    61:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A5:F3:7C:00:26:D4:05:EA:CF:0F:CD:AA:1C:B1:D4:68:DD:1B:A8:08
            X509v3 Authority Key Identifier: 
                keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/pfN8ACbUBerPD82qHLHUaN0bqAg.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:4c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:85:af:e6:56:c0:92:8b:80:7b:f5:99:e8:04:02:ce:56:3d:
         fb:e7:5f:cd:8a:f3:60:d5:dd:89:67:11:a6:b2:cf:82:76:89:
         c5:81:d4:79:fd:6e:22:cf:f0:05:8b:df:35:ab:bd:99:0b:80:
         8a:ba:51:3b:32:f1:27:af:a5:1c:e1:f5:a0:d7:16:85:2f:23:
         cd:24:64:c8:91:67:ec:5c:2f:bd:fa:61:73:d9:8f:1a:be:86:
         ab:67:de:0c:21:77:61:7f:22:bd:11:0d:be:98:37:ab:2b:a4:
         1c:dd:1c:a1:0a:e0:f3:df:35:a9:43:72:43:70:f4:d1:d0:cc:
         56:bc:31:1c:ea:18:cd:fb:ce:2c:e5:fe:65:f6:07:12:f3:57:
         38:b2:e0:e3:73:5f:42:21:f7:11:f7:28:3f:63:0d:b4:7a:7d:
         27:36:2d:8f:f5:ae:df:16:df:a3:e9:dc:62:db:9d:9f:6f:43:
         fd:cc:02:04:24:f2:f7:cf:0f:7b:e7:ab:13:88:59:e9:8f:2f:
         2c:7a:14:7c:2a:f0:d6:18:83:6d:38:b8:c3:d6:b1:cf:6a:ff:
         4c:7c:51:de:9a:d7:f9:a5:1f:72:9d:9b:b7:2b:5c:ea:81:cc:
         f5:b9:94:76:82:06:60:36:89:34:87:e8:91:d9:6f:32:c3:dc:
         4a:9e:82:bb
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIED+DEyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MjE0YTdlMmE4YzcwMTIzMjVhZTk3M2VkMWEyYmJhMDViMmJiOWMxMB4XDTIyMDEw
MTA2NTI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVmMzdjMDAyNmQ0
MDVlYWNmMGZjZGFhMWNiMWQ0NjhkZDFiYTgwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRCUbfa+qIkMhRMvtOmzhFQp/xfPme9L9crgS/6rcSWzA6Q
rJjkrZqUmHFO7kWa3zumhK30pUVTI7rzcjg9V3FRVQRGTdKaYU9gq2ySziYvpzlQ
OnV3sHCVcRsv/UB8gawjr5IbQ24l662KhGPPsDpY6O5RXqqc4Bfoa8cMqxyzKLFx
srzNL5rgOSXD4Ljxa7d6djT26dbNPm81ffEajaBuDPk58ZFMcMjf9TzL9cD4GDj3
4Z/xSbcZMEYVgpC4zBc2ja+FZnbogSIAjph/NXPYg1VmTGQ8lRnZcqAQx3KDSYzn
mYrVtCi80Ys2Fy+rzz9KZs7AJrdNUwRJfFZeYWsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSl83wAJtQF6s8PzaocsdRo3RuoCDAfBgNVHSMEGDAWgBQSFKfiqMcBIyWu
lz7RorugWyu5wTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VoU240cWpIQVNNbHJwYy0wYUs3b0ZzcnVjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvYTY4ZGJjLTNmOTQtNGZlZC04ZDlkLWU5YzM2NDljMTIxOC8x
L3BmTjhBQ2JVQmVyUEQ4MnFITEhVYU4wYnFBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
YTY4ZGJjLTNmOTQtNGZlZC04ZDlkLWU5YzM2NDljMTIxOC8xL0VoU240cWpIQVNN
bHJwYy0wYUs3b0ZzcnVjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoGTAAwDQYJKoZIhvcNAQELBQAD
ggEBAGaFr+ZWwJKLgHv1megEAs5WPfvnX82K82DV3YlnEaayz4J2icWB1Hn9biLP
8AWL3zWrvZkLgIq6UTsy8SevpRzh9aDXFoUvI80kZMiRZ+xcL736YXPZjxq+hqtn
3gwhd2F/Ir0RDb6YN6srpBzdHKEK4PPfNalDckNw9NHQzFa8MRzqGM37zizl/mX2
BxLzVziy4ONzX0Ih9xH3KD9jDbR6fSc2LY/1rt8W36Pp3GLbnZ9vQ/3MAgQk8vfP
D3vnqxOIWemPLyx6FHwq8NYYg204uMPWsc9q/0x8Ud6a1/mlH3Kdm7crXOqBzPW5
lHaCBmA2iTSH6JHZbzLD3Eqegrs=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:14:51 2022 by rpki-client.