Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/CCRLiWuc4ThY_s7rbXuw7ny1rVU.roa
File:                     CCRLiWuc4ThY_s7rbXuw7ny1rVU.roa (download)
Hash identifier:          69zg2HdgzKrohwC2xchg7HhKbB3SaSZBqIvQLyZM8Ek=
Subject key identifier:   08:24:4B:89:6B:9C:E1:38:58:FE:CE:EB:6D:7B:B0:EE:7C:B5:AD:55
Certificate issuer:       /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial:       055E9496
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/CCRLiWuc4ThY_s7rbXuw7ny1rVU.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 85.203.40.0/22 maxlen: 22
    2: 85.203.26.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90084502 (0x55e9496)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
        Validity
            Not Before: Jan  1 15:07:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08244b896b9ce13858feceeb6d7bb0ee7cb5ad55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:88:ce:2b:ce:d4:f9:99:a7:d4:3f:11:99:1a:
                    d3:52:19:19:c4:9f:95:51:80:c9:88:99:00:30:44:
                    e8:0b:48:7d:86:3d:a2:f4:4d:fb:38:c1:1d:c9:4a:
                    08:3d:eb:26:7d:21:74:c6:23:21:b5:db:70:a6:1d:
                    9f:3d:f1:79:99:92:4b:86:99:08:45:ea:4b:bb:02:
                    12:98:0a:e9:a1:fe:a8:03:51:03:13:18:38:ba:0c:
                    75:16:77:1d:e4:0d:ea:18:6a:d6:e7:51:83:82:74:
                    33:24:f4:5e:ea:0f:5a:8d:fa:9e:c8:d6:e0:b1:0c:
                    65:5c:72:95:88:40:13:7d:b8:92:28:21:5f:29:c0:
                    95:bb:0d:94:a0:54:06:06:bd:0b:21:2e:3d:13:b6:
                    3b:48:57:63:b3:e4:1f:d2:5c:e7:33:46:82:8f:46:
                    91:85:7a:c2:81:aa:73:af:0a:a1:47:36:d2:a5:b2:
                    5a:13:f5:b1:29:38:b2:a6:e8:6e:5d:19:2f:32:68:
                    5f:5a:50:52:95:ce:45:4f:d5:66:41:46:b9:1d:3c:
                    c8:a8:ca:2e:51:c3:81:a9:02:2c:d4:95:e9:2c:b2:
                    70:04:64:5f:08:f0:9f:b4:5d:84:9b:6d:27:3d:a5:
                    d7:d2:cd:b0:01:37:17:11:d0:00:38:76:34:f7:67:
                    57:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                08:24:4B:89:6B:9C:E1:38:58:FE:CE:EB:6D:7B:B0:EE:7C:B5:AD:55
            X509v3 Authority Key Identifier: 
                keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/CCRLiWuc4ThY_s7rbXuw7ny1rVU.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.203.26.0/24
                  85.203.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:0d:e5:f0:c8:50:d1:8e:52:76:9a:37:6c:d7:2e:54:80:ce:
         74:be:ef:8f:3e:21:24:89:77:82:1e:d5:c7:9e:43:07:67:f0:
         c8:54:94:c6:dd:7a:b2:83:cc:7e:cd:21:11:c5:88:c7:e6:3b:
         73:09:a3:af:dd:4a:34:03:f6:d8:dd:6e:f9:5e:37:b7:29:34:
         4c:55:8e:71:96:6a:0f:5f:f9:78:6b:dc:b9:3a:8a:32:ba:0c:
         3f:ed:90:30:d1:6f:61:c5:00:de:20:22:56:15:c9:c0:ca:74:
         22:7c:65:0b:35:7f:6c:f8:f4:72:82:fa:84:48:5c:1c:84:b9:
         0c:40:a7:e1:6a:de:69:21:49:65:df:2c:33:6e:61:4c:51:a0:
         f8:db:59:61:16:7d:36:eb:54:a5:a0:1e:85:89:d2:74:21:0c:
         e3:76:7e:b4:f6:95:98:3c:83:d2:1f:0a:f0:39:1f:54:7c:9a:
         51:7a:7b:56:91:81:ee:16:3e:3e:a7:b2:8d:8c:b0:2c:d7:27:
         b0:de:b0:d4:27:a0:b3:df:f1:77:ef:08:45:34:b3:f3:12:11:
         3f:ae:58:03:2d:da:71:db:9e:e3:34:56:3b:aa:1f:e1:b2:af:
         c9:79:0c:63:0d:c0:fe:43:ab:71:98:09:8a:bc:5f:b8:39:fc:
         b3:16:f6:7e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBV6UljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgyNDRiODk2Yjlj
ZTEzODU4ZmVjZWViNmQ3YmIwZWU3Y2I1YWQ1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaIzivO1PmZp9Q/EZka01IZGcSflVGAyYiZADBE6AtIfYY9
ovRN+zjBHclKCD3rJn0hdMYjIbXbcKYdnz3xeZmSS4aZCEXqS7sCEpgK6aH+qANR
AxMYOLoMdRZ3HeQN6hhq1udRg4J0MyT0XuoPWo36nsjW4LEMZVxylYhAE324kigh
XynAlbsNlKBUBga9CyEuPRO2O0hXY7PkH9Jc5zNGgo9GkYV6woGqc68KoUc20qWy
WhP1sSk4sqbobl0ZLzJoX1pQUpXORU/VZkFGuR08yKjKLlHDgakCLNSV6SyycARk
Xwjwn7RdhJttJz2l19LNsAE3FxHQADh2NPdnV4sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQIJEuJa5zhOFj+zutte7DufLWtVTAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L0NDUkxpV3VjNFRoWV9zN3JiWHV3N255MXJWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFXLGgMEAlXLKDANBgkqhkiG9w0B
AQsFAAOCAQEAeQ3l8MhQ0Y5Sdpo3bNcuVIDOdL7vjz4hJIl3gh7Vx55DB2fwyFSU
xt16soPMfs0hEcWIx+Y7cwmjr91KNAP22N1u+V43tyk0TFWOcZZqD1/5eGvcuTqK
MroMP+2QMNFvYcUA3iAiVhXJwMp0InxlCzV/bPj0coL6hEhcHIS5DECn4WreaSFJ
Zd8sM25hTFGg+NtZYRZ9NutUpaAehYnSdCEM43Z+tPaVmDyD0h8K8DkfVHyaUXp7
VpGB7hY+PqeyjYywLNcnsN6w1Cegs9/xd+8IRTSz8xIRP65YAy3acdue4zRWO6of
4bKvyXkMYw3A/kOrcZgJirxfuDn8sxb2fg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:23:14 2022 by rpki-client.