Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Qosjn6hLQSS3lOC309LIJ5XFeIM.roa
File:                     Qosjn6hLQSS3lOC309LIJ5XFeIM.roa (download)
Hash identifier:          uAP17GtzXp1hI+M7nkcPklcm/9pIcMEL1sAVqSbnL+c=
Subject key identifier:   42:8B:23:9F:A8:4B:41:24:B7:94:E0:B7:D3:D2:C8:27:95:C5:78:83
Certificate issuer:       /CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
Certificate serial:       D8A923
Authority key identifier: 1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Qosjn6hLQSS3lOC309LIJ5XFeIM.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.43.42.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14199075 (0xd8a923)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e9f66ed6e695f1c0c482f682cce3f069f804ede
        Validity
            Not Before: Jan  1 10:54:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=428b239fa84b4124b794e0b7d3d2c82795c57883
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:77:de:8b:a4:5a:10:92:2e:28:3b:bd:98:60:
                    21:9d:dc:00:c4:ca:1c:54:c8:3c:03:6d:6f:40:b7:
                    b3:59:a3:72:2b:42:cf:bf:4a:71:63:4e:6b:f2:b5:
                    82:05:f5:2d:c1:77:dd:c4:49:d4:a0:40:ee:bb:f3:
                    d9:e6:24:71:2e:e4:14:3e:d9:45:0d:1d:a5:aa:ba:
                    40:49:42:34:65:b0:11:a1:93:08:1c:b0:0a:cf:a3:
                    76:f8:19:3a:43:e7:3c:a9:30:68:79:8b:4d:09:ae:
                    7e:89:b5:49:d9:bd:5c:85:5c:4a:70:83:61:a7:e9:
                    b6:07:f9:e1:45:4c:bb:53:6f:62:2c:2d:c4:bb:b3:
                    13:56:79:ff:36:b2:ae:7c:8e:6a:ab:11:26:02:21:
                    46:fe:c1:1e:5b:0d:c4:09:91:ac:8c:34:bd:31:59:
                    aa:66:4b:30:c4:29:4d:dd:d6:52:b0:24:a2:70:31:
                    5b:8f:77:22:df:ec:60:56:4a:01:38:3f:ef:61:86:
                    6d:d6:66:7e:f2:93:78:d1:4d:d1:f5:ce:86:65:df:
                    dc:78:a2:39:8d:7d:c3:76:85:4e:c2:79:03:99:db:
                    04:d7:91:64:46:ee:44:49:72:e2:34:91:ed:69:3c:
                    d9:47:b3:04:4b:6b:51:72:21:21:dc:79:8f:9c:1a:
                    e2:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                42:8B:23:9F:A8:4B:41:24:B7:94:E0:B7:D3:D2:C8:27:95:C5:78:83
            X509v3 Authority Key Identifier: 
                keyid:1E:9F:66:ED:6E:69:5F:1C:0C:48:2F:68:2C:CE:3F:06:9F:80:4E:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Qosjn6hLQSS3lOC309LIJ5XFeIM.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/31a95f-1b56-4db3-90b6-29c838f6278d/1/Hp9m7W5pXxwMSC9oLM4_Bp-ATt4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.43.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:8c:de:cd:b7:37:05:ae:71:c7:eb:e6:c5:ce:1b:f8:56:7a:
         4e:d4:c5:5d:d3:82:f5:eb:34:02:85:46:8b:02:53:8c:0b:59:
         f9:e6:81:8d:9e:d0:b6:cf:4b:80:95:e8:00:b8:aa:0e:d5:67:
         dc:6c:bd:be:d4:4e:af:6e:b1:58:59:ca:5d:7a:a6:04:f8:84:
         7a:df:c3:e6:ad:b9:77:ac:7b:5c:78:51:f8:64:90:0b:29:3f:
         c1:ab:62:f4:cb:d2:c9:96:b8:74:a9:cb:56:09:fa:fb:9c:e0:
         9c:c8:6b:02:37:58:d7:b5:29:28:b6:f8:b0:9a:80:ec:0a:0c:
         96:eb:68:0c:03:04:ee:da:e2:7e:9a:17:ff:ec:23:ec:8f:80:
         c6:80:f9:9b:d1:da:da:a2:58:51:96:8d:61:13:4a:31:af:9e:
         c8:d2:0b:34:8a:65:3c:ba:fd:85:91:aa:95:81:97:97:7f:43:
         90:2f:a6:84:c2:30:ed:74:d3:dd:ea:7a:21:28:7d:6f:d8:d2:
         88:23:b6:b4:8c:cb:8e:d2:e2:31:11:e5:ee:c6:e9:7a:ad:ab:
         05:98:7f:cf:f2:08:4d:68:ea:bb:68:4d:c7:c6:10:fd:22:6e:
         7d:6b:2c:1d:66:ec:2a:3b:92:b0:95:57:65:16:a4:bd:e7:fa:
         a5:39:5f:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANipIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTlmNjZlZDZlNjk1ZjFjMGM0ODJmNjgyY2NlM2YwNjlmODA0ZWRlMB4XDTIyMDEw
MTEwNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI4YjIzOWZhODRi
NDEyNGI3OTRlMGI3ZDNkMmM4Mjc5NWM1Nzg4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK133oukWhCSLig7vZhgIZ3cAMTKHFTIPANtb0C3s1mjcitC
z79KcWNOa/K1ggX1LcF33cRJ1KBA7rvz2eYkcS7kFD7ZRQ0dpaq6QElCNGWwEaGT
CBywCs+jdvgZOkPnPKkwaHmLTQmufom1Sdm9XIVcSnCDYafptgf54UVMu1NvYiwt
xLuzE1Z5/zayrnyOaqsRJgIhRv7BHlsNxAmRrIw0vTFZqmZLMMQpTd3WUrAkonAx
W493It/sYFZKATg/72GGbdZmfvKTeNFN0fXOhmXf3HiiOY19w3aFTsJ5A5nbBNeR
ZEbuREly4jSR7Wk82UezBEtrUXIhIdx5j5wa4hMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCiyOfqEtBJLeU4LfT0sgnlcV4gzAfBgNVHSMEGDAWgBQen2btbmlfHAxI
L2gszj8Gn4BO3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwOW03VzVwWHh3TVNDOW9MTTRfQnAtQVR0NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMzFhOTVmLTFiNTYtNGRiMy05MGI2LTI5YzgzOGY2Mjc4ZC8x
L1Fvc2puNmhMUVNTM2xPQzMwOUxJSjVYRmVJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MzFhOTVmLTFiNTYtNGRiMy05MGI2LTI5YzgzOGY2Mjc4ZC8xL0hwOW03VzVwWHh3
TVNDOW9MTTRfQnAtQVR0NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMErKjANBgkqhkiG9w0BAQsFAAOC
AQEAMozezbc3Ba5xx+vmxc4b+FZ6TtTFXdOC9es0AoVGiwJTjAtZ+eaBjZ7Qts9L
gJXoALiqDtVn3Gy9vtROr26xWFnKXXqmBPiEet/D5q25d6x7XHhR+GSQCyk/wati
9MvSyZa4dKnLVgn6+5zgnMhrAjdY17UpKLb4sJqA7AoMlutoDAME7trifpoX/+wj
7I+AxoD5m9Ha2qJYUZaNYRNKMa+eyNILNIplPLr9hZGqlYGXl39DkC+mhMIw7XTT
3ep6ISh9b9jSiCO2tIzLjtLiMRHl7sbpeq2rBZh/z/IITWjqu2hNx8YQ/SJufWss
HWbsKjuSsJVXZRakvef6pTlfYg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 20:46:27 2022 by rpki-client.