Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/74/d5f801-4426-4f45-8f26-9ccdd3c873a6/1/

$ rpki-client -vvf gWm0_lo0BPElClnnDpt4O6iURRE.roa
File:                     gWm0_lo0BPElClnnDpt4O6iURRE.roa (download)
Hash identifier:          sgzVTNB+rx6zPSboQf2xPUhGJqKlluPVYRk/0oOyxWg=
Subject key identifier:   81:69:B4:FE:5A:34:04:F1:25:0A:59:E7:0E:9B:78:3B:A8:94:45:11
Certificate serial:       03C71253
Authority key identifier: 2C:7C:0A:77:1B:30:D2:74:28:50:80:DD:C4:2E:36:79:83:96:F2:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LHwKdxsw0nQoUIDdxC42eYOW8iw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/d5f801-4426-4f45-8f26-9ccdd3c873a6/1/gWm0_lo0BPElClnnDpt4O6iURRE.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 5.182.232.0/22 maxlen: 22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63378003 (0x3c71253)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c7c0a771b30d274285080ddc42e36798396f22c
        Validity
            Not Before: Jan  1 06:01:06 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8169b4fe5a3404f1250a59e70e9b783ba8944511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e0:9a:70:ad:45:c7:82:e9:05:78:2a:d9:29:
                    ab:5b:e6:87:fd:a8:71:73:f1:50:c2:80:c7:e4:38:
                    06:a5:84:8c:41:ba:09:ed:0d:68:2c:1b:fc:cb:f0:
                    72:c1:60:9c:a3:0c:fa:44:3e:35:6f:46:3e:07:98:
                    fe:dc:11:77:8f:95:1b:ca:be:48:8e:8e:e8:9c:d3:
                    f5:ad:81:d4:e9:ad:d5:c8:43:e0:fb:9e:d9:28:03:
                    94:9c:0c:94:86:33:4c:30:05:09:13:06:4b:ee:80:
                    5c:27:d2:36:8f:d1:99:02:81:8b:18:a6:ef:c5:cf:
                    ab:cb:74:f6:78:21:37:29:9d:e6:9e:2d:b0:2f:01:
                    3b:25:7d:af:d1:02:f2:88:9b:e1:01:8d:56:08:c4:
                    33:88:2d:51:e8:af:7f:79:43:1f:13:15:a1:44:de:
                    7f:93:e8:00:c7:76:8c:39:a8:f7:11:0e:30:01:45:
                    74:57:7f:aa:79:e7:d0:80:bf:4e:31:77:de:8f:f7:
                    7e:b6:86:1c:32:16:8e:fa:17:5c:2e:da:7e:7e:36:
                    e8:26:5b:a9:61:d5:76:91:4e:92:bb:fa:b0:d9:f1:
                    d7:5c:36:bb:17:4e:67:e8:b7:f8:1d:00:46:66:a5:
                    ee:39:f7:ff:e8:e3:47:78:61:54:9e:17:2e:0d:d7:
                    02:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                81:69:B4:FE:5A:34:04:F1:25:0A:59:E7:0E:9B:78:3B:A8:94:45:11
            X509v3 Authority Key Identifier: 
                keyid:2C:7C:0A:77:1B:30:D2:74:28:50:80:DD:C4:2E:36:79:83:96:F2:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHwKdxsw0nQoUIDdxC42eYOW8iw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d5f801-4426-4f45-8f26-9ccdd3c873a6/1/gWm0_lo0BPElClnnDpt4O6iURRE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d5f801-4426-4f45-8f26-9ccdd3c873a6/1/LHwKdxsw0nQoUIDdxC42eYOW8iw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:b0:6d:7b:80:76:61:34:2b:78:b0:e2:30:cb:2e:4d:9e:6d:
         46:25:65:6b:2b:7a:6f:e6:b0:87:fe:7b:5c:9b:f3:62:46:51:
         78:77:69:47:cb:50:7a:bc:ea:2c:fb:c2:71:58:de:e2:7f:0a:
         d6:ba:1e:73:8f:58:2d:19:69:2e:a7:70:77:18:70:eb:35:07:
         29:47:4e:a0:fe:1a:74:75:cc:25:2a:59:64:64:3d:56:b8:25:
         47:6b:7c:f3:66:25:fc:03:22:e8:73:7c:a4:3e:00:1a:41:4e:
         de:23:15:f4:6d:41:f3:8c:55:0f:67:6e:de:a2:86:e4:5a:48:
         9f:9d:4d:09:68:c9:6a:86:c4:d7:7b:07:8c:e1:4a:27:6c:55:
         03:51:aa:05:26:06:93:14:91:ef:ef:ee:62:10:70:fe:e9:bc:
         81:a1:6d:26:7c:7d:06:5b:cd:99:af:8b:40:d6:9d:84:70:cc:
         18:63:c1:7d:7a:c0:20:21:55:a9:a0:2d:3e:f9:a3:49:ce:75:
         01:7b:83:d1:8f:de:48:3e:54:91:9a:45:41:29:d2:c4:cf:df:
         37:dd:7e:d4:47:73:fa:8c:9b:83:68:5f:94:c6:d4:69:4e:ad:
         a4:15:65:72:4e:0b:f0:92:24:2b:bf:18:b5:e0:4f:0b:99:30:
         71:ee:8a:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8cSUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YzdjMGE3NzFiMzBkMjc0Mjg1MDgwZGRjNDJlMzY3OTgzOTZmMjJjMB4XDTIyMDEw
MTA2MDEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE2OWI0ZmU1YTM0
MDRmMTI1MGE1OWU3MGU5Yjc4M2JhODk0NDUxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDgmnCtRceC6QV4Ktkpq1vmh/2ocXPxUMKAx+Q4BqWEjEG6
Ce0NaCwb/MvwcsFgnKMM+kQ+NW9GPgeY/twRd4+VG8q+SI6O6JzT9a2B1Omt1chD
4Pue2SgDlJwMlIYzTDAFCRMGS+6AXCfSNo/RmQKBixim78XPq8t09nghNymd5p4t
sC8BOyV9r9EC8oib4QGNVgjEM4gtUeivf3lDHxMVoUTef5PoAMd2jDmo9xEOMAFF
dFd/qnnn0IC/TjF33o/3fraGHDIWjvoXXC7afn426CZbqWHVdpFOkrv6sNnx11w2
uxdOZ+i3+B0ARmal7jn3/+jjR3hhVJ4XLg3XAuMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBabT+WjQE8SUKWecOm3g7qJRFETAfBgNVHSMEGDAWgBQsfAp3GzDSdChQ
gN3ELjZ5g5byLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xId0tkeHN3MG5Rb1VJRGR4QzQyZVlPVzhpdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZDVmODAxLTQ0MjYtNGY0NS04ZjI2LTljY2RkM2M4NzNhNi8x
L2dXbTBfbG8wQlBFbENsbm5EcHQ0TzZpVVJSRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZDVmODAxLTQ0MjYtNGY0NS04ZjI2LTljY2RkM2M4NzNhNi8xL0xId0tkeHN3MG5R
b1VJRGR4QzQyZVlPVzhpdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgW26DANBgkqhkiG9w0BAQsFAAOC
AQEAC7Bte4B2YTQreLDiMMsuTZ5tRiVlayt6b+awh/57XJvzYkZReHdpR8tQerzq
LPvCcVje4n8K1roec49YLRlpLqdwdxhw6zUHKUdOoP4adHXMJSpZZGQ9VrglR2t8
82Yl/AMi6HN8pD4AGkFO3iMV9G1B84xVD2du3qKG5FpIn51NCWjJaobE13sHjOFK
J2xVA1GqBSYGkxSR7+/uYhBw/um8gaFtJnx9BlvNma+LQNadhHDMGGPBfXrAICFV
qaAtPvmjSc51AXuD0Y/eSD5UkZpFQSnSxM/fN91+1Edz+oybg2hflMbUaU6tpBVl
ck4L8JIkK78YteBPC5kwce6KPA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 06:40:08 2022 by rpki-client.