Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/1d/269252-7a19-4499-913c-527992ad2cb4/1/

$ rpki-client -vvf 7BX4A2sF-ZVxDchYEPsVyErLISI.roa
File:                     7BX4A2sF-ZVxDchYEPsVyErLISI.roa (download)
Hash identifier:          YEX49er46qLkCJY2b7gerDEdgTubpHSum4gZU/NH9PE=
Subject key identifier:   EC:15:F8:03:6B:05:F9:95:71:0D:C8:58:10:FB:15:C8:4A:CB:21:22
Certificate issuer:       /CN=6ab9de72a8f18862bc48aa00e66449eb1004a159
Certificate serial:       011BDD6A
Authority key identifier: 6A:B9:DE:72:A8:F1:88:62:BC:48:AA:00:E6:64:49:EB:10:04:A1:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/arnecqjxiGK8SKoA5mRJ6xAEoVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/269252-7a19-4499-913c-527992ad2cb4/1/7BX4A2sF-ZVxDchYEPsVyErLISI.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.235.225.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18603370 (0x11bdd6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ab9de72a8f18862bc48aa00e66449eb1004a159
        Validity
            Not Before: Jan  1 07:02:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec15f8036b05f995710dc85810fb15c84acb2122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ef:eb:11:36:5a:28:af:79:8e:01:d2:a2:a0:
                    85:9a:25:14:fb:dc:a6:08:12:f1:25:1c:68:7f:74:
                    86:96:28:e2:79:39:ec:9a:8d:d4:98:eb:7d:cd:ec:
                    8e:51:8a:4b:f2:f4:8b:7a:97:a6:b7:91:bc:32:0c:
                    ca:e0:7d:6f:2a:b3:41:0a:6c:dc:5a:94:98:ff:83:
                    cd:73:60:c4:cf:67:6c:dc:60:e7:3a:2b:dd:dc:b0:
                    a1:41:40:4f:bd:5e:0b:c1:f3:5a:46:c6:57:78:83:
                    6b:cb:99:09:c2:f7:6f:fd:6b:d3:43:8d:1f:05:cb:
                    ed:84:ad:4c:ed:93:bc:40:be:3b:cd:c1:48:2c:ec:
                    9a:02:db:8f:54:4a:5e:59:a2:43:ea:12:93:76:07:
                    4a:f0:87:f4:19:fd:2f:d7:4e:ad:62:f5:a9:72:a6:
                    ff:e3:e3:e1:f6:70:9e:31:0e:a8:2d:76:df:b3:15:
                    5b:eb:21:78:a4:be:41:74:7b:d8:27:4c:11:69:eb:
                    77:79:62:86:d3:1d:78:2f:62:72:3a:0c:c9:26:14:
                    f5:88:c7:08:4a:88:09:e7:bb:39:29:02:9e:2b:e5:
                    f9:cc:f1:8c:ff:c8:21:ab:ea:61:ba:94:98:af:72:
                    4b:9f:f6:66:aa:9b:14:f0:1f:08:60:ca:fd:3b:66:
                    3b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                EC:15:F8:03:6B:05:F9:95:71:0D:C8:58:10:FB:15:C8:4A:CB:21:22
            X509v3 Authority Key Identifier: 
                keyid:6A:B9:DE:72:A8:F1:88:62:BC:48:AA:00:E6:64:49:EB:10:04:A1:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/arnecqjxiGK8SKoA5mRJ6xAEoVk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/269252-7a19-4499-913c-527992ad2cb4/1/7BX4A2sF-ZVxDchYEPsVyErLISI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/269252-7a19-4499-913c-527992ad2cb4/1/arnecqjxiGK8SKoA5mRJ6xAEoVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:fc:be:76:20:b8:33:8d:93:2c:67:57:49:bc:0e:34:1a:a3:
         3b:29:54:30:28:b9:c3:59:32:9d:1a:67:fd:89:ed:d0:e2:59:
         62:34:9a:71:af:6e:f6:9f:b0:d0:67:b9:4d:6c:9e:8e:f7:59:
         de:61:d1:b1:e5:20:64:25:05:95:c3:0c:bd:54:14:a6:3c:92:
         93:ec:0d:07:fd:9f:c8:d2:78:7f:96:0f:6b:5e:12:7b:3f:29:
         f0:1c:3f:b4:a1:52:1d:79:9e:a7:ab:c9:48:3e:86:69:28:96:
         ee:40:e2:d1:d9:cb:76:e7:ac:06:69:f8:26:47:e4:60:79:1e:
         aa:02:a8:6f:16:eb:71:b9:4c:71:e4:fe:f2:e7:58:81:94:30:
         8b:99:77:39:d5:7a:f3:7f:37:ea:96:6b:28:18:23:4e:13:22:
         90:0b:a6:3f:45:bd:14:ac:80:f6:e2:e4:45:6b:ad:57:04:ed:
         ef:53:d6:62:d0:6c:43:ac:48:9e:ba:80:03:d0:cd:db:c8:9f:
         2c:0d:78:b0:ba:51:fd:fe:b5:ff:73:b8:21:1f:96:62:17:73:
         df:b3:c6:0f:78:da:b2:52:cd:2c:9b:2f:57:85:88:fb:19:3f:
         44:8b:af:92:dc:aa:a2:da:fe:da:1b:6a:40:00:be:36:47:99:
         c4:a1:d2:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARvdajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YWI5ZGU3MmE4ZjE4ODYyYmM0OGFhMDBlNjY0NDllYjEwMDRhMTU5MB4XDTIyMDEw
MTA3MDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMxNWY4MDM2YjA1
Zjk5NTcxMGRjODU4MTBmYjE1Yzg0YWNiMjEyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHv6xE2WiiveY4B0qKghZolFPvcpggS8SUcaH90hpYo4nk5
7JqN1Jjrfc3sjlGKS/L0i3qXpreRvDIMyuB9byqzQQps3FqUmP+DzXNgxM9nbNxg
5zor3dywoUFAT71eC8HzWkbGV3iDa8uZCcL3b/1r00ONHwXL7YStTO2TvEC+O83B
SCzsmgLbj1RKXlmiQ+oSk3YHSvCH9Bn9L9dOrWL1qXKm/+Pj4fZwnjEOqC1237MV
W+sheKS+QXR72CdMEWnrd3lihtMdeC9icjoMySYU9YjHCEqICee7OSkCnivl+czx
jP/IIavqYbqUmK9yS5/2ZqqbFPAfCGDK/TtmO9cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsFfgDawX5lXENyFgQ+xXISsshIjAfBgNVHSMEGDAWgBRqud5yqPGIYrxI
qgDmZEnrEAShWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FybmVjcWp4aUdLOFNLb0E1bVJKNnhBRW9Way5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvMjY5MjUyLTdhMTktNDQ5OS05MTNjLTUyNzk5MmFkMmNiNC8x
LzdCWDRBMnNGLVpWeERjaFlFUHNWeUVyTElTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
MjY5MjUyLTdhMTktNDQ5OS05MTNjLTUyNzk5MmFkMmNiNC8xL2FybmVjcWp4aUdL
OFNLb0E1bVJKNnhBRW9Way5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnr4TANBgkqhkiG9w0BAQsFAAOC
AQEALPy+diC4M42TLGdXSbwONBqjOylUMCi5w1kynRpn/Ynt0OJZYjSaca9u9p+w
0Ge5TWyejvdZ3mHRseUgZCUFlcMMvVQUpjySk+wNB/2fyNJ4f5YPa14Sez8p8Bw/
tKFSHXmep6vJSD6GaSiW7kDi0dnLduesBmn4JkfkYHkeqgKobxbrcblMceT+8udY
gZQwi5l3OdV683836pZrKBgjThMikAumP0W9FKyA9uLkRWutVwTt71PWYtBsQ6xI
nrqAA9DN28ifLA14sLpR/f61/3O4IR+WYhdz37PGD3jaslLNLJsvV4WI+xk/RIuv
ktyqotr+2htqQAC+NkeZxKHShg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 14:08:05 2022 by rpki-client.