Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/

$ rpki-client -vvf Kkur0uW9OqnjqHEvRPfcbMzb350.roa
File:                     Kkur0uW9OqnjqHEvRPfcbMzb350.roa (download)
Hash identifier:          RW54GvmTBQCRmLU3INBv4+bdnr/7aT4vZK97j51MWAs=
Subject key identifier:   2A:4B:AB:D2:E5:BD:3A:A9:E3:A8:71:2F:44:F7:DC:6C:CC:DB:DF:9D
Certificate issuer:       /CN=9ce4dd86bcfd8b8f506a408051605ec74db6cea0
Certificate serial:       0112867C
Authority key identifier: 9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOTdhrz9i49QakCAUWBex022zqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/Kkur0uW9OqnjqHEvRPfcbMzb350.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 212.52.29.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17991292 (0x112867c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce4dd86bcfd8b8f506a408051605ec74db6cea0
        Validity
            Not Before: Mar  7 17:38:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2a4babd2e5bd3aa9e3a8712f44f7dc6cccdbdf9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:56:3a:50:14:01:20:af:bb:74:25:ec:bc:1b:
                    02:fc:76:c2:75:da:f1:82:40:62:93:cd:d0:ec:e3:
                    79:90:b0:fb:a0:93:1f:05:ce:00:b9:b0:77:80:6e:
                    07:2c:55:79:8f:a3:d1:39:21:7a:fa:56:8c:c4:d5:
                    ec:35:6e:94:8e:57:64:32:28:d3:9d:fb:31:94:e0:
                    ca:e4:a5:bb:8e:db:1b:60:71:ea:cb:54:4c:b9:05:
                    57:92:5b:36:34:01:c6:40:f1:fa:ae:dd:45:db:73:
                    d1:98:0e:85:6a:17:49:2b:66:48:ce:47:60:2c:f7:
                    df:60:cc:3d:a6:1f:e1:55:98:71:2e:5e:30:64:e3:
                    17:5e:7f:e3:4a:9c:9d:da:82:c7:07:30:c0:b5:4e:
                    13:86:3c:62:b4:4a:9f:81:f9:b3:fc:aa:8a:f3:0c:
                    9e:d7:aa:81:18:27:32:88:38:a5:ea:cd:10:1d:60:
                    b2:ba:15:ad:d3:16:ba:75:54:a8:8d:33:ff:a6:35:
                    0a:73:6d:33:49:df:94:33:8f:a4:e7:1a:a1:ee:d1:
                    cc:c9:2e:ec:7e:a7:56:3e:a9:7f:c1:66:bc:83:3a:
                    e3:5a:71:cb:a0:e5:4c:b7:90:11:b3:ba:5c:71:3c:
                    0c:71:33:32:c1:08:80:b5:a2:cd:f2:4a:40:e0:34:
                    50:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2A:4B:AB:D2:E5:BD:3A:A9:E3:A8:71:2F:44:F7:DC:6C:CC:DB:DF:9D
            X509v3 Authority Key Identifier: 
                keyid:9C:E4:DD:86:BC:FD:8B:8F:50:6A:40:80:51:60:5E:C7:4D:B6:CE:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOTdhrz9i49QakCAUWBex022zqA.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/Kkur0uW9OqnjqHEvRPfcbMzb350.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/b7392f-8c88-4c38-915e-0cf77c1e8584/1/nOTdhrz9i49QakCAUWBex022zqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.52.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:fa:53:cf:68:59:c0:c5:8c:db:a4:a6:54:3a:11:23:17:b4:
         ee:d7:20:e6:d1:61:d3:da:a0:7b:4f:ec:99:86:46:98:b0:d8:
         52:50:ab:44:25:02:38:75:aa:e6:8e:ba:af:c8:f2:64:dc:00:
         9e:ac:7d:f4:d3:82:db:97:c4:2a:5b:04:08:36:1e:07:2d:ee:
         27:54:b3:54:1d:a8:93:dd:75:40:b5:19:05:2b:9d:5d:1c:21:
         30:6e:c0:cc:e9:f8:3e:e1:98:59:0e:bb:5a:c3:65:ca:e0:1f:
         f6:12:c8:e6:37:3c:d2:8d:c2:c7:b6:cf:c6:60:3b:37:69:14:
         bc:7e:d7:08:d8:3c:4b:a0:a8:f4:0e:68:5a:5d:f1:4c:df:e5:
         1a:a4:f6:6a:6b:8e:0b:35:1e:57:b1:8f:c1:c8:fd:c4:8c:14:
         40:00:1c:fd:18:8d:e0:98:5c:6e:c5:91:c4:18:cb:4b:5d:89:
         48:cd:fb:ba:2f:4e:7c:0f:ab:1c:f5:7a:93:3c:10:61:31:83:
         5c:8f:f4:db:e5:e4:87:41:78:31:48:b0:c3:73:01:52:cf:4d:
         41:bc:25:57:42:7d:1f:21:44:a3:3e:ca:48:ae:d6:12:a6:81:
         38:73:ab:af:10:3d:eb:d0:f5:6e:f9:30:48:6f:71:8e:e7:83:
         ff:3b:96:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARKGfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Y2U0ZGQ4NmJjZmQ4YjhmNTA2YTQwODA1MTYwNWVjNzRkYjZjZWEwMB4XDTIyMDMw
NzE3Mzg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmE0YmFiZDJlNWJk
M2FhOWUzYTg3MTJmNDRmN2RjNmNjY2RiZGY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVWOlAUASCvu3Ql7LwbAvx2wnXa8YJAYpPN0OzjeZCw+6CT
HwXOALmwd4BuByxVeY+j0TkhevpWjMTV7DVulI5XZDIo0537MZTgyuSlu47bG2Bx
6stUTLkFV5JbNjQBxkDx+q7dRdtz0ZgOhWoXSStmSM5HYCz332DMPaYf4VWYcS5e
MGTjF15/40qcndqCxwcwwLVOE4Y8YrRKn4H5s/yqivMMnteqgRgnMog4perNEB1g
sroVrdMWunVUqI0z/6Y1CnNtM0nflDOPpOcaoe7RzMku7H6nVj6pf8FmvIM641px
y6DlTLeQEbO6XHE8DHEzMsEIgLWizfJKQOA0UDMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqS6vS5b06qeOocS9E99xszNvfnTAfBgNVHSMEGDAWgBSc5N2GvP2Lj1Bq
QIBRYF7HTbbOoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25PVGRocno5aTQ5UWFrQ0FVV0JleDAyMnpxQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvYjczOTJmLThjODgtNGMzOC05MTVlLTBjZjc3YzFlODU4NC8x
L0trdXIwdVc5T3FuanFIRXZSUGZjYk16YjM1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
YjczOTJmLThjODgtNGMzOC05MTVlLTBjZjc3YzFlODU4NC8xL25PVGRocno5aTQ5
UWFrQ0FVV0JleDAyMnpxQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQ0HTANBgkqhkiG9w0BAQsFAAOC
AQEAbPpTz2hZwMWM26SmVDoRIxe07tcg5tFh09qge0/smYZGmLDYUlCrRCUCOHWq
5o66r8jyZNwAnqx99NOC25fEKlsECDYeBy3uJ1SzVB2ok911QLUZBSudXRwhMG7A
zOn4PuGYWQ67WsNlyuAf9hLI5jc80o3Cx7bPxmA7N2kUvH7XCNg8S6Co9A5oWl3x
TN/lGqT2amuOCzUeV7GPwcj9xIwUQAAc/RiN4JhcbsWRxBjLS12JSM37ui9OfA+r
HPV6kzwQYTGDXI/02+Xkh0F4MUiww3MBUs9NQbwlV0J9HyFEoz7KSK7WEqaBOHOr
rxA969D1bvkwSG9xjueD/zuW8w==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:22:21 2022 by rpki-client.