Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/

$ rpki-client -vvf RHA1ohMbV3At6aEq1vkA3ZOxywI.roa
File:                     RHA1ohMbV3At6aEq1vkA3ZOxywI.roa (download)
Hash identifier:          KCgfKZxQ+u5lIGVYFQH8Cvm1lmrURx6l3LkSs0Ic6cY=
Subject key identifier:   44:70:35:A2:13:1B:57:70:2D:E9:A1:2A:D6:F9:00:DD:93:B1:CB:02
Certificate issuer:       /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial:       02DA224C
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/RHA1ohMbV3At6aEq1vkA3ZOxywI.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 31.131.164.0/22 maxlen: 22
    2: 91.219.16.0/22 maxlen: 23
    3: 91.219.16.0/23 maxlen: 23
    4: 91.219.18.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47850060 (0x2da224c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
        Validity
            Not Before: Jan  1 11:58:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=447035a2131b57702de9a12ad6f900dd93b1cb02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:83:a4:b0:1a:16:f7:a8:39:77:3e:2d:5a:b1:
                    26:6b:f2:37:59:ad:fa:e3:4d:13:cc:c5:73:74:90:
                    49:08:e9:3f:f0:aa:2a:ac:f4:cd:93:59:15:9b:a3:
                    32:84:a7:74:87:32:7a:65:e1:82:e5:7c:f7:25:f3:
                    00:5e:eb:ac:05:b4:5c:cc:e2:a4:ab:2c:3f:e3:78:
                    39:24:2d:19:06:c4:14:99:e2:2f:78:b4:eb:e5:02:
                    7c:67:ce:c7:33:11:79:b7:71:c4:42:84:8e:81:41:
                    3d:96:de:19:8d:ee:88:fa:ca:8b:9a:9d:64:c5:73:
                    28:96:ad:e9:91:bb:73:4c:de:28:7f:80:7f:7c:84:
                    02:0c:5a:6e:ed:27:e3:8c:34:cc:0f:2b:e4:24:28:
                    f3:28:b4:39:e8:9f:ac:c8:bf:7f:a3:57:b9:92:c5:
                    fe:bd:6f:ad:b7:7f:7d:56:11:e0:85:b2:4c:d5:a3:
                    ea:bd:19:72:1e:2a:41:c1:85:e1:5b:03:62:38:02:
                    bc:1f:2e:82:25:cc:5f:85:62:21:91:95:4e:cc:b1:
                    2c:f2:0e:87:b4:48:27:8f:96:71:01:dd:88:27:92:
                    1a:b2:5d:b6:28:4c:63:74:ac:00:19:b8:d1:84:3e:
                    bf:b9:6c:8e:1d:5c:95:29:e7:bc:7f:4d:46:9a:2d:
                    0c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                44:70:35:A2:13:1B:57:70:2D:E9:A1:2A:D6:F9:00:DD:93:B1:CB:02
            X509v3 Authority Key Identifier: 
                keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/RHA1ohMbV3At6aEq1vkA3ZOxywI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.131.164.0/22
                  91.219.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:1e:43:fc:d7:df:f6:dd:52:65:02:6b:a8:9b:3c:5c:70:d9:
         54:03:ba:f4:eb:79:f3:87:46:16:8b:4d:d1:0d:88:76:a6:bc:
         a0:84:61:7c:69:da:82:ea:91:5b:04:a5:da:e8:5f:c9:19:cc:
         36:77:83:86:90:76:d3:19:83:2c:74:d7:dc:13:6b:6d:c6:75:
         6b:55:40:ab:73:18:06:fc:32:b7:0a:a3:4c:2b:fd:fa:a0:2e:
         26:80:73:19:4b:63:42:51:05:05:86:d5:fe:0e:10:af:84:98:
         ba:ae:d1:08:a2:74:08:2d:b1:f5:fe:9b:04:cd:fc:cc:c9:d3:
         f8:ef:f1:bc:26:65:45:91:89:aa:66:dd:b8:c0:0c:66:71:a6:
         a7:2a:1f:ba:ab:2d:ad:06:59:23:f2:ae:86:4b:bb:6d:bd:a2:
         4c:bf:a7:f2:c0:22:ec:0a:79:ab:33:12:21:3b:a9:6a:b0:12:
         44:27:95:e8:77:5b:6d:f4:10:bb:18:a1:2d:9a:be:02:98:ac:
         62:e9:07:3e:41:b5:c0:7d:1c:0c:eb:98:6c:e2:49:d7:89:2d:
         14:8b:3e:7e:11:af:5b:74:64:33:d4:a2:aa:fb:97:34:2a:06:
         01:2d:fb:4d:05:61:47:8c:b7:9f:b5:7a:33:83:8e:bf:65:dc:
         76:6b:82:6c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAtoiTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTQ0NjgwYzIwZDFhZjAxZjE2OWIxOGFjOWM3N2Q5ODc3MTMzY2RlMB4XDTIyMDEw
MTExNTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ3MDM1YTIxMzFi
NTc3MDJkZTlhMTJhZDZmOTAwZGQ5M2IxY2IwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKDpLAaFveoOXc+LVqxJmvyN1mt+uNNE8zFc3SQSQjpP/Cq
Kqz0zZNZFZujMoSndIcyemXhguV89yXzAF7rrAW0XMzipKssP+N4OSQtGQbEFJni
L3i06+UCfGfOxzMRebdxxEKEjoFBPZbeGY3uiPrKi5qdZMVzKJat6ZG7c0zeKH+A
f3yEAgxabu0n44w0zA8r5CQo8yi0OeifrMi/f6NXuZLF/r1vrbd/fVYR4IWyTNWj
6r0Zch4qQcGF4VsDYjgCvB8ugiXMX4ViIZGVTsyxLPIOh7RIJ4+WcQHdiCeSGrJd
tihMY3SsABm40YQ+v7lsjh1clSnnvH9NRpotDIUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBREcDWiExtXcC3poSrW+QDdk7HLAjAfBgNVHSMEGDAWgBRJRGgMINGvAfFp
sYrJx32YdxM83jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NVUm9EQ0RScndIeGFiR0t5Y2Q5bUhjVFBONC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvN2RlZTA5LWNkMmUtNDAzMC1hYjkyLWViZGNjMDJmYmFlOS8x
L1JIQTFvaE1iVjNBdDZhRXExdmtBM1pPeHl3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
N2RlZTA5LWNkMmUtNDAzMC1hYjkyLWViZGNjMDJmYmFlOS8xL1NVUm9EQ0RScndI
eGFiR0t5Y2Q5bUhjVFBONC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAh+DpAMEAlvbEDANBgkqhkiG9w0B
AQsFAAOCAQEACR5D/Nff9t1SZQJrqJs8XHDZVAO69Ot584dGFotN0Q2Idqa8oIRh
fGnaguqRWwSl2uhfyRnMNneDhpB20xmDLHTX3BNrbcZ1a1VAq3MYBvwytwqjTCv9
+qAuJoBzGUtjQlEFBYbV/g4Qr4SYuq7RCKJ0CC2x9f6bBM38zMnT+O/xvCZlRZGJ
qmbduMAMZnGmpyofuqstrQZZI/Kuhku7bb2iTL+n8sAi7Ap5qzMSITuparASRCeV
6HdbbfQQuxihLZq+ApisYukHPkG1wH0cDOuYbOJJ14ktFIs+fhGvW3RkM9SiqvuX
NCoGAS37TQVhR4y3n7V6M4OOv2XcdmuCbA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:34:47 2022 by rpki-client.