Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/923ae4-af95-4a72-9c1f-6f97cfe54540/1/fzgQZ3IAI-XE0-bXyiA90EIPtpA.roa
File:                     fzgQZ3IAI-XE0-bXyiA90EIPtpA.roa (download)
Hash identifier:          11NXsET64vqEaAbexAT3Sxayqfz798pR0DXfOFZn0lQ=
Subject key identifier:   7F:38:10:67:72:00:23:E5:C4:D3:E6:D7:CA:20:3D:D0:42:0F:B6:90
Certificate issuer:       /CN=d8454dc97809cfff2f2a9ab9fdb0a6fd336103ce
Certificate serial:       C156DC
Authority key identifier: D8:45:4D:C9:78:09:CF:FF:2F:2A:9A:B9:FD:B0:A6:FD:33:61:03:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2EVNyXgJz_8vKpq5_bCm_TNhA84.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/923ae4-af95-4a72-9c1f-6f97cfe54540/1/fzgQZ3IAI-XE0-bXyiA90EIPtpA.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.163.195.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12670684 (0xc156dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8454dc97809cfff2f2a9ab9fdb0a6fd336103ce
        Validity
            Not Before: Jan  1 02:54:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7f381067720023e5c4d3e6d7ca203dd0420fb690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d8:e5:59:d6:90:71:57:45:44:8b:d5:d8:97:
                    15:58:03:d8:e5:da:c7:f1:5f:2e:e7:f9:70:37:46:
                    06:8c:93:89:9f:d8:97:9a:95:2f:19:18:ad:e4:78:
                    2e:28:33:a6:3d:d4:24:64:88:36:57:8c:52:9c:4c:
                    d0:fa:94:4c:39:e2:51:a8:05:c2:9f:ca:2e:e9:b7:
                    aa:49:d3:78:a3:68:ba:96:9a:3c:f9:85:54:0b:cc:
                    f7:19:33:6c:e3:33:b2:2a:e8:d9:45:ee:f6:7e:d2:
                    fc:bd:6f:b0:cf:e2:4a:91:23:a2:c5:67:10:99:94:
                    eb:95:62:23:06:19:b5:dd:87:49:e7:7f:cc:ae:ae:
                    90:c9:ca:8d:ee:39:28:8e:13:3c:a9:b8:f3:27:18:
                    1e:32:f0:67:38:51:dc:2f:b5:37:54:46:fe:22:f3:
                    57:4f:7f:22:c4:9a:ce:9b:96:94:8d:43:70:4d:c7:
                    0a:22:e2:ba:01:13:41:96:e7:11:3d:05:10:16:bd:
                    70:5f:6c:32:b3:2f:4b:4a:89:c8:30:dc:86:34:ea:
                    36:68:b6:fa:5f:af:05:60:4d:d7:4c:25:67:83:bf:
                    d4:08:c4:78:68:02:93:0d:b2:d8:d7:e4:ce:cc:17:
                    ad:ba:1f:f3:90:24:23:2a:79:7d:00:bd:eb:08:71:
                    00:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7F:38:10:67:72:00:23:E5:C4:D3:E6:D7:CA:20:3D:D0:42:0F:B6:90
            X509v3 Authority Key Identifier: 
                keyid:D8:45:4D:C9:78:09:CF:FF:2F:2A:9A:B9:FD:B0:A6:FD:33:61:03:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EVNyXgJz_8vKpq5_bCm_TNhA84.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/923ae4-af95-4a72-9c1f-6f97cfe54540/1/fzgQZ3IAI-XE0-bXyiA90EIPtpA.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/923ae4-af95-4a72-9c1f-6f97cfe54540/1/2EVNyXgJz_8vKpq5_bCm_TNhA84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:c9:50:b3:a3:7e:9a:86:87:6b:53:d4:f2:d3:36:7f:f4:10:
         6d:0b:39:78:ad:28:d3:5e:76:14:8d:95:f8:8a:3b:7c:ee:6a:
         4c:28:c7:78:3e:0f:53:45:9b:71:21:6e:e0:3f:17:6c:73:ed:
         bc:a9:f8:3e:22:55:2d:52:c8:1b:f5:df:ed:07:0f:96:7f:c2:
         41:91:4f:66:e3:a0:33:79:ec:83:e7:ad:af:fa:16:8c:40:32:
         3c:75:b3:02:20:a2:c1:a6:4b:12:3e:e7:d3:fd:e5:6d:c6:58:
         45:9f:7a:5e:b6:d5:d1:d2:d0:80:44:bb:fb:98:d7:c2:4f:eb:
         9d:56:c2:86:2b:6f:df:f5:57:b4:fb:2f:09:0d:5c:b4:87:ea:
         94:36:58:b6:0c:d9:7d:b3:6d:4a:76:2e:97:7f:76:74:87:79:
         73:47:0e:2c:8a:09:0f:05:65:80:aa:1f:2f:3a:6c:39:66:af:
         04:22:50:c6:28:0b:c0:67:cb:0e:99:ff:82:3d:fd:7f:a0:e4:
         8a:2f:68:56:4b:7c:be:9d:7e:79:71:0a:5f:91:2f:7d:2e:52:
         24:2d:14:ee:43:ac:60:47:51:aa:bf:20:36:db:c1:a4:f7:c9:
         e5:f3:0a:02:64:ed:48:c5:92:cf:0f:33:d4:ab:21:60:f2:7c:
         6f:36:5c:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMFW3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODQ1NGRjOTc4MDljZmZmMmYyYTlhYjlmZGIwYTZmZDMzNjEwM2NlMB4XDTIyMDEw
MTAyNTQzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2YzODEwNjc3MjAw
MjNlNWM0ZDNlNmQ3Y2EyMDNkZDA0MjBmYjY5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHY5VnWkHFXRUSL1diXFVgD2OXax/FfLuf5cDdGBoyTiZ/Y
l5qVLxkYreR4Ligzpj3UJGSINleMUpxM0PqUTDniUagFwp/KLum3qknTeKNoupaa
PPmFVAvM9xkzbOMzsiro2UXu9n7S/L1vsM/iSpEjosVnEJmU65ViIwYZtd2HSed/
zK6ukMnKje45KI4TPKm48ycYHjLwZzhR3C+1N1RG/iLzV09/IsSazpuWlI1DcE3H
CiLiugETQZbnET0FEBa9cF9sMrMvS0qJyDDchjTqNmi2+l+vBWBN10wlZ4O/1AjE
eGgCkw2y2NfkzswXrbof85AkIyp5fQC96whxAOkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/OBBncgAj5cTT5tfKID3QQg+2kDAfBgNVHSMEGDAWgBTYRU3JeAnP/y8q
mrn9sKb9M2EDzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJFVk55WGdKel84dktwcTVfYkNtX1ROaEE4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvOTIzYWU0LWFmOTUtNGE3Mi05YzFmLTZmOTdjZmU1NDU0MC8x
L2Z6Z1FaM0lBSS1YRTAtYlh5aUE5MEVJUHRwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
OTIzYWU0LWFmOTUtNGE3Mi05YzFmLTZmOTdjZmU1NDU0MC8xLzJFVk55WGdKel84
dktwcTVfYkNtX1ROaEE4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGjwzANBgkqhkiG9w0BAQsFAAOC
AQEAPMlQs6N+moaHa1PU8tM2f/QQbQs5eK0o0152FI2V+Io7fO5qTCjHeD4PU0Wb
cSFu4D8XbHPtvKn4PiJVLVLIG/Xf7QcPln/CQZFPZuOgM3nsg+etr/oWjEAyPHWz
AiCiwaZLEj7n0/3lbcZYRZ96XrbV0dLQgES7+5jXwk/rnVbChitv3/VXtPsvCQ1c
tIfqlDZYtgzZfbNtSnYul392dId5c0cOLIoJDwVlgKofLzpsOWavBCJQxigLwGfL
Dpn/gj39f6Dkii9oVkt8vp1+eXEKX5EvfS5SJC0U7kOsYEdRqr8gNtvBpPfJ5fMK
AmTtSMWSzw8z1KshYPJ8bzZcRQ==
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:37:36 2022 by rpki-client.