Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/76d728-900c-4d80-aea0-22eef93d6c7e/1/pKCW4esUYDXyJtOXFwE28wF2Sz0.roa
File:                     pKCW4esUYDXyJtOXFwE28wF2Sz0.roa (download)
Hash identifier:          kU0owE+cu5zBpKXQiP4LSyUfvId3W3edgQE28GIHYkw=
Subject key identifier:   A4:A0:96:E1:EB:14:60:35:F2:26:D3:97:17:01:36:F3:01:76:4B:3D
Certificate issuer:       /CN=c077631b70046f8afb8c5969d99e11e865107d7d
Certificate serial:       C0CBCD
Authority key identifier: C0:77:63:1B:70:04:6F:8A:FB:8C:59:69:D9:9E:11:E8:65:10:7D:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wHdjG3AEb4r7jFlp2Z4R6GUQfX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/76d728-900c-4d80-aea0-22eef93d6c7e/1/pKCW4esUYDXyJtOXFwE28wF2Sz0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 217.114.36.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12635085 (0xc0cbcd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c077631b70046f8afb8c5969d99e11e865107d7d
        Validity
            Not Before: Jan  1 02:54:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4a096e1eb146035f226d397170136f301764b3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2b:a7:98:6d:1e:89:27:50:ee:b5:8a:d9:a4:
                    08:b8:f6:0b:2b:fe:98:eb:ec:96:46:6e:21:8d:95:
                    09:d9:a9:e0:ba:65:4e:9b:52:d1:eb:ea:b6:81:54:
                    4a:e2:86:7c:d0:73:02:9e:c8:34:ba:c5:06:f6:db:
                    90:91:f6:62:e9:38:97:55:58:aa:0f:c0:8e:b2:bb:
                    00:c0:06:18:40:45:ba:53:67:c1:b6:b6:e9:52:60:
                    13:2a:89:51:c0:32:a9:54:98:10:3a:38:dd:05:9b:
                    2c:12:f1:91:46:fa:c3:3e:05:3a:68:f1:02:36:8b:
                    70:9f:96:5f:61:17:d9:df:fd:c0:2c:27:9e:8a:7b:
                    04:c8:69:41:1c:74:98:f1:7f:86:d4:1b:53:65:20:
                    f2:0c:83:0e:f3:19:40:24:5b:56:bd:ee:90:c7:42:
                    8d:cd:bf:e5:55:3c:54:b0:22:c6:86:72:e6:03:6b:
                    6f:dd:28:2e:96:82:21:c7:8e:e7:69:88:19:a7:4a:
                    61:43:36:11:32:15:31:44:ca:6f:72:70:20:2a:ec:
                    4d:78:b1:77:60:2c:aa:fa:df:79:79:f0:c9:8d:f0:
                    3b:dd:c9:7c:c1:1b:c5:cb:84:25:30:f3:a7:c7:36:
                    35:54:38:f5:2f:fd:88:50:db:22:2f:49:93:02:fb:
                    74:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A4:A0:96:E1:EB:14:60:35:F2:26:D3:97:17:01:36:F3:01:76:4B:3D
            X509v3 Authority Key Identifier: 
                keyid:C0:77:63:1B:70:04:6F:8A:FB:8C:59:69:D9:9E:11:E8:65:10:7D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHdjG3AEb4r7jFlp2Z4R6GUQfX0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/76d728-900c-4d80-aea0-22eef93d6c7e/1/pKCW4esUYDXyJtOXFwE28wF2Sz0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/76d728-900c-4d80-aea0-22eef93d6c7e/1/wHdjG3AEb4r7jFlp2Z4R6GUQfX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.114.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:10:e9:1a:37:f8:f2:fb:4c:b0:71:d6:f4:bb:21:e9:11:d6:
         8b:e2:ff:e8:a2:43:c0:c5:5d:f7:4e:e4:61:59:cf:8b:15:2f:
         2a:0f:94:e1:50:63:da:ae:b7:b6:20:24:2d:23:c6:15:28:0f:
         ee:de:c4:88:10:0e:e5:b6:2a:5c:f4:d6:fc:bd:bc:4e:56:39:
         eb:03:fa:41:15:a6:a2:f7:9d:cb:44:b4:bc:1e:97:a6:29:a6:
         b9:de:89:1c:44:09:73:e5:6b:64:74:76:2e:fe:e0:4c:33:37:
         16:d6:c8:b6:e7:3d:89:00:14:e8:35:b5:a2:24:e0:73:b0:89:
         7d:50:67:4b:76:69:3f:45:86:98:a0:a0:9a:cc:04:a0:02:62:
         7e:52:83:c4:76:27:b0:ae:67:5a:d8:6e:f1:97:dd:11:41:1e:
         02:25:27:7a:da:9a:73:3f:5e:da:53:b3:10:6a:99:0c:3b:3f:
         cc:3a:90:56:96:40:8a:2e:33:87:b1:cc:91:1b:e7:3b:8a:37:
         fe:20:7c:2d:ab:5c:07:11:13:73:e2:2c:c2:99:85:59:df:5d:
         1a:05:ee:5b:8b:b9:43:43:87:dd:35:e7:4b:c0:c1:8f:28:89:
         20:11:1d:2e:a2:15:49:1c:16:de:eb:2f:50:ba:1d:72:33:b5:
         44:2f:98:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMDLzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDc3NjMxYjcwMDQ2ZjhhZmI4YzU5NjlkOTllMTFlODY1MTA3ZDdkMB4XDTIyMDEw
MTAyNTQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRhMDk2ZTFlYjE0
NjAzNWYyMjZkMzk3MTcwMTM2ZjMwMTc2NGIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKorp5htHoknUO61itmkCLj2Cyv+mOvslkZuIY2VCdmp4Lpl
TptS0evqtoFUSuKGfNBzAp7INLrFBvbbkJH2Yuk4l1VYqg/AjrK7AMAGGEBFulNn
wba26VJgEyqJUcAyqVSYEDo43QWbLBLxkUb6wz4FOmjxAjaLcJ+WX2EX2d/9wCwn
nop7BMhpQRx0mPF/htQbU2Ug8gyDDvMZQCRbVr3ukMdCjc2/5VU8VLAixoZy5gNr
b90oLpaCIceO52mIGadKYUM2ETIVMUTKb3JwICrsTXixd2AsqvrfeXnwyY3wO93J
fMEbxcuEJTDzp8c2NVQ49S/9iFDbIi9JkwL7dBECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkoJbh6xRgNfIm05cXATbzAXZLPTAfBgNVHSMEGDAWgBTAd2MbcARvivuM
WWnZnhHoZRB9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dIZGpHM0FFYjRyN2pGbHAyWjRSNkdVUWZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvNzZkNzI4LTkwMGMtNGQ4MC1hZWEwLTIyZWVmOTNkNmM3ZS8x
L3BLQ1c0ZXNVWURYeUp0T1hGd0UyOHdGMlN6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
NzZkNzI4LTkwMGMtNGQ4MC1hZWEwLTIyZWVmOTNkNmM3ZS8xL3dIZGpHM0FFYjRy
N2pGbHAyWjRSNkdVUWZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANlyJDANBgkqhkiG9w0BAQsFAAOC
AQEAChDpGjf48vtMsHHW9Lsh6RHWi+L/6KJDwMVd907kYVnPixUvKg+U4VBj2q63
tiAkLSPGFSgP7t7EiBAO5bYqXPTW/L28TlY56wP6QRWmovedy0S0vB6Xpimmud6J
HEQJc+VrZHR2Lv7gTDM3FtbItuc9iQAU6DW1oiTgc7CJfVBnS3ZpP0WGmKCgmswE
oAJiflKDxHYnsK5nWthu8ZfdEUEeAiUnetqacz9e2lOzEGqZDDs/zDqQVpZAii4z
h7HMkRvnO4o3/iB8LatcBxETc+IswpmFWd9dGgXuW4u5Q0OH3TXnS8DBjyiJIBEd
LqIVSRwW3usvULodcjO1RC+Y9Q==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:16:00 2022 by rpki-client.