Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/23/de9c4e-bb97-47ca-a449-513d846cf7ac/1/

$ rpki-client -vvf YdcFQHh1iQKdTx1L1vCOGBFSm6E.roa
File:                     YdcFQHh1iQKdTx1L1vCOGBFSm6E.roa (download)
Hash identifier:          Ch88lXsy06TkXl3qQiTdUM9YNIKS8FQUuVBlcfFanCo=
Subject key identifier:   61:D7:05:40:78:75:89:02:9D:4F:1D:4B:D6:F0:8E:18:11:52:9B:A1
Certificate issuer:       /CN=c97c6b183917f26880dc7923802a1d0e44d7b822
Certificate serial:       0110D706
Authority key identifier: C9:7C:6B:18:39:17:F2:68:80:DC:79:23:80:2A:1D:0E:44:D7:B8:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yXxrGDkX8miA3HkjgCodDkTXuCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/de9c4e-bb97-47ca-a449-513d846cf7ac/1/YdcFQHh1iQKdTx1L1vCOGBFSm6E.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.118.35.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17880838 (0x110d706)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c97c6b183917f26880dc7923802a1d0e44d7b822
        Validity
            Not Before: Jan  1 00:50:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=61d70540787589029d4f1d4bd6f08e1811529ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a2:87:73:71:fc:84:68:31:13:ce:ad:77:83:
                    3d:54:3c:cb:14:2d:81:54:7a:9f:f6:aa:51:ba:ef:
                    ea:1a:8d:f6:67:37:11:57:65:5f:51:56:af:e7:11:
                    fb:b0:77:29:bb:1c:8c:80:37:e4:96:ba:4e:02:53:
                    b6:a7:79:35:a8:44:cd:c7:77:95:fb:6f:ba:fe:e5:
                    2c:62:eb:bd:57:ae:84:b0:3e:e5:95:ab:25:a8:23:
                    9f:25:db:db:3a:9d:96:b5:de:3e:d2:28:d9:dd:f7:
                    6f:df:46:9e:c5:45:3e:a2:87:5e:19:ad:2f:1b:63:
                    49:6a:cb:85:b9:df:44:9d:5b:b3:78:49:1f:1b:dc:
                    cc:73:8a:d3:f5:8f:7e:5c:75:db:10:f0:6e:7e:2c:
                    17:c3:b8:59:d9:01:95:e9:cb:5c:d1:05:7d:d1:e7:
                    b7:46:7a:c5:72:77:d3:f4:e8:0b:95:4d:0d:f4:44:
                    9e:d3:b0:0c:ab:76:67:fc:2e:71:04:84:8b:90:1f:
                    96:80:b5:53:cf:af:03:fa:75:dc:a6:c7:0c:cb:60:
                    4d:05:1e:87:19:c5:f0:a5:5c:49:ce:ad:45:8e:24:
                    02:7a:cd:54:8f:e8:0e:12:02:6f:2c:ac:6b:87:55:
                    ca:c1:17:da:ea:30:72:ba:7f:1e:4e:bf:46:b7:ad:
                    c5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                61:D7:05:40:78:75:89:02:9D:4F:1D:4B:D6:F0:8E:18:11:52:9B:A1
            X509v3 Authority Key Identifier: 
                keyid:C9:7C:6B:18:39:17:F2:68:80:DC:79:23:80:2A:1D:0E:44:D7:B8:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yXxrGDkX8miA3HkjgCodDkTXuCI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/de9c4e-bb97-47ca-a449-513d846cf7ac/1/YdcFQHh1iQKdTx1L1vCOGBFSm6E.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/de9c4e-bb97-47ca-a449-513d846cf7ac/1/yXxrGDkX8miA3HkjgCodDkTXuCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d1:d1:90:fe:b3:b0:a6:0f:66:c9:22:ed:a8:cc:af:1e:96:7e:
         d6:58:0c:77:db:cd:3a:c9:b8:9d:da:82:e7:20:68:62:b3:99:
         4e:c8:b5:90:5e:7a:c2:1e:79:88:9b:a5:35:02:00:20:01:7e:
         c8:79:b5:e4:09:a5:45:3a:dd:04:7b:2d:4a:9a:9f:eb:7a:cc:
         bf:1c:74:f1:64:95:20:4f:2b:5f:6a:dd:24:6b:03:a5:3e:f6:
         88:df:b8:ef:5d:93:dc:64:96:a6:51:27:d5:50:b7:60:42:b0:
         7a:f9:85:d7:2d:04:41:89:4b:10:5c:00:f7:1b:31:95:52:86:
         a5:ea:3e:6c:bf:a8:f7:fa:cb:50:ed:6f:95:d6:35:5e:ab:73:
         40:d4:75:43:92:8f:60:0a:bb:db:dd:78:25:42:8e:bb:5b:51:
         a9:b3:a2:a5:3b:87:02:27:ca:15:27:1d:cc:9a:dc:fa:24:a3:
         28:07:ab:cd:4b:bb:ae:92:d3:a7:a4:c2:16:8d:f5:fe:4a:c8:
         8c:18:2f:6c:2f:48:b5:a1:12:7f:b5:53:2b:d8:8b:b2:eb:f3:
         6b:f1:34:76:92:4c:51:8e:5a:61:93:7c:f3:44:aa:52:93:89:
         e5:8c:e9:fa:68:3e:9a:4f:87:fe:d8:4a:49:a9:fa:e6:90:04:
         6f:38:86:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARDXBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OTdjNmIxODM5MTdmMjY4ODBkYzc5MjM4MDJhMWQwZTQ0ZDdiODIyMB4XDTIyMDEw
MTAwNTAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFkNzA1NDA3ODc1
ODkwMjlkNGYxZDRiZDZmMDhlMTgxMTUyOWJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCih3Nx/IRoMRPOrXeDPVQ8yxQtgVR6n/aqUbrv6hqN9mc3
EVdlX1FWr+cR+7B3KbscjIA35Ja6TgJTtqd5NahEzcd3lftvuv7lLGLrvVeuhLA+
5ZWrJagjnyXb2zqdlrXePtIo2d33b99GnsVFPqKHXhmtLxtjSWrLhbnfRJ1bs3hJ
HxvczHOK0/WPflx12xDwbn4sF8O4WdkBlenLXNEFfdHnt0Z6xXJ30/ToC5VNDfRE
ntOwDKt2Z/wucQSEi5AfloC1U8+vA/p13KbHDMtgTQUehxnF8KVcSc6tRY4kAnrN
VI/oDhICbyysa4dVysEX2uowcrp/Hk6/RretxYMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRh1wVAeHWJAp1PHUvW8I4YEVKboTAfBgNVHSMEGDAWgBTJfGsYORfyaIDc
eSOAKh0ORNe4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lYeHJHRGtYOG1pQTNIa2pnQ29kRGtUWHVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvZGU5YzRlLWJiOTctNDdjYS1hNDQ5LTUxM2Q4NDZjZjdhYy8x
L1lkY0ZRSGgxaVFLZFR4MUwxdkNPR0JGU202RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
ZGU5YzRlLWJiOTctNDdjYS1hNDQ5LTUxM2Q4NDZjZjdhYy8xL3lYeHJHRGtYOG1p
QTNIa2pnQ29kRGtUWHVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB2IzANBgkqhkiG9w0BAQsFAAOC
AQEA0dGQ/rOwpg9mySLtqMyvHpZ+1lgMd9vNOsm4ndqC5yBoYrOZTsi1kF56wh55
iJulNQIAIAF+yHm15AmlRTrdBHstSpqf63rMvxx08WSVIE8rX2rdJGsDpT72iN+4
712T3GSWplEn1VC3YEKwevmF1y0EQYlLEFwA9xsxlVKGpeo+bL+o9/rLUO1vldY1
XqtzQNR1Q5KPYAq72914JUKOu1tRqbOipTuHAifKFScdzJrc+iSjKAerzUu7rpLT
p6TCFo31/krIjBgvbC9ItaESf7VTK9iLsuvza/E0dpJMUY5aYZN880SqUpOJ5Yzp
+mg+mk+H/thKSan65pAEbziGdA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:49:22 2022 by rpki-client.