Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/

$ rpki-client -vvf zvsM0cSef5T0IY4mBM-wLXe24_E.roa
File:                     zvsM0cSef5T0IY4mBM-wLXe24_E.roa (download)
Hash identifier:          KBfQXKmHGOVbq3Vb/+MYvneuF0rXEBf59zcI9Goz564=
Subject key identifier:   CE:FB:0C:D1:C4:9E:7F:94:F4:21:8E:26:04:CF:B0:2D:77:B6:E3:F1
Certificate issuer:       /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial:       02F85231
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/zvsM0cSef5T0IY4mBM-wLXe24_E.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 178.159.94.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49828401 (0x2f85231)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
        Validity
            Not Before: Jun  8 14:17:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cefb0cd1c49e7f94f4218e2604cfb02d77b6e3f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a7:05:75:a0:6a:30:dd:c5:f2:a2:97:ce:4a:
                    14:9e:48:e2:be:cc:5c:33:0f:2c:e9:e6:69:72:fc:
                    45:96:c1:6a:78:a5:6a:bc:5d:62:f4:68:fb:ac:b2:
                    b8:20:cf:1a:c8:3c:0a:6d:ff:a2:80:87:6f:68:5b:
                    fd:fe:fa:9e:1e:b1:13:bc:c5:54:eb:52:2f:db:4d:
                    62:3d:27:49:5c:02:b2:b2:be:af:1c:b2:e4:71:36:
                    3e:0c:3a:fc:fd:23:d7:9d:da:0a:79:19:c0:a9:30:
                    b4:e6:98:fc:f6:c5:1b:e4:3f:dd:0b:c9:77:3d:72:
                    d3:1e:a4:63:33:62:78:a9:21:99:32:ea:1f:29:7c:
                    9f:5b:9f:f9:e8:5e:fb:d5:97:6f:7d:71:04:08:06:
                    f6:46:8a:1c:a2:5f:33:f4:15:fe:53:dd:b3:6a:a1:
                    d6:7a:4c:d8:22:db:af:ff:45:3f:5e:3e:bc:cd:a4:
                    79:e6:29:c6:eb:3d:ef:a9:f4:af:c5:fa:12:5e:fa:
                    02:c0:52:a1:24:f6:37:ac:a5:64:cd:31:da:17:da:
                    84:12:bb:34:fb:0d:9e:ea:5b:fd:95:49:b2:07:b7:
                    a2:2f:fa:0b:77:14:31:ef:f6:86:30:2b:a7:33:82:
                    ca:d2:40:9c:7d:db:b8:c2:a9:ad:69:4c:8f:b1:32:
                    08:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                CE:FB:0C:D1:C4:9E:7F:94:F4:21:8E:26:04:CF:B0:2D:77:B6:E3:F1
            X509v3 Authority Key Identifier: 
                keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/zvsM0cSef5T0IY4mBM-wLXe24_E.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.159.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:92:98:94:5c:fc:2a:09:15:9b:19:eb:91:05:f9:5e:d3:5a:
         ae:1c:8e:35:ee:9c:69:28:d6:b0:3b:09:53:31:34:e2:b6:00:
         02:ce:10:37:87:89:ec:4f:99:98:be:12:64:47:d6:ac:a5:37:
         4f:b6:70:b3:cf:c1:93:30:a8:ca:7d:6a:c2:bf:78:93:7c:01:
         8f:b4:6d:86:fc:50:9c:0f:22:ab:18:e9:6a:e6:a3:f1:4d:d9:
         16:31:6e:48:08:24:0a:ab:89:1a:bd:c3:ce:f7:40:18:61:15:
         fc:aa:cc:bd:5b:ef:3c:f4:d7:10:98:04:ef:5e:52:32:f6:7f:
         dc:1d:5d:c6:d7:07:2d:d0:b4:de:37:9a:9b:37:2c:56:c2:bb:
         9e:ee:60:39:f6:bb:41:ad:3f:40:3f:24:e5:0a:75:b0:ea:55:
         b4:81:d0:ff:67:68:04:ae:bb:b3:08:0c:cd:d7:44:41:cb:d4:
         d0:1d:51:23:41:1e:94:9a:0f:43:64:0c:16:4b:76:97:b7:da:
         51:ca:77:5d:30:4a:74:83:0f:60:4e:cd:6d:d4:14:97:08:70:
         0f:87:72:4d:80:4a:ac:ee:58:1d:db:9d:69:3c:09:54:15:29:
         22:f1:f6:9a:e4:b5:31:f6:60:64:7e:7f:85:d4:99:6e:cd:20:
         b5:52:43:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvhSMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTlmZGM3ZmIzOWViYmJlZDRlZTU0ZjcwM2QzYWM2MTUzZGRlZTY5MB4XDTIyMDYw
ODE0MTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2VmYjBjZDFjNDll
N2Y5NGY0MjE4ZTI2MDRjZmIwMmQ3N2I2ZTNmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKinBXWgajDdxfKil85KFJ5I4r7MXDMPLOnmaXL8RZbBanil
arxdYvRo+6yyuCDPGsg8Cm3/ooCHb2hb/f76nh6xE7zFVOtSL9tNYj0nSVwCsrK+
rxyy5HE2Pgw6/P0j153aCnkZwKkwtOaY/PbFG+Q/3QvJdz1y0x6kYzNieKkhmTLq
Hyl8n1uf+ehe+9WXb31xBAgG9kaKHKJfM/QV/lPds2qh1npM2CLbr/9FP14+vM2k
eeYpxus976n0r8X6El76AsBSoST2N6ylZM0x2hfahBK7NPsNnupb/ZVJsge3oi/6
C3cUMe/2hjArpzOCytJAnH3buMKprWlMj7EyCEcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTO+wzRxJ5/lPQhjiYEz7Atd7bj8TAfBgNVHSMEGDAWgBQen9x/s567vtTu
VPcD06xhU93uaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwX2NmN09ldTc3VTdsVDNBOU9zWVZQZDdtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNDBmZGQxLTEwOTItNGY2OS1iNjQ4LTY5MWZmNWI0NGIwMS8x
L3p2c00wY1NlZjVUMElZNG1CTS13TFhlMjRfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NDBmZGQxLTEwOTItNGY2OS1iNjQ4LTY5MWZmNWI0NGIwMS8xL0hwX2NmN09ldTc3
VTdsVDNBOU9zWVZQZDdtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKfXjANBgkqhkiG9w0BAQsFAAOC
AQEAkJKYlFz8KgkVmxnrkQX5XtNarhyONe6caSjWsDsJUzE04rYAAs4QN4eJ7E+Z
mL4SZEfWrKU3T7Zws8/BkzCoyn1qwr94k3wBj7RthvxQnA8iqxjpauaj8U3ZFjFu
SAgkCquJGr3DzvdAGGEV/KrMvVvvPPTXEJgE715SMvZ/3B1dxtcHLdC03jeamzcs
VsK7nu5gOfa7Qa0/QD8k5Qp1sOpVtIHQ/2doBK67swgMzddEQcvU0B1RI0EelJoP
Q2QMFkt2l7faUcp3XTBKdIMPYE7NbdQUlwhwD4dyTYBKrO5YHdudaTwJVBUpIvH2
muS1MfZgZH5/hdSZbs0gtVJDtw==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:23:03 2022 by rpki-client.