Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/

$ rpki-client -vvf mFVWZ9VcR8-u7Ug7FECr_wRziXk.roa
File:                     mFVWZ9VcR8-u7Ug7FECr_wRziXk.roa (download)
Hash identifier:          8+dIzIqgrQdKtqv39UZIGLWzMX413YuHdgzpzugcK6I=
Subject key identifier:   98:55:56:67:D5:5C:47:CF:AE:ED:48:3B:14:40:AB:FF:04:73:89:79
Certificate issuer:       /CN=2f21cae86cbf1099accf91e022359d2486cba69d
Certificate serial:       0138470B
Authority key identifier: 2F:21:CA:E8:6C:BF:10:99:AC:CF:91:E0:22:35:9D:24:86:CB:A6:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/mFVWZ9VcR8-u7Ug7FECr_wRziXk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.145.233.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20465419 (0x138470b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f21cae86cbf1099accf91e022359d2486cba69d
        Validity
            Not Before: Jan  1 01:00:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98555667d55c47cfaeed483b1440abff04738979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d2:de:c1:8b:ed:42:bd:b0:f5:00:c7:9f:a3:
                    b8:ce:db:3d:2a:4d:10:e8:6b:44:84:a8:d9:1d:e2:
                    e2:06:b5:19:99:5b:cc:d4:c1:b5:98:94:75:0e:ba:
                    8b:e1:a2:78:7c:1a:34:2d:52:2d:ac:78:e3:98:e3:
                    41:2f:0c:cb:db:04:cd:6a:3f:11:70:01:dd:14:13:
                    85:ca:a1:bf:77:40:fd:8b:e2:73:4b:ec:48:46:0a:
                    6b:f1:cc:6f:d4:f0:76:ae:f4:5d:da:ac:90:1f:0f:
                    3a:99:f0:10:b5:0e:2a:5f:35:89:4c:50:be:a1:9e:
                    86:93:2a:eb:c4:38:f4:fa:d3:94:33:01:f5:aa:31:
                    cf:e8:3b:97:6b:25:12:c0:17:d6:5b:b5:c1:66:a1:
                    5b:af:f9:61:4a:d9:9b:26:fb:47:3c:73:08:ef:43:
                    47:3b:36:20:56:cd:56:ba:19:65:06:88:c8:1a:6b:
                    de:61:38:4e:a6:3e:7a:b3:66:01:c2:82:92:57:96:
                    cc:8f:b7:c4:5d:29:00:ef:9e:c2:08:e9:85:f4:cc:
                    9d:3f:d5:85:e4:9f:d9:ec:3a:0d:f2:a4:d8:38:fb:
                    60:aa:84:b0:e5:2f:b9:32:6f:6a:76:cd:fd:4b:fc:
                    f6:7c:39:79:dd:4b:0d:ec:d5:90:04:85:8f:47:14:
                    97:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                98:55:56:67:D5:5C:47:CF:AE:ED:48:3B:14:40:AB:FF:04:73:89:79
            X509v3 Authority Key Identifier: 
                keyid:2F:21:CA:E8:6C:BF:10:99:AC:CF:91:E0:22:35:9D:24:86:CB:A6:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/mFVWZ9VcR8-u7Ug7FECr_wRziXk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.145.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:39:d5:53:09:cf:af:05:39:2f:9b:c0:d6:a3:db:3a:84:e3:
         2e:dd:4e:95:11:ca:0b:a9:6a:13:12:cf:a1:35:3f:bd:8b:1d:
         af:08:dc:67:09:0f:11:73:d2:cf:10:74:75:29:e1:6a:52:69:
         a2:cb:c2:cc:24:9b:08:6b:0e:10:a7:06:b7:55:c8:e3:c6:b1:
         96:6d:e3:ee:f8:d4:f2:b7:92:ec:d0:d6:4a:77:59:73:f7:27:
         29:e0:5f:ed:39:77:b2:c9:ab:e1:27:ce:fe:08:18:08:19:de:
         26:4a:db:7f:76:8c:6e:4e:e7:b6:ed:d8:f1:5a:8b:7e:c4:a2:
         0f:ee:04:7b:36:54:86:9e:3d:13:24:f3:f5:9b:5d:db:c4:00:
         42:ef:76:7a:15:e1:4f:7c:35:b4:89:3b:31:6b:d5:33:df:76:
         11:58:1d:9c:22:e2:32:82:eb:ae:b4:fb:73:89:02:86:b8:db:
         69:15:16:68:8c:00:32:42:94:e0:d5:2a:ca:38:29:5c:8a:19:
         04:5d:2b:63:d9:0b:06:cd:61:b5:18:ed:79:e4:a5:b1:cf:b4:
         fd:a2:19:97:4d:73:e7:f1:ff:a7:d8:dc:f0:fc:96:af:18:01:
         5a:db:a2:1b:06:64:b2:80:fe:94:a1:c2:f8:23:9f:55:71:8d:
         d3:0d:58:0b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAThHCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjIxY2FlODZjYmYxMDk5YWNjZjkxZTAyMjM1OWQyNDg2Y2JhNjlkMB4XDTIyMDEw
MTAxMDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg1NTU2NjdkNTVj
NDdjZmFlZWQ0ODNiMTQ0MGFiZmYwNDczODk3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvS3sGL7UK9sPUAx5+juM7bPSpNEOhrRISo2R3i4ga1GZlb
zNTBtZiUdQ66i+GieHwaNC1SLax445jjQS8My9sEzWo/EXAB3RQThcqhv3dA/Yvi
c0vsSEYKa/HMb9Twdq70XdqskB8POpnwELUOKl81iUxQvqGehpMq68Q49PrTlDMB
9aoxz+g7l2slEsAX1lu1wWahW6/5YUrZmyb7RzxzCO9DRzs2IFbNVroZZQaIyBpr
3mE4TqY+erNmAcKCkleWzI+3xF0pAO+ewgjphfTMnT/VheSf2ew6DfKk2Dj7YKqE
sOUvuTJvanbN/Uv89nw5ed1LDezVkASFj0cUl70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYVVZn1VxHz67tSDsUQKv/BHOJeTAfBgNVHSMEGDAWgBQvIcrobL8QmazP
keAiNZ0khsumnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x5SEs2R3lfRUptc3o1SGdJaldkSkliTHBwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvNjlmYTBmLTQ0MTQtNGE2OS1hY2QxLTZjZjNjM2MyNjAwNi8x
L21GVldaOVZjUjgtdTdVZzdGRUNyX3dSemlYay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
NjlmYTBmLTQ0MTQtNGE2OS1hY2QxLTZjZjNjM2MyNjAwNi8xL0x5SEs2R3lfRUpt
c3o1SGdJaldkSkliTHBwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmR6TANBgkqhkiG9w0BAQsFAAOC
AQEAojnVUwnPrwU5L5vA1qPbOoTjLt1OlRHKC6lqExLPoTU/vYsdrwjcZwkPEXPS
zxB0dSnhalJposvCzCSbCGsOEKcGt1XI48axlm3j7vjU8reS7NDWSndZc/cnKeBf
7Tl3ssmr4SfO/ggYCBneJkrbf3aMbk7ntu3Y8VqLfsSiD+4EezZUhp49EyTz9Ztd
28QAQu92ehXhT3w1tIk7MWvVM992EVgdnCLiMoLrrrT7c4kChrjbaRUWaIwAMkKU
4NUqyjgpXIoZBF0rY9kLBs1htRjteeSlsc+0/aIZl01z5/H/p9jc8PyWrxgBWtui
GwZksoD+lKHC+COfVXGN0w1YCw==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:33:06 2022 by rpki-client.