Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/BuK6xnxaDVqJ966XSOozCR1uofQ.roa
File:                     BuK6xnxaDVqJ966XSOozCR1uofQ.roa (download)
Hash identifier:          hZjHXPtaO+nXBAhiX1coRLLkfEhwpMEl76yzznkc1VM=
Subject key identifier:   06:E2:BA:C6:7C:5A:0D:5A:89:F7:AE:97:48:EA:33:09:1D:6E:A1:F4
Certificate issuer:       /CN=40f75d327761b90c0899638f430eb614c87c3106
Certificate serial:       03A95121
Authority key identifier: 40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/BuK6xnxaDVqJ966XSOozCR1uofQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2001:678:2cc::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 61428001 (0x3a95121)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40f75d327761b90c0899638f430eb614c87c3106
        Validity
            Not Before: Jun 13 16:17:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=06e2bac67c5a0d5a89f7ae9748ea33091d6ea1f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b4:a6:05:c9:80:49:1b:99:f1:90:23:50:65:
                    af:d8:e2:dc:15:85:8d:06:83:b2:bf:14:cb:88:8d:
                    72:66:c8:81:fa:a7:59:f0:53:47:e9:87:fd:f7:67:
                    0d:27:12:b6:cb:8f:d1:7d:53:6a:ae:d7:9c:10:36:
                    e0:22:08:c7:c6:38:b0:c1:57:a2:4f:d1:47:37:68:
                    5f:27:f0:fc:a7:9d:46:17:cb:cc:04:f3:a9:4b:0b:
                    de:ed:d0:59:d0:81:a1:e9:1a:18:43:b1:b2:fe:4e:
                    e3:9a:1e:13:a6:b7:f4:c3:e6:e0:99:64:43:4f:d1:
                    bb:4d:02:c9:cf:a8:fc:12:ee:eb:ea:dc:b2:73:3e:
                    6d:b0:f7:3f:03:59:59:19:d7:00:cd:a7:fa:31:8e:
                    f9:c2:c8:5c:7a:0d:97:74:7f:bd:b1:1e:24:93:f1:
                    cd:00:6b:6d:4c:bb:a2:41:e6:cb:14:50:a8:d1:b2:
                    f8:d8:9d:59:ea:9b:4a:1e:2c:71:45:88:f7:6c:ca:
                    9b:aa:c5:67:e1:b7:28:ba:15:ec:1d:4e:7a:9f:f0:
                    7b:54:eb:ea:31:a8:cc:a9:28:75:2b:9f:bc:a0:96:
                    c3:00:7e:70:a7:74:af:f4:96:90:37:68:80:ee:3e:
                    f0:72:b3:9e:e6:a4:63:b4:76:d8:1e:28:33:65:5d:
                    b5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                06:E2:BA:C6:7C:5A:0D:5A:89:F7:AE:97:48:EA:33:09:1D:6E:A1:F4
            X509v3 Authority Key Identifier: 
                keyid:40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/BuK6xnxaDVqJ966XSOozCR1uofQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:2cc::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:e2:52:87:e0:32:0e:db:84:74:84:b0:b7:52:91:f3:ff:56:
         d7:42:cd:be:bd:a8:c3:da:38:04:a5:db:40:d2:a7:03:10:25:
         c5:fc:0c:80:7f:8e:9b:58:99:39:8c:0a:01:d2:1b:a7:a1:73:
         2b:4f:1e:4c:36:e2:a4:c3:b1:57:51:f0:ed:a8:69:c7:d7:59:
         18:6b:f2:e6:ef:53:31:6c:25:46:d5:29:eb:f8:e4:d7:2e:19:
         f8:c1:e3:72:3c:66:79:95:6b:ce:e8:66:b5:9e:c9:31:10:71:
         c4:2f:7d:02:37:4f:49:24:80:4a:4a:4f:db:e7:f9:5e:32:b6:
         bf:0a:1c:86:b3:f1:fb:ba:78:52:55:f2:53:93:d1:44:e4:72:
         c3:99:6f:06:1c:d1:04:3c:60:9a:aa:d2:f2:77:5b:ee:85:72:
         24:fb:c2:4d:ab:4e:9a:3f:e8:e2:0a:f2:49:b1:87:e1:93:74:
         ab:3a:05:11:b9:79:62:2e:0a:db:13:e8:b7:bc:af:65:7f:34:
         bb:f0:26:0b:13:a6:35:66:c2:27:37:bb:4c:02:c4:0a:cc:d9:
         5c:24:6c:ba:46:11:30:32:ca:19:73:b3:5d:69:64:fc:61:f8:
         33:3f:d9:13:f3:de:24:71:cd:08:d8:1a:a1:f0:44:32:93:e9:
         8a:33:3f:d6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA6lRITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGY3NWQzMjc3NjFiOTBjMDg5OTYzOGY0MzBlYjYxNGM4N2MzMTA2MB4XDTIyMDYx
MzE2MTc0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZlMmJhYzY3YzVh
MGQ1YTg5ZjdhZTk3NDhlYTMzMDkxZDZlYTFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ20pgXJgEkbmfGQI1Blr9ji3BWFjQaDsr8Uy4iNcmbIgfqn
WfBTR+mH/fdnDScStsuP0X1Taq7XnBA24CIIx8Y4sMFXok/RRzdoXyfw/KedRhfL
zATzqUsL3u3QWdCBoekaGEOxsv5O45oeE6a39MPm4JlkQ0/Ru00Cyc+o/BLu6+rc
snM+bbD3PwNZWRnXAM2n+jGO+cLIXHoNl3R/vbEeJJPxzQBrbUy7okHmyxRQqNGy
+NidWeqbSh4scUWI92zKm6rFZ+G3KLoV7B1Oep/we1Tr6jGozKkodSufvKCWwwB+
cKd0r/SWkDdogO4+8HKznuakY7R22B4oM2VdtWsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQG4rrGfFoNWon3rpdI6jMJHW6h9DAfBgNVHSMEGDAWgBRA910yd2G5DAiZ
Y49DDrYUyHwxBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FQZGRNbmRodVF3SW1XT1BRdzYyRk1oOE1RWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNmU1ZjRjLTJlYWUtNDhhMC04NTUwLTI5YWM0NWUyZWNmZi8x
L0J1SzZ4bnhhRFZxSjk2NlhTT296Q1IxdW9mUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NmU1ZjRjLTJlYWUtNDhhMC04NTUwLTI5YWM0NWUyZWNmZi8xL1FQZGRNbmRodVF3
SW1XT1BRdzYyRk1oOE1RWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngCzDANBgkqhkiG9w0BAQsF
AAOCAQEAZeJSh+AyDtuEdISwt1KR8/9W10LNvr2ow9o4BKXbQNKnAxAlxfwMgH+O
m1iZOYwKAdIbp6FzK08eTDbipMOxV1Hw7ahpx9dZGGvy5u9TMWwlRtUp6/jk1y4Z
+MHjcjxmeZVrzuhmtZ7JMRBxxC99AjdPSSSASkpP2+f5XjK2vwochrPx+7p4UlXy
U5PRRORyw5lvBhzRBDxgmqrS8ndb7oVyJPvCTatOmj/o4grySbGH4ZN0qzoFEbl5
Yi4K2xPot7yvZX80u/AmCxOmNWbCJze7TALECszZXCRsukYRMDLKGXOzXWlk/GH4
Mz/ZE/PeJHHNCNgaofBEMpPpijM/1g==
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:41:25 2022 by rpki-client.