Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/

$ rpki-client -vvf b-1nMRNC65W6Y3M0KxNGuyLSXSs.roa
File:                     b-1nMRNC65W6Y3M0KxNGuyLSXSs.roa (download)
Hash identifier:          cTv4oO+W+gNMBpb1Hl3FG428dWQZQAD+ZiYJ/q4GpS4=
Subject key identifier:   6F:ED:67:31:13:42:EB:95:BA:63:73:34:2B:13:46:BB:22:D2:5D:2B
Certificate issuer:       /CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Certificate serial:       02227657
Authority key identifier: EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/b-1nMRNC65W6Y3M0KxNGuyLSXSs.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.192.36.0/22 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35812951 (0x2227657)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
        Validity
            Not Before: Jan 17 13:43:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fed67311342eb95ba6373342b1346bb22d25d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5e:d3:dc:b3:9c:2e:a7:c9:07:fb:8b:8b:17:
                    06:09:7c:9b:02:4a:c2:dc:64:da:6f:dc:5e:09:f5:
                    81:6b:2d:eb:bb:6c:57:5f:f9:a0:c0:16:cd:f4:49:
                    97:67:ff:c9:41:81:2a:cd:8f:73:e0:55:b7:3f:cb:
                    02:28:ae:91:27:db:02:00:5f:ac:95:8a:51:a1:b3:
                    a7:8b:93:0e:43:8a:d2:35:24:ac:89:b9:ef:41:bb:
                    dc:31:65:46:78:5d:8f:89:70:ef:92:52:37:0a:49:
                    4c:bd:e9:5c:f0:ed:f4:6d:50:07:5a:3d:e1:fa:fc:
                    9b:6c:56:39:0b:90:a6:28:37:c9:89:c0:8c:b6:b3:
                    75:d5:7b:3a:08:de:cb:7b:e1:36:e5:f2:c1:7e:0d:
                    16:d0:d1:76:f2:26:17:86:b5:22:a1:8e:92:4a:df:
                    15:55:b6:ae:b6:b0:13:0d:56:e6:15:14:3f:10:1b:
                    49:22:51:70:c0:e6:58:db:96:a7:2e:fa:a5:f7:4c:
                    64:11:b2:9f:e3:8e:51:54:07:c7:05:fa:3d:b2:22:
                    ac:36:13:7d:0b:86:b3:b0:4f:c3:ca:56:54:2b:98:
                    44:32:9c:79:81:4e:35:82:1f:17:f3:2d:be:d7:44:
                    e3:82:cb:8c:e0:46:05:a6:bf:ba:b4:e5:c0:d6:40:
                    4a:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                6F:ED:67:31:13:42:EB:95:BA:63:73:34:2B:13:46:BB:22:D2:5D:2B
            X509v3 Authority Key Identifier: 
                keyid:EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/b-1nMRNC65W6Y3M0KxNGuyLSXSs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/66jbO1TQgcML9Rvcexnk9kgLf1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:76:b9:f9:d6:5a:78:a6:3d:dd:65:d6:f9:ca:c1:14:0c:23:
         30:2f:93:7c:5a:f9:be:88:5f:a4:6e:16:a7:cd:8b:b8:96:38:
         27:da:f9:cd:25:b6:0f:77:13:d6:28:0f:e1:aa:10:1a:9d:a8:
         72:a1:fe:ea:07:53:67:fa:f8:e5:71:ce:55:8b:00:97:96:b8:
         0f:0a:30:8f:35:70:bf:2b:03:ec:eb:0d:7e:7d:07:cc:06:43:
         6a:52:a7:55:b9:36:56:35:29:93:05:4a:b7:84:af:eb:7a:24:
         e7:62:eb:9f:13:cb:95:15:a3:9e:70:d5:b7:ff:fc:89:85:f0:
         8f:9c:ef:f1:b1:60:87:d1:5d:05:77:2c:0c:b4:31:35:37:b8:
         8e:09:20:00:c8:a0:a5:1d:9b:3f:1d:db:3a:f3:e3:36:38:51:
         98:05:61:0d:82:5c:30:d4:69:c7:d7:a5:5d:70:a1:1e:7c:51:
         19:f8:cc:37:15:16:07:43:4d:20:c2:4c:73:c2:7f:d5:ef:e9:
         fa:12:dc:46:cc:73:26:c9:c9:b4:17:be:37:6d:38:e7:51:df:
         9b:cb:dc:46:c1:89:75:23:ca:53:0e:34:1b:8d:0c:f6:5b:85:
         6d:f4:ec:4c:71:07:55:2c:8e:16:a6:79:58:46:91:4c:fb:fc:
         39:42:9d:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiJ2VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmE4ZGIzYjU0ZDA4MWMzMGJmNTFiZGM3YjE5ZTRmNjQ4MGI3ZjUzMB4XDTIyMDEx
NzEzNDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZlZDY3MzExMzQy
ZWI5NWJhNjM3MzM0MmIxMzQ2YmIyMmQyNWQyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALle09yznC6nyQf7i4sXBgl8mwJKwtxk2m/cXgn1gWst67ts
V1/5oMAWzfRJl2f/yUGBKs2Pc+BVtz/LAiiukSfbAgBfrJWKUaGzp4uTDkOK0jUk
rIm570G73DFlRnhdj4lw75JSNwpJTL3pXPDt9G1QB1o94fr8m2xWOQuQpig3yYnA
jLazddV7Ogjey3vhNuXywX4NFtDRdvImF4a1IqGOkkrfFVW2rrawEw1W5hUUPxAb
SSJRcMDmWNuWpy76pfdMZBGyn+OOUVQHxwX6PbIirDYTfQuGs7BPw8pWVCuYRDKc
eYFONYIfF/MtvtdE44LLjOBGBaa/urTlwNZASiMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRv7WcxE0LrlbpjczQrE0a7ItJdKzAfBgNVHSMEGDAWgBTrqNs7VNCBwwv1
G9x7GeT2SAt/UzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY2amJPMVRRZ2NNTDlSdmNleG5rOWtnTGYxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvNmNjZjAzLTA5MGQtNDE2ZS04NmNmLWU5ZGMzZjFjZjgyNC8x
L2ItMW5NUk5DNjVXNlkzTTBLeE5HdXlMU1hTcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
NmNjZjAzLTA5MGQtNDE2ZS04NmNmLWU5ZGMzZjFjZjgyNC8xLzY2amJPMVRRZ2NN
TDlSdmNleG5rOWtnTGYxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnAJDANBgkqhkiG9w0BAQsFAAOC
AQEAkXa5+dZaeKY93WXW+crBFAwjMC+TfFr5vohfpG4Wp82LuJY4J9r5zSW2D3cT
1igP4aoQGp2ocqH+6gdTZ/r45XHOVYsAl5a4DwowjzVwvysD7OsNfn0HzAZDalKn
Vbk2VjUpkwVKt4Sv63ok52LrnxPLlRWjnnDVt//8iYXwj5zv8bFgh9FdBXcsDLQx
NTe4jgkgAMigpR2bPx3bOvPjNjhRmAVhDYJcMNRpx9elXXChHnxRGfjMNxUWB0NN
IMJMc8J/1e/p+hLcRsxzJsnJtBe+N20451Hfm8vcRsGJdSPKUw40G40M9luFbfTs
THEHVSyOFqZ5WEaRTPv8OUKdIQ==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:57:16 2022 by rpki-client.