Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tjchqQG41QYRYUa8d41XiybPMxI.roa
File:                     tjchqQG41QYRYUa8d41XiybPMxI.roa (download)
Hash identifier:          6d4ZYN2cFRgdFk7wzZ2B+/8GAfgP/sNoEvZDW3U8e3s=
Subject key identifier:   B6:37:21:A9:01:B8:D5:06:11:61:46:BC:77:8D:57:8B:26:CF:33:12
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0182B650B51B813A22F192EDBF74557C4B44
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tjchqQG41QYRYUa8d41XiybPMxI.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 45.86.155.0/24 maxlen: 24
    2: 45.131.110.0/24 maxlen: 24
    3: 45.147.5.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:b6:50:b5:1b:81:3a:22:f1:92:ed:bf:74:55:7c:4b:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Aug 19 13:35:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b63721a901b8d506116146bc778d578b26cf3312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:68:9c:92:a2:dc:0b:23:97:a6:02:0e:e9:ab:
                    8f:8d:93:a8:59:fa:16:69:90:49:23:53:f5:53:60:
                    9b:e8:e7:9b:cf:e5:d3:71:ed:da:09:90:5c:0f:f0:
                    9c:c8:cc:4c:37:aa:8c:6c:95:f6:6c:d8:50:08:df:
                    98:cb:d7:6d:af:97:7b:09:23:bc:72:a5:4a:d5:40:
                    0f:b9:1e:20:26:07:cb:a1:69:d8:62:e6:c5:97:c5:
                    4e:2b:47:2d:32:87:f6:da:32:1f:3e:f6:de:d7:21:
                    09:e0:71:6e:47:97:14:f8:b3:35:7b:50:ed:29:23:
                    cb:0f:cd:a6:79:cb:83:3c:83:f8:6b:a3:4d:16:1b:
                    ef:a0:35:6d:46:8b:ab:4d:29:e5:3d:39:22:68:dd:
                    61:e8:7b:6e:67:8f:de:3f:6d:43:91:5d:f3:c7:8f:
                    dd:9b:04:7f:26:92:20:fc:0a:8c:6f:bb:61:92:44:
                    fb:b2:f5:43:bc:da:bb:0a:ec:f5:c3:d5:54:b4:5b:
                    9d:b7:6b:08:c7:91:c2:96:fc:4e:9d:de:ad:d5:44:
                    da:01:06:94:5d:f5:54:10:46:89:77:ac:75:89:99:
                    1a:93:91:6c:ef:14:54:6c:91:12:8c:bc:3d:0d:5c:
                    b8:ac:50:b1:2b:f0:53:4e:d5:89:ea:bb:8c:c7:9a:
                    02:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B6:37:21:A9:01:B8:D5:06:11:61:46:BC:77:8D:57:8B:26:CF:33:12
            X509v3 Authority Key Identifier: 
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tjchqQG41QYRYUa8d41XiybPMxI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.155.0/24
                  45.131.110.0/24
                  45.147.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:79:04:40:c1:be:3b:6e:75:20:6b:bc:85:73:dd:80:e0:b1:
         f5:80:a9:31:6b:70:b9:a0:8e:f2:15:9b:cf:5d:7d:38:e5:f7:
         49:cb:eb:d6:6c:13:a1:4f:d2:5b:12:2b:ca:35:fb:3f:cb:16:
         a7:37:11:50:97:b1:7b:2c:0b:28:09:eb:42:f9:09:e3:e8:67:
         ac:19:c9:85:7c:ac:86:14:a4:af:dc:a5:bc:42:ce:7a:73:36:
         69:80:ad:8f:05:1e:69:1d:12:b2:8e:b1:c5:fd:c3:f1:fa:20:
         e4:38:3e:84:12:6f:c1:35:ce:85:f1:7c:f4:bc:57:2a:9a:de:
         4f:73:e2:db:3f:1d:10:15:60:b7:d9:d3:6c:71:17:47:c2:12:
         01:ab:16:de:35:27:ac:73:a2:53:8a:1b:e8:81:a7:67:ac:4a:
         f7:9e:ca:81:fe:0e:88:2f:98:07:44:84:69:7b:ad:b9:45:be:
         88:45:5e:c9:82:7d:28:51:0c:fb:30:0b:00:c9:e8:2a:f1:e5:
         51:52:34:b3:a6:b6:69:4c:07:31:0e:08:ec:0d:e0:92:99:5c:
         a2:4e:5c:e5:a1:f9:c3:ff:a6:e1:3a:99:c6:51:b7:28:f7:b5:
         45:ac:da:95:47:16:14:b7:c7:81:35:38:5a:62:fb:37:2b:ec:
         aa:6e:23:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYK2ULUbgToi8ZLtv3RVfEtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwODE5MTMzNTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM3MjFhOTAxYjhkNTA2MTE2MTQ2YmM3NzhkNTc4YjI2Y2YzMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmickqLcCyOXpgIO6auPjZOoWfoW
aZBJI1P1U2Cb6Oebz+XTce3aCZBcD/CcyMxMN6qMbJX2bNhQCN+Yy9dtr5d7CSO8
cqVK1UAPuR4gJgfLoWnYYubFl8VOK0ctMof22jIfPvbe1yEJ4HFuR5cU+LM1e1Dt
KSPLD82mecuDPIP4a6NNFhvvoDVtRourTSnlPTkiaN1h6HtuZ4/eP21DkV3zx4/d
mwR/JpIg/AqMb7thkkT7svVDvNq7Cuz1w9VUtFudt2sIx5HClvxOnd6t1UTaAQaU
XfVUEEaJd6x1iZkak5Fs7xRUbJESjLw9DVy4rFCxK/BTTtWJ6ruMx5oCfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLY3IakBuNUGEWFGvHeNV4smzzMSMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvdGpjaHFRRzQxUVlSWVVhOGQ0MVhpeWJQTXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVabAwQA
LYNuAwQALZMFMA0GCSqGSIb3DQEBCwUAA4IBAQBMeQRAwb47bnUga7yFc92A4LH1
gKkxa3C5oI7yFZvPXX045fdJy+vWbBOhT9JbEivKNfs/yxanNxFQl7F7LAsoCetC
+Qnj6GesGcmFfKyGFKSv3KW8Qs56czZpgK2PBR5pHRKyjrHF/cPx+iDkOD6EEm/B
Nc6F8Xz0vFcqmt5Pc+LbPx0QFWC32dNscRdHwhIBqxbeNSesc6JTihvogadnrEr3
nsqB/g6IL5gHRIRpe625Rb6IRV7Jgn0oUQz7MAsAyegq8eVRUjSzprZpTAcxDgjs
DeCSmVyiTlzlofnD/6bhOpnGUbco97VFrNqVRxYUt8eBNThaYvs3K+yqbiNN
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:57:17 2022 by rpki-client.