Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/00jxyavmNKg34SP3h3mUv1g8T6Y.roa
File:                     00jxyavmNKg34SP3h3mUv1g8T6Y.roa (download)
Hash identifier:          1OmG5bpECAeOkzk+XOCJ6pBLw75hwj0Msuj1t5rb2tw=
Subject key identifier:   D3:48:F1:C9:AB:E6:34:A8:37:E1:23:F7:87:79:94:BF:58:3C:4F:A6
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       0BB0C35E
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/00jxyavmNKg34SP3h3mUv1g8T6Y.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 95.111.128.0/20 maxlen: 24
    2: 95.111.144.0/20 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 196133726 (0xbb0c35e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jul  4 14:29:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d348f1c9abe634a837e123f7877994bf583c4fa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:5f:5a:8f:49:04:f0:ee:23:8f:47:3c:58:a6:
                    18:29:aa:2b:1f:c5:0a:5e:03:e8:f2:23:eb:68:1d:
                    dd:2b:56:27:82:ca:cf:02:65:dd:5b:e4:c9:fc:8a:
                    b5:b3:b4:33:fb:52:09:ed:86:42:a4:83:26:5e:c5:
                    5c:b6:fb:f0:ad:c3:bc:31:19:a7:c8:72:dc:22:5d:
                    8a:dc:17:cb:63:ce:62:f3:f2:58:e0:70:74:b0:90:
                    05:40:45:09:30:a8:48:6b:df:6d:dc:dc:61:ea:6f:
                    bf:5f:de:e1:e4:35:bb:fa:99:b8:9d:ec:43:e2:0d:
                    22:39:9d:18:dc:40:99:7f:06:e3:e9:88:e5:25:12:
                    c5:65:1a:76:20:cf:ce:f2:e6:95:92:3b:d1:ad:13:
                    ab:74:91:1f:9b:2f:3c:61:a8:04:a8:a0:d4:4e:55:
                    16:7d:39:7c:c4:c6:5e:fd:de:e0:95:0e:85:db:ff:
                    c3:0e:24:cc:88:7d:b9:80:49:23:01:bd:92:25:35:
                    1c:3b:56:0d:56:0e:6c:43:8e:04:99:32:d9:2c:01:
                    b1:1b:90:44:e9:cf:3c:71:ae:4a:d5:9f:d8:49:04:
                    82:47:e0:53:32:80:85:21:d6:68:a1:34:3a:b8:ab:
                    7f:e7:92:1d:24:a8:3e:40:6a:dc:b1:3b:b3:9e:83:
                    ed:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                D3:48:F1:C9:AB:E6:34:A8:37:E1:23:F7:87:79:94:BF:58:3C:4F:A6
            X509v3 Authority Key Identifier: 
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/00jxyavmNKg34SP3h3mUv1g8T6Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.111.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         4d:d9:1f:38:79:d6:9b:96:da:87:f7:a5:b1:28:a5:40:87:16:
         6c:af:ee:80:0a:49:aa:b6:42:c2:a1:ff:80:fe:d9:66:6b:81:
         f3:38:5f:6f:0c:1e:45:5e:11:75:80:32:d2:2c:1a:92:37:87:
         10:a5:c0:f7:59:e3:ee:bc:3c:e9:d3:f6:88:91:ea:4a:61:af:
         bf:e2:dc:45:a3:c6:00:4e:56:a1:04:81:a3:94:94:18:72:2e:
         2d:35:2f:bf:62:e2:14:81:f4:32:c8:07:9c:d1:41:41:ac:8d:
         2e:c0:b3:dd:f4:2b:70:0f:32:a2:93:3b:39:75:8e:ca:d9:71:
         0e:97:e0:d5:de:1f:8d:eb:82:14:3a:eb:74:90:fc:54:b5:f9:
         b5:4a:f8:7b:c6:a4:b0:84:30:63:ed:a4:aa:96:d9:72:0e:93:
         a9:09:f7:5c:87:16:55:58:a6:cc:50:85:31:d7:13:0d:8a:63:
         e7:68:1f:c5:6e:c4:2b:97:25:2a:f5:06:18:90:99:e2:19:72:
         85:8b:98:1a:00:fd:fb:91:6c:19:94:9f:c3:93:8e:c7:4c:0d:
         62:df:b2:e1:a1:0f:0a:4b:0e:8a:fe:2c:95:0a:7f:b3:b0:d8:
         be:f6:2a:cb:c5:6e:b2:76:bd:85:54:26:77:b5:cb:81:b9:dd:
         e4:2f:bd:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7DDXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDcw
NDE0MjkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM0OGYxYzlhYmU2
MzRhODM3ZTEyM2Y3ODc3OTk0YmY1ODNjNGZhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhfWo9JBPDuI49HPFimGCmqKx/FCl4D6PIj62gd3StWJ4LK
zwJl3VvkyfyKtbO0M/tSCe2GQqSDJl7FXLb78K3DvDEZp8hy3CJditwXy2POYvPy
WOBwdLCQBUBFCTCoSGvfbdzcYepvv1/e4eQ1u/qZuJ3sQ+INIjmdGNxAmX8G4+mI
5SUSxWUadiDPzvLmlZI70a0Tq3SRH5svPGGoBKig1E5VFn05fMTGXv3e4JUOhdv/
ww4kzIh9uYBJIwG9kiU1HDtWDVYObEOOBJky2SwBsRuQROnPPHGuStWf2EkEgkfg
UzKAhSHWaKE0Orirf+eSHSSoPkBq3LE7s56D7VkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTSPHJq+Y0qDfhI/eHeZS/WDxPpjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzAwanh5YXZtTktnMzRTUDNoM21VdjFnOFQ2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBV9vgDANBgkqhkiG9w0BAQsFAAOC
AQEATdkfOHnWm5bah/elsSilQIcWbK/ugApJqrZCwqH/gP7ZZmuB8zhfbwweRV4R
dYAy0iwakjeHEKXA91nj7rw86dP2iJHqSmGvv+LcRaPGAE5WoQSBo5SUGHIuLTUv
v2LiFIH0MsgHnNFBQayNLsCz3fQrcA8yopM7OXWOytlxDpfg1d4fjeuCFDrrdJD8
VLX5tUr4e8aksIQwY+2kqpbZcg6TqQn3XIcWVVimzFCFMdcTDYpj52gfxW7EK5cl
KvUGGJCZ4hlyhYuYGgD9+5FsGZSfw5OOx0wNYt+y4aEPCksOiv4slQp/s7DYvvYq
y8Vusna9hVQmd7XLgbnd5C+9Dg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:37:53 2022 by rpki-client.