Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/720e23-e85e-4884-8686-afc60413ec87/1/bCrYEW0ZAELcALcC0mFiD71zV-M.roa
File:                     bCrYEW0ZAELcALcC0mFiD71zV-M.roa (download)
Hash identifier:          FGp9bFRfflTNwmy9Paekldm20Y10EJx5snPhd2NIatc=
Subject key identifier:   6C:2A:D8:11:6D:19:00:42:DC:00:B7:02:D2:61:62:0F:BD:73:57:E3
Certificate issuer:       /CN=3b599dbfdef3f7fa2fa739f77cdc8402055b0d0c
Certificate serial:       EC70FE
Authority key identifier: 3B:59:9D:BF:DE:F3:F7:FA:2F:A7:39:F7:7C:DC:84:02:05:5B:0D:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1mdv97z9_ovpzn3fNyEAgVbDQw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/720e23-e85e-4884-8686-afc60413ec87/1/bCrYEW0ZAELcALcC0mFiD71zV-M.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 37.140.240.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15495422 (0xec70fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b599dbfdef3f7fa2fa739f77cdc8402055b0d0c
        Validity
            Not Before: Jan  1 08:59:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c2ad8116d190042dc00b702d261620fbd7357e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6c:23:55:df:71:c4:97:3a:87:7e:86:cc:a3:
                    a9:ff:5f:9b:67:e3:8c:d6:53:90:2c:c7:6a:87:a0:
                    ca:b0:05:08:fb:00:ac:5c:49:a1:69:f6:97:ac:95:
                    a3:67:00:28:4b:00:ef:47:4e:61:b4:57:e4:5e:87:
                    03:3e:6d:6a:e9:e1:5c:45:d8:00:ef:b9:12:66:ad:
                    23:da:8b:fe:7f:7e:af:08:5f:68:28:8c:ed:fb:51:
                    2c:26:5e:0d:e8:f0:f5:f6:0c:14:74:92:0c:ae:ea:
                    8e:53:d7:56:09:05:19:13:be:47:1d:a6:1e:1d:e3:
                    cc:c6:07:dc:e4:4b:7e:62:11:b1:60:b6:58:fe:8f:
                    42:56:7e:a3:23:bd:c4:eb:1c:ac:a8:b1:dc:fb:f1:
                    9e:39:41:9c:4d:df:1f:61:05:73:77:b1:44:7d:3a:
                    93:3f:5c:61:21:05:47:32:3f:28:c6:28:16:67:06:
                    b7:15:7b:82:1b:46:70:b2:cc:75:31:bb:87:a4:7a:
                    5d:4f:d1:f3:46:5c:12:41:93:0f:aa:23:4c:b4:5a:
                    bc:1d:24:57:8c:0d:ee:f6:98:e7:24:ec:8d:7a:77:
                    02:00:33:52:27:ea:af:3f:4b:22:66:95:a5:4d:36:
                    17:42:f4:45:89:eb:cf:6f:27:71:c9:a6:e8:1e:61:
                    bf:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                6C:2A:D8:11:6D:19:00:42:DC:00:B7:02:D2:61:62:0F:BD:73:57:E3
            X509v3 Authority Key Identifier: 
                keyid:3B:59:9D:BF:DE:F3:F7:FA:2F:A7:39:F7:7C:DC:84:02:05:5B:0D:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1mdv97z9_ovpzn3fNyEAgVbDQw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/720e23-e85e-4884-8686-afc60413ec87/1/bCrYEW0ZAELcALcC0mFiD71zV-M.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/720e23-e85e-4884-8686-afc60413ec87/1/O1mdv97z9_ovpzn3fNyEAgVbDQw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:7d:30:a0:8b:49:80:d1:64:0a:78:99:c4:a1:0f:88:40:1d:
         c2:fe:7e:ae:6c:e2:34:12:f4:ca:d5:04:71:7e:f3:a5:7d:44:
         84:27:ac:c7:74:b0:20:e7:cf:b9:c3:03:73:34:c5:6a:30:a1:
         b4:f8:80:34:9e:a6:67:b6:9f:3e:3f:09:ba:2d:6a:08:08:5b:
         cb:18:f6:5e:df:31:ca:4b:a2:e2:16:20:06:0e:8f:ff:25:11:
         fb:1a:23:7f:f8:28:23:3a:dd:70:4c:e5:31:86:a8:c7:c5:7a:
         cc:e2:34:79:72:c1:84:35:8f:02:c7:f3:79:e2:7c:f5:df:a8:
         d8:96:ac:1b:4f:5c:f0:c5:e6:36:ce:c0:21:c2:77:16:dd:b2:
         11:57:aa:82:1f:8c:5b:e1:a4:46:e8:93:65:48:d2:f9:41:b6:
         ca:78:c3:13:4b:64:ce:7e:fc:a6:a2:f9:4b:5d:e3:f6:03:94:
         a2:81:97:27:26:bf:92:57:20:f3:e6:3c:58:e1:20:1c:c2:7c:
         cd:aa:14:99:a2:c9:fe:7f:a3:a3:b6:88:ac:db:b9:96:d3:17:
         8e:4e:38:61:ba:33:99:f4:f6:1e:8f:78:ea:0b:9f:90:e4:9c:
         4b:8b:97:33:68:e8:e2:e9:bf:a4:03:73:ae:68:1f:31:45:3d:
         b0:70:eb:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOxw/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjU5OWRiZmRlZjNmN2ZhMmZhNzM5Zjc3Y2RjODQwMjA1NWIwZDBjMB4XDTIyMDEw
MTA4NTk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMyYWQ4MTE2ZDE5
MDA0MmRjMDBiNzAyZDI2MTYyMGZiZDczNTdlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdsI1XfccSXOod+hsyjqf9fm2fjjNZTkCzHaoegyrAFCPsA
rFxJoWn2l6yVo2cAKEsA70dOYbRX5F6HAz5taunhXEXYAO+5EmatI9qL/n9+rwhf
aCiM7ftRLCZeDejw9fYMFHSSDK7qjlPXVgkFGRO+Rx2mHh3jzMYH3ORLfmIRsWC2
WP6PQlZ+oyO9xOscrKix3PvxnjlBnE3fH2EFc3exRH06kz9cYSEFRzI/KMYoFmcG
txV7ghtGcLLMdTG7h6R6XU/R80ZcEkGTD6ojTLRavB0kV4wN7vaY5yTsjXp3AgAz
Uifqrz9LImaVpU02F0L0RYnrz28nccmm6B5hv+8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsKtgRbRkAQtwAtwLSYWIPvXNX4zAfBgNVHSMEGDAWgBQ7WZ2/3vP3+i+n
Ofd83IQCBVsNDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08xbWR2OTd6OV9vdnB6bjNmTnlFQWdWYkRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzIwZTIzLWU4NWUtNDg4NC04Njg2LWFmYzYwNDEzZWM4Ny8x
L2JDcllFVzBaQUVMY0FMY0MwbUZpRDcxelYtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzIwZTIzLWU4NWUtNDg4NC04Njg2LWFmYzYwNDEzZWM4Ny8xL08xbWR2OTd6OV9v
dnB6bjNmTnlFQWdWYkRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACWM8DANBgkqhkiG9w0BAQsFAAOC
AQEAa30woItJgNFkCniZxKEPiEAdwv5+rmziNBL0ytUEcX7zpX1EhCesx3SwIOfP
ucMDczTFajChtPiANJ6mZ7afPj8Jui1qCAhbyxj2Xt8xykui4hYgBg6P/yUR+xoj
f/goIzrdcEzlMYaox8V6zOI0eXLBhDWPAsfzeeJ89d+o2JasG09c8MXmNs7AIcJ3
Ft2yEVeqgh+MW+GkRuiTZUjS+UG2ynjDE0tkzn78pqL5S13j9gOUooGXJya/klcg
8+Y8WOEgHMJ8zaoUmaLJ/n+jo7aIrNu5ltMXjk44YbozmfT2Ho946gufkOScS4uX
M2jo4um/pANzrmgfMUU9sHDrZg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:53:10 2022 by rpki-client.