Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/xdvLlmsxC5NIVizyUe9qtZ0q9ug.roa
File:                     xdvLlmsxC5NIVizyUe9qtZ0q9ug.roa (download)
Hash identifier:          FzNjnmQSkCaYEWs14M0RbVx9Zh3WpQOo9nJ+NuNSyAk=
Subject key identifier:   C5:DB:CB:96:6B:31:0B:93:48:56:2C:F2:51:EF:6A:B5:9D:2A:F6:E8
Certificate issuer:       /CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
Certificate serial:       0332F1F4
Authority key identifier: EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/xdvLlmsxC5NIVizyUe9qtZ0q9ug.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2001:67c:17fc::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53670388 (0x332f1f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee0739d0528dcb4fce578d11f7ec34b0e37452cf
        Validity
            Not Before: Jan  1 15:03:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c5dbcb966b310b9348562cf251ef6ab59d2af6e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:52:30:13:2b:3e:cf:56:5c:f6:0b:13:f0:87:
                    a6:65:06:49:ef:49:d2:fa:9c:e0:b1:3a:40:ef:a2:
                    a4:4f:df:b8:06:85:6b:bc:76:f4:02:db:40:5e:8a:
                    12:f2:b8:a0:59:c7:31:79:e5:26:82:2c:a9:53:97:
                    d0:df:6a:56:26:d6:4f:b8:5f:dd:69:8f:f1:18:38:
                    da:a6:23:83:c4:a1:f0:52:2f:4a:56:09:f4:6e:ec:
                    76:c8:6a:72:a0:c7:bf:65:2f:da:3a:e3:08:44:2a:
                    d9:5a:4f:56:36:0a:9e:70:52:36:b0:b0:be:12:2d:
                    37:07:be:c1:b1:a7:52:b9:2d:ad:f8:b8:65:2c:6e:
                    fd:7c:47:34:f3:4b:f8:2b:ac:40:4d:c0:2b:2c:53:
                    12:39:6b:78:94:7d:bd:df:f0:df:ab:63:aa:ae:12:
                    c6:6c:89:55:c3:b1:94:26:99:2d:90:04:e1:a1:40:
                    0d:b0:a5:e2:a1:0a:76:50:5c:3a:07:ff:a0:7c:6f:
                    b6:df:64:30:a0:de:f1:f9:67:93:5f:c9:aa:db:ae:
                    bb:78:fe:a6:37:11:90:60:bd:9c:cb:9f:95:f5:81:
                    2a:61:56:58:2a:14:50:d6:f2:8a:2e:75:de:89:cb:
                    dd:f6:7d:a5:91:74:66:19:ef:40:1c:76:cd:7f:1d:
                    43:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C5:DB:CB:96:6B:31:0B:93:48:56:2C:F2:51:EF:6A:B5:9D:2A:F6:E8
            X509v3 Authority Key Identifier: 
                keyid:EE:07:39:D0:52:8D:CB:4F:CE:57:8D:11:F7:EC:34:B0:E3:74:52:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gc50FKNy0_OV40R9-w0sON0Us8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/xdvLlmsxC5NIVizyUe9qtZ0q9ug.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/853ee3-3a4f-4d95-9bdb-b03c2fbdc644/1/7gc50FKNy0_OV40R9-w0sON0Us8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:17fc::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:9e:3b:aa:99:51:99:77:66:6b:65:12:cd:13:dc:b9:5c:c9:
         9e:8b:8f:4a:3b:95:21:97:3f:e7:b1:65:d5:40:9a:b5:5f:f2:
         91:72:d5:ef:02:0d:9b:63:c6:08:b9:c5:0c:5b:ea:ab:56:7f:
         ea:e7:37:63:a4:2c:69:cd:77:f6:98:7e:1d:45:39:ec:93:1d:
         95:1e:1a:86:b2:34:8e:4b:c0:74:bd:c1:95:8a:54:15:de:fd:
         e0:b7:a1:e3:14:f5:7c:c5:00:d1:97:0b:95:2f:2f:1a:df:5b:
         0a:0b:9d:6e:75:32:3a:9c:6d:23:3a:3e:ae:1e:5e:12:52:30:
         0d:19:2f:31:4e:32:d3:1e:01:40:d3:20:77:c9:2a:4b:08:7d:
         78:54:95:ae:52:39:df:29:92:5f:ae:4e:3f:f6:49:b8:db:d6:
         1a:be:38:dc:0a:b2:3a:67:e9:81:7b:28:1a:73:7a:ff:4d:f5:
         9e:4f:01:2f:5b:f4:32:0e:4a:26:ec:5c:82:3f:56:5a:2d:95:
         94:e8:09:14:d4:9f:01:73:46:93:46:80:05:1a:9b:4b:7e:c6:
         06:3e:b8:81:7d:3f:98:9b:a9:33:ec:cb:c0:60:05:0f:d7:ce:
         7a:d0:04:03:0a:ee:db:55:87:fc:74:85:5f:c5:ae:46:b5:ca:
         b5:71:7b:76
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAzLx9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTA3MzlkMDUyOGRjYjRmY2U1NzhkMTFmN2VjMzRiMGUzNzQ1MmNmMB4XDTIyMDEw
MTE1MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVkYmNiOTY2YjMx
MGI5MzQ4NTYyY2YyNTFlZjZhYjU5ZDJhZjZlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZSMBMrPs9WXPYLE/CHpmUGSe9J0vqc4LE6QO+ipE/fuAaF
a7x29ALbQF6KEvK4oFnHMXnlJoIsqVOX0N9qVibWT7hf3WmP8Rg42qYjg8Sh8FIv
SlYJ9G7sdshqcqDHv2Uv2jrjCEQq2VpPVjYKnnBSNrCwvhItNwe+wbGnUrktrfi4
ZSxu/XxHNPNL+CusQE3AKyxTEjlreJR9vd/w36tjqq4SxmyJVcOxlCaZLZAE4aFA
DbCl4qEKdlBcOgf/oHxvtt9kMKDe8flnk1/Jqtuuu3j+pjcRkGC9nMuflfWBKmFW
WCoUUNbyii513onL3fZ9pZF0ZhnvQBx2zX8dQ+0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTF28uWazELk0hWLPJR72q1nSr26DAfBgNVHSMEGDAWgBTuBznQUo3LT85X
jRH37DSw43RSzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdnYzUwRktOeTBfT1Y0MFI5LXcwc09OMFVzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvODUzZWUzLTNhNGYtNGQ5NS05YmRiLWIwM2MyZmJkYzY0NC8x
L3hkdkxsbXN4QzVOSVZpenlVZTlxdFowcTl1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ODUzZWUzLTNhNGYtNGQ5NS05YmRiLWIwM2MyZmJkYzY0NC8xLzdnYzUwRktOeTBf
T1Y0MFI5LXcwc09OMFVzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwX/DANBgkqhkiG9w0BAQsF
AAOCAQEAhp47qplRmXdma2USzRPcuVzJnouPSjuVIZc/57Fl1UCatV/ykXLV7wIN
m2PGCLnFDFvqq1Z/6uc3Y6Qsac139ph+HUU57JMdlR4ahrI0jkvAdL3BlYpUFd79
4Leh4xT1fMUA0ZcLlS8vGt9bCgudbnUyOpxtIzo+rh5eElIwDRkvMU4y0x4BQNMg
d8kqSwh9eFSVrlI53ymSX65OP/ZJuNvWGr443AqyOmfpgXsoGnN6/031nk8BL1v0
Mg5KJuxcgj9WWi2VlOgJFNSfAXNGk0aABRqbS37GBj64gX0/mJupM+zLwGAFD9fO
etAEAwru21WH/HSFX8WuRrXKtXF7dg==
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:40:52 2022 by rpki-client.