Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/kt6lYdFO6PP10RYZeQ9vyOkfgTA.roa
File:                     kt6lYdFO6PP10RYZeQ9vyOkfgTA.roa (download)
Hash identifier:          liOVDuYRuRjpjD3vQq6D7vPOZkaj+/ide2tFVLRZ6rE=
Subject key identifier:   92:DE:A5:61:D1:4E:E8:F3:F5:D1:16:19:79:0F:6F:C8:E9:1F:81:30
Certificate issuer:       /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial:       018DB131
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/kt6lYdFO6PP10RYZeQ9vyOkfgTA.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 45.95.113.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26063153 (0x18db131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
        Validity
            Not Before: Jan 20 14:02:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92dea561d14ee8f3f5d11619790f6fc8e91f8130
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e3:2e:b4:dc:40:15:ad:57:ab:aa:93:4d:1c:
                    62:7c:05:95:dc:5d:07:3e:93:e1:e9:7f:42:e1:9d:
                    f0:bd:20:68:4a:d3:ab:1b:97:b8:1d:57:10:ba:87:
                    40:24:76:fe:46:5a:96:16:6a:10:99:1e:f2:a9:84:
                    af:fb:10:6e:59:2e:61:37:be:48:8f:9b:1e:3e:9e:
                    2e:64:4d:33:a5:66:3b:05:2c:97:65:c6:94:9b:9b:
                    38:b2:99:81:03:fb:f4:e4:57:d4:d1:93:f4:48:09:
                    1b:11:6b:3e:4d:83:f4:e7:21:8f:c3:38:cf:f2:d5:
                    ec:45:a4:73:5d:d1:1e:dc:13:13:fd:97:39:b2:f7:
                    55:85:5d:ea:fb:44:b3:39:7f:70:b8:45:ac:14:76:
                    52:6f:98:e0:49:21:63:c3:3d:c1:09:9d:4b:64:3f:
                    e6:69:7c:84:1f:68:28:5a:13:f6:ce:7a:bb:07:9d:
                    f8:1a:2c:e9:fc:a8:90:40:fc:8b:1c:24:4f:6f:0f:
                    4a:0e:4c:b5:47:36:d2:65:8a:49:35:89:ae:11:38:
                    e1:48:40:cb:bc:b2:89:fa:05:37:53:18:46:88:29:
                    9b:ae:12:d6:2a:fd:2e:51:46:64:7f:73:70:e8:32:
                    09:dd:90:82:e0:0e:95:4f:da:07:f2:65:c8:66:a1:
                    60:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                92:DE:A5:61:D1:4E:E8:F3:F5:D1:16:19:79:0F:6F:C8:E9:1F:81:30
            X509v3 Authority Key Identifier: 
                keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/kt6lYdFO6PP10RYZeQ9vyOkfgTA.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:b4:8d:34:e6:e1:28:a0:1c:ff:21:28:91:78:11:0c:87:57:
         73:75:40:1b:9a:ef:63:e3:81:fd:a6:db:18:d8:f5:73:23:6b:
         af:0b:20:2f:e3:60:26:f0:29:a6:81:29:22:9d:ec:f0:ac:84:
         aa:9e:61:17:a7:83:ce:64:e1:7d:0c:cd:88:5b:0c:b1:69:f3:
         e7:cc:bd:61:2b:41:fc:0e:2b:b4:c1:42:ae:d5:be:a5:61:14:
         95:e2:87:d5:47:67:87:fe:94:22:36:f8:ec:6d:b3:25:dc:15:
         6d:5a:52:fa:27:51:0a:82:7a:e0:2a:c6:21:c2:19:ff:66:8a:
         bf:d0:7c:3f:48:f5:34:71:6e:54:fa:41:47:2c:b2:f3:f8:a6:
         33:11:d6:b1:07:a3:6e:f8:10:bd:7e:77:ca:48:e9:f7:d8:9c:
         e0:c2:fe:ce:be:d7:c9:ad:5b:36:06:aa:fe:ef:c1:65:1b:71:
         0a:3b:df:5b:ad:65:5d:9d:a7:7c:b8:d5:37:7c:7a:9c:ad:c9:
         82:8d:a0:6b:a3:e1:93:e8:ee:bb:a7:ce:f4:07:cb:d6:ad:f6:
         ff:e2:b8:7d:89:f8:4c:94:b2:ad:bc:21:f5:25:11:34:6c:bd:
         f9:76:db:9f:3b:0f:05:ae:77:73:5a:5a:c7:b5:36:7f:76:3d:
         8c:19:9d:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAY2xMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWZlZTdjYmQ4ZTc4ZDFmMTRhNDUzYTA0YjkxNmY3YzE1ODFkMjA0MB4XDTIyMDEy
MDE0MDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJkZWE1NjFkMTRl
ZThmM2Y1ZDExNjE5NzkwZjZmYzhlOTFmODEzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjjLrTcQBWtV6uqk00cYnwFldxdBz6T4el/QuGd8L0gaErT
qxuXuB1XELqHQCR2/kZalhZqEJke8qmEr/sQblkuYTe+SI+bHj6eLmRNM6VmOwUs
l2XGlJubOLKZgQP79ORX1NGT9EgJGxFrPk2D9Ochj8M4z/LV7EWkc13RHtwTE/2X
ObL3VYVd6vtEszl/cLhFrBR2Um+Y4EkhY8M9wQmdS2Q/5ml8hB9oKFoT9s56uwed
+Bos6fyokED8ixwkT28PSg5MtUc20mWKSTWJrhE44UhAy7yyifoFN1MYRogpm64S
1ir9LlFGZH9zcOgyCd2QguAOlU/aB/JlyGahYLMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSS3qVh0U7o8/XRFhl5D2/I6R+BMDAfBgNVHSMEGDAWgBSZ/ufL2OeNHxSk
U6BLkW98FYHSBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21mN255OWpualI4VXBGT2dTNUZ2ZkJXQjBnUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMGRkNGNiLTFmNzItNDBlZC1hNjU3LTFjMjJlZmY3MjgxOC8x
L2t0NmxZZEZPNlBQMTBSWVplUTl2eU9rZmdUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MGRkNGNiLTFmNzItNDBlZC1hNjU3LTFjMjJlZmY3MjgxOC8xL21mN255OWpualI4
VXBGT2dTNUZ2ZkJXQjBnUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1fcTANBgkqhkiG9w0BAQsFAAOC
AQEAZ7SNNObhKKAc/yEokXgRDIdXc3VAG5rvY+OB/abbGNj1cyNrrwsgL+NgJvAp
poEpIp3s8KyEqp5hF6eDzmThfQzNiFsMsWnz58y9YStB/A4rtMFCrtW+pWEUleKH
1Udnh/6UIjb47G2zJdwVbVpS+idRCoJ64CrGIcIZ/2aKv9B8P0j1NHFuVPpBRyyy
8/imMxHWsQejbvgQvX53ykjp99ic4ML+zr7Xya1bNgaq/u/BZRtxCjvfW61lXZ2n
fLjVN3x6nK3Jgo2ga6Phk+juu6fO9AfL1q32/+K4fYn4TJSyrbwh9SURNGy9+Xbb
nzsPBa53c1pax7U2f3Y9jBmdJw==
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:36:41 2022 by rpki-client.