Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1813ba-a5e0-41fc-8d71-d45878b1202c/1/aKQrNtgg9xn_rgyU2qBa0aCbHWQ.roa
File:                     aKQrNtgg9xn_rgyU2qBa0aCbHWQ.roa (download)
Hash identifier:          BSk2A+TWd4vT+JMT7cU0uiFqeMoGDsdUEuFqiLzVFoU=
Subject key identifier:   68:A4:2B:36:D8:20:F7:19:FF:AE:0C:94:DA:A0:5A:D1:A0:9B:1D:64
Certificate issuer:       /CN=aa292618e3b760e81c96eaa5dfc308050eaf14b1
Certificate serial:       819034
Authority key identifier: AA:29:26:18:E3:B7:60:E8:1C:96:EA:A5:DF:C3:08:05:0E:AF:14:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qikmGOO3YOgcluql38MIBQ6vFLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/1813ba-a5e0-41fc-8d71-d45878b1202c/1/aKQrNtgg9xn_rgyU2qBa0aCbHWQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 212.23.195.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8491060 (0x819034)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa292618e3b760e81c96eaa5dfc308050eaf14b1
        Validity
            Not Before: Jan  1 02:56:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68a42b36d820f719ffae0c94daa05ad1a09b1d64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:04:4e:6e:49:8e:59:cf:36:c5:23:2e:6b:3c:
                    cd:c1:be:27:85:d1:fd:ab:c7:ad:60:3e:a3:d4:4d:
                    d1:79:1a:3c:e1:d0:ff:6d:4f:2f:21:a9:f6:a1:3a:
                    05:b2:86:28:b9:d6:97:b8:e7:92:89:a9:28:5b:34:
                    00:ec:35:79:a1:d8:77:da:cd:f0:14:98:c4:8f:22:
                    89:db:f9:3c:1a:70:d7:d1:8d:28:70:5d:4d:80:3b:
                    0f:8c:6c:10:bf:3f:5a:1c:e3:29:1c:e1:07:66:4f:
                    0c:3f:26:21:27:d9:66:0f:12:a5:e5:86:ab:75:61:
                    68:a8:1e:e6:04:06:87:ed:96:fe:ce:68:34:66:74:
                    05:58:a3:57:33:ca:7d:d8:3f:08:a2:a8:d8:48:1e:
                    33:73:9e:28:4b:64:d0:70:85:a1:bb:6d:d7:90:0e:
                    c9:c8:d0:6b:49:55:b5:62:6a:5a:f3:e7:c4:36:48:
                    92:9f:30:77:4c:8f:d3:0e:57:a3:f5:9f:61:27:94:
                    2a:c9:2f:62:7d:d1:5f:07:cd:a1:0e:0b:4f:99:84:
                    fe:1c:a5:54:ff:98:fb:e4:dc:bf:ce:dd:06:9c:b6:
                    46:2b:df:d5:7f:9b:4a:53:97:40:81:37:6a:e5:45:
                    43:03:0c:45:f5:2d:1f:8e:f1:c9:b3:b9:ec:58:98:
                    11:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                68:A4:2B:36:D8:20:F7:19:FF:AE:0C:94:DA:A0:5A:D1:A0:9B:1D:64
            X509v3 Authority Key Identifier: 
                keyid:AA:29:26:18:E3:B7:60:E8:1C:96:EA:A5:DF:C3:08:05:0E:AF:14:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qikmGOO3YOgcluql38MIBQ6vFLE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1813ba-a5e0-41fc-8d71-d45878b1202c/1/aKQrNtgg9xn_rgyU2qBa0aCbHWQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1813ba-a5e0-41fc-8d71-d45878b1202c/1/qikmGOO3YOgcluql38MIBQ6vFLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:10:8a:70:36:63:75:55:98:d1:1c:df:87:78:e9:73:aa:49:
         4b:43:83:32:1b:7f:58:f3:76:e1:ad:b5:a8:eb:ac:86:7a:14:
         94:4f:34:0d:3b:fe:84:43:24:b5:41:67:25:1b:87:a7:e4:e5:
         d7:f4:68:bc:85:92:35:61:16:a2:08:53:6c:5c:3f:49:70:cb:
         b6:5a:99:c2:b9:3b:41:91:5d:89:60:69:31:c0:9d:be:0c:87:
         83:73:e8:ee:66:93:4b:4f:d8:89:96:0d:08:2c:07:17:52:55:
         cd:02:ab:37:aa:06:ee:0a:56:c7:24:52:71:1f:ae:60:71:5a:
         77:eb:ba:41:8f:72:cd:84:02:69:db:20:11:7d:9f:cc:0b:9e:
         bf:ac:55:72:6b:25:84:70:6f:d9:e7:53:ea:52:33:8a:bd:ce:
         96:d0:ac:5e:4d:7c:9c:43:81:45:18:0e:98:39:32:68:5a:d7:
         7c:b5:12:7b:d8:92:b5:c2:74:b4:3d:17:ed:04:78:e5:e9:fd:
         4e:f8:bf:94:27:b7:15:38:72:68:41:8a:4d:b9:61:47:97:3d:
         6c:76:46:10:e9:15:e1:88:f5:b7:dc:9b:09:00:ec:d2:4c:2e:
         0b:56:28:a4:fd:b2:74:d5:bf:ca:61:b2:1c:9b:69:bf:dd:35:
         eb:c3:3c:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIGQNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTI5MjYxOGUzYjc2MGU4MWM5NmVhYTVkZmMzMDgwNTBlYWYxNGIxMB4XDTIyMDEw
MTAyNTYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhhNDJiMzZkODIw
ZjcxOWZmYWUwYzk0ZGFhMDVhZDFhMDliMWQ2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoETm5JjlnPNsUjLms8zcG+J4XR/avHrWA+o9RN0XkaPOHQ
/21PLyGp9qE6BbKGKLnWl7jnkompKFs0AOw1eaHYd9rN8BSYxI8iidv5PBpw19GN
KHBdTYA7D4xsEL8/WhzjKRzhB2ZPDD8mISfZZg8SpeWGq3VhaKge5gQGh+2W/s5o
NGZ0BVijVzPKfdg/CKKo2EgeM3OeKEtk0HCFobtt15AOycjQa0lVtWJqWvPnxDZI
kp8wd0yP0w5Xo/WfYSeUKskvYn3RXwfNoQ4LT5mE/hylVP+Y++Tcv87dBpy2Rivf
1X+bSlOXQIE3auVFQwMMRfUtH47xybO57FiYEXECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRopCs22CD3Gf+uDJTaoFrRoJsdZDAfBgNVHSMEGDAWgBSqKSYY47dg6ByW
6qXfwwgFDq8UsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Fpa21HT08zWU9nY2x1cWwzOE1JQlE2dkZMRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMTgxM2JhLWE1ZTAtNDFmYy04ZDcxLWQ0NTg3OGIxMjAyYy8x
L2FLUXJOdGdnOXhuX3JneVUycUJhMGFDYkhXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MTgxM2JhLWE1ZTAtNDFmYy04ZDcxLWQ0NTg3OGIxMjAyYy8xL3Fpa21HT08zWU9n
Y2x1cWwzOE1JQlE2dkZMRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQXwzANBgkqhkiG9w0BAQsFAAOC
AQEAjxCKcDZjdVWY0Rzfh3jpc6pJS0ODMht/WPN24a21qOushnoUlE80DTv+hEMk
tUFnJRuHp+Tl1/RovIWSNWEWoghTbFw/SXDLtlqZwrk7QZFdiWBpMcCdvgyHg3Po
7maTS0/YiZYNCCwHF1JVzQKrN6oG7gpWxyRScR+uYHFad+u6QY9yzYQCadsgEX2f
zAuev6xVcmslhHBv2edT6lIzir3OltCsXk18nEOBRRgOmDkyaFrXfLUSe9iStcJ0
tD0X7QR45en9Tvi/lCe3FThyaEGKTblhR5c9bHZGEOkV4Yj1t9ybCQDs0kwuC1Yo
pP2ydNW/ymGyHJtpv90168M8wg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:37:51 2022 by rpki-client.