Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/

$ rpki-client -vvf Z8mBsdEAmAFL7W0J2sTyG-K6CPw.roa
File:                     Z8mBsdEAmAFL7W0J2sTyG-K6CPw.roa (download)
Hash identifier:          3vhOTUPkF5ZYBLlIq1+6zEYECeuu9UlqIbzBXWOR88o=
Subject key identifier:   67:C9:81:B1:D1:00:98:01:4B:ED:6D:09:DA:C4:F2:1B:E2:BA:08:FC
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       0352DEAB
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Z8mBsdEAmAFL7W0J2sTyG-K6CPw.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 45.157.72.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55762603 (0x352deab)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Jun 23 05:03:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=67c981b1d10098014bed6d09dac4f21be2ba08fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:61:cf:43:5c:44:e0:c5:20:82:c1:82:e5:db:
                    48:b2:00:72:5d:86:70:01:34:80:5f:a9:80:8a:37:
                    46:f1:f1:fd:6d:16:db:b6:78:6f:9f:43:6a:ca:d9:
                    d4:ef:7c:3b:c1:1f:b9:50:97:e6:c5:bb:53:9a:c0:
                    74:e2:42:05:dd:f6:e0:70:79:c9:37:9f:ed:70:7f:
                    6b:50:a3:0a:1e:e3:e8:49:d8:1f:5f:43:dc:1f:62:
                    6c:b8:40:2e:28:ee:ea:07:9b:bc:2e:f2:8d:f9:2f:
                    2e:6a:fb:75:bd:d0:24:6e:18:28:7f:e7:0a:da:1e:
                    6b:18:1e:c4:70:52:59:6a:cd:a9:b3:1a:2a:26:6a:
                    1d:77:e6:04:08:66:5c:bc:e1:db:89:ff:36:ba:79:
                    e5:1e:e1:89:39:be:00:94:9a:34:53:2d:6b:7c:9f:
                    80:c0:36:93:26:1c:84:c2:13:da:a5:07:5c:df:11:
                    1d:63:74:fe:68:7f:99:2d:e8:cb:d7:61:56:6c:f0:
                    3c:7c:31:1f:c4:83:60:dd:67:b4:77:c6:39:0e:27:
                    79:d0:54:66:df:42:b1:36:d4:e6:cb:17:80:9a:17:
                    57:67:65:0c:dd:23:ad:ea:b6:7c:1e:9b:48:be:c9:
                    aa:2e:14:66:f0:3b:e9:b6:eb:86:8b:b5:ef:75:d3:
                    8e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                67:C9:81:B1:D1:00:98:01:4B:ED:6D:09:DA:C4:F2:1B:E2:BA:08:FC
            X509v3 Authority Key Identifier: 
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Z8mBsdEAmAFL7W0J2sTyG-K6CPw.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:cb:80:b6:c1:b2:e7:d9:75:47:c1:a4:e5:51:61:23:6b:0a:
         77:d1:37:d8:a8:0b:bb:6a:e5:28:b7:86:78:fe:55:01:80:37:
         49:30:42:15:0a:37:e6:fe:f4:a8:fb:ce:7b:2e:8d:c1:c8:21:
         e1:8b:24:bb:f9:4c:03:48:30:b0:9e:84:45:96:00:9a:fc:b3:
         7b:a6:78:2e:db:b6:37:81:a4:a7:18:5b:ec:02:05:c7:17:ac:
         33:72:40:18:3c:7a:e3:8d:be:1a:1f:81:24:b8:79:a1:77:c4:
         c6:bb:05:e4:d8:d1:5b:a9:43:50:81:c9:ca:0a:89:91:ef:2f:
         ad:fa:ba:d7:c6:b6:7f:a2:95:64:3a:e2:f9:0a:29:99:4c:20:
         1b:92:a3:75:da:a7:c7:18:dc:45:aa:bc:3a:45:6d:cc:03:8a:
         61:08:85:3d:19:6d:4f:6d:d4:0e:af:1e:5f:c2:63:84:73:a4:
         0c:46:40:71:70:83:61:9e:67:7a:5a:9c:9b:c4:6f:39:13:47:
         84:51:44:52:86:58:27:6c:5f:f8:05:53:4d:e9:9d:3c:28:61:
         66:26:82:38:c8:73:9a:18:95:d4:e6:da:f1:0f:b2:68:3d:b6:
         cb:89:64:59:95:42:ce:e7:af:8a:27:4a:d9:e9:64:2b:06:5a:
         d5:80:98:9f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA1LeqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDYy
MzA1MDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdjOTgxYjFkMTAw
OTgwMTRiZWQ2ZDA5ZGFjNGYyMWJlMmJhMDhmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZhz0NcRODFIILBguXbSLIAcl2GcAE0gF+pgIo3RvHx/W0W
27Z4b59DasrZ1O98O8EfuVCX5sW7U5rAdOJCBd324HB5yTef7XB/a1CjCh7j6EnY
H19D3B9ibLhALiju6gebvC7yjfkvLmr7db3QJG4YKH/nCtoeaxgexHBSWWrNqbMa
KiZqHXfmBAhmXLzh24n/Nrp55R7hiTm+AJSaNFMta3yfgMA2kyYchMIT2qUHXN8R
HWN0/mh/mS3oy9dhVmzwPHwxH8SDYN1ntHfGOQ4nedBUZt9CsTbU5ssXgJoXV2dl
DN0jreq2fB6bSL7Jqi4UZvA76bbrhou173XTjm8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnyYGx0QCYAUvtbQnaxPIb4roI/DAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L1o4bUJzZEVBbUFGTDdXMEoyc1R5Ry1LNkNQdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2dSDANBgkqhkiG9w0BAQsFAAOC
AQEAW8uAtsGy59l1R8Gk5VFhI2sKd9E32KgLu2rlKLeGeP5VAYA3STBCFQo35v70
qPvOey6Nwcgh4Ysku/lMA0gwsJ6ERZYAmvyze6Z4Ltu2N4Gkpxhb7AIFxxesM3JA
GDx6442+Gh+BJLh5oXfExrsF5NjRW6lDUIHJygqJke8vrfq618a2f6KVZDri+Qop
mUwgG5KjddqnxxjcRaq8OkVtzAOKYQiFPRltT23UDq8eX8JjhHOkDEZAcXCDYZ5n
elqcm8RvORNHhFFEUoZYJ2xf+AVTTemdPChhZiaCOMhzmhiV1Oba8Q+yaD22y4lk
WZVCzueviidK2elkKwZa1YCYnw==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:33:03 2022 by rpki-client.