Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/

$ rpki-client -vvf 1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa
File:                     1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa (download)
Hash identifier:          UCiwaSRl4Fh/4u+rPsmtpWeNFNyu9R/gqnqEyuPVxaU=
Subject key identifier:   FA:CF:2E:F8:68:2F:86:07:E5:AF:12:A6:C2:96:EF:C3:95:01:2A:BF
Certificate issuer:       /CN=b811f8ce6dd0cc480f097540563920aea3d66396
Certificate serial:       01412499
Authority key identifier: B8:11:F8:CE:6D:D0:CC:48:0F:09:75:40:56:39:20:AE:A3:D6:63:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 91.205.223.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21046425 (0x1412499)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b811f8ce6dd0cc480f097540563920aea3d66396
        Validity
            Not Before: Jan  1 05:03:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=facf2ef8682f8607e5af12a6c296efc395012abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f6:d1:d5:9a:c2:78:ae:0d:a2:6d:5e:58:70:
                    84:37:6b:10:de:43:8c:de:99:da:b2:67:38:3b:17:
                    37:2e:1b:27:64:24:6a:26:5f:5a:df:75:32:10:6d:
                    6c:3a:18:7b:b1:51:e8:cc:7e:5d:77:69:09:15:6a:
                    6d:1c:fe:54:d0:9e:d1:f2:e9:99:2e:3f:f4:94:1a:
                    4b:2e:37:e7:6c:f2:0b:f1:33:61:5d:d3:ac:f9:96:
                    58:68:89:86:92:19:6a:47:01:34:62:f2:e7:51:ab:
                    3a:59:c6:41:00:88:46:30:51:83:e3:28:9c:1e:e3:
                    d9:7d:7f:10:29:fe:73:53:01:ad:f7:24:ee:a6:31:
                    95:9a:d3:02:d0:db:1c:87:3d:4f:4a:f9:88:1b:ee:
                    20:4f:19:ed:68:78:55:9f:a5:9a:a1:0e:a3:03:22:
                    37:2a:46:94:53:cf:d3:e7:df:da:f0:cc:f2:b7:ad:
                    9f:7a:15:60:17:e8:75:cc:ff:d8:ec:cc:82:8a:ac:
                    45:d4:fc:39:67:a0:24:e1:a2:9e:6e:b4:66:dc:2b:
                    e7:db:12:f8:87:bb:24:2a:a9:05:8e:06:65:4f:c1:
                    eb:16:58:5c:3b:6b:1b:a5:18:0c:a3:16:ca:09:5c:
                    d2:1e:14:a1:23:73:90:b7:2e:87:e5:6a:59:9a:61:
                    ec:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FA:CF:2E:F8:68:2F:86:07:E5:AF:12:A6:C2:96:EF:C3:95:01:2A:BF
            X509v3 Authority Key Identifier: 
                keyid:B8:11:F8:CE:6D:D0:CC:48:0F:09:75:40:56:39:20:AE:A3:D6:63:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/1-s8u-GgvhgflrxKmwpbvw5UBKr8.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a37da2-7575-4cb8-84a5-f9cc27832f5a/1/uBH4zm3QzEgPCXVAVjkgrqPWY5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:a4:05:aa:1c:fa:0e:60:df:ec:a5:ff:66:dc:cd:f3:a1:85:
         c7:ce:8f:1a:75:f8:36:17:0c:d5:f3:d2:7e:72:fd:d0:0d:88:
         ba:d6:37:5e:03:9b:8b:f4:0f:4e:0a:a0:8e:3c:98:e3:a8:f2:
         0a:41:6d:1a:a9:58:76:bd:b2:86:ac:08:db:ed:dc:b9:f5:ac:
         a9:c0:f6:5c:5c:e0:cc:42:a9:2b:7f:e0:fb:24:c0:71:7f:bd:
         53:85:84:bd:fc:77:30:bd:99:e6:92:28:5a:79:14:22:ce:8e:
         8b:b3:35:0f:e2:1c:72:48:a4:fb:90:fe:e4:64:70:d1:56:4b:
         0e:7e:47:03:73:c5:1c:94:a6:96:bd:ef:31:bf:31:93:0f:87:
         b8:09:fd:03:c3:8a:df:b1:8d:3c:f3:28:da:44:8c:dd:83:8f:
         4c:56:8a:bb:70:0c:4e:e5:21:ac:04:0d:9b:ac:e6:5e:63:58:
         e6:82:8c:99:bf:69:df:66:09:19:7d:33:8a:f8:ba:1f:81:b2:
         6e:44:c9:77:f0:de:8f:64:d6:7e:3d:d8:2a:75:f1:c1:f7:9f:
         5c:4f:13:d1:25:4e:87:8a:89:2f:e4:0d:fa:2d:de:08:09:9f:
         20:7a:3e:c7:a4:f9:60:3b:3c:da:0c:50:8a:b5:d4:8c:be:a0:
         77:71:d4:60
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAUEkmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODExZjhjZTZkZDBjYzQ4MGYwOTc1NDA1NjM5MjBhZWEzZDY2Mzk2MB4XDTIyMDEw
MTA1MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFjZjJlZjg2ODJm
ODYwN2U1YWYxMmE2YzI5NmVmYzM5NTAxMmFiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn20dWawniuDaJtXlhwhDdrEN5DjN6Z2rJnODsXNy4bJ2Qk
aiZfWt91MhBtbDoYe7FR6Mx+XXdpCRVqbRz+VNCe0fLpmS4/9JQaSy4352zyC/Ez
YV3TrPmWWGiJhpIZakcBNGLy51GrOlnGQQCIRjBRg+MonB7j2X1/ECn+c1MBrfck
7qYxlZrTAtDbHIc9T0r5iBvuIE8Z7Wh4VZ+lmqEOowMiNypGlFPP0+ff2vDM8ret
n3oVYBfodcz/2OzMgoqsRdT8OWegJOGinm60Ztwr59sS+Ie7JCqpBY4GZU/B6xZY
XDtrG6UYDKMWyglc0h4UoSNzkLcuh+VqWZph7L8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6zy74aC+GB+WvEqbClu/DlQEqvzAfBgNVHSMEGDAWgBS4EfjObdDMSA8J
dUBWOSCuo9ZjljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VCSDR6bTNRekVnUENYVkFWamtncnFQV1k1WS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYTM3ZGEyLTc1NzUtNGNiOC04NGE1LWY5Y2MyNzgzMmY1YS8x
LzEtczh1LUdndmhnZmxyeEttd3Bidnc1VUJLcjgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFk
L2EzN2RhMi03NTc1LTRjYjgtODRhNS1mOWNjMjc4MzJmNWEvMS91Qkg0em0zUXpF
Z1BDWFZBVmprZ3JxUFdZNVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABbzd8wDQYJKoZIhvcNAQELBQAD
ggEBAACkBaoc+g5g3+yl/2bczfOhhcfOjxp1+DYXDNXz0n5y/dANiLrWN14Dm4v0
D04KoI48mOOo8gpBbRqpWHa9soasCNvt3Ln1rKnA9lxc4MxCqSt/4PskwHF/vVOF
hL38dzC9meaSKFp5FCLOjouzNQ/iHHJIpPuQ/uRkcNFWSw5+RwNzxRyUppa97zG/
MZMPh7gJ/QPDit+xjTzzKNpEjN2Dj0xWirtwDE7lIawEDZus5l5jWOaCjJm/ad9m
CRl9M4r4uh+Bsm5EyXfw3o9k1n492Cp18cH3n1xPE9ElToeKiS/kDfot3ggJnyB6
Psek+WA7PNoMUIq11Iy+oHdx1GA=
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:49:13 2022 by rpki-client.