Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa
File:                     XZBUWat7IM-5xKFFeL94ehGxpXo.roa (download)
Hash identifier:          lLta7u/RkV/4y2xqA2Nh3hBvmWyYb7VdRSBcfMNgoD4=
Subject key identifier:   5D:90:54:59:AB:7B:20:CF:B9:C4:A1:45:78:BF:78:7A:11:B1:A5:7A
Certificate issuer:       /CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
Certificate serial:       026C992A
Authority key identifier: D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 185.248.224.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40671530 (0x26c992a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
        Validity
            Not Before: Jan  1 00:52:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d905459ab7b20cfb9c4a14578bf787a11b1a57a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:20:32:8f:0b:32:88:e5:f4:8d:9c:85:ca:92:
                    8d:71:93:b1:fc:c3:e1:d1:cc:79:0f:3a:52:b2:9e:
                    37:e2:89:47:2a:1c:06:91:b1:6b:e9:46:2d:34:ed:
                    a4:7d:fa:cc:a6:9c:0d:ce:59:8c:45:de:18:dc:33:
                    e1:a0:58:1d:8a:db:d2:99:b4:22:5e:3b:af:9f:63:
                    a1:61:8b:b2:dd:63:4a:ad:7d:44:87:b7:3b:1d:31:
                    24:59:8b:a9:4a:d2:c0:79:95:78:43:6f:f7:e9:0f:
                    85:28:7b:ea:07:1f:37:ff:b6:52:22:07:f2:09:ec:
                    16:ee:e2:f9:ef:8e:9e:3f:41:b2:f3:2f:b7:4c:35:
                    c3:26:09:3d:2f:35:df:2c:ab:4c:a2:36:40:cc:0a:
                    0c:55:c3:c0:a7:2b:b4:5e:bb:6c:fd:0f:e0:a7:c1:
                    83:99:10:27:e8:7c:15:ac:0e:94:16:2b:50:99:36:
                    e9:ad:e1:ae:66:71:4d:41:21:5d:f8:96:c9:25:92:
                    50:a9:88:25:4c:da:08:af:d4:9d:09:7b:64:93:4f:
                    d5:e1:b1:c7:c4:79:85:b7:76:e8:38:e9:0e:8e:fa:
                    3f:15:0a:fe:ae:a2:60:57:a5:d7:b3:d2:62:e7:fc:
                    c2:0a:58:21:b3:80:7d:9c:57:95:53:7c:f9:4a:e3:
                    0b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5D:90:54:59:AB:7B:20:CF:B9:C4:A1:45:78:BF:78:7A:11:B1:A5:7A
            X509v3 Authority Key Identifier: 
                keyid:D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/1Vf2WqI9us6lsc-DOmNILvPkMFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:4e:8a:85:8f:4b:4c:f5:be:d5:b5:81:84:30:34:44:dc:09:
         74:c8:88:72:c7:d8:ba:87:32:fb:29:8a:89:08:cd:a7:9c:0d:
         ef:5c:f4:2e:2f:68:f5:df:23:26:5a:1b:03:0a:af:1d:7f:13:
         56:ce:9a:01:54:23:24:a2:51:7e:5b:93:a8:ba:d3:62:89:41:
         37:c4:53:a7:20:b5:a9:09:e6:4b:7b:0f:54:f9:48:4a:b9:da:
         78:d8:4a:52:94:d3:0b:6d:c6:90:39:95:7d:e4:7c:d2:92:25:
         d5:15:82:89:8b:e5:1a:b9:fe:49:2f:0b:d1:ee:f5:9d:0b:d8:
         34:2c:9a:d4:a7:29:f5:49:f6:c1:16:e1:d9:61:b9:36:21:cf:
         3d:0f:04:a9:2e:99:68:af:8d:65:30:c6:6d:a7:d8:7f:8f:9c:
         b6:87:fe:33:8e:12:14:12:f8:9d:ac:32:05:cb:38:01:e5:17:
         84:b2:00:94:eb:b9:4b:2f:aa:6a:95:58:38:0d:9a:80:55:32:
         39:3e:e8:ab:06:bf:c8:5b:b2:8d:ba:ed:7e:b5:a8:f5:9f:bc:
         9d:67:34:b6:79:43:ca:ed:9e:ef:08:9a:2b:54:b2:59:87:4e:
         45:da:4a:f0:c6:f0:d8:b2:fe:e6:3b:75:24:a2:8a:11:ed:e4:
         9d:5d:68:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmyZKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTU3ZjY1YWEyM2RiYWNlYTViMWNmODMzYTYzNDgyZWYzZTQzMDU3MB4XDTIyMDEw
MTAwNTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ5MDU0NTlhYjdi
MjBjZmI5YzRhMTQ1NzhiZjc4N2ExMWIxYTU3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUgMo8LMojl9I2chcqSjXGTsfzD4dHMeQ86UrKeN+KJRyoc
BpGxa+lGLTTtpH36zKacDc5ZjEXeGNwz4aBYHYrb0pm0Il47r59joWGLst1jSq19
RIe3Ox0xJFmLqUrSwHmVeENv9+kPhSh76gcfN/+2UiIH8gnsFu7i+e+Onj9BsvMv
t0w1wyYJPS813yyrTKI2QMwKDFXDwKcrtF67bP0P4KfBg5kQJ+h8FawOlBYrUJk2
6a3hrmZxTUEhXfiWySWSUKmIJUzaCK/UnQl7ZJNP1eGxx8R5hbd26DjpDo76PxUK
/q6iYFel17PSYuf8wgpYIbOAfZxXlVN8+UrjCz0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdkFRZq3sgz7nEoUV4v3h6EbGlejAfBgNVHSMEGDAWgBTVV/Zaoj26zqWx
z4M6Y0gu8+QwVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFWZjJXcUk5dXM2bHNjLURPbU5JTHZQa01GYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNzk1MWI1LTljYjYtNDUzNS05NWM2LTYzYzUyZTkyYzQ3ZS8x
L1haQlVXYXQ3SU0tNXhLRkZlTDk0ZWhHeHBYby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
Nzk1MWI1LTljYjYtNDUzNS05NWM2LTYzYzUyZTkyYzQ3ZS8xLzFWZjJXcUk5dXM2
bHNjLURPbU5JTHZQa01GYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn44DANBgkqhkiG9w0BAQsFAAOC
AQEAm06KhY9LTPW+1bWBhDA0RNwJdMiIcsfYuocy+ymKiQjNp5wN71z0Li9o9d8j
JlobAwqvHX8TVs6aAVQjJKJRfluTqLrTYolBN8RTpyC1qQnmS3sPVPlISrnaeNhK
UpTTC23GkDmVfeR80pIl1RWCiYvlGrn+SS8L0e71nQvYNCya1Kcp9Un2wRbh2WG5
NiHPPQ8EqS6ZaK+NZTDGbafYf4+ctof+M44SFBL4nawyBcs4AeUXhLIAlOu5Sy+q
apVYOA2agFUyOT7oqwa/yFuyjbrtfrWo9Z+8nWc0tnlDyu2e7wiaK1SyWYdORdpK
8Mbw2LL+5jt1JKKKEe3knV1oRA==
-----END CERTIFICATE-----
Generated at Fri Dec 9 00:55:45 2022 by rpki-client.