Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/20/63297b-80e9-44d7-91c1-3189bb117fc6/1/

$ rpki-client -vvf WLGdlYaORQZPWsab74WZ0tmHNBU.roa
File:                     WLGdlYaORQZPWsab74WZ0tmHNBU.roa (download)
Hash identifier:          oVFKwUi+RVOygpX6slKz5CzAj5ERsr+zKIIgx2GW840=
Subject key identifier:   58:B1:9D:95:86:8E:45:06:4F:5A:C6:9B:EF:85:99:D2:D9:87:34:15
Certificate issuer:       /CN=def0e2026cad3e0c265fd6c81ff580d8104dee90
Certificate serial:       CFA378
Authority key identifier: DE:F0:E2:02:6C:AD:3E:0C:26:5F:D6:C8:1F:F5:80:D8:10:4D:EE:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3vDiAmytPgwmX9bIH_WA2BBN7pA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/63297b-80e9-44d7-91c1-3189bb117fc6/1/WLGdlYaORQZPWsab74WZ0tmHNBU.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 146.19.193.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13607800 (0xcfa378)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=def0e2026cad3e0c265fd6c81ff580d8104dee90
        Validity
            Not Before: Mar  7 17:31:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=58b19d95868e45064f5ac69bef8599d2d9873415
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c7:97:58:61:ef:81:50:8e:88:b3:f0:3e:02:
                    18:43:64:e3:60:e0:82:25:52:ab:53:c6:b3:aa:13:
                    ba:9b:6f:12:d4:22:5a:65:d7:a5:8c:e5:67:33:d3:
                    36:a0:6a:6b:98:6b:a8:8a:6b:b8:79:0f:0e:08:4d:
                    c1:91:be:fe:e2:9b:c7:e1:e8:b3:10:ed:c5:47:5a:
                    a3:09:ae:4b:96:d0:61:51:bf:8d:5f:8d:59:71:21:
                    33:c2:9d:19:c4:45:03:1a:ab:ec:f9:d4:e6:13:bf:
                    70:36:59:d3:e7:61:3a:f2:d6:3e:d8:7e:5c:36:f9:
                    00:30:cb:f3:a3:86:71:0a:e2:99:6e:56:27:1b:ad:
                    bf:4a:c9:ac:00:7f:bc:2b:58:4a:6f:88:43:2f:35:
                    cd:ac:20:56:c8:80:06:f7:92:1e:5e:fb:bb:bf:50:
                    72:fb:93:e8:0e:5e:6b:ac:4e:95:31:e5:0d:b1:68:
                    df:95:6d:42:53:39:16:92:cd:86:83:b2:12:75:2c:
                    bb:a0:91:39:f6:33:7a:a7:6d:27:83:5c:34:fa:f8:
                    05:40:81:05:23:05:6d:e2:06:e3:57:9d:32:46:2a:
                    8f:26:ba:ff:86:31:d0:b0:7f:f8:8c:6c:de:3d:5c:
                    43:ae:e9:de:2a:e7:2a:64:67:c3:d8:81:59:0b:98:
                    6f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                58:B1:9D:95:86:8E:45:06:4F:5A:C6:9B:EF:85:99:D2:D9:87:34:15
            X509v3 Authority Key Identifier: 
                keyid:DE:F0:E2:02:6C:AD:3E:0C:26:5F:D6:C8:1F:F5:80:D8:10:4D:EE:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3vDiAmytPgwmX9bIH_WA2BBN7pA.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/63297b-80e9-44d7-91c1-3189bb117fc6/1/WLGdlYaORQZPWsab74WZ0tmHNBU.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/63297b-80e9-44d7-91c1-3189bb117fc6/1/3vDiAmytPgwmX9bIH_WA2BBN7pA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:e2:74:dd:30:2b:ba:84:08:4e:84:70:da:63:d6:4f:d9:ff:
         e8:8f:0d:7c:88:34:11:01:5d:03:3a:29:90:52:18:bd:a0:d6:
         07:64:cc:27:d9:6f:b3:96:48:3c:3c:21:d3:b5:f0:57:de:91:
         7e:9d:de:b6:d6:19:91:a7:19:49:8a:85:95:87:64:e7:21:f5:
         83:0d:93:fb:38:3c:4a:a2:ff:6c:c2:a1:c9:37:4d:7c:ff:e3:
         04:e7:eb:e9:00:02:1e:db:3a:6e:3e:80:f1:03:10:47:6c:7a:
         b2:ac:69:d2:37:33:6f:ee:b8:71:58:cd:f7:0c:2a:ec:8d:54:
         db:72:f3:70:bc:ad:2c:0f:bb:fc:71:44:0e:e8:55:10:d3:ef:
         0d:a5:d9:c5:dd:02:da:f0:b2:56:6b:31:1e:6e:41:ae:c1:0a:
         96:ec:6e:34:30:fa:07:5f:6f:1a:42:c6:ad:12:8c:ce:68:78:
         cf:7d:6f:e3:9b:ab:19:4a:6a:b6:2a:fc:fd:36:5c:0f:c1:f6:
         a0:db:c3:af:11:cf:3f:d4:c1:88:e5:e0:5f:11:6c:f2:cd:d1:
         74:34:b0:ea:56:2c:4d:de:d3:af:2d:b6:9a:1f:1f:b5:5b:1e:
         53:e4:e8:48:c3:7b:2f:58:df:66:21:9e:e3:98:ff:61:83:35:
         95:63:8d:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAM+jeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZWYwZTIwMjZjYWQzZTBjMjY1ZmQ2YzgxZmY1ODBkODEwNGRlZTkwMB4XDTIyMDMw
NzE3MzExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNThiMTlkOTU4Njhl
NDUwNjRmNWFjNjliZWY4NTk5ZDJkOTg3MzQxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHHl1hh74FQjoiz8D4CGENk42DggiVSq1PGs6oTuptvEtQi
WmXXpYzlZzPTNqBqa5hrqIpruHkPDghNwZG+/uKbx+HosxDtxUdaowmuS5bQYVG/
jV+NWXEhM8KdGcRFAxqr7PnU5hO/cDZZ0+dhOvLWPth+XDb5ADDL86OGcQrimW5W
Jxutv0rJrAB/vCtYSm+IQy81zawgVsiABveSHl77u79QcvuT6A5ea6xOlTHlDbFo
35VtQlM5FpLNhoOyEnUsu6CROfYzeqdtJ4NcNPr4BUCBBSMFbeIG41edMkYqjya6
/4Yx0LB/+Ixs3j1cQ67p3irnKmRnw9iBWQuYb+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRYsZ2Vho5FBk9axpvvhZnS2Yc0FTAfBgNVHSMEGDAWgBTe8OICbK0+DCZf
1sgf9YDYEE3ukDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN2RGlBbXl0UGd3bVg5YklIX1dBMkJCTjdwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNjMyOTdiLTgwZTktNDRkNy05MWMxLTMxODliYjExN2ZjNi8x
L1dMR2RsWWFPUlFaUFdzYWI3NFdaMHRtSE5CVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NjMyOTdiLTgwZTktNDRkNy05MWMxLTMxODliYjExN2ZjNi8xLzN2RGlBbXl0UGd3
bVg5YklIX1dBMkJCTjdwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJITwTANBgkqhkiG9w0BAQsFAAOC
AQEAduJ03TAruoQIToRw2mPWT9n/6I8NfIg0EQFdAzopkFIYvaDWB2TMJ9lvs5ZI
PDwh07XwV96Rfp3ettYZkacZSYqFlYdk5yH1gw2T+zg8SqL/bMKhyTdNfP/jBOfr
6QACHts6bj6A8QMQR2x6sqxp0jczb+64cVjN9wwq7I1U23LzcLytLA+7/HFEDuhV
ENPvDaXZxd0C2vCyVmsxHm5BrsEKluxuNDD6B19vGkLGrRKMzmh4z31v45urGUpq
tir8/TZcD8H2oNvDrxHPP9TBiOXgXxFs8s3RdDSw6lYsTd7Try22mh8ftVseU+To
SMN7L1jfZiGe45j/YYM1lWONHQ==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:23:51 2022 by rpki-client.