Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/975947-9928-4768-a4cc-cdf168ba4b58/1/XNRUWyRfg_qLP3pZstcXoALXyCM.roa
File:                     XNRUWyRfg_qLP3pZstcXoALXyCM.roa (download)
Hash identifier:          lHJz1jwRy9ZjPfrC/vZi3T4rB0PnU0lLSSh0zGf/CNA=
Subject key identifier:   5C:D4:54:5B:24:5F:83:FA:8B:3F:7A:59:B2:D7:17:A0:02:D7:C8:23
Certificate issuer:       /CN=34f33f4713e80cb33ee331397f17f05b6800ce8e
Certificate serial:       F2EC3B
Authority key identifier: 34:F3:3F:47:13:E8:0C:B3:3E:E3:31:39:7F:17:F0:5B:68:00:CE:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NPM_RxPoDLM-4zE5fxfwW2gAzo4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/975947-9928-4768-a4cc-cdf168ba4b58/1/XNRUWyRfg_qLP3pZstcXoALXyCM.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 46.31.66.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15920187 (0xf2ec3b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34f33f4713e80cb33ee331397f17f05b6800ce8e
        Validity
            Not Before: Jan  1 01:58:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5cd4545b245f83fa8b3f7a59b2d717a002d7c823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:93:0b:98:9f:d0:b5:c0:fc:01:99:8f:7b:9e:
                    35:5f:41:44:ad:fc:62:4d:38:95:76:d1:0a:12:2b:
                    42:75:27:3c:af:0a:36:3c:2d:17:e8:53:fb:da:c5:
                    90:ec:2b:4e:33:eb:df:c0:e4:4b:f8:f9:a5:bc:ef:
                    fb:80:44:3b:60:9c:b9:f6:28:ce:87:08:ef:f5:ef:
                    34:4f:6c:e0:d3:1e:e2:9e:f3:51:77:75:ba:4c:b0:
                    a7:70:a3:bb:9d:3a:ad:0a:d5:33:45:ec:33:9c:68:
                    cc:c7:34:58:35:b2:1b:a1:3f:d6:17:70:cb:48:aa:
                    2a:c1:cf:74:8b:24:b0:d6:d1:79:68:ed:40:4e:d2:
                    60:f6:75:d8:2c:32:53:30:8f:85:31:ab:13:cf:b7:
                    8e:b0:29:9d:7d:87:7c:62:58:3f:f7:ab:cb:f1:88:
                    45:fd:43:be:9e:f9:8f:25:dc:e5:77:d7:44:95:21:
                    e2:26:89:93:81:46:0b:3c:08:39:cb:6c:ae:30:ad:
                    3a:17:36:0d:f3:a3:cd:28:8d:3f:8d:fa:b0:b2:18:
                    ca:5b:2b:7c:46:63:0d:82:8b:b4:1d:35:d8:42:2e:
                    98:75:3a:92:47:bc:90:71:65:48:fd:84:bb:37:ee:
                    6b:87:8c:47:5e:74:36:bd:95:6a:e8:72:f3:27:ae:
                    70:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5C:D4:54:5B:24:5F:83:FA:8B:3F:7A:59:B2:D7:17:A0:02:D7:C8:23
            X509v3 Authority Key Identifier: 
                keyid:34:F3:3F:47:13:E8:0C:B3:3E:E3:31:39:7F:17:F0:5B:68:00:CE:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPM_RxPoDLM-4zE5fxfwW2gAzo4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/975947-9928-4768-a4cc-cdf168ba4b58/1/XNRUWyRfg_qLP3pZstcXoALXyCM.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/975947-9928-4768-a4cc-cdf168ba4b58/1/NPM_RxPoDLM-4zE5fxfwW2gAzo4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.31.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:52:27:26:f9:92:4a:97:91:24:a4:56:de:b3:c8:6b:cf:c8:
         b3:9d:3d:24:5b:79:66:39:f3:77:9e:e5:04:97:e0:ee:fc:55:
         57:04:c8:4f:dd:77:d5:55:78:ce:63:51:a2:41:05:3f:a5:b1:
         59:93:60:18:3d:ab:0b:db:f2:02:e1:7f:5f:b2:32:27:a5:2a:
         33:98:30:c6:65:39:36:40:11:aa:13:13:40:3d:10:4d:4d:51:
         b1:03:65:7e:1b:49:1c:6d:34:33:a7:2b:f1:14:e6:70:4f:22:
         cd:67:16:29:a5:c7:b3:ed:d9:9a:d8:d9:e3:28:0d:07:51:84:
         11:ed:76:95:90:92:f5:7a:16:b8:e7:5f:52:17:aa:4a:df:4e:
         68:ae:5f:f0:5f:af:38:d7:49:de:7f:ff:ad:21:bf:42:20:43:
         c8:d5:d9:a1:eb:dd:86:3c:a9:85:ef:0c:63:01:5c:5c:45:46:
         b7:4a:b2:90:b2:d4:cc:cb:93:da:62:ac:d6:03:40:2a:8a:d2:
         d2:b5:bb:70:42:e5:6b:d1:17:9c:6c:47:c6:f3:6a:1c:6f:af:
         c4:49:b4:a5:3d:98:1f:9d:83:6d:b7:53:05:b9:6a:bc:d2:f2:
         d0:c8:16:47:ce:fe:dc:1b:3c:7a:ad:7f:6b:14:1d:75:c3:c1:
         60:91:3f:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPLsOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGYzM2Y0NzEzZTgwY2IzM2VlMzMxMzk3ZjE3ZjA1YjY4MDBjZThlMB4XDTIyMDEw
MTAxNTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkNDU0NWIyNDVm
ODNmYThiM2Y3YTU5YjJkNzE3YTAwMmQ3YzgyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiTC5if0LXA/AGZj3ueNV9BRK38Yk04lXbRChIrQnUnPK8K
NjwtF+hT+9rFkOwrTjPr38DkS/j5pbzv+4BEO2CcufYozocI7/XvNE9s4NMe4p7z
UXd1ukywp3Cju506rQrVM0XsM5xozMc0WDWyG6E/1hdwy0iqKsHPdIsksNbReWjt
QE7SYPZ12CwyUzCPhTGrE8+3jrApnX2HfGJYP/ery/GIRf1Dvp75jyXc5XfXRJUh
4iaJk4FGCzwIOctsrjCtOhc2DfOjzSiNP436sLIYylsrfEZjDYKLtB012EIumHU6
kke8kHFlSP2Euzfua4eMR150Nr2Vauhy8yeucOUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc1FRbJF+D+os/elmy1xegAtfIIzAfBgNVHSMEGDAWgBQ08z9HE+gMsz7j
MTl/F/BbaADOjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QTV9SeFBvRExNLTR6RTVmeGZ3VzJnQXpvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvOTc1OTQ3LTk5MjgtNDc2OC1hNGNjLWNkZjE2OGJhNGI1OC8x
L1hOUlVXeVJmZ19xTFAzcFpzdGNYb0FMWHlDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
OTc1OTQ3LTk5MjgtNDc2OC1hNGNjLWNkZjE2OGJhNGI1OC8xL05QTV9SeFBvRExN
LTR6RTVmeGZ3VzJnQXpvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4fQjANBgkqhkiG9w0BAQsFAAOC
AQEAS1InJvmSSpeRJKRW3rPIa8/Is509JFt5Zjnzd57lBJfg7vxVVwTIT9131VV4
zmNRokEFP6WxWZNgGD2rC9vyAuF/X7IyJ6UqM5gwxmU5NkARqhMTQD0QTU1RsQNl
fhtJHG00M6cr8RTmcE8izWcWKaXHs+3ZmtjZ4ygNB1GEEe12lZCS9XoWuOdfUheq
St9OaK5f8F+vONdJ3n//rSG/QiBDyNXZoevdhjyphe8MYwFcXEVGt0qykLLUzMuT
2mKs1gNAKorS0rW7cELla9EXnGxHxvNqHG+vxEm0pT2YH52DbbdTBblqvNLy0MgW
R87+3Bs8eq1/axQddcPBYJE/kg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:16:49 2022 by rpki-client.