Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa
File:                     jocZn-sMlNz4fx8p-0llNBHoREY.roa (download)
Hash identifier:          vpwQHc/wbnt9J6PsEci3VEGomE4P4Otiqr+LgP0xcTw=
Subject key identifier:   8E:87:19:9F:EB:0C:94:DC:F8:7F:1F:29:FB:49:65:34:11:E8:44:46
Certificate issuer:       /CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Certificate serial:       0268AF4E
Authority key identifier: 84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     39396
IP address blocks:
    1: 185.251.39.0/24 maxlen: 24
    2: 85.187.216.0/23 maxlen: 24
    3: 185.138.176.0/22 maxlen: 24
    4: 2a10:bac0::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40415054 (0x268af4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
        Validity
            Not Before: Feb 24 18:38:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e87199feb0c94dcf87f1f29fb49653411e84446
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:e3:0e:d4:59:58:e1:d5:b6:61:b1:0e:c5:fb:
                    c8:f8:ed:65:3b:68:46:fc:ef:f4:ac:cf:98:e5:a2:
                    7e:52:1a:bd:99:88:d0:b5:b8:e6:a2:bb:1a:42:9d:
                    74:91:04:00:e3:33:ea:4a:af:1c:f9:05:52:5c:3a:
                    b2:e0:d1:26:28:15:83:a7:da:2b:48:1f:d8:83:50:
                    8b:47:10:99:74:5e:7c:f2:ff:da:f0:f4:40:91:48:
                    ed:23:60:5d:ef:b9:cb:cf:45:ff:2d:c0:b8:30:39:
                    d7:b1:8c:d7:0b:1f:f5:aa:e8:e7:81:3a:ee:5a:57:
                    5d:c7:de:78:d6:54:a7:28:c9:8d:3d:62:dd:0c:2d:
                    90:0d:ac:17:69:ea:8c:91:a2:03:b5:21:82:12:d4:
                    2a:cc:71:1f:77:fb:2f:a2:7b:75:f3:2b:c0:6e:2d:
                    b8:1e:97:a9:f2:f0:25:de:05:e1:f0:b4:e5:9d:60:
                    68:9a:9f:3b:18:24:07:a0:a4:83:5c:72:97:62:a7:
                    4d:35:60:3f:eb:26:c2:2b:c1:a6:4a:77:6c:34:d0:
                    ce:5a:f1:e0:3f:13:27:38:a9:3f:35:96:dc:41:80:
                    36:62:bc:f7:7a:09:17:83:16:9a:0a:24:cf:87:f6:
                    8c:6b:00:bb:81:25:82:ec:a5:90:c7:02:3b:74:4f:
                    56:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8E:87:19:9F:EB:0C:94:DC:F8:7F:1F:29:FB:49:65:34:11:E8:44:46
            X509v3 Authority Key Identifier: 
                keyid:84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.187.216.0/23
                  185.138.176.0/22
                  185.251.39.0/24
                IPv6:
                  2a10:bac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         05:f3:fb:d9:4d:ff:71:16:09:d0:a0:32:fb:81:f3:96:3e:52:
         c6:1b:36:a0:5b:d7:bd:da:9a:c2:b9:73:5f:8a:ee:c6:8a:48:
         67:cb:da:38:a1:25:ce:f7:c2:53:0b:34:00:35:a9:ba:b6:14:
         d1:38:6e:f9:67:df:c0:27:2d:05:68:db:3f:ec:f8:41:f1:9f:
         8b:d2:43:68:83:a3:70:44:c8:c6:2a:20:a8:57:bf:6e:b7:3b:
         1d:82:a5:90:84:86:14:d0:ac:bd:7d:9a:d2:49:ec:f9:70:23:
         ff:a5:4c:5a:c5:12:d5:98:bb:61:b2:28:84:37:7e:21:9c:6a:
         59:d8:fb:42:9c:8c:6d:37:ac:27:95:32:7d:50:22:e7:dd:64:
         d7:65:cd:5a:a9:52:dd:44:7d:be:9d:3e:68:48:18:d2:23:77:
         00:a0:9a:0f:12:ab:b5:93:29:5b:ae:b2:61:0a:85:90:f5:04:
         30:d2:40:3b:6b:a7:6c:50:f8:83:0f:3b:f0:f4:c7:d0:c5:1b:
         ba:cb:f9:b7:d1:51:af:4c:1b:47:cf:a5:e8:1f:c5:8d:42:bd:
         97:6f:60:69:f1:9a:d9:85:6a:21:79:94:51:4d:23:e6:13:c2:
         70:ea:2a:1d:e7:cc:8a:c2:b0:54:f8:5f:8e:87:51:00:c4:42:
         fe:10:34:f3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAmivTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY0MzBkOWFkOWNiOWM0MmM0YmQ2NjkwZTlmNTgxMmE0NTdhMDJmMB4XDTIyMDIy
NDE4MzgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU4NzE5OWZlYjBj
OTRkY2Y4N2YxZjI5ZmI0OTY1MzQxMWU4NDQ0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbjDtRZWOHVtmGxDsX7yPjtZTtoRvzv9KzPmOWiflIavZmI
0LW45qK7GkKddJEEAOMz6kqvHPkFUlw6suDRJigVg6faK0gf2INQi0cQmXRefPL/
2vD0QJFI7SNgXe+5y89F/y3AuDA517GM1wsf9aro54E67lpXXcfeeNZUpyjJjT1i
3QwtkA2sF2nqjJGiA7UhghLUKsxxH3f7L6J7dfMrwG4tuB6XqfLwJd4F4fC05Z1g
aJqfOxgkB6Ckg1xyl2KnTTVgP+smwivBpkp3bDTQzlrx4D8TJzipPzWW3EGANmK8
93oJF4MWmgokz4f2jGsAu4ElguylkMcCO3RPVoUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSOhxmf6wyU3Ph/Hyn7SWU0EehERjAfBgNVHSMEGDAWgBSE9DDZrZy5xCxL
1mkOn1gSpFegLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQUXcyYTJjdWNRc1M5WnBEcDlZRXFSWG9DOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYWJkMDA0LWM2OGYtNDliMS1hMmM0LWI5MDU2ZWJiYzU3Ni8x
L2pvY1puLXNNbE56NGZ4OHAtMGxsTkJIb1JFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YWJkMDA0LWM2OGYtNDliMS1hMmM0LWI5MDU2ZWJiYzU3Ni8xL2hQUXcyYTJjdWNR
c1M5WnBEcDlZRXFSWG9DOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVW72AMEArmKsAMEALn7JzANBAIA
AjAHAwUAKhC6wDANBgkqhkiG9w0BAQsFAAOCAQEABfP72U3/cRYJ0KAy+4Hzlj5S
xhs2oFvXvdqawrlzX4ruxopIZ8vaOKElzvfCUws0ADWpurYU0Thu+WffwCctBWjb
P+z4QfGfi9JDaIOjcETIxiogqFe/brc7HYKlkISGFNCsvX2a0kns+XAj/6VMWsUS
1Zi7YbIohDd+IZxqWdj7QpyMbTesJ5UyfVAi591k12XNWqlS3UR9vp0+aEgY0iN3
AKCaDxKrtZMpW66yYQqFkPUEMNJAO2unbFD4gw878PTH0MUbusv5t9FRr0wbR8+l
6B/FjUK9l29gafGa2YVqIXmUUU0j5hPCcOoqHefMisKwVPhfjodRAMRC/hA08w==
-----END CERTIFICATE-----
Generated at Thu Dec 8 06:46:32 2022 by rpki-client.