Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/29/f12469-019f-4794-bba3-5517d0f26e68/1/

$ rpki-client -vvf noQROAvbq9ualUelo76PeI9T9Sw.roa
File:                     noQROAvbq9ualUelo76PeI9T9Sw.roa (download)
Hash identifier:          r68Q3ZiaQjDLG9MZu8fsWqaJ0v6A0tV05aMbwBAOTFI=
Subject key identifier:   9E:84:11:38:0B:DB:AB:DB:9A:95:47:A5:A3:BE:8F:78:8F:53:F5:2C
Certificate issuer:       /CN=d75e559ab6202c2936213c1f8acf68c829ddebb9
Certificate serial:       B8D588
Authority key identifier: D7:5E:55:9A:B6:20:2C:29:36:21:3C:1F:8A:CF:68:C8:29:DD:EB:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/115VmrYgLCk2ITwfis9oyCnd67k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/f12469-019f-4794-bba3-5517d0f26e68/1/noQROAvbq9ualUelo76PeI9T9Sw.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 213.109.158.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12113288 (0xb8d588)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d75e559ab6202c2936213c1f8acf68c829ddebb9
        Validity
            Not Before: Jan  1 06:57:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e8411380bdbabdb9a9547a5a3be8f788f53f52c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:53:fa:df:c2:06:17:d4:8f:fb:dc:de:cf:2a:
                    f6:43:97:d7:8a:75:a7:70:7a:54:2b:a6:09:e7:99:
                    61:26:31:86:26:2d:18:b8:dd:ba:38:ec:8d:dd:3b:
                    89:52:55:b4:13:d5:9b:14:56:a7:34:fe:6a:6d:4c:
                    84:62:8c:d0:58:fd:db:82:93:20:41:4f:cc:35:e8:
                    cd:b6:b9:fb:9f:05:7d:27:61:86:70:0a:d6:cf:96:
                    5d:5e:97:80:35:79:0e:7f:e2:36:ca:ff:2e:0b:29:
                    7b:6e:d6:42:89:f6:31:15:2a:af:cf:8a:59:da:d2:
                    e4:70:db:6c:14:2e:46:c8:38:3e:bc:b9:6d:27:5e:
                    20:f5:fe:ea:d9:83:fb:0c:81:cf:3f:44:fd:a5:7f:
                    ca:25:c2:34:07:5b:d0:d3:8f:87:4e:3c:fe:c9:64:
                    cd:2d:f5:3e:08:d0:6a:f9:85:80:7c:72:01:42:3d:
                    24:95:f2:3c:3e:ea:29:05:28:8a:f4:cd:fd:e7:f6:
                    fa:9d:2d:f1:91:27:4c:69:b6:fd:d2:0f:43:46:ee:
                    cb:52:31:34:8f:e4:17:7f:c7:e1:7e:da:88:22:00:
                    65:d4:70:b8:ec:76:97:d4:9f:b5:d8:fd:a7:93:1e:
                    b1:5e:b5:11:63:a3:97:fa:e9:70:7c:75:b8:83:7f:
                    dc:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9E:84:11:38:0B:DB:AB:DB:9A:95:47:A5:A3:BE:8F:78:8F:53:F5:2C
            X509v3 Authority Key Identifier: 
                keyid:D7:5E:55:9A:B6:20:2C:29:36:21:3C:1F:8A:CF:68:C8:29:DD:EB:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/115VmrYgLCk2ITwfis9oyCnd67k.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f12469-019f-4794-bba3-5517d0f26e68/1/noQROAvbq9ualUelo76PeI9T9Sw.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/f12469-019f-4794-bba3-5517d0f26e68/1/115VmrYgLCk2ITwfis9oyCnd67k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.109.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:fd:4c:f2:0d:63:60:22:1e:b7:2d:d7:ff:e5:77:1d:0d:3a:
         96:19:4d:21:07:f3:02:38:ef:4d:25:db:19:3f:c6:80:c6:32:
         cd:c8:4f:82:58:cf:44:a3:a5:24:1e:38:0f:11:7f:05:56:b1:
         4c:17:ae:fd:2e:c2:b9:59:b2:56:48:63:85:01:db:32:ea:66:
         c2:63:c5:4d:42:e2:a1:07:9f:13:09:1a:53:20:83:51:7e:8f:
         d7:c1:63:3f:d5:e9:4c:b4:53:8e:f1:1b:98:e9:fb:b8:21:2a:
         1a:18:f9:7d:e4:af:06:30:f3:11:cd:7c:13:97:30:85:2d:f0:
         a3:a5:e7:de:ee:40:36:28:53:23:89:4f:b0:99:52:fa:8c:79:
         df:92:02:46:b9:08:31:0d:66:8c:3e:51:72:66:10:66:c6:45:
         10:23:2e:74:d4:cc:78:d9:3c:cd:ea:20:24:ef:99:fe:8d:eb:
         50:af:92:4f:c0:01:85:37:80:89:8f:30:e0:49:7b:44:81:23:
         48:57:06:c5:5f:20:9a:e9:99:7e:7a:bc:a0:b8:f7:28:50:8b:
         89:68:12:7d:cd:0c:87:58:82:8e:d6:89:e5:ba:c9:2c:c1:61:
         91:aa:a2:6b:c1:b9:c2:03:ae:d3:8e:70:97:23:9c:d5:35:22:
         1c:7e:02:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALjViDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzVlNTU5YWI2MjAyYzI5MzYyMTNjMWY4YWNmNjhjODI5ZGRlYmI5MB4XDTIyMDEw
MTA2NTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU4NDExMzgwYmRi
YWJkYjlhOTU0N2E1YTNiZThmNzg4ZjUzZjUyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBT+t/CBhfUj/vc3s8q9kOX14p1p3B6VCumCeeZYSYxhiYt
GLjdujjsjd07iVJVtBPVmxRWpzT+am1MhGKM0Fj924KTIEFPzDXozba5+58FfSdh
hnAK1s+WXV6XgDV5Dn/iNsr/Lgspe27WQon2MRUqr8+KWdrS5HDbbBQuRsg4Pry5
bSdeIPX+6tmD+wyBzz9E/aV/yiXCNAdb0NOPh048/slkzS31PgjQavmFgHxyAUI9
JJXyPD7qKQUoivTN/ef2+p0t8ZEnTGm2/dIPQ0buy1IxNI/kF3/H4X7aiCIAZdRw
uOx2l9Sftdj9p5MesV61EWOjl/rpcHx1uIN/3NECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSehBE4C9ur25qVR6Wjvo94j1P1LDAfBgNVHSMEGDAWgBTXXlWatiAsKTYh
PB+Kz2jIKd3ruTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzExNVZtcllnTENrMklUd2ZpczlveUNuZDY3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZjEyNDY5LTAxOWYtNDc5NC1iYmEzLTU1MTdkMGYyNmU2OC8x
L25vUVJPQXZicTl1YWxVZWxvNzZQZUk5VDlTdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZjEyNDY5LTAxOWYtNDc5NC1iYmEzLTU1MTdkMGYyNmU2OC8xLzExNVZtcllnTENr
MklUd2ZpczlveUNuZDY3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVtnjANBgkqhkiG9w0BAQsFAAOC
AQEASP1M8g1jYCIety3X/+V3HQ06lhlNIQfzAjjvTSXbGT/GgMYyzchPgljPRKOl
JB44DxF/BVaxTBeu/S7CuVmyVkhjhQHbMupmwmPFTULioQefEwkaUyCDUX6P18Fj
P9XpTLRTjvEbmOn7uCEqGhj5feSvBjDzEc18E5cwhS3wo6Xn3u5ANihTI4lPsJlS
+ox535ICRrkIMQ1mjD5RcmYQZsZFECMudNTMeNk8zeogJO+Z/o3rUK+ST8ABhTeA
iY8w4El7RIEjSFcGxV8gmumZfnq8oLj3KFCLiWgSfc0Mh1iCjtaJ5brJLMFhkaqi
a8G5wgOu045wlyOc1TUiHH4C7w==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:33:44 2022 by rpki-client.