Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/aa576f-9aab-4cc8-a738-56f52b0ae04a/1/E19xshxYrLyYNHMqUKkJJTyg87w.roa
File:                     E19xshxYrLyYNHMqUKkJJTyg87w.roa (download)
Hash identifier:          KEOTt+3X023y4JZkj4uwQXEFWLcWSHnQiDIIyNsZxPs=
Subject key identifier:   13:5F:71:B2:1C:58:AC:BC:98:34:73:2A:50:A9:09:25:3C:A0:F3:BC
Certificate issuer:       /CN=1ae5c2fd9716718f426202834791d941a9c846a7
Certificate serial:       8A61A0
Authority key identifier: 1A:E5:C2:FD:97:16:71:8F:42:62:02:83:47:91:D9:41:A9:C8:46:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GuXC_ZcWcY9CYgKDR5HZQanIRqc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/aa576f-9aab-4cc8-a738-56f52b0ae04a/1/E19xshxYrLyYNHMqUKkJJTyg87w.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.116.10.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9068960 (0x8a61a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ae5c2fd9716718f426202834791d941a9c846a7
        Validity
            Not Before: Jan  1 00:55:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=135f71b21c58acbc9834732a50a909253ca0f3bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d0:5b:ea:05:60:3d:40:c0:7e:26:2f:30:7c:
                    74:09:5f:13:7f:dc:7c:7c:3b:ce:88:5b:c2:12:39:
                    45:3d:1a:eb:85:e5:d3:fe:87:a2:ea:03:a9:45:89:
                    5c:5d:9f:d9:bd:f0:a5:0d:4d:1e:91:fc:54:f2:32:
                    e0:5d:f1:b3:e9:92:8d:9d:f0:e9:fb:dc:8b:2d:38:
                    fd:75:d0:40:0a:fa:33:f8:2e:1c:4b:28:f8:e9:2d:
                    63:09:1b:25:1e:eb:8b:fd:34:4d:ff:9f:c9:52:e0:
                    83:32:ea:b7:5f:be:75:36:43:b5:93:34:ed:13:bd:
                    0a:cd:2b:50:da:28:43:9c:f6:a9:ce:28:67:57:4d:
                    e7:5e:e8:ac:63:e3:25:1d:85:7e:25:77:e2:75:38:
                    fe:69:88:18:a2:60:65:36:d0:d4:d3:26:1c:94:17:
                    56:60:6a:20:b7:4b:81:6c:a8:81:8f:de:fc:25:d5:
                    55:76:e3:85:5c:3f:6f:6e:bd:04:c8:ae:34:99:63:
                    b7:be:ac:1c:68:ca:ef:af:de:74:57:e7:32:6a:a1:
                    27:17:5a:45:c8:f1:ae:e6:d9:42:46:86:df:ef:56:
                    8d:3b:0b:63:4f:1e:3b:3b:ef:11:31:09:0b:ed:6f:
                    d4:c8:07:43:5b:b9:c0:9a:03:e5:5c:d3:6c:da:93:
                    dd:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                13:5F:71:B2:1C:58:AC:BC:98:34:73:2A:50:A9:09:25:3C:A0:F3:BC
            X509v3 Authority Key Identifier: 
                keyid:1A:E5:C2:FD:97:16:71:8F:42:62:02:83:47:91:D9:41:A9:C8:46:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuXC_ZcWcY9CYgKDR5HZQanIRqc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/aa576f-9aab-4cc8-a738-56f52b0ae04a/1/E19xshxYrLyYNHMqUKkJJTyg87w.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/aa576f-9aab-4cc8-a738-56f52b0ae04a/1/GuXC_ZcWcY9CYgKDR5HZQanIRqc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.116.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:5f:b6:6a:b1:44:42:e6:25:ed:be:a2:83:63:c8:35:45:07:
         13:4b:e8:d1:9d:8b:80:52:b5:13:86:96:32:d8:19:16:e4:d4:
         f4:70:f0:02:53:5c:33:fa:87:66:01:0f:8d:a7:4f:09:96:78:
         3b:37:f9:40:93:cb:7b:0b:4d:3d:66:4a:19:35:e1:cd:13:8c:
         50:5a:e6:fc:2b:37:e2:e2:bc:39:a7:0c:2d:d7:1d:92:d0:a0:
         23:d5:48:e9:1f:70:2a:40:b1:f7:27:b6:48:32:82:db:90:74:
         5a:77:f2:a6:04:38:cb:66:f5:54:c3:9a:0f:6d:f5:fa:d2:ce:
         4e:a1:d8:71:1e:c7:d5:28:7d:8f:ad:43:a2:e8:11:63:c9:48:
         74:99:48:df:98:cf:79:3e:93:f4:cf:be:07:db:47:bf:cc:5f:
         04:b7:e5:55:81:8e:d9:1c:75:d1:b1:28:3e:50:71:b2:b3:02:
         42:41:26:9f:b7:3f:cc:23:a0:ff:cb:44:58:af:90:f1:ad:89:
         a0:fe:6a:86:8f:63:81:93:b7:de:57:c1:7b:c6:ae:00:05:0c:
         43:14:43:ab:e2:73:5d:24:b5:d8:f0:4f:1b:9f:e9:fb:62:23:
         70:09:76:31:ba:f0:94:0b:fe:8f:64:c5:59:98:24:b6:e0:f8:
         b6:d2:4d:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIphoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWU1YzJmZDk3MTY3MThmNDI2MjAyODM0NzkxZDk0MWE5Yzg0NmE3MB4XDTIyMDEw
MTAwNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM1ZjcxYjIxYzU4
YWNiYzk4MzQ3MzJhNTBhOTA5MjUzY2EwZjNiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLQW+oFYD1AwH4mLzB8dAlfE3/cfHw7zohbwhI5RT0a64Xl
0/6HouoDqUWJXF2f2b3wpQ1NHpH8VPIy4F3xs+mSjZ3w6fvciy04/XXQQAr6M/gu
HEso+OktYwkbJR7ri/00Tf+fyVLggzLqt1++dTZDtZM07RO9Cs0rUNooQ5z2qc4o
Z1dN517orGPjJR2FfiV34nU4/mmIGKJgZTbQ1NMmHJQXVmBqILdLgWyogY/e/CXV
VXbjhVw/b269BMiuNJljt76sHGjK76/edFfnMmqhJxdaRcjxrubZQkaG3+9WjTsL
Y08eOzvvETEJC+1v1MgHQ1u5wJoD5VzTbNqT3ZMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQTX3GyHFisvJg0cypQqQklPKDzvDAfBgNVHSMEGDAWgBQa5cL9lxZxj0Ji
AoNHkdlBqchGpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d1WENfWmNXY1k5Q1lnS0RSNUhaUWFuSVJxYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYWE1NzZmLTlhYWItNGNjOC1hNzM4LTU2ZjUyYjBhZTA0YS8x
L0UxOXhzaHhZckx5WU5ITXFVS2tKSlR5Zzg3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YWE1NzZmLTlhYWItNGNjOC1hNzM4LTU2ZjUyYjBhZTA0YS8xL0d1WENfWmNXY1k5
Q1lnS0RSNUhaUWFuSVJxYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB0CjANBgkqhkiG9w0BAQsFAAOC
AQEAWl+2arFEQuYl7b6ig2PINUUHE0vo0Z2LgFK1E4aWMtgZFuTU9HDwAlNcM/qH
ZgEPjadPCZZ4Ozf5QJPLewtNPWZKGTXhzROMUFrm/Cs34uK8OacMLdcdktCgI9VI
6R9wKkCx9ye2SDKC25B0WnfypgQ4y2b1VMOaD231+tLOTqHYcR7H1Sh9j61DougR
Y8lIdJlI35jPeT6T9M++B9tHv8xfBLflVYGO2Rx10bEoPlBxsrMCQkEmn7c/zCOg
/8tEWK+Q8a2JoP5qho9jgZO33lfBe8auAAUMQxRDq+JzXSS12PBPG5/p+2IjcAl2
MbrwlAv+j2TFWZgktuD4ttJNww==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:24:18 2022 by rpki-client.