Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/J9pGEoAqKMHa00i6Z8DeInL0tFk.roa
File:                     J9pGEoAqKMHa00i6Z8DeInL0tFk.roa (download)
Hash identifier:          pOzvPzDNFSYp8AfKzBII7pjGvbuUpeATkmQXZGeQ4hY=
Subject key identifier:   27:DA:46:12:80:2A:28:C1:DA:D3:48:BA:67:C0:DE:22:72:F4:B4:59
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       08F77B83
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/J9pGEoAqKMHa00i6Z8DeInL0tFk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 85.202.161.0/24 maxlen: 24
    2: 2a0b:b87:ffef::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 150436739 (0x8f77b83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  1 16:00:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=27da4612802a28c1dad348ba67c0de2272f4b459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:da:a6:2d:55:5d:a1:98:a8:66:7a:a3:4d:56:
                    d9:b7:ef:fb:04:5e:a5:37:f1:f9:d7:75:93:3a:b0:
                    f0:16:3a:c5:e3:de:d9:82:a7:46:93:94:9c:fa:3b:
                    fc:60:d4:f9:c6:19:6c:60:1c:b3:6e:29:ae:ca:4e:
                    b1:73:2c:23:4a:da:c0:b7:8d:4f:54:4d:c9:6e:b0:
                    72:46:e6:10:5f:4c:14:df:c2:94:24:45:9a:f0:6c:
                    05:eb:ae:eb:c5:d0:68:b3:f4:16:a1:47:eb:d3:2c:
                    73:9c:ee:ae:8e:62:a4:ec:9e:0b:55:ed:e3:03:7d:
                    2a:4e:a0:e1:7c:54:a4:5b:e9:00:c1:3b:31:19:7e:
                    37:07:f7:00:a2:21:31:ab:7b:89:40:3a:e7:2f:34:
                    8d:b0:d6:8c:36:3e:6f:da:2d:63:ac:4f:6f:1d:f3:
                    f2:09:96:b3:dc:c9:45:e7:59:60:56:ef:3f:ab:26:
                    3b:6f:0c:2c:e9:ba:c0:eb:1e:06:cc:20:3a:1b:e6:
                    c4:46:b1:de:51:77:c7:d0:40:6a:e6:99:c5:cf:c8:
                    28:ee:5f:fd:48:b0:30:80:08:03:e0:8a:a5:9f:5c:
                    26:4a:f6:85:d3:9b:ce:12:22:ad:c5:25:77:42:cb:
                    b7:a1:b3:95:2e:1c:9c:d3:c7:ca:8b:e9:7a:88:9e:
                    23:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                27:DA:46:12:80:2A:28:C1:DA:D3:48:BA:67:C0:DE:22:72:F4:B4:59
            X509v3 Authority Key Identifier: 
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/J9pGEoAqKMHa00i6Z8DeInL0tFk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.202.161.0/24
                IPv6:
                  2a0b:b87:ffef::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:2f:dc:54:14:f7:1a:1a:04:1d:51:b5:ee:99:51:ec:7c:72:
         b3:18:8d:95:f7:17:4c:d9:d2:67:0e:97:df:2c:26:f2:31:15:
         ce:80:27:89:ea:07:6c:0d:b7:07:d2:01:6b:09:9c:b1:a3:3f:
         82:38:a0:23:19:08:b4:db:a3:db:f8:4c:d2:98:bb:e8:77:3d:
         a0:8d:19:57:23:be:58:94:0c:3f:47:87:c9:fd:01:4f:22:8d:
         25:b5:92:0a:3d:38:cc:dd:1d:94:f4:79:d7:00:65:8a:ea:57:
         a7:f8:e3:54:81:22:88:b5:dc:3a:68:0f:2a:30:c0:41:61:26:
         f1:40:3c:b7:11:b1:0a:b0:0c:8b:da:07:1f:6c:89:77:7c:80:
         c7:ac:0a:b5:ec:5b:4f:94:38:06:a8:10:24:f3:84:a2:11:c5:
         e6:3c:64:e7:e0:f9:c6:74:0d:ba:15:c0:8c:36:42:10:03:b7:
         a1:c8:0b:97:40:13:dc:3d:20:0c:9b:c3:43:30:78:a0:39:36:
         43:8e:c5:65:59:52:e5:7c:59:e2:56:a5:9b:b4:72:42:23:10:
         ce:d3:2c:b2:6d:22:9e:b4:1f:52:fb:f0:ce:a5:23:79:3d:ee:
         e5:0b:f7:41:3a:0e:89:06:35:e7:1c:66:a6:a8:54:98:9f:45:
         3b:77:14:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECPd7gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdkYTQ2MTI4MDJh
MjhjMWRhZDM0OGJhNjdjMGRlMjI3MmY0YjQ1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3api1VXaGYqGZ6o01W2bfv+wRepTfx+dd1kzqw8BY6xePe
2YKnRpOUnPo7/GDU+cYZbGAcs24prspOsXMsI0rawLeNT1RNyW6wckbmEF9MFN/C
lCRFmvBsBeuu68XQaLP0FqFH69Msc5zuro5ipOyeC1Xt4wN9Kk6g4XxUpFvpAME7
MRl+Nwf3AKIhMat7iUA65y80jbDWjDY+b9otY6xPbx3z8gmWs9zJRedZYFbvP6sm
O28MLOm6wOseBswgOhvmxEax3lF3x9BAauaZxc/IKO5f/UiwMIAIA+CKpZ9cJkr2
hdObzhIircUld0LLt6GzlS4cnNPHyovpeoieIzcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQn2kYSgCoowdrTSLpnwN4icvS0WTAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L0o5cEdFb0FxS01IYTAwaTZaOERlSW5MMHRGay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFXKoTAPBAIAAjAJAwcAKgsLh//v
MA0GCSqGSIb3DQEBCwUAA4IBAQCTL9xUFPcaGgQdUbXumVHsfHKzGI2V9xdM2dJn
DpffLCbyMRXOgCeJ6gdsDbcH0gFrCZyxoz+COKAjGQi026Pb+EzSmLvodz2gjRlX
I75YlAw/R4fJ/QFPIo0ltZIKPTjM3R2U9HnXAGWK6len+ONUgSKItdw6aA8qMMBB
YSbxQDy3EbEKsAyL2gcfbIl3fIDHrAq17FtPlDgGqBAk84SiEcXmPGTn4PnGdA26
FcCMNkIQA7ehyAuXQBPcPSAMm8NDMHigOTZDjsVlWVLlfFniVqWbtHJCIxDO0yyy
bSKetB9S+/DOpSN5Pe7lC/dBOg6JBjXnHGamqFSYn0U7dxS7
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:36:08 2022 by rpki-client.