Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/HEHo-IUE6pVnQG8Oqgb7Jdz0TKY.roa
File:                     HEHo-IUE6pVnQG8Oqgb7Jdz0TKY.roa (download)
Hash identifier:          Qu9Foz1UoGqE3G9PRg6E7GAOPX4TaA9AE61UzN+ZMR0=
Subject key identifier:   1C:41:E8:F8:85:04:EA:95:67:40:6F:0E:AA:06:FB:25:DC:F4:4C:A6
Certificate issuer:       /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial:       19FCA8AD
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/HEHo-IUE6pVnQG8Oqgb7Jdz0TKY.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a06:a000:170::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435988653 (0x19fca8ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
        Validity
            Not Before: May 22 13:27:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1c41e8f88504ea9567406f0eaa06fb25dcf44ca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:39:7a:14:49:ac:58:db:fd:3c:c0:51:98:e6:
                    88:46:f7:e8:8c:10:19:f9:ba:6c:f7:36:46:1f:55:
                    d3:f5:c2:99:56:1f:ba:f6:2e:22:13:87:c0:fd:48:
                    93:a8:c3:32:62:c7:00:9a:c5:31:56:97:79:c0:cb:
                    99:78:2d:6e:ec:ee:3a:68:7f:20:6c:68:7a:df:d2:
                    c8:cb:cb:a7:38:2a:5f:d8:c9:66:ca:1b:14:f3:6f:
                    57:1a:4f:c8:33:bf:32:1b:10:bd:f4:62:0f:9c:1e:
                    c1:a7:55:40:2f:b0:8b:39:86:a0:33:41:3e:63:24:
                    fa:c1:5d:d1:6e:95:1d:cf:d3:e0:06:4e:e6:9a:b0:
                    47:c1:6d:1f:43:7a:f3:6b:d8:4f:3c:c4:8e:a2:e3:
                    9e:3e:77:44:58:d6:e1:a6:a5:f7:e3:4b:b3:bb:9c:
                    f4:42:53:a4:6d:9d:c4:fa:6f:6b:83:12:68:dd:d5:
                    9d:7a:7d:c1:2e:1b:59:34:c4:45:91:6d:59:12:72:
                    61:18:a5:17:c1:9c:9c:aa:22:7b:b0:0f:36:97:a7:
                    09:e8:0b:d7:80:59:1f:d5:3e:7e:65:65:2f:01:a1:
                    00:44:fe:56:29:f3:54:4b:0c:21:30:65:51:dd:de:
                    99:db:ff:4c:08:61:93:c6:1b:69:04:9a:84:45:41:
                    26:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1C:41:E8:F8:85:04:EA:95:67:40:6F:0E:AA:06:FB:25:DC:F4:4C:A6
            X509v3 Authority Key Identifier: 
                keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/HEHo-IUE6pVnQG8Oqgb7Jdz0TKY.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a000:170::/48

    Signature Algorithm: sha256WithRSAEncryption
         3c:f4:e8:e0:69:17:16:a5:a8:cb:20:45:fa:84:82:3b:a5:a8:
         38:f2:cc:f2:2f:68:8d:8f:43:d8:7b:df:d8:ce:39:0e:c3:8a:
         9c:46:f6:c1:8d:1e:8d:fa:28:9b:d0:c4:24:c7:0e:fc:88:50:
         07:77:dc:85:12:8c:7c:28:7a:ef:8b:c0:34:f6:da:a8:14:50:
         c8:7b:52:b0:cc:66:4a:25:c7:cb:b8:93:9e:b5:e1:90:2c:76:
         14:2a:33:92:0c:1c:ba:01:98:0c:50:a9:40:ab:7c:f1:49:8e:
         9b:1c:ae:d0:b6:23:59:c0:76:a0:30:6a:c1:2f:1f:04:f0:04:
         ff:5e:58:90:03:ec:0c:53:7e:e3:fb:25:37:2f:87:83:6e:90:
         ce:6c:cd:3a:3b:ec:06:19:b2:aa:be:24:1d:25:de:94:7a:79:
         35:6c:80:28:e7:99:7f:2d:e5:d8:7d:d8:75:26:23:a0:75:c1:
         7d:75:36:6a:ca:ad:5c:86:9b:d2:0d:9c:7e:45:2c:4c:a4:26:
         25:b7:26:a2:93:21:e8:af:1a:c7:c7:19:ef:14:39:c5:a7:1b:
         7d:85:7f:04:6f:e0:bc:fb:63:5e:db:07:95:f3:4c:75:79:f1:
         83:25:04:d1:0a:4a:f5:cf:8b:9e:c9:1a:6c:a3:65:0e:67:35:
         70:00:e2:c6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEGfyorTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDkxNDU0MWZkMWI5NWU3YzBhZmM4NzVmYmVmNzg3OTRmNTUzODZiMB4XDTIyMDUy
MjEzMjczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM0MWU4Zjg4NTA0
ZWE5NTY3NDA2ZjBlYWEwNmZiMjVkY2Y0NGNhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJU5ehRJrFjb/TzAUZjmiEb36IwQGfm6bPc2Rh9V0/XCmVYf
uvYuIhOHwP1Ik6jDMmLHAJrFMVaXecDLmXgtbuzuOmh/IGxoet/SyMvLpzgqX9jJ
ZsobFPNvVxpPyDO/MhsQvfRiD5wewadVQC+wizmGoDNBPmMk+sFd0W6VHc/T4AZO
5pqwR8FtH0N682vYTzzEjqLjnj53RFjW4aal9+NLs7uc9EJTpG2dxPpva4MSaN3V
nXp9wS4bWTTERZFtWRJyYRilF8GcnKoie7APNpenCegL14BZH9U+fmVlLwGhAET+
VinzVEsMITBlUd3emdv/TAhhk8YbaQSahEVBJpsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQcQej4hQTqlWdAbw6qBvsl3PRMpjAfBgNVHSMEGDAWgBRUkUVB/RuV58Cv
yHX773h5T1U4azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZKRkZRZjBibGVmQXI4aDEtLTk0ZVU5Vk9Hcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNDY0NjMxLWNhOGUtNGM2YS1iMDkxLWQ5ZjZkOTY0MjUzNy8x
L0hFSG8tSVVFNnBWblFHOE9xZ2I3SmR6MFRLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NDY0NjMxLWNhOGUtNGM2YS1iMDkxLWQ5ZjZkOTY0MjUzNy8xL1ZKRkZRZjBibGVm
QXI4aDEtLTk0ZVU5Vk9Hcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoGoAABcDANBgkqhkiG9w0BAQsF
AAOCAQEAPPTo4GkXFqWoyyBF+oSCO6WoOPLM8i9ojY9D2Hvf2M45DsOKnEb2wY0e
jfoom9DEJMcO/IhQB3fchRKMfCh674vANPbaqBRQyHtSsMxmSiXHy7iTnrXhkCx2
FCozkgwcugGYDFCpQKt88UmOmxyu0LYjWcB2oDBqwS8fBPAE/15YkAPsDFN+4/sl
Ny+Hg26QzmzNOjvsBhmyqr4kHSXelHp5NWyAKOeZfy3l2H3YdSYjoHXBfXU2asqt
XIab0g2cfkUsTKQmJbcmopMh6K8ax8cZ7xQ5xacbfYV/BG/gvPtjXtsHlfNMdXnx
gyUE0QpK9c+LnskabKNlDmc1cADixg==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:15:19 2022 by rpki-client.