Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa
File:                     vkiVmXksdpzzQYLJXeeESWUGBG4.roa (download)
Hash identifier:          yOr6x5JMtUxjqnmtVfzEDK9DDzFUsxNCFIdzCwdg+J8=
Subject key identifier:   BE:48:95:99:79:2C:76:9C:F3:41:82:C9:5D:E7:84:49:65:06:04:6E
Certificate issuer:       /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial:       07B526A8
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 5.182.22.0/24 maxlen: 24
    2: 5.182.23.0/24 maxlen: 24
    3: 2a0e:b800:cccc::/48 maxlen: 48
    4: 2a0e:b800:aaaa::/48 maxlen: 48
    5: 2a0e:b800:abcd::/48 maxlen: 48
    6: 2a0e:b800:bbbb::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129312424 (0x7b526a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
        Validity
            Not Before: Jan  3 04:36:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=be489599792c769cf34182c95de784496506046e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:98:c3:cf:8d:ec:ec:9b:32:3d:24:eb:9b:78:
                    16:8f:b5:7a:1b:09:4a:28:8b:0c:c5:84:ca:16:7d:
                    f2:b0:66:58:41:7c:13:53:a9:ac:16:73:a6:47:6c:
                    e9:a8:c7:bd:b3:ad:c2:8e:7a:9d:5b:ab:29:6c:99:
                    02:0d:62:4c:3e:ea:e1:72:fa:06:50:4a:ee:91:1a:
                    c2:a0:89:0f:7d:ac:cf:bd:c0:7b:2f:5d:31:fe:06:
                    41:5e:11:77:75:e2:e0:11:54:af:a0:fc:2c:4e:39:
                    7e:4e:8a:bb:9c:20:44:9a:77:d8:1f:d7:ee:44:b9:
                    84:b4:9f:01:f7:dc:fc:cf:d3:2b:94:65:13:61:be:
                    27:75:45:13:9b:64:2e:0e:5c:3a:b2:7a:94:c8:20:
                    73:f4:65:b9:83:f5:49:b6:94:39:71:b5:0c:f1:9f:
                    21:30:23:38:7f:a0:1f:cd:ff:72:8e:1a:b3:2e:82:
                    80:d6:ad:43:f2:91:1f:e0:e0:6a:53:8e:16:f3:98:
                    ee:27:ee:95:8a:30:eb:a2:44:bf:66:3d:b5:45:27:
                    5a:5d:00:1a:3e:60:41:bf:1b:c3:c2:88:36:24:e7:
                    ac:b2:2c:08:80:a2:5a:2c:68:ad:49:15:27:b8:27:
                    cd:51:95:66:de:62:7b:ba:4c:65:38:cd:ca:f8:0c:
                    ae:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BE:48:95:99:79:2C:76:9C:F3:41:82:C9:5D:E7:84:49:65:06:04:6E
            X509v3 Authority Key Identifier: 
                keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.22.0/23
                IPv6:
                  2a0e:b800:aaaa::/48
                  2a0e:b800:abcd::/48
                  2a0e:b800:bbbb::/48
                  2a0e:b800:cccc::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:ea:3e:80:96:62:44:ea:75:8c:09:d0:64:87:38:59:bc:c6:
         11:f7:13:49:fe:96:27:24:2f:ca:6e:33:cd:59:cb:cb:27:36:
         f9:80:f9:d7:64:b8:02:85:9a:88:b8:00:a3:b0:27:ef:b8:8c:
         03:eb:17:57:b9:27:be:99:bb:41:8f:2b:d9:17:66:7c:5a:6b:
         c3:f5:7d:12:ed:66:d5:b7:c5:08:22:98:3e:07:f9:43:d0:7b:
         ef:61:3b:b2:9b:1e:36:7e:f2:7c:22:87:86:c4:fb:e3:ce:da:
         24:08:16:ac:d0:e0:fd:f2:a4:74:91:94:d9:75:e6:81:2e:71:
         86:e1:a9:93:da:30:0e:29:10:41:7f:69:68:14:99:35:90:dc:
         ae:57:f2:bd:4d:25:14:2a:2e:76:e9:57:f9:1e:68:45:03:09:
         6b:1f:8b:82:92:61:25:ac:04:82:f7:f3:16:92:1b:9e:b4:80:
         9d:9e:07:63:60:1c:bc:5a:38:50:0a:76:55:9e:9a:7b:d7:31:
         ae:37:c0:8d:8f:a6:6a:c2:aa:3d:32:1d:4b:b6:3d:57:9c:8d:
         05:d4:2d:90:a1:9e:a9:c2:ba:61:d8:2f:8b:6f:af:89:ac:7c:
         85:bc:fb:ee:3b:1a:cd:82:56:ec:41:b4:f9:ae:95:5e:51:08:
         1d:41:69:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEB7UmqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjlkNzYzYjQ5ZTAyNGE3YjZhMTllYWY3ZGZiOTg5MTFhOWM5NGM4MB4XDTIyMDEw
MzA0MzYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU0ODk1OTk3OTJj
NzY5Y2YzNDE4MmM5NWRlNzg0NDk2NTA2MDQ2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmYw8+N7OybMj0k65t4Fo+1ehsJSiiLDMWEyhZ98rBmWEF8
E1OprBZzpkds6ajHvbOtwo56nVurKWyZAg1iTD7q4XL6BlBK7pEawqCJD32sz73A
ey9dMf4GQV4Rd3Xi4BFUr6D8LE45fk6Ku5wgRJp32B/X7kS5hLSfAffc/M/TK5Rl
E2G+J3VFE5tkLg5cOrJ6lMggc/RluYP1SbaUOXG1DPGfITAjOH+gH83/co4asy6C
gNatQ/KRH+DgalOOFvOY7ifulYow66JEv2Y9tUUnWl0AGj5gQb8bw8KINiTnrLIs
CICiWixorUkVJ7gnzVGVZt5ie7pMZTjNyvgMrokCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBS+SJWZeSx2nPNBgsld54RJZQYEbjAfBgNVHSMEGDAWgBTvnXY7SeAkp7ah
nq99+5iRGpyUyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc1MTJPMG5nSktlMm9aNnZmZnVZa1JxY2xNZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8x
L3ZraVZtWGtzZHB6elFZTEpYZWVFU1dVR0JHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8xLzc1MTJPMG5nSktl
Mm9aNnZmZnVZa1JxY2xNZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEAQW2FjAqBAIAAjAkAwcAKg64AKqq
AwcAKg64AKvNAwcAKg64ALu7AwcAKg64AMzMMA0GCSqGSIb3DQEBCwUAA4IBAQBi
6j6AlmJE6nWMCdBkhzhZvMYR9xNJ/pYnJC/KbjPNWcvLJzb5gPnXZLgChZqIuACj
sCfvuIwD6xdXuSe+mbtBjyvZF2Z8WmvD9X0S7WbVt8UIIpg+B/lD0HvvYTuymx42
fvJ8IoeGxPvjztokCBas0OD98qR0kZTZdeaBLnGG4amT2jAOKRBBf2loFJk1kNyu
V/K9TSUUKi526Vf5HmhFAwlrH4uCkmElrASC9/MWkhuetICdngdjYBy8WjhQCnZV
npp71zGuN8CNj6Zqwqo9Mh1Ltj1XnI0F1C2QoZ6pwrph2C+Lb6+JrHyFvPvuOxrN
glbsQbT5rpVeUQgdQWlz
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:59:23 2022 by rpki-client.