Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/KMQb5gy_I9r7_0n5fcIgit-qbZQ.roa
File:                     KMQb5gy_I9r7_0n5fcIgit-qbZQ.roa (download)
Hash identifier:          HGWFOe9OqseljD7EUzN6CpCbOSIM3FjNb/dZUJQpPvE=
Subject key identifier:   28:C4:1B:E6:0C:BF:23:DA:FB:FF:49:F9:7D:C2:20:8A:DF:AA:6D:94
Certificate issuer:       /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial:       09F56BA8
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/KMQb5gy_I9r7_0n5fcIgit-qbZQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     399746
IP address blocks:
    1: 45.158.57.0/24 maxlen: 24
    2: 45.158.56.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 167078824 (0x9f56ba8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
        Validity
            Not Before: Mar  3 21:10:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=28c41be60cbf23dafbff49f97dc2208adfaa6d94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:44:1f:f7:08:b5:de:30:37:e4:48:10:d9:19:
                    65:c7:7a:19:1c:46:04:b3:9c:d6:56:cc:d5:09:6c:
                    2e:8b:75:76:95:d6:e5:3b:7a:81:31:bc:87:aa:8f:
                    5c:53:b1:e0:97:77:95:4c:04:49:5b:32:1d:99:66:
                    ff:f1:a3:0c:dc:bf:c9:84:3f:d7:8a:34:69:89:5a:
                    fc:da:b5:1c:de:53:ff:f4:42:ef:88:64:37:f8:ad:
                    36:65:74:53:d0:af:be:37:86:00:bd:60:aa:e4:18:
                    2d:70:a7:99:60:40:52:46:7c:36:76:ba:62:f8:c5:
                    58:cb:c7:e7:51:ba:f9:57:21:68:4c:09:c8:92:73:
                    e6:bb:b9:64:d8:2e:fc:45:49:1f:8c:a5:35:25:c9:
                    ce:83:7b:ac:78:fb:ca:11:66:00:09:e0:99:c8:a6:
                    99:1c:91:b2:c3:fe:83:20:79:c1:f9:13:4b:e8:15:
                    47:7c:8d:4f:02:10:7b:0e:a6:9e:33:df:9b:f9:ad:
                    a5:57:ab:9d:d9:98:65:66:51:f0:3c:70:ee:f4:be:
                    b4:c7:4e:a8:6d:f8:f5:b3:02:bd:f9:2e:02:08:9a:
                    8e:e8:62:e5:9b:64:3c:ec:7e:9c:4a:29:bf:11:e2:
                    b8:ee:b2:1b:ad:b0:ee:73:1b:ed:3e:df:25:a2:35:
                    a6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                28:C4:1B:E6:0C:BF:23:DA:FB:FF:49:F9:7D:C2:20:8A:DF:AA:6D:94
            X509v3 Authority Key Identifier: 
                keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/KMQb5gy_I9r7_0n5fcIgit-qbZQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.56.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:db:a1:cb:87:f6:2e:43:fb:c2:6a:60:56:3e:8a:04:74:d9:
         50:c5:fb:86:6d:47:16:82:f0:e5:eb:56:23:da:ec:d2:99:14:
         4a:a5:4a:53:58:5b:20:ff:cf:6f:28:e9:96:aa:87:f2:27:23:
         d9:7f:79:ed:1a:4f:98:d3:19:5a:ae:ca:0b:26:b3:e4:4b:2f:
         60:bd:50:67:11:98:d5:6b:be:bf:84:90:a0:4e:66:50:28:80:
         20:62:a8:e8:d9:be:86:11:02:2f:0f:1b:bd:26:54:02:a4:05:
         63:5c:57:4c:f5:ce:c4:22:14:3e:6b:a0:6b:0c:bc:f2:e1:c5:
         8d:78:5e:71:85:7c:3b:7d:17:14:73:60:3e:49:d9:1e:5a:81:
         c8:20:83:e2:93:06:a6:b9:48:52:53:85:03:e1:fb:5b:df:66:
         87:dc:a3:46:a6:b0:db:11:09:84:33:33:bc:42:0d:7b:d8:1b:
         b4:65:06:d9:18:56:6c:1b:18:9e:0f:fc:3c:1c:41:e8:be:71:
         26:36:2b:ff:ad:7a:c2:1c:f0:54:f0:d0:4e:88:6f:40:02:94:
         07:6a:5b:6d:2d:c0:7c:12:a2:2f:83:6b:ac:93:83:6d:8d:68:
         4f:95:b1:29:73:11:dd:9b:d0:35:8f:cb:8e:f5:dc:ad:80:5a:
         f7:68:60:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECfVrqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDRjMjY3ZmE3NTRjZDY1MDllOWY4MDcyNzMxMjNiZWU5NmM1MjVkMB4XDTIyMDMw
MzIxMTAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjNDFiZTYwY2Jm
MjNkYWZiZmY0OWY5N2RjMjIwOGFkZmFhNmQ5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVEH/cItd4wN+RIENkZZcd6GRxGBLOc1lbM1QlsLot1dpXW
5Tt6gTG8h6qPXFOx4Jd3lUwESVsyHZlm//GjDNy/yYQ/14o0aYla/Nq1HN5T//RC
74hkN/itNmV0U9CvvjeGAL1gquQYLXCnmWBAUkZ8Nna6YvjFWMvH51G6+VchaEwJ
yJJz5ru5ZNgu/EVJH4ylNSXJzoN7rHj7yhFmAAngmcimmRyRssP+gyB5wfkTS+gV
R3yNTwIQew6mnjPfm/mtpVerndmYZWZR8Dxw7vS+tMdOqG349bMCvfkuAgiajuhi
5ZtkPOx+nEopvxHiuO6yG62w7nMb7T7fJaI1pv8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQoxBvmDL8j2vv/Sfl9wiCK36ptlDAfBgNVHSMEGDAWgBSkTCZ/p1TNZQnp
+AcnMSO+6WxSXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BFd21mNmRVeldVSjZmZ0hKekVqdnVsc1VsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8x
L0tNUWI1Z3lfSTlyN18wbjVmY0lnaXQtcWJaUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8xL3BFd21mNmRVeldV
SjZmZ0hKekVqdnVsc1VsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2eODANBgkqhkiG9w0BAQsFAAOC
AQEAnNuhy4f2LkP7wmpgVj6KBHTZUMX7hm1HFoLw5etWI9rs0pkUSqVKU1hbIP/P
byjplqqH8icj2X957RpPmNMZWq7KCyaz5EsvYL1QZxGY1Wu+v4SQoE5mUCiAIGKo
6Nm+hhECLw8bvSZUAqQFY1xXTPXOxCIUPmugawy88uHFjXhecYV8O30XFHNgPknZ
HlqByCCD4pMGprlIUlOFA+H7W99mh9yjRqaw2xEJhDMzvEINe9gbtGUG2RhWbBsY
ng/8PBxB6L5xJjYr/616whzwVPDQTohvQAKUB2pbbS3AfBKiL4NrrJODbY1oT5Wx
KXMR3ZvQNY/LjvXcrYBa92hgUQ==
-----END CERTIFICATE-----
Generated at Wed Dec 7 03:10:57 2022 by rpki-client.