Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/

$ rpki-client -vvf l9-mKGFRE4BUm1WuBA5ln5QIhRk.roa
File:                     l9-mKGFRE4BUm1WuBA5ln5QIhRk.roa (download)
Hash identifier:          5r8EAfE7UHD66ukjHjZtggGmCwCUyrGFVjt7OjC1a3U=
Subject key identifier:   97:DF:A6:28:61:51:13:80:54:9B:55:AE:04:0E:65:9F:94:08:85:19
Certificate issuer:       /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial:       0181F732CAC78F09FE78AF8621F6AB2C7A5D
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/l9-mKGFRE4BUm1WuBA5ln5QIhRk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.177.78.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f7:32:ca:c7:8f:09:fe:78:af:86:21:f6:ab:2c:7a:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
        Validity
            Not Before: Jul 13 10:55:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=97dfa62861511380549b55ae040e659f94088519
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:fb:59:d1:c7:d2:f7:9f:a9:66:fc:a3:96:1a:
                    d4:5b:37:8c:92:63:40:e5:60:5c:d0:11:89:4c:fb:
                    ee:f6:27:8f:83:79:6e:8f:db:b2:a0:62:4a:8e:a3:
                    31:c5:64:a6:49:b8:6b:e6:d7:f2:01:cf:c0:de:9f:
                    05:70:35:83:40:36:f8:0b:38:94:9d:ff:e5:f1:cb:
                    38:1a:36:9d:72:34:37:5f:30:54:7a:fd:b2:b2:e0:
                    42:ae:0d:7b:72:03:48:4a:7c:25:c0:c9:06:4e:9f:
                    8f:09:0c:6f:2f:89:74:10:64:bb:d2:47:5c:f8:d5:
                    3f:95:fd:2d:20:01:0d:bf:3f:34:63:63:8e:be:dc:
                    47:d7:bc:ab:cb:aa:5e:36:27:d7:88:b4:2f:21:31:
                    9a:d3:f8:1d:0c:e2:fe:cd:0b:c3:36:f6:0e:30:f1:
                    b2:52:a0:98:be:bd:2c:40:3a:14:29:f4:14:2d:d0:
                    1f:28:01:07:4f:4a:86:03:92:1d:22:dd:65:4f:b2:
                    ad:ac:8f:a4:97:42:e7:13:76:23:33:c9:eb:c4:fe:
                    2f:6c:56:a4:b9:15:42:e7:80:cf:98:f5:ea:b0:7c:
                    1e:81:e6:72:6e:80:0e:7d:1f:ef:35:6d:98:c7:65:
                    58:0f:93:cd:72:c8:57:91:41:77:a7:c6:27:7f:5a:
                    d9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                97:DF:A6:28:61:51:13:80:54:9B:55:AE:04:0E:65:9F:94:08:85:19
            X509v3 Authority Key Identifier: 
                keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/l9-mKGFRE4BUm1WuBA5ln5QIhRk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:67:80:48:e9:e9:bb:de:93:d5:39:8b:82:06:22:50:e9:70:
         06:9c:dd:f1:a0:e8:4a:62:30:70:f2:4d:9a:6f:41:03:4a:88:
         95:09:34:4a:e9:35:6e:34:5d:54:5e:13:d9:21:2f:c5:2e:0a:
         1a:87:58:18:8c:3e:e5:f6:fd:1b:c0:81:1e:58:8c:cd:c6:d2:
         e0:6e:58:f3:53:63:1c:3a:ff:03:16:06:e0:7c:d6:fa:93:09:
         7c:cd:a3:8b:51:30:43:5c:2f:ec:8c:a9:87:31:a4:15:db:e9:
         bc:c3:e8:53:f8:f8:e4:39:8e:4e:14:7e:3a:90:5d:60:ed:a4:
         e0:1c:82:ac:11:b7:63:02:10:68:aa:1e:97:15:57:ba:d4:0e:
         6c:f9:4d:f0:c7:fc:eb:c4:8a:a7:be:31:6d:37:1b:7c:a2:b0:
         43:2e:1b:97:f0:03:3e:00:04:9c:75:28:5b:c9:32:06:c9:5f:
         13:e5:9d:f7:33:ee:d0:46:5d:45:34:be:26:09:f8:0e:63:14:
         4a:f3:2d:5c:2b:c3:ad:57:de:bc:c9:ef:2b:63:4d:7b:2b:3c:
         5d:0a:8c:68:cd:7f:4b:ef:49:ff:ed:2b:8b:72:ea:38:61:cf:
         47:bd:d5:3c:b2:e1:73:ab:53:fb:f1:0f:91:56:c8:16:c5:9a:
         91:c7:1b:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH3MsrHjwn+eK+GIfarLHpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjIwNzEzMTA1NTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2RmYTYyODYxNTExMzgwNTQ5YjU1YWUwNDBlNjU5Zjk0MDg4NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPtZ0cfS95+pZvyjlhrUWzeMkmNA
5WBc0BGJTPvu9iePg3luj9uyoGJKjqMxxWSmSbhr5tfyAc/A3p8FcDWDQDb4CziU
nf/l8cs4GjadcjQ3XzBUev2ysuBCrg17cgNISnwlwMkGTp+PCQxvL4l0EGS70kdc
+NU/lf0tIAENvz80Y2OOvtxH17yry6peNifXiLQvITGa0/gdDOL+zQvDNvYOMPGy
UqCYvr0sQDoUKfQULdAfKAEHT0qGA5IdIt1lT7KtrI+kl0LnE3YjM8nrxP4vbFak
uRVC54DPmPXqsHwegeZyboAOfR/vNW2Yx2VYD5PNcshXkUF3p8Ynf1rZfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJffpihhUROAVJtVrgQOZZ+UCIUZMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvbDktbUtHRlJFNEJVbTFXdUJBNWxuNVFJaFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubFOMA0G
CSqGSIb3DQEBCwUAA4IBAQCsZ4BI6em73pPVOYuCBiJQ6XAGnN3xoOhKYjBw8k2a
b0EDSoiVCTRK6TVuNF1UXhPZIS/FLgoah1gYjD7l9v0bwIEeWIzNxtLgbljzU2Mc
Ov8DFgbgfNb6kwl8zaOLUTBDXC/sjKmHMaQV2+m8w+hT+PjkOY5OFH46kF1g7aTg
HIKsEbdjAhBoqh6XFVe61A5s+U3wx/zrxIqnvjFtNxt8orBDLhuX8AM+AAScdShb
yTIGyV8T5Z33M+7QRl1FNL4mCfgOYxRK8y1cK8OtV968ye8rY017KzxdCoxozX9L
70n/7SuLcuo4Yc9HvdU8suFzq1P78Q+RVsgWxZqRxxtj
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:47:57 2022 by rpki-client.