Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/j3ktgFN7nifIZWWpaSr2trH7QPE.roa
File:                     j3ktgFN7nifIZWWpaSr2trH7QPE.roa (download)
Hash identifier:          +x/4Z1jyPvVyLKls9Bj6RnTxMJ/aNpLqmUa+YCdhNRA=
Subject key identifier:   8F:79:2D:80:53:7B:9E:27:C8:65:65:A9:69:2A:F6:B6:B1:FB:40:F1
Certificate issuer:       /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial:       01856CAF49B8A417252F0D69994113BEAFF3
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/j3ktgFN7nifIZWWpaSr2trH7QPE.roa
ROA valid until:          Mon 01 Jul 2024 00:00:00 +0000
asID:                     8283
IP address blocks:
    1: 94.142.242.0/24 maxlen: 24
    2: 94.142.240.0/21 maxlen: 21
    3: 94.142.241.0/24 maxlen: 24
    4: 94.142.245.0/24 maxlen: 24
    5: 94.142.246.0/24 maxlen: 24
    6: 94.142.244.0/24 maxlen: 24
    7: 94.142.247.0/24 maxlen: 24
    8: 185.52.225.0/24 maxlen: 24
    9: 185.52.226.0/24 maxlen: 24
   10: 185.52.224.0/24 maxlen: 24
   11: 185.52.224.0/22 maxlen: 22
   12: 185.52.227.0/24 maxlen: 24
   13: 94.142.240.0/24 maxlen: 24
   14: 2a02:898::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:49:b8:a4:17:25:2f:0d:69:99:41:13:be:af:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
        Validity
            Not Before: Jan  1 09:35:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f792d80537b9e27c86565a9692af6b6b1fb40f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:cc:1c:e3:c2:f9:6a:26:c7:b3:a2:03:61:78:
                    8f:d2:1c:cd:20:e4:6e:bc:c8:35:98:84:af:bb:d0:
                    9a:e0:05:0e:b5:96:92:15:45:3b:70:08:ed:a8:ba:
                    6e:03:ea:cf:3c:93:8b:76:76:90:af:81:ba:5b:69:
                    55:49:36:45:8f:40:56:4f:a0:fa:ac:33:12:e5:8c:
                    86:0a:07:55:78:10:86:da:b2:09:b7:2e:70:fa:fb:
                    25:ac:eb:36:24:2c:ee:bb:80:e6:e9:0a:ff:35:44:
                    92:72:c8:0a:3b:73:e5:9d:04:07:bd:e0:b2:cd:de:
                    c3:c1:d1:0b:a9:e3:4a:42:40:65:42:c9:6d:88:29:
                    b0:af:5d:36:4c:77:d4:6e:0f:fe:24:72:8a:f5:73:
                    3f:03:e4:99:b9:58:ae:97:e0:9f:36:f5:d4:b0:00:
                    75:16:16:97:83:4e:56:8a:cf:24:f3:d8:95:7f:d4:
                    98:d9:70:98:af:d8:d3:fe:4c:5e:ac:c8:96:77:28:
                    51:00:8e:b3:09:50:98:6c:f5:2e:f3:78:cd:bc:e6:
                    df:88:71:9e:2e:9d:38:d9:90:b1:9f:36:17:9f:55:
                    27:7a:10:7c:41:19:0c:0b:c6:68:27:e6:5b:72:fd:
                    03:2a:24:87:8e:5d:af:39:f6:09:07:b0:25:ca:51:
                    2a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8F:79:2D:80:53:7B:9E:27:C8:65:65:A9:69:2A:F6:B6:B1:FB:40:F1
            X509v3 Authority Key Identifier: 
                keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/j3ktgFN7nifIZWWpaSr2trH7QPE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.142.240.0/21
                  185.52.224.0/22
                IPv6:
                  2a02:898::/32

    Signature Algorithm: sha256WithRSAEncryption
         ac:86:08:74:b2:35:11:c3:ce:29:8f:09:45:3a:67:4c:63:76:
         8e:99:ef:79:d1:99:5c:75:eb:cd:15:2a:76:a3:85:dc:68:97:
         73:a0:67:d3:1c:15:4f:2e:1c:51:57:e1:4c:41:ce:95:d2:03:
         31:07:38:ae:90:b5:87:96:f1:db:a1:a9:77:18:0f:7a:c1:a8:
         89:4d:bf:db:b8:af:e0:03:05:30:7f:df:64:d2:51:ab:fe:c6:
         db:7f:97:a9:35:a2:e9:d6:93:d6:f0:51:a1:b5:04:a2:99:a1:
         95:14:64:7a:a8:98:b7:78:35:5c:84:5c:53:3f:0f:f2:b5:38:
         ae:ff:aa:24:84:a6:e6:d2:7b:e8:37:d9:47:5a:50:ba:24:0e:
         07:c4:af:9f:bb:96:bc:d8:f2:67:83:d8:b7:10:e2:20:c4:6c:
         e2:2b:d1:c6:6d:f7:71:16:f2:16:d0:7e:36:09:f3:7c:eb:28:
         81:2f:50:e4:b6:a0:66:a2:80:d3:e9:16:a6:c5:4c:72:78:92:
         d8:b1:92:8e:aa:20:72:67:c9:84:09:27:60:82:f9:ca:d3:de:
         cf:51:dd:37:22:f4:d0:18:9f:9e:7b:f2:2d:aa:25:5f:35:46:
         7e:20:c8:0b:b9:3a:b9:04:7a:dc:46:28:3f:23:8a:ef:74:8c:
         82:be:82:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsr0m4pBclLw1pmUETvq/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3
N2ZjNzgwHhcNMjMwMTAxMDkzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc5MmQ4MDUzN2I5ZTI3Yzg2NTY1YTk2OTJhZjZiNmIxZmI0MGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mwc48L5aibHs6IDYXiP0hzNIORu
vMg1mISvu9Ca4AUOtZaSFUU7cAjtqLpuA+rPPJOLdnaQr4G6W2lVSTZFj0BWT6D6
rDMS5YyGCgdVeBCG2rIJty5w+vslrOs2JCzuu4Dm6Qr/NUSScsgKO3PlnQQHveCy
zd7DwdELqeNKQkBlQsltiCmwr102THfUbg/+JHKK9XM/A+SZuViul+CfNvXUsAB1
FhaXg05Wis8k89iVf9SY2XCYr9jT/kxerMiWdyhRAI6zCVCYbPUu83jNvObfiHGe
Lp042ZCxnzYXn1UnehB8QRkMC8ZoJ+Zbcv0DKiSHjl2vOfYJB7AlylEqDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFI95LYBTe54nyGVlqWkq9rax+0DxMB8GA1UdIwQY
MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt
NTA1MDUzODJmZDcyLzEvajNrdGdGTjduaWZJWldXcGFTcjJ0ckg3UVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy
LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo7wAwQC
uTTgMA0EAgACMAcDBQAqAgiYMA0GCSqGSIb3DQEBCwUAA4IBAQCshgh0sjURw84p
jwlFOmdMY3aOme950ZlcdevNFSp2o4XcaJdzoGfTHBVPLhxRV+FMQc6V0gMxBziu
kLWHlvHboal3GA96waiJTb/buK/gAwUwf99k0lGr/sbbf5epNaLp1pPW8FGhtQSi
maGVFGR6qJi3eDVchFxTPw/ytTiu/6okhKbm0nvoN9lHWlC6JA4HxK+fu5a82PJn
g9i3EOIgxGziK9HGbfdxFvIW0H42CfN86yiBL1DktqBmooDT6RamxUxyeJLYsZKO
qiByZ8mECSdggvnK097PUd03IvTQGJ+ee/ItqiVfNUZ+IMgLuTq5BHrcRig/I4rv
dIyCvoJM
-----END CERTIFICATE-----
Generated at Sat Feb 4 02:25:25 2023 by rpki-client.