Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/

$ rpki-client -vvf bUrk_1z0Tnf-8pqoAlfWmDIRuuA.roa
File:                     bUrk_1z0Tnf-8pqoAlfWmDIRuuA.roa (download)
Hash identifier:          ysCwTc2Xw2rbksmDvUnx9XNY3kxI33ww+VJ1CTVFn3w=
Subject key identifier:   6D:4A:E4:FF:5C:F4:4E:77:FE:F2:9A:A8:02:57:D6:98:32:11:BA:E0
Certificate issuer:       /CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
Certificate serial:       012803EB
Authority key identifier: F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/bUrk_1z0Tnf-8pqoAlfWmDIRuuA.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.248.135.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19399659 (0x12803eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
        Validity
            Not Before: Jan  1 12:04:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d4ae4ff5cf44e77fef29aa80257d6983211bae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b1:27:57:b2:e4:47:18:58:f2:5c:bd:71:16:
                    c1:bc:ee:6a:82:0e:7c:0a:9c:76:18:98:86:08:5d:
                    ed:cd:00:ee:4d:7a:bd:4f:26:9f:d2:80:fd:f2:af:
                    b6:4d:3e:ba:0e:13:3b:a4:8f:e3:c2:4d:c6:8f:13:
                    28:3d:87:20:29:2b:6a:ca:82:a4:65:a1:0f:f8:bf:
                    5f:6a:42:f1:10:61:05:8c:4f:fd:fc:2e:6a:7c:84:
                    24:57:12:ea:36:73:c7:9b:5a:78:e8:3a:89:9c:31:
                    10:27:a7:32:44:37:89:7b:6f:9f:67:16:e3:4f:db:
                    80:8b:93:1c:34:9e:23:d3:ac:7b:da:e5:d3:0c:c4:
                    9e:c6:30:1d:4f:81:6f:c9:5b:1a:8a:55:93:2a:5f:
                    d0:47:8a:fd:72:4c:b9:6a:fa:49:0a:a0:0d:7a:5a:
                    47:ab:ef:2e:26:c5:a8:7b:e0:3b:6d:33:93:a8:ae:
                    5f:a0:7c:25:41:9b:96:e6:34:53:40:d9:2a:45:2c:
                    36:76:82:46:ca:36:0c:c2:5d:89:f3:ed:78:af:e8:
                    fb:ac:b3:f4:7b:d3:7f:08:45:37:6d:05:3a:c9:7a:
                    67:c3:ba:0f:10:1d:b1:da:4b:57:13:70:8f:5b:8b:
                    88:ff:c1:9b:dd:4a:fd:17:8d:db:a5:d4:e2:54:94:
                    65:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                6D:4A:E4:FF:5C:F4:4E:77:FE:F2:9A:A8:02:57:D6:98:32:11:BA:E0
            X509v3 Authority Key Identifier: 
                keyid:F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/bUrk_1z0Tnf-8pqoAlfWmDIRuuA.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/9iy3B8KX8LzkOvT0y6y7imNszGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:04:64:7f:59:3a:05:de:f9:9a:54:49:db:2d:df:5b:59:14:
         aa:6b:37:83:b2:c2:32:91:79:e4:da:bc:67:db:eb:94:d2:6e:
         ad:31:ae:81:77:87:98:85:6d:d6:e9:78:a7:1f:19:b6:3c:ec:
         a6:aa:6e:41:b5:ee:51:59:e7:5a:78:b2:dd:6f:7f:ae:fe:76:
         a0:75:e4:e1:b5:5a:f4:8c:d1:8c:94:ab:e1:29:42:81:e6:b5:
         4d:34:4a:dc:a4:ee:e1:2d:c5:0a:18:a2:57:14:75:a5:23:e9:
         15:b7:e0:9a:a6:11:d8:41:5c:8c:a5:5c:6f:94:4c:c5:4e:8b:
         c2:1d:83:ad:23:51:17:44:d4:64:93:73:8a:9f:68:aa:ec:07:
         1a:de:a2:5f:45:ab:54:02:b0:08:89:51:32:bf:f2:57:97:08:
         b5:28:a5:99:ab:3f:ef:84:31:66:a3:5b:2d:87:5c:8e:84:4d:
         0b:61:8d:11:4e:9c:34:47:5e:71:08:cd:c5:00:66:1d:82:ea:
         d1:14:ed:bc:fc:f8:d8:cf:a9:0e:7a:95:e2:5f:53:96:c9:35:
         da:d5:76:ca:96:10:e6:3e:ea:5b:bd:51:c9:6d:dc:a0:7f:6d:
         f1:7f:a1:c5:ce:19:28:ba:15:65:67:a9:83:c0:b4:44:ce:fc:
         35:c0:2c:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASgD6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjJjYjcwN2MyOTdmMGJjZTQzYWY0ZjRjYmFjYmI4YTYzNmNjYzYxMB4XDTIyMDEw
MTEyMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ0YWU0ZmY1Y2Y0
NGU3N2ZlZjI5YWE4MDI1N2Q2OTgzMjExYmFlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyxJ1ey5EcYWPJcvXEWwbzuaoIOfAqcdhiYhghd7c0A7k16
vU8mn9KA/fKvtk0+ug4TO6SP48JNxo8TKD2HICkrasqCpGWhD/i/X2pC8RBhBYxP
/fwuanyEJFcS6jZzx5taeOg6iZwxECenMkQ3iXtvn2cW40/bgIuTHDSeI9Ose9rl
0wzEnsYwHU+Bb8lbGopVkypf0EeK/XJMuWr6SQqgDXpaR6vvLibFqHvgO20zk6iu
X6B8JUGbluY0U0DZKkUsNnaCRso2DMJdifPteK/o+6yz9HvTfwhFN20FOsl6Z8O6
DxAdsdpLVxNwj1uLiP/Bm91K/ReN26XU4lSUZf8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtSuT/XPROd/7ymqgCV9aYMhG64DAfBgNVHSMEGDAWgBT2LLcHwpfwvOQ6
9PTLrLuKY2zMYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlpeTNCOEtYOEx6a092VDB5Nnk3aW1Oc3pHRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvMTEzNjJjLTBjYTgtNDEyMy05YjNjLTNjYTU0ZDVjNmY0Zi8x
L2JVcmtfMXowVG5mLThwcW9BbGZXbURJUnV1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
MTEzNjJjLTBjYTgtNDEyMy05YjNjLTNjYTU0ZDVjNmY0Zi8xLzlpeTNCOEtYOEx6
a092VDB5Nnk3aW1Oc3pHRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn4hzANBgkqhkiG9w0BAQsFAAOC
AQEAaARkf1k6Bd75mlRJ2y3fW1kUqms3g7LCMpF55Nq8Z9vrlNJurTGugXeHmIVt
1ul4px8ZtjzspqpuQbXuUVnnWniy3W9/rv52oHXk4bVa9IzRjJSr4SlCgea1TTRK
3KTu4S3FChiiVxR1pSPpFbfgmqYR2EFcjKVcb5RMxU6Lwh2DrSNRF0TUZJNzip9o
quwHGt6iX0WrVAKwCIlRMr/yV5cItSilmas/74QxZqNbLYdcjoRNC2GNEU6cNEde
cQjNxQBmHYLq0RTtvPz42M+pDnqV4l9Tlsk12tV2ypYQ5j7qW71RyW3coH9t8X+h
xc4ZKLoVZWepg8C0RM78NcAslw==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:22:51 2022 by rpki-client.