Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6He36UOKHmc5izE5VkioJcxjilw.roa
File:                     6He36UOKHmc5izE5VkioJcxjilw.roa (download)
Hash identifier:          z5jTJasCP1UUy0ROz3SM4kikzPvYqpgdVMiY6n8XLDY=
Subject key identifier:   E8:77:B7:E9:43:8A:1E:67:39:8B:31:39:56:48:A8:25:CC:63:8A:5C
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       02287EE5
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6He36UOKHmc5izE5VkioJcxjilw.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a0c:b641:130::/44 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36208357 (0x2287ee5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Mar 18 14:23:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e877b7e9438a1e67398b31395648a825cc638a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5b:c1:e1:1e:a3:90:10:e7:70:8a:87:e4:01:
                    77:eb:e9:1f:1d:21:b4:d1:fd:e0:f1:90:37:f1:82:
                    21:0b:0e:5b:72:fa:18:81:3f:ef:4b:55:b6:1e:f0:
                    82:18:ea:e0:82:d3:eb:fe:76:2d:94:51:6e:fb:e5:
                    76:db:2b:10:b9:25:e7:d9:cb:d4:2d:7f:fd:42:12:
                    f7:8c:eb:88:b9:34:44:45:15:00:e8:b4:17:78:ee:
                    60:43:f9:5f:2e:fc:64:2c:b3:b0:8f:ed:6b:98:ae:
                    ac:25:8c:ef:dc:ba:63:5b:84:16:33:f3:50:01:dc:
                    85:b9:0f:d8:62:3c:1d:c5:f0:b9:e7:ee:d4:f8:28:
                    07:68:83:40:54:15:42:27:88:85:6f:57:7f:40:1c:
                    73:74:1f:58:88:61:67:f5:af:ca:29:e2:ee:99:87:
                    85:7d:c3:5d:09:9d:67:c7:10:02:b2:88:f5:3f:b5:
                    59:98:40:a1:c0:4b:b7:f0:15:5c:e2:c6:de:58:68:
                    12:1b:1f:7d:c7:24:07:f2:05:d7:25:83:fd:7c:a5:
                    3c:f4:94:39:6a:8d:b9:55:71:d5:a9:89:cc:a3:8c:
                    56:6e:34:93:98:6b:63:b2:95:45:e0:4b:49:e2:70:
                    2b:52:a3:31:da:64:f0:51:06:14:96:6b:e8:b1:a7:
                    fe:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E8:77:B7:E9:43:8A:1E:67:39:8B:31:39:56:48:A8:25:CC:63:8A:5C
            X509v3 Authority Key Identifier: 
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/6He36UOKHmc5izE5VkioJcxjilw.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:b641:130::/44

    Signature Algorithm: sha256WithRSAEncryption
         3a:7a:0f:45:d6:86:5e:12:67:ab:2d:8e:27:0f:65:a2:01:be:
         43:f4:ef:aa:5b:5a:30:da:2d:e5:e2:75:a3:20:83:dc:a1:21:
         45:87:7e:15:77:f4:51:cb:04:37:f9:e2:cb:b1:ad:7d:52:0e:
         60:ee:b3:d7:a5:fb:eb:95:73:71:bd:a4:75:1b:30:fa:2c:cb:
         60:44:d7:d4:11:59:f1:4b:2f:55:b2:5a:93:c5:b0:57:cf:4d:
         fc:4e:d5:45:c4:ff:35:8c:01:fa:b3:64:ca:92:a7:35:37:84:
         cf:a2:52:b5:2f:4a:20:ba:ab:2c:91:91:84:8c:cb:ef:ce:85:
         f6:3e:9c:fd:cc:48:05:3d:41:04:6b:52:50:3f:b9:58:6c:df:
         33:15:d4:c2:cf:88:a6:19:58:c8:ab:6f:5a:84:28:e2:57:38:
         46:33:39:15:a6:68:46:32:b1:1c:52:5a:64:dc:be:99:cf:a7:
         bd:31:6b:d4:17:7f:2b:b6:6a:89:92:36:25:d6:14:8a:15:08:
         fb:3c:e7:72:a2:55:96:98:bb:1f:9d:1a:a6:1d:12:38:d8:06:
         3a:72:f4:58:86:58:1c:02:0b:2b:d3:9f:95:6a:bd:6e:66:d1:
         3b:be:3e:3d:6c:cc:26:dd:bb:6a:c3:ae:5e:eb:2d:50:72:5c:
         07:68:7a:51
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAih+5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDMx
ODE0MjMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTg3N2I3ZTk0Mzhh
MWU2NzM5OGIzMTM5NTY0OGE4MjVjYzYzOGE1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxbweEeo5AQ53CKh+QBd+vpHx0htNH94PGQN/GCIQsOW3L6
GIE/70tVth7wghjq4ILT6/52LZRRbvvldtsrELkl59nL1C1//UIS94zriLk0REUV
AOi0F3juYEP5Xy78ZCyzsI/ta5iurCWM79y6Y1uEFjPzUAHchbkP2GI8HcXwuefu
1PgoB2iDQFQVQieIhW9Xf0Acc3QfWIhhZ/Wvyini7pmHhX3DXQmdZ8cQArKI9T+1
WZhAocBLt/AVXOLG3lhoEhsffcckB/IF1yWD/XylPPSUOWqNuVVx1amJzKOMVm40
k5hrY7KVReBLSeJwK1KjMdpk8FEGFJZr6LGn/p0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTod7fpQ4oeZzmLMTlWSKglzGOKXDAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzZIZTM2VU9LSG1jNWl6RTVWa2lvSmN4amlsdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMtkEBMDANBgkqhkiG9w0BAQsF
AAOCAQEAOnoPRdaGXhJnqy2OJw9logG+Q/TvqltaMNot5eJ1oyCD3KEhRYd+FXf0
UcsEN/niy7GtfVIOYO6z16X765Vzcb2kdRsw+izLYETX1BFZ8UsvVbJak8WwV89N
/E7VRcT/NYwB+rNkypKnNTeEz6JStS9KILqrLJGRhIzL786F9j6c/cxIBT1BBGtS
UD+5WGzfMxXUws+IphlYyKtvWoQo4lc4RjM5FaZoRjKxHFJaZNy+mc+nvTFr1Bd/
K7ZqiZI2JdYUihUI+zzncqJVlpi7H50aph0SONgGOnL0WIZYHAILK9OflWq9bmbR
O74+PWzMJt27asOuXustUHJcB2h6UQ==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:17:02 2022 by rpki-client.