Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa
File:                     1xQNKIUP46EtaAQsWibAcxjfkt8.roa (download)
Hash identifier:          KJiMLuDM1zJ+eJs+B0RAFRF/Wrk2EMnUaUVxXZjGNts=
Subject key identifier:   D7:14:0D:28:85:0F:E3:A1:2D:68:04:2C:5A:26:C0:73:18:DF:92:DF
Certificate issuer:       /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial:       03FBFDB4
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     41313
IP address blocks:
    1: 89.25.20.0/22 maxlen: 22
    2: 89.25.21.0/24 maxlen: 24
    3: 89.25.22.0/24 maxlen: 24
    4: 89.25.23.0/24 maxlen: 24
    5: 89.25.20.0/24 maxlen: 24
    6: 94.155.175.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 66846132 (0x3fbfdb4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
        Validity
            Not Before: Jan  1 01:52:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d7140d28850fe3a12d68042c5a26c07318df92df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:85:cb:ee:d8:65:d5:42:95:4d:be:67:b9:31:
                    15:4b:e8:57:41:e2:d5:5f:7e:85:a0:b3:da:3a:bd:
                    b9:40:86:be:b1:4e:5d:b8:c4:0f:ee:5f:fe:32:03:
                    85:78:bb:de:d7:8a:a5:97:99:1d:ae:d6:1e:45:ee:
                    18:5b:db:ad:37:16:a8:b4:c9:1e:77:d6:e2:52:90:
                    e2:1b:c4:6a:bf:ed:c1:be:bf:56:2d:33:07:c8:92:
                    a7:d0:20:75:cf:90:f3:a3:c9:69:96:6d:c2:af:81:
                    ff:9a:af:08:09:fb:bd:79:bb:eb:f2:02:97:be:e2:
                    a4:90:54:64:aa:e7:04:70:af:14:a6:fd:60:39:a4:
                    b2:16:9c:fd:1f:6b:ed:06:84:f3:70:da:27:47:e3:
                    4f:b2:dc:b6:29:77:a1:a9:99:3d:1b:be:6b:92:88:
                    e5:01:0d:ba:25:f1:97:58:d8:49:74:f2:e7:fc:cf:
                    46:13:1b:7e:f5:02:2f:1e:25:a6:ea:79:95:5a:20:
                    b9:7e:bf:47:f7:eb:46:c5:61:2f:eb:80:7e:70:1b:
                    04:e4:9a:6e:c2:1d:4a:2c:4c:73:c3:d6:a1:60:64:
                    0a:62:b1:99:9c:85:21:2c:31:e4:7c:1b:04:a0:78:
                    52:6d:e8:96:2e:0d:c1:12:97:40:6b:e9:99:09:04:
                    a1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                D7:14:0D:28:85:0F:E3:A1:2D:68:04:2C:5A:26:C0:73:18:DF:92:DF
            X509v3 Authority Key Identifier: 
                keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.25.20.0/22
                  94.155.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:0a:b5:11:79:08:e7:79:09:2d:00:6c:42:dc:e0:a3:3b:f0:
         f4:b1:4c:9b:56:88:e9:17:ed:45:3a:e5:a3:ed:8e:13:7e:0b:
         72:53:06:ce:ef:c1:08:ab:a8:ce:85:bb:3c:2a:28:29:1c:18:
         26:b9:5b:d8:02:2e:d0:b3:4c:75:8d:e5:8c:be:55:30:ed:ce:
         5a:4a:3d:0d:07:be:0e:ca:93:d4:75:da:1f:65:04:88:b5:76:
         9c:4f:80:76:0d:df:c5:89:f2:e7:47:4e:0a:7f:c1:45:1e:34:
         1e:26:88:78:89:d1:71:ed:e7:21:ea:e1:1e:45:40:d5:f5:5a:
         5a:26:97:3c:5f:f9:23:1e:58:eb:b4:65:da:12:7a:d8:03:02:
         35:52:51:69:b9:a1:5a:f2:ea:d6:e1:e5:9e:e7:62:7f:d0:7e:
         5b:f0:a1:c5:c9:d5:ef:36:8f:5a:78:49:b5:a8:52:22:82:c4:
         69:a1:ba:80:89:97:32:8f:bd:3b:20:00:03:38:fe:ff:ed:20:
         2d:ae:60:3f:7e:e2:f8:25:e4:7f:bc:09:64:3e:3d:9e:ee:40:
         87:90:a9:72:dc:03:f6:31:94:9c:61:39:94:b5:a0:ab:21:45:
         e0:26:b8:0c:e3:42:8f:2b:a6:23:e9:79:66:3e:80:ca:b4:a5:
         33:ec:bf:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA/v9tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDdkNzU3M2FhY2FlODIxYzg3ZDZkMzY0MzFjZmU0YjI4MDFhYjQxMB4XDTIyMDEw
MTAxNTIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcxNDBkMjg4NTBm
ZTNhMTJkNjgwNDJjNWEyNmMwNzMxOGRmOTJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaFy+7YZdVClU2+Z7kxFUvoV0Hi1V9+haCz2jq9uUCGvrFO
XbjED+5f/jIDhXi73teKpZeZHa7WHkXuGFvbrTcWqLTJHnfW4lKQ4hvEar/twb6/
Vi0zB8iSp9Agdc+Q86PJaZZtwq+B/5qvCAn7vXm76/ICl77ipJBUZKrnBHCvFKb9
YDmkshac/R9r7QaE83DaJ0fjT7Lctil3oamZPRu+a5KI5QENuiXxl1jYSXTy5/zP
RhMbfvUCLx4lpup5lVoguX6/R/frRsVhL+uAfnAbBOSabsIdSixMc8PWoWBkCmKx
mZyFISwx5HwbBKB4Um3oli4NwRKXQGvpmQkEoecCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTXFA0ohQ/joS1oBCxaJsBzGN+S3zAfBgNVHSMEGDAWgBTQfXVzqsroIch9
bTZDHP5LKAGrQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBIMTFjNnJLNkNISWZXMDJReHotU3lnQnEwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvNTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8x
LzF4UU5LSVVQNDZFdGFBUXNXaWJBY3hqZmt0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
NTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8xLzBIMTFjNnJLNkNI
SWZXMDJReHotU3lnQnEwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlkZFAMEAF6brzANBgkqhkiG9w0B
AQsFAAOCAQEAIQq1EXkI53kJLQBsQtzgozvw9LFMm1aI6RftRTrlo+2OE34LclMG
zu/BCKuozoW7PCooKRwYJrlb2AIu0LNMdY3ljL5VMO3OWko9DQe+DsqT1HXaH2UE
iLV2nE+Adg3fxYny50dOCn/BRR40HiaIeInRce3nIerhHkVA1fVaWiaXPF/5Ix5Y
67Rl2hJ62AMCNVJRabmhWvLq1uHlnudif9B+W/ChxcnV7zaPWnhJtahSIoLEaaG6
gImXMo+9OyAAAzj+/+0gLa5gP37i+CXkf7wJZD49nu5Ah5CpctwD9jGUnGE5lLWg
qyFF4Ca4DONCjyumI+l5Zj6AyrSlM+y/fQ==
-----END CERTIFICATE-----
Generated at Tue Dec 6 09:46:16 2022 by rpki-client.