Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/

$ rpki-client -vvf ZJxvakt8_x05zVX_IVnrdoJw3k0.roa
File:                     ZJxvakt8_x05zVX_IVnrdoJw3k0.roa (download)
Hash identifier:          khMe22PGsbmXs1PV7tHNscH+rGrOU+4AfPMiIuxsJAQ=
Subject key identifier:   64:9C:6F:6A:4B:7C:FF:1D:39:CD:55:FF:21:59:EB:76:82:70:DE:4D
Certificate issuer:       /CN=3883c95470a5ba4a87c505b683b816576371e3c8
Certificate serial:       998CCE
Authority key identifier: 38:83:C9:54:70:A5:BA:4A:87:C5:05:B6:83:B8:16:57:63:71:E3:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OIPJVHClukqHxQW2g7gWV2Nx48g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/ZJxvakt8_x05zVX_IVnrdoJw3k0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.126.100.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10063054 (0x998cce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3883c95470a5ba4a87c505b683b816576371e3c8
        Validity
            Not Before: Jan  1 01:59:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=649c6f6a4b7cff1d39cd55ff2159eb768270de4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:95:0b:fd:2f:f9:e9:c3:2b:ac:96:8e:ce:ce:
                    84:08:23:c7:0a:05:79:bc:ea:e1:3c:71:e8:25:e2:
                    4c:4b:e8:f6:84:7c:43:b9:13:da:e6:65:33:1e:82:
                    54:e8:8b:f1:b5:22:c0:e9:2e:87:f8:b7:3c:bc:b2:
                    30:25:29:be:2c:01:ed:cc:0a:a4:92:e0:71:4f:b5:
                    27:b8:81:3d:e2:ae:a3:bd:10:ed:b2:4d:b6:ac:37:
                    a9:b6:c2:e5:00:86:6e:ac:6d:9d:de:fe:62:37:07:
                    82:33:4b:f7:28:f0:47:e8:76:4e:34:3c:48:80:8a:
                    0c:0d:a2:35:fd:cd:a1:6c:c8:88:8a:19:0a:e9:11:
                    49:47:be:e2:5f:16:12:b5:1d:21:9f:5e:7b:c9:cb:
                    f4:b7:a8:fe:0d:c9:e5:30:5a:df:d2:39:f0:82:0a:
                    11:28:e7:ab:a2:76:d1:38:b3:89:7f:6d:41:d2:f9:
                    ee:40:0d:72:97:d9:92:3e:99:c5:74:04:7b:9e:b6:
                    71:a2:0a:e0:58:c1:90:7e:66:67:17:78:f7:31:95:
                    f7:4b:e0:ab:82:90:b6:a5:f4:c4:7b:82:4d:0c:95:
                    dc:f4:60:b2:5d:8d:4e:ab:09:86:f6:52:0e:94:7e:
                    92:71:c6:77:03:85:78:b9:fc:c5:24:31:5b:37:fc:
                    9a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                64:9C:6F:6A:4B:7C:FF:1D:39:CD:55:FF:21:59:EB:76:82:70:DE:4D
            X509v3 Authority Key Identifier: 
                keyid:38:83:C9:54:70:A5:BA:4A:87:C5:05:B6:83:B8:16:57:63:71:E3:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OIPJVHClukqHxQW2g7gWV2Nx48g.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/ZJxvakt8_x05zVX_IVnrdoJw3k0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/908b7e-81b9-478f-9543-b1f3eaa15212/1/OIPJVHClukqHxQW2g7gWV2Nx48g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.126.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:a6:43:47:ab:1c:f9:d6:58:49:59:d6:28:72:8b:d1:9a:c5:
         62:dd:47:99:49:84:df:86:5a:c5:7b:65:9d:f4:e0:71:94:4e:
         93:f4:73:cf:34:26:06:84:3c:4f:4e:df:1c:68:85:8c:35:b5:
         57:12:33:41:2e:eb:3d:51:c5:74:3b:f3:63:a7:b7:5b:df:7c:
         18:fe:ff:2d:f8:cb:d6:50:c4:ab:ac:be:42:36:31:bb:fc:1a:
         e1:48:05:cb:9e:de:79:da:98:53:1c:99:2c:9e:c4:c0:03:3f:
         85:41:f6:17:c2:85:a0:7c:6b:35:6c:6a:b3:03:1f:8d:8a:93:
         d9:89:1a:81:4c:59:74:5d:34:a5:a7:ea:62:11:2d:6d:ab:f9:
         d2:e9:21:43:a1:6a:67:3c:35:bf:cf:e4:26:5f:79:e1:2a:01:
         39:04:76:a6:77:ba:0e:2c:7f:3e:df:4d:03:6a:f7:91:7c:ca:
         8e:48:d1:5f:7c:4f:e2:74:46:b9:f3:18:55:64:28:5d:0d:c8:
         77:b4:df:e2:00:8c:42:72:2e:28:f6:ed:7e:9e:ee:fb:df:c9:
         63:8f:d6:0c:43:07:ce:79:98:51:c8:62:b4:f5:a3:d4:f5:4c:
         9e:7a:dc:a9:5b:7e:10:4e:94:c3:40:9e:5c:62:87:ff:8a:34:
         da:15:8a:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJmMzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODgzYzk1NDcwYTViYTRhODdjNTA1YjY4M2I4MTY1NzYzNzFlM2M4MB4XDTIyMDEw
MTAxNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ5YzZmNmE0Yjdj
ZmYxZDM5Y2Q1NWZmMjE1OWViNzY4MjcwZGU0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKVC/0v+enDK6yWjs7OhAgjxwoFebzq4Txx6CXiTEvo9oR8
Q7kT2uZlMx6CVOiL8bUiwOkuh/i3PLyyMCUpviwB7cwKpJLgcU+1J7iBPeKuo70Q
7bJNtqw3qbbC5QCGbqxtnd7+YjcHgjNL9yjwR+h2TjQ8SICKDA2iNf3NoWzIiIoZ
CukRSUe+4l8WErUdIZ9ee8nL9Leo/g3J5TBa39I58IIKESjnq6J20TiziX9tQdL5
7kANcpfZkj6ZxXQEe562caIK4FjBkH5mZxd49zGV90vgq4KQtqX0xHuCTQyV3PRg
sl2NTqsJhvZSDpR+knHGdwOFeLn8xSQxWzf8mqkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRknG9qS3z/HTnNVf8hWet2gnDeTTAfBgNVHSMEGDAWgBQ4g8lUcKW6SofF
BbaDuBZXY3HjyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09JUEpWSENsdWtxSHhRVzJnN2dXVjJOeDQ4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvOTA4YjdlLTgxYjktNDc4Zi05NTQzLWIxZjNlYWExNTIxMi8x
L1pKeHZha3Q4X3gwNXpWWF9JVm5yZG9KdzNrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
OTA4YjdlLTgxYjktNDc4Zi05NTQzLWIxZjNlYWExNTIxMi8xL09JUEpWSENsdWtx
SHhRVzJnN2dXVjJOeDQ4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB+ZDANBgkqhkiG9w0BAQsFAAOC
AQEAHaZDR6sc+dZYSVnWKHKL0ZrFYt1HmUmE34ZaxXtlnfTgcZROk/RzzzQmBoQ8
T07fHGiFjDW1VxIzQS7rPVHFdDvzY6e3W998GP7/LfjL1lDEq6y+QjYxu/wa4UgF
y57eedqYUxyZLJ7EwAM/hUH2F8KFoHxrNWxqswMfjYqT2YkagUxZdF00pafqYhEt
bav50ukhQ6FqZzw1v8/kJl954SoBOQR2pne6Dix/Pt9NA2r3kXzKjkjRX3xP4nRG
ufMYVWQoXQ3Id7Tf4gCMQnIuKPbtfp7u+9/JY4/WDEMHznmYUchitPWj1PVMnnrc
qVt+EE6Uw0CeXGKH/4o02hWKPA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:48:03 2022 by rpki-client.