Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/4c/2e5665-996c-4748-b27d-c920b000f4e6/1/

$ rpki-client -vvf 4wMzTP82cre0hiHpRzvzf9xh2dE.roa
File:                     4wMzTP82cre0hiHpRzvzf9xh2dE.roa (download)
Hash identifier:          JvV8/Xc4F0YNfjsYUkEZXxqP/rz3usz+H6XPzIlycNc=
Subject key identifier:   E3:03:33:4C:FF:36:72:B7:B4:86:21:E9:47:3B:F3:7F:DC:61:D9:D1
Certificate issuer:       /CN=bca5e8ced539520a461dc8272ef97c807c97afd6
Certificate serial:       01424843
Authority key identifier: BC:A5:E8:CE:D5:39:52:0A:46:1D:C8:27:2E:F9:7C:80:7C:97:AF:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vKXoztU5UgpGHcgnLvl8gHyXr9Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/2e5665-996c-4748-b27d-c920b000f4e6/1/4wMzTP82cre0hiHpRzvzf9xh2dE.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.184.219.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21121091 (0x1424843)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bca5e8ced539520a461dc8272ef97c807c97afd6
        Validity
            Not Before: Jan  1 14:04:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e303334cff3672b7b48621e9473bf37fdc61d9d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:72:fd:0d:b4:2d:5d:5b:50:53:a7:60:b1:29:
                    ca:f4:52:b1:e9:c3:6f:21:e1:96:ee:e2:eb:12:76:
                    80:ca:18:99:24:6a:49:e2:9d:ca:e5:fd:6a:00:b8:
                    43:77:4a:73:f3:f1:a6:da:ea:1a:70:3d:e5:d3:d8:
                    58:b6:49:a0:73:4c:48:0d:06:78:18:2a:2b:af:87:
                    60:67:a6:58:2a:bf:10:8b:b7:fd:86:a9:19:23:89:
                    fe:3c:a9:cd:b6:5f:d2:f3:97:07:2f:a0:d4:fb:0c:
                    b8:e1:49:15:04:50:26:ad:cd:fb:13:e5:19:6f:33:
                    ec:f0:0b:5f:0d:33:7a:c6:70:06:7e:7b:89:da:2f:
                    11:20:81:84:26:52:73:9f:9b:e9:45:6e:8d:04:a9:
                    0d:49:2b:7a:c3:f0:90:22:d0:5e:25:36:48:e1:e2:
                    66:1b:42:64:26:fa:00:28:16:65:45:61:81:26:7a:
                    0c:7b:66:c4:ed:cb:04:b4:76:17:20:57:73:63:b0:
                    2d:a6:7a:65:69:4f:15:8a:e2:b3:30:28:d8:31:fd:
                    eb:db:13:87:78:68:c2:97:e1:bd:7a:14:46:7b:12:
                    af:28:21:84:dd:0f:ce:0d:32:e5:00:8f:82:6a:01:
                    13:89:44:0e:e3:ff:e6:95:0e:7b:5f:69:1a:db:3b:
                    61:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E3:03:33:4C:FF:36:72:B7:B4:86:21:E9:47:3B:F3:7F:DC:61:D9:D1
            X509v3 Authority Key Identifier: 
                keyid:BC:A5:E8:CE:D5:39:52:0A:46:1D:C8:27:2E:F9:7C:80:7C:97:AF:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKXoztU5UgpGHcgnLvl8gHyXr9Y.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2e5665-996c-4748-b27d-c920b000f4e6/1/4wMzTP82cre0hiHpRzvzf9xh2dE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2e5665-996c-4748-b27d-c920b000f4e6/1/vKXoztU5UgpGHcgnLvl8gHyXr9Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.184.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:94:e5:f8:16:36:55:10:05:69:be:47:d8:7d:ff:d9:0f:2e:
         df:5f:ff:93:a5:aa:c2:8b:17:e2:47:0d:f2:e6:e2:e0:8c:ba:
         ce:d3:ca:28:8c:83:b5:35:56:7f:23:87:28:85:8c:8c:22:9b:
         d8:26:6c:de:e8:91:5b:da:e6:3b:e1:54:49:74:e1:80:5a:39:
         65:45:e5:f9:5e:eb:0a:44:01:56:3b:12:7f:97:bb:e9:50:be:
         41:c0:91:67:52:d6:6f:18:97:10:a2:7b:36:eb:71:a0:c6:28:
         a7:29:4e:4f:42:6f:35:65:e0:36:92:4c:af:c3:6e:d0:9d:7c:
         62:7d:09:46:08:94:90:10:9f:4c:0e:b9:45:6e:28:60:5a:a8:
         a7:56:ef:ca:67:e4:51:44:53:86:79:7e:68:6d:48:7e:81:82:
         8e:02:0e:38:8f:3a:ae:59:10:4c:b4:2f:b9:f5:66:85:97:3a:
         d5:9d:00:a8:5d:80:9e:9e:ca:e8:a0:e6:fc:fd:15:43:7c:18:
         f8:b3:06:98:26:5a:ee:eb:fb:e2:da:f9:57:87:3f:2b:4f:69:
         fa:b8:a0:7a:59:4f:3e:61:77:7b:28:c8:d7:06:93:c9:1f:d2:
         db:0d:13:03:3c:ea:72:3b:9a:46:8b:a8:6a:e1:10:54:3a:da:
         63:68:91:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUJIQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2E1ZThjZWQ1Mzk1MjBhNDYxZGM4MjcyZWY5N2M4MDdjOTdhZmQ2MB4XDTIyMDEw
MTE0MDQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMwMzMzNGNmZjM2
NzJiN2I0ODYyMWU5NDczYmYzN2ZkYzYxZDlkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJy/Q20LV1bUFOnYLEpyvRSsenDbyHhlu7i6xJ2gMoYmSRq
SeKdyuX9agC4Q3dKc/PxptrqGnA95dPYWLZJoHNMSA0GeBgqK6+HYGemWCq/EIu3
/YapGSOJ/jypzbZf0vOXBy+g1PsMuOFJFQRQJq3N+xPlGW8z7PALXw0zesZwBn57
idovESCBhCZSc5+b6UVujQSpDUkresPwkCLQXiU2SOHiZhtCZCb6ACgWZUVhgSZ6
DHtmxO3LBLR2FyBXc2OwLaZ6ZWlPFYriszAo2DH969sTh3howpfhvXoURnsSrygh
hN0Pzg0y5QCPgmoBE4lEDuP/5pUOe19pGts7YT0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjAzNM/zZyt7SGIelHO/N/3GHZ0TAfBgNVHSMEGDAWgBS8pejO1TlSCkYd
yCcu+XyAfJev1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZLWG96dFU1VWdwR0hjZ25Mdmw4Z0h5WHI5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMmU1NjY1LTk5NmMtNDc0OC1iMjdkLWM5MjBiMDAwZjRlNi8x
LzR3TXpUUDgyY3JlMGhpSHBSenZ6Zjl4aDJkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MmU1NjY1LTk5NmMtNDc0OC1iMjdkLWM5MjBiMDAwZjRlNi8xL3ZLWG96dFU1VWdw
R0hjZ25Mdmw4Z0h5WHI5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALm42zANBgkqhkiG9w0BAQsFAAOC
AQEAcJTl+BY2VRAFab5H2H3/2Q8u31//k6WqwosX4kcN8ubi4Iy6ztPKKIyDtTVW
fyOHKIWMjCKb2CZs3uiRW9rmO+FUSXThgFo5ZUXl+V7rCkQBVjsSf5e76VC+QcCR
Z1LWbxiXEKJ7NutxoMYopylOT0JvNWXgNpJMr8Nu0J18Yn0JRgiUkBCfTA65RW4o
YFqop1bvymfkUURThnl+aG1IfoGCjgIOOI86rlkQTLQvufVmhZc61Z0AqF2Anp7K
6KDm/P0VQ3wY+LMGmCZa7uv74tr5V4c/K09p+rigellPPmF3eyjI1waTyR/S2w0T
AzzqcjuaRouoauEQVDraY2iRLA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:22:38 2022 by rpki-client.