Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/b03f7b-7e71-436d-9a25-c987d935d603/1/d65B0tFHp5Xvhw8CaoSrJX8LkdQ.roa
File:                     d65B0tFHp5Xvhw8CaoSrJX8LkdQ.roa (download)
Hash identifier:          zLT5UyCxqTV6y6wZppuH10DCgNHGX01ARVXQyWm0PgY=
Subject key identifier:   77:AE:41:D2:D1:47:A7:95:EF:87:0F:02:6A:84:AB:25:7F:0B:91:D4
Certificate issuer:       /CN=0f838e340904bb939ec4394cb543698dac80cc01
Certificate serial:       86C09A
Authority key identifier: 0F:83:8E:34:09:04:BB:93:9E:C4:39:4C:B5:43:69:8D:AC:80:CC:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D4OONAkEu5OexDlMtUNpjayAzAE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/b03f7b-7e71-436d-9a25-c987d935d603/1/d65B0tFHp5Xvhw8CaoSrJX8LkdQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 91.246.37.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8831130 (0x86c09a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f838e340904bb939ec4394cb543698dac80cc01
        Validity
            Not Before: Jan  1 01:55:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=77ae41d2d147a795ef870f026a84ab257f0b91d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3b:69:18:89:86:67:8a:76:9a:36:02:e7:64:
                    8b:f3:37:56:c3:68:51:75:ed:53:bd:78:27:3c:ac:
                    3f:25:ac:b0:d5:ab:dc:22:e2:72:03:e7:14:b3:74:
                    72:83:a4:85:3c:a8:48:c7:e7:64:e4:39:30:1d:ef:
                    53:8d:ec:d1:75:02:c0:79:8d:dd:5d:a6:6c:7c:f9:
                    e9:c6:1b:3f:42:68:b8:48:11:8a:30:e7:84:e2:40:
                    cb:f8:6c:e8:3a:12:39:96:86:15:4b:ce:95:d0:58:
                    35:b1:84:68:d5:91:a9:c6:92:fa:c3:8a:33:96:2c:
                    f8:fc:2f:cf:b6:c9:c9:38:d2:ba:c0:84:b5:a5:63:
                    8a:32:2a:bd:27:a7:99:f7:bc:36:75:22:27:8d:ae:
                    c1:73:71:1a:d7:10:1a:84:4f:04:d3:72:78:e4:44:
                    6a:87:fd:35:99:86:ce:ca:a3:cf:84:5e:89:07:45:
                    80:a8:96:4c:98:8e:5a:f3:34:a3:20:a5:4d:ea:19:
                    93:06:58:cb:e0:3b:47:f4:4f:59:ee:e2:75:4c:de:
                    eb:9b:ed:e4:26:24:74:57:68:83:b1:cd:f0:ec:9d:
                    58:6d:a5:38:21:85:47:91:f9:90:39:df:44:29:31:
                    ad:77:75:0f:94:1c:68:ca:32:6e:2f:87:1a:14:43:
                    93:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                77:AE:41:D2:D1:47:A7:95:EF:87:0F:02:6A:84:AB:25:7F:0B:91:D4
            X509v3 Authority Key Identifier: 
                keyid:0F:83:8E:34:09:04:BB:93:9E:C4:39:4C:B5:43:69:8D:AC:80:CC:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4OONAkEu5OexDlMtUNpjayAzAE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b03f7b-7e71-436d-9a25-c987d935d603/1/d65B0tFHp5Xvhw8CaoSrJX8LkdQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b03f7b-7e71-436d-9a25-c987d935d603/1/D4OONAkEu5OexDlMtUNpjayAzAE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.246.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:8c:da:12:da:da:4c:41:b7:bc:78:4f:ea:3b:68:02:b2:12:
         16:7d:be:c5:a8:c9:e3:27:a9:72:c8:f0:d0:35:47:cc:78:e4:
         b9:ad:11:19:0a:43:92:b8:19:05:4b:b9:3e:fa:a4:34:af:27:
         8a:0b:3a:a4:65:33:20:c7:3c:46:14:4b:ca:1f:11:87:9f:28:
         e4:d5:a8:8c:f4:15:aa:51:fa:3c:d2:0f:5f:42:79:70:41:37:
         b0:81:e0:c3:47:22:1b:16:11:74:7f:03:72:9f:fa:89:e8:c3:
         74:de:09:f5:65:1e:db:44:ee:1b:1c:c1:87:c7:b5:d5:9d:5b:
         32:20:b5:c2:7e:c5:e3:11:51:7e:d5:0d:14:fe:7e:09:bf:0d:
         8e:d6:55:c9:65:26:0a:aa:2e:24:a2:bb:17:17:6b:ec:66:80:
         91:0a:30:88:9f:58:11:8e:4a:ec:93:77:6c:d4:1a:ee:58:9f:
         ea:f4:6e:1d:5c:f0:d0:21:98:2f:bd:b6:cd:c7:24:48:c1:04:
         39:90:8c:37:d8:67:2f:35:a4:5a:ee:88:1b:09:6e:60:ce:38:
         55:5a:99:53:a6:03:63:e1:67:7e:24:b2:53:96:e5:14:53:3f:
         a7:fe:7b:81:ff:cb:b5:26:5c:fc:1c:ff:d8:4d:f6:a3:a8:d9:
         46:9e:72:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIbAmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjgzOGUzNDA5MDRiYjkzOWVjNDM5NGNiNTQzNjk4ZGFjODBjYzAxMB4XDTIyMDEw
MTAxNTUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdhZTQxZDJkMTQ3
YTc5NWVmODcwZjAyNmE4NGFiMjU3ZjBiOTFkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJg7aRiJhmeKdpo2Audki/M3VsNoUXXtU714JzysPyWssNWr
3CLicgPnFLN0coOkhTyoSMfnZOQ5MB3vU43s0XUCwHmN3V2mbHz56cYbP0JouEgR
ijDnhOJAy/hs6DoSOZaGFUvOldBYNbGEaNWRqcaS+sOKM5Ys+Pwvz7bJyTjSusCE
taVjijIqvSenmfe8NnUiJ42uwXNxGtcQGoRPBNNyeOREaof9NZmGzsqjz4ReiQdF
gKiWTJiOWvM0oyClTeoZkwZYy+A7R/RPWe7idUze65vt5CYkdFdog7HN8OydWG2l
OCGFR5H5kDnfRCkxrXd1D5QcaMoybi+HGhRDkxECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR3rkHS0Uenle+HDwJqhKslfwuR1DAfBgNVHSMEGDAWgBQPg440CQS7k57E
OUy1Q2mNrIDMATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Q0T09OQWtFdTVPZXhEbE10VU5wamF5QXpBRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYjAzZjdiLTdlNzEtNDM2ZC05YTI1LWM5ODdkOTM1ZDYwMy8x
L2Q2NUIwdEZIcDVYdmh3OENhb1NySlg4TGtkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YjAzZjdiLTdlNzEtNDM2ZC05YTI1LWM5ODdkOTM1ZDYwMy8xL0Q0T09OQWtFdTVP
ZXhEbE10VU5wamF5QXpBRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFv2JTANBgkqhkiG9w0BAQsFAAOC
AQEASYzaEtraTEG3vHhP6jtoArISFn2+xajJ4yepcsjw0DVHzHjkua0RGQpDkrgZ
BUu5PvqkNK8nigs6pGUzIMc8RhRLyh8Rh58o5NWojPQVqlH6PNIPX0J5cEE3sIHg
w0ciGxYRdH8Dcp/6iejDdN4J9WUe20TuGxzBh8e11Z1bMiC1wn7F4xFRftUNFP5+
Cb8NjtZVyWUmCqouJKK7Fxdr7GaAkQowiJ9YEY5K7JN3bNQa7lif6vRuHVzw0CGY
L722zcckSMEEOZCMN9hnLzWkWu6IGwluYM44VVqZU6YDY+FnfiSyU5blFFM/p/57
gf/LtSZc/Bz/2E32o6jZRp5yLg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:16:01 2022 by rpki-client.