Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/S7j02noFh7hS3wA3r12YDiI26V4.roa
File:                     S7j02noFh7hS3wA3r12YDiI26V4.roa (download)
Hash identifier:          YUNmUkJVzXaWlSv7VkeqZx9+LAPmxsCww8/LAn606dA=
Subject key identifier:   4B:B8:F4:DA:7A:05:87:B8:52:DF:00:37:AF:5D:98:0E:22:36:E9:5E
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01835B70D451C50E8E0920B0654356E11E5F
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/S7j02noFh7hS3wA3r12YDiI26V4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     208226
IP address blocks:
    1: 45.140.164.0/24 maxlen: 24
    2: 45.140.165.0/24 maxlen: 24
    3: 2a0e:4007:fffe::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5b:70:d4:51:c5:0e:8e:09:20:b0:65:43:56:e1:1e:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Sep 20 15:07:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4bb8f4da7a0587b852df0037af5d980e2236e95e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:f4:35:74:80:de:c1:a6:95:b4:f4:15:be:d3:
                    7a:ee:64:c4:03:9c:2d:80:11:f1:1f:32:15:5d:a7:
                    f5:3d:9c:2a:c4:ee:b0:d5:2d:ee:c2:2a:c4:8e:5b:
                    35:05:e8:66:70:9e:ed:a5:77:99:2e:aa:d5:ac:24:
                    49:91:21:87:1d:50:57:6a:1c:0c:db:6b:d8:35:3a:
                    d7:3b:33:66:52:5c:c9:1b:71:bc:3b:67:1e:a7:77:
                    42:ee:b8:23:54:71:d1:64:d3:c9:bf:01:c9:c9:91:
                    10:87:9c:9e:d7:2d:0f:6d:f2:ec:ee:9f:09:99:43:
                    c7:f7:be:c0:93:31:8f:1e:b1:a1:a4:ee:0b:77:11:
                    35:aa:a2:32:ca:ef:87:7e:fd:df:2c:42:e8:98:6c:
                    a1:a4:fc:f9:de:1e:7a:aa:ec:49:c1:e9:74:06:8a:
                    65:6f:79:af:9f:e9:20:f2:c0:24:06:3e:f8:38:a2:
                    d2:e9:fe:71:46:6e:ef:dd:3e:b7:10:22:82:97:c7:
                    5e:8c:5e:dc:4d:b3:1e:e0:14:f9:1c:9d:8a:c7:ec:
                    0e:82:b8:d7:ab:07:b4:dc:2a:7e:e1:fe:7f:93:12:
                    b6:8a:c9:c8:17:1c:da:3f:2d:55:1b:19:a3:89:19:
                    41:84:05:70:8e:40:7b:c2:c0:7d:4a:a8:f9:2a:40:
                    86:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4B:B8:F4:DA:7A:05:87:B8:52:DF:00:37:AF:5D:98:0E:22:36:E9:5E
            X509v3 Authority Key Identifier: 
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/S7j02noFh7hS3wA3r12YDiI26V4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.164.0/23
                IPv6:
                  2a0e:4007:fffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:1d:68:bc:28:70:ae:8c:fe:0c:6c:95:f6:0d:af:46:ce:62:
         3b:7f:ae:ce:03:67:ec:52:dd:58:eb:5e:a6:b6:89:29:2f:c0:
         f8:6d:dd:88:d2:97:69:f8:39:34:6a:6e:2c:da:ed:76:d7:d8:
         ea:26:b2:30:c4:1b:87:51:2b:82:1d:fe:e1:c8:5a:69:5c:f5:
         77:56:8b:9d:41:d9:71:d3:72:ae:67:9e:e6:85:e7:e0:c8:14:
         1e:bf:a2:96:0e:8a:26:fd:a9:7a:19:de:e3:71:ee:bd:d1:60:
         d4:cd:c6:b1:ef:13:0e:48:7b:19:d4:bb:82:6a:79:ac:87:fd:
         e2:7d:32:5c:a5:14:3e:45:4a:11:6c:9a:2e:dc:09:9c:fc:f3:
         17:39:24:31:fb:c8:f5:d2:9d:71:f9:84:c3:80:e8:99:48:42:
         77:29:99:87:ad:f2:33:d8:a7:e0:64:bf:3f:1c:a9:7a:f0:db:
         29:bb:08:07:e1:e2:69:ed:61:fb:a9:0e:03:f1:e5:60:14:c5:
         ac:f3:20:36:76:0a:99:be:ff:4f:f1:73:7d:f9:61:d6:f1:bd:
         17:c5:d0:af:b7:af:b1:2f:58:97:a0:8f:ed:aa:7e:1a:95:e4:
         bb:80:c1:85:e9:11:ae:aa:2c:66:2a:08:c5:01:ad:b6:7d:11:
         87:17:ca:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNbcNRRxQ6OCSCwZUNW4R5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIwOTIwMTUwNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI4ZjRkYTdhMDU4N2I4NTJkZjAwMzdhZjVkOTgwZTIyMzZlOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPQ1dIDewaaVtPQVvtN67mTEA5wt
gBHxHzIVXaf1PZwqxO6w1S3uwirEjls1BehmcJ7tpXeZLqrVrCRJkSGHHVBXahwM
22vYNTrXOzNmUlzJG3G8O2cep3dC7rgjVHHRZNPJvwHJyZEQh5ye1y0PbfLs7p8J
mUPH977AkzGPHrGhpO4LdxE1qqIyyu+Hfv3fLELomGyhpPz53h56quxJwel0Bopl
b3mvn+kg8sAkBj74OKLS6f5xRm7v3T63ECKCl8dejF7cTbMe4BT5HJ2Kx+wOgrjX
qwe03Cp+4f5/kxK2isnIFxzaPy1VGxmjiRlBhAVwjkB7wsB9Sqj5KkCGvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEu49Np6BYe4Ut8AN69dmA4iNuleMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvUzdqMDJub0ZoN2hTM3dBM3IxMllEaUkyNlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLYykMA8E
AgACMAkDBwAqDkAH//4wDQYJKoZIhvcNAQELBQADggEBACQdaLwocK6M/gxslfYN
r0bOYjt/rs4DZ+xS3VjrXqa2iSkvwPht3YjSl2n4OTRqbiza7XbX2OomsjDEG4dR
K4Id/uHIWmlc9XdWi51B2XHTcq5nnuaF5+DIFB6/opYOiib9qXoZ3uNx7r3RYNTN
xrHvEw5IexnUu4JqeayH/eJ9MlylFD5FShFsmi7cCZz88xc5JDH7yPXSnXH5hMOA
6JlIQncpmYet8jPYp+Bkvz8cqXrw2ym7CAfh4mntYfupDgPx5WAUxazzIDZ2Cpm+
/0/xc335YdbxvRfF0K+3r7EvWJegj+2qfhqV5LuAwYXpEa6qLGYqCMUBrbZ9EYcX
ygM=
-----END CERTIFICATE-----
Generated at Tue Dec 6 11:35:26 2022 by rpki-client.