Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3ea867-df9a-48e0-b8e3-5559915f3759/1/tc6WRdm8HX4E7LNWtYJycuBZcW4.roa
File:                     tc6WRdm8HX4E7LNWtYJycuBZcW4.roa (download)
Hash identifier:          /LF2n1lgLJ73XpRS84EicajoRbbHZWtmvM8LmfbTvoY=
Subject key identifier:   B5:CE:96:45:D9:BC:1D:7E:04:EC:B3:56:B5:82:72:72:E0:59:71:6E
Certificate issuer:       /CN=60f66e54f694bce7e32c8a326136e5c283a38498
Certificate serial:       FBAC6A
Authority key identifier: 60:F6:6E:54:F6:94:BC:E7:E3:2C:8A:32:61:36:E5:C2:83:A3:84:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPZuVPaUvOfjLIoyYTblwoOjhJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3ea867-df9a-48e0-b8e3-5559915f3759/1/tc6WRdm8HX4E7LNWtYJycuBZcW4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 146.19.132.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16493674 (0xfbac6a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f66e54f694bce7e32c8a326136e5c283a38498
        Validity
            Not Before: Mar  7 17:31:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b5ce9645d9bc1d7e04ecb356b5827272e059716e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a7:f6:78:5a:1e:75:cc:ff:fc:5c:05:7c:bc:
                    7f:d2:3f:2c:b7:b7:7e:5a:18:6f:93:ff:3c:45:00:
                    e0:50:f8:39:2f:4a:0c:8f:7d:0f:10:77:a0:27:9e:
                    32:07:f0:71:9b:b6:75:f8:58:ea:63:aa:b9:98:9d:
                    2f:3e:5b:27:7a:57:00:fe:8d:a5:e5:c4:36:8c:cd:
                    f4:4e:30:96:03:bd:64:78:1a:5f:66:05:b9:a7:69:
                    ad:f5:3d:fd:fd:cb:f6:b3:28:7c:b5:64:36:da:a0:
                    65:f6:bc:46:58:99:ee:48:bb:e1:d7:90:1e:8d:15:
                    e7:4e:d2:c6:3e:73:32:5e:0d:7c:38:6d:ee:da:d6:
                    9a:71:87:7a:b5:56:d1:25:be:e2:4a:5e:c4:21:6e:
                    6a:73:4a:26:f2:68:0f:bc:3e:c0:71:00:2c:9c:dd:
                    36:34:dd:d5:a3:e7:af:86:9f:2b:49:31:6f:d3:37:
                    a6:10:96:55:4a:59:41:ac:87:d0:9e:7c:5a:7e:c0:
                    71:b5:f6:eb:13:27:04:2c:d3:99:51:0e:b6:da:cc:
                    71:d2:00:be:ae:96:5b:e9:f3:9a:3a:11:bc:d0:a1:
                    39:a9:81:c5:16:8b:8b:40:82:2b:fa:be:6a:56:38:
                    35:ba:f9:ab:57:99:72:1d:27:fa:ee:66:e3:15:11:
                    b4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B5:CE:96:45:D9:BC:1D:7E:04:EC:B3:56:B5:82:72:72:E0:59:71:6E
            X509v3 Authority Key Identifier: 
                keyid:60:F6:6E:54:F6:94:BC:E7:E3:2C:8A:32:61:36:E5:C2:83:A3:84:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPZuVPaUvOfjLIoyYTblwoOjhJg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3ea867-df9a-48e0-b8e3-5559915f3759/1/tc6WRdm8HX4E7LNWtYJycuBZcW4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3ea867-df9a-48e0-b8e3-5559915f3759/1/YPZuVPaUvOfjLIoyYTblwoOjhJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:ba:7f:96:a3:52:0c:f9:d9:00:e3:93:e9:72:0e:b6:ee:7c:
         61:5f:97:1f:87:2f:1a:bc:a0:6c:07:be:9e:16:b3:47:69:80:
         66:40:47:08:74:35:cf:c2:32:b5:36:12:f7:9e:06:e0:41:52:
         b4:ff:ba:65:ed:db:f9:99:1d:eb:fb:53:6b:16:b0:9d:22:fc:
         54:97:71:6d:cc:87:f4:bf:d6:07:82:ea:d4:86:08:00:bf:30:
         d3:de:c5:be:e8:be:39:40:76:0d:b3:b8:2b:63:f2:f1:ff:ff:
         5d:b3:4e:ca:b7:ac:35:4e:1e:28:30:69:ad:43:a9:c8:ec:c9:
         8e:b8:76:b1:89:21:50:12:bd:2a:0b:b1:ce:67:5d:7f:4d:20:
         7b:93:60:8a:74:0b:0a:66:79:d1:1c:84:bd:15:62:a8:ac:27:
         35:8d:e1:be:85:65:78:fb:fe:be:58:26:a9:96:ae:30:8a:13:
         00:79:3c:25:72:75:13:f2:79:a3:4e:78:34:52:18:c2:1f:1b:
         6d:fa:90:33:91:55:8c:f3:39:14:5a:9b:0d:ec:2a:c5:43:e9:
         bf:2e:49:3a:72:65:73:16:95:60:d9:77:16:9d:21:9d:c7:45:
         57:ba:3f:df:9f:5c:1d:3c:ea:f1:e5:c3:ad:41:73:96:e1:e0:
         d6:b9:d6:72
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPusajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGY2NmU1NGY2OTRiY2U3ZTMyYzhhMzI2MTM2ZTVjMjgzYTM4NDk4MB4XDTIyMDMw
NzE3MzExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVjZTk2NDVkOWJj
MWQ3ZTA0ZWNiMzU2YjU4MjcyNzJlMDU5NzE2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6n9nhaHnXM//xcBXy8f9I/LLe3floYb5P/PEUA4FD4OS9K
DI99DxB3oCeeMgfwcZu2dfhY6mOquZidLz5bJ3pXAP6NpeXENozN9E4wlgO9ZHga
X2YFuadprfU9/f3L9rMofLVkNtqgZfa8RliZ7ki74deQHo0V507Sxj5zMl4NfDht
7trWmnGHerVW0SW+4kpexCFuanNKJvJoD7w+wHEALJzdNjTd1aPnr4afK0kxb9M3
phCWVUpZQayH0J58Wn7AcbX26xMnBCzTmVEOttrMcdIAvq6WW+nzmjoRvNChOamB
xRaLi0CCK/q+alY4Nbr5q1eZch0n+u5m4xURtEcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1zpZF2bwdfgTss1a1gnJy4FlxbjAfBgNVHSMEGDAWgBRg9m5U9pS85+Ms
ijJhNuXCg6OEmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lQWnVWUGFVdk9makxJb3lZVGJsd29PamhKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvM2VhODY3LWRmOWEtNDhlMC1iOGUzLTU1NTk5MTVmMzc1OS8x
L3RjNldSZG04SFg0RTdMTld0WUp5Y3VCWmNXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
M2VhODY3LWRmOWEtNDhlMC1iOGUzLTU1NTk5MTVmMzc1OS8xL1lQWnVWUGFVdk9m
akxJb3lZVGJsd29PamhKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJIThDANBgkqhkiG9w0BAQsFAAOC
AQEAKLp/lqNSDPnZAOOT6XIOtu58YV+XH4cvGrygbAe+nhazR2mAZkBHCHQ1z8Iy
tTYS954G4EFStP+6Ze3b+Zkd6/tTaxawnSL8VJdxbcyH9L/WB4Lq1IYIAL8w097F
vui+OUB2DbO4K2Py8f//XbNOyresNU4eKDBprUOpyOzJjrh2sYkhUBK9Kguxzmdd
f00ge5NginQLCmZ50RyEvRViqKwnNY3hvoVlePv+vlgmqZauMIoTAHk8JXJ1E/J5
o054NFIYwh8bbfqQM5FVjPM5FFqbDewqxUPpvy5JOnJlcxaVYNl3Fp0hncdFV7o/
359cHTzq8eXDrUFzluHg1rnWcg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 20:03:06 2022 by rpki-client.