Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/p0splyDf5EkV7PZ31NRytj8av4w.roa
File:                     p0splyDf5EkV7PZ31NRytj8av4w.roa (download)
Hash identifier:          al6xd8u1Ov2MlYvK/b1XSNidJo3XJn59EmsbhqiUTLU=
Subject key identifier:   A7:4B:29:97:20:DF:E4:49:15:EC:F6:77:D4:D4:72:B6:3F:1A:BF:8C
Certificate issuer:       /CN=b1df841f521236e2a0dd71b28d27964966039adc
Certificate serial:       01052DA0
Authority key identifier: B1:DF:84:1F:52:12:36:E2:A0:DD:71:B2:8D:27:96:49:66:03:9A:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sd-EH1ISNuKg3XGyjSeWSWYDmtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/p0splyDf5EkV7PZ31NRytj8av4w.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 146.19.153.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17116576 (0x1052da0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1df841f521236e2a0dd71b28d27964966039adc
        Validity
            Not Before: Mar  7 17:31:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a74b299720dfe44915ecf677d4d472b63f1abf8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e7:a5:74:5c:95:ff:b1:91:f1:f1:7f:56:c7:
                    48:67:1c:52:82:e4:11:b8:9c:61:5c:a1:b4:12:6b:
                    57:2c:e3:5c:f0:39:cf:b1:fa:07:c0:8c:4c:d8:2f:
                    69:4d:df:bc:0c:a5:c4:6e:dc:4d:6f:e9:8d:68:08:
                    ef:17:6c:35:65:ac:00:25:1b:60:26:b0:fc:44:46:
                    0b:e4:c3:50:69:6b:32:bc:ca:f9:7d:e4:c5:a7:42:
                    98:c5:ce:e5:d3:da:a3:05:60:80:26:97:25:68:46:
                    a4:38:40:50:59:08:54:cb:e8:c1:c3:4e:ca:c4:8c:
                    78:3a:c8:ef:39:2a:84:1d:74:93:b3:a6:0d:c4:bd:
                    79:c9:66:22:c7:03:eb:cb:93:ea:b2:f9:b6:db:43:
                    f6:40:15:eb:a7:1e:8b:c1:ee:3c:15:e2:a8:37:75:
                    8d:c7:d8:d8:cc:37:95:44:d0:dd:0c:6d:74:1d:47:
                    20:ff:4a:0a:dc:70:ae:30:85:7a:4a:a3:fc:86:09:
                    aa:7b:0c:3d:b9:10:f6:f9:fe:2f:37:aa:f5:80:49:
                    62:70:82:14:9b:a6:11:4b:93:70:5e:bf:7d:3a:3c:
                    13:37:18:91:75:4b:f0:c9:f9:f6:44:dc:08:f1:49:
                    68:9d:c5:1b:bf:56:0a:a9:fe:61:83:e0:80:d4:c5:
                    bf:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A7:4B:29:97:20:DF:E4:49:15:EC:F6:77:D4:D4:72:B6:3F:1A:BF:8C
            X509v3 Authority Key Identifier: 
                keyid:B1:DF:84:1F:52:12:36:E2:A0:DD:71:B2:8D:27:96:49:66:03:9A:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-EH1ISNuKg3XGyjSeWSWYDmtw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/p0splyDf5EkV7PZ31NRytj8av4w.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/sd-EH1ISNuKg3XGyjSeWSWYDmtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:da:97:99:1d:a9:12:5e:42:94:59:42:2c:dc:54:7d:94:4c:
         5d:0b:7e:63:81:da:3f:82:86:2d:5d:6e:de:5b:08:ce:4a:4a:
         10:26:f3:2e:5c:c6:30:44:f0:db:b1:35:e6:f9:0f:3c:a5:b5:
         db:eb:5f:99:65:f8:b7:5c:42:90:9f:3c:04:a4:db:41:7e:c3:
         29:80:17:48:9a:01:b7:56:89:18:c8:66:32:8a:68:45:42:9d:
         29:8d:e8:22:6c:5b:fa:8f:1d:54:f5:0b:6c:53:11:e0:af:59:
         24:86:6a:53:ac:51:90:ec:d0:56:49:47:bb:c5:9a:47:bb:59:
         6c:3b:e9:c4:0a:9c:2a:f9:72:ec:e5:7e:cd:6e:ed:a7:cd:6d:
         ce:29:9d:5b:bd:0e:e0:08:1c:15:0f:e9:52:c5:ba:2a:9b:19:
         ae:05:3c:92:c3:74:04:87:5f:65:5a:9c:c0:98:9e:d2:b0:c7:
         3d:34:b3:3a:ad:9e:41:1f:cf:d7:04:07:51:18:7e:94:5a:5c:
         dd:6e:06:a4:67:8b:f3:88:56:28:cb:2a:de:86:6d:15:e9:85:
         68:cd:5c:5e:da:7e:b9:c5:7c:11:e4:c4:5a:6e:c0:fb:0d:ec:
         a6:31:08:20:f5:5d:26:2a:b0:81:ea:0d:62:b0:ce:45:2b:ec:
         92:06:90:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQUtoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWRmODQxZjUyMTIzNmUyYTBkZDcxYjI4ZDI3OTY0OTY2MDM5YWRjMB4XDTIyMDMw
NzE3MzExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc0YjI5OTcyMGRm
ZTQ0OTE1ZWNmNjc3ZDRkNDcyYjYzZjFhYmY4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7npXRclf+xkfHxf1bHSGccUoLkEbicYVyhtBJrVyzjXPA5
z7H6B8CMTNgvaU3fvAylxG7cTW/pjWgI7xdsNWWsACUbYCaw/ERGC+TDUGlrMrzK
+X3kxadCmMXO5dPaowVggCaXJWhGpDhAUFkIVMvowcNOysSMeDrI7zkqhB10k7Om
DcS9eclmIscD68uT6rL5tttD9kAV66cei8HuPBXiqDd1jcfY2Mw3lUTQ3QxtdB1H
IP9KCtxwrjCFekqj/IYJqnsMPbkQ9vn+Lzeq9YBJYnCCFJumEUuTcF6/fTo8EzcY
kXVL8Mn59kTcCPFJaJ3FG79WCqn+YYPggNTFv3UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnSymXIN/kSRXs9nfU1HK2Pxq/jDAfBgNVHSMEGDAWgBSx34QfUhI24qDd
cbKNJ5ZJZgOa3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NkLUVIMUlTTnVLZzNYR3lqU2VXU1dZRG10dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvODI1ZTUzLThjMTAtNDA5Yy04ZmViLTZmZDM0NWU2ZGQzNi8x
L3Awc3BseURmNUVrVjdQWjMxTlJ5dGo4YXY0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ODI1ZTUzLThjMTAtNDA5Yy04ZmViLTZmZDM0NWU2ZGQzNi8xL3NkLUVIMUlTTnVL
ZzNYR3lqU2VXU1dZRG10dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITmTANBgkqhkiG9w0BAQsFAAOC
AQEAPdqXmR2pEl5ClFlCLNxUfZRMXQt+Y4HaP4KGLV1u3lsIzkpKECbzLlzGMETw
27E15vkPPKW12+tfmWX4t1xCkJ88BKTbQX7DKYAXSJoBt1aJGMhmMopoRUKdKY3o
Imxb+o8dVPULbFMR4K9ZJIZqU6xRkOzQVklHu8WaR7tZbDvpxAqcKvly7OV+zW7t
p81tzimdW70O4AgcFQ/pUsW6KpsZrgU8ksN0BIdfZVqcwJie0rDHPTSzOq2eQR/P
1wQHURh+lFpc3W4GpGeL84hWKMsq3oZtFemFaM1cXtp+ucV8EeTEWm7A+w3spjEI
IPVdJiqwgeoNYrDORSvskgaQEw==
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:37:59 2022 by rpki-client.