Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/7a/b50d8f-a95f-4eca-a822-658bc41b10fa/1/

$ rpki-client -vvf aIXMUlNGVRozXbdtFct2coIM8Rg.roa
File:                     aIXMUlNGVRozXbdtFct2coIM8Rg.roa (download)
Hash identifier:          fmz/cH+i4jy0Qr7FkgLLeGNdr9ZJv/9PbztxiLhaVR0=
Subject key identifier:   68:85:CC:52:53:46:55:1A:33:5D:B7:6D:15:CB:76:72:82:0C:F1:18
Certificate issuer:       /CN=33518bbf7115cd8573e0deb8ebe675848f25bdfb
Certificate serial:       B69CD2
Authority key identifier: 33:51:8B:BF:71:15:CD:85:73:E0:DE:B8:EB:E6:75:84:8F:25:BD:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1GLv3EVzYVz4N646-Z1hI8lvfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/b50d8f-a95f-4eca-a822-658bc41b10fa/1/aIXMUlNGVRozXbdtFct2coIM8Rg.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 62.233.52.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11967698 (0xb69cd2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33518bbf7115cd8573e0deb8ebe675848f25bdfb
        Validity
            Not Before: Jan  1 07:57:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6885cc525346551a335db76d15cb7672820cf118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:38:aa:b3:51:ff:cb:45:74:c2:5d:2d:11:64:
                    7e:21:f8:01:e6:60:b2:59:9b:73:4f:37:1f:9a:26:
                    e1:37:3f:6a:87:24:39:61:ae:8e:e5:43:1c:86:2b:
                    9e:79:92:b5:cf:53:99:e5:6a:7a:f8:ab:a8:f5:a7:
                    d0:20:18:83:ff:46:dc:8b:ff:28:63:aa:01:c2:1b:
                    70:4e:7d:eb:06:bc:2d:7f:e8:b5:e7:88:34:c5:c4:
                    84:cc:45:32:2a:ee:d6:6e:04:0e:f9:73:c9:e6:b7:
                    3e:63:7d:a1:6c:7b:73:e5:dc:53:77:ce:3c:81:78:
                    94:97:9f:9d:53:23:86:2b:ce:38:2b:88:f4:b4:8c:
                    93:b1:21:5e:04:46:00:68:2a:b8:bb:b2:ec:71:cf:
                    6f:36:93:18:c2:48:ad:70:4d:44:87:0f:08:a7:2f:
                    3f:54:75:15:af:dd:68:b7:b9:e1:e4:fd:7e:f6:85:
                    73:e6:c9:72:a0:fc:a6:2c:51:91:ac:8b:70:92:42:
                    1b:ab:62:37:d8:dd:2b:17:66:09:60:ec:1c:f7:c0:
                    a7:9b:e9:6d:b7:15:73:ea:a0:be:a2:be:5f:90:8a:
                    5a:1f:5a:4e:f2:10:57:4a:05:16:dc:a6:46:1a:9e:
                    d3:3b:a7:27:75:e6:5a:fc:02:49:25:94:e9:ca:36:
                    07:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                68:85:CC:52:53:46:55:1A:33:5D:B7:6D:15:CB:76:72:82:0C:F1:18
            X509v3 Authority Key Identifier: 
                keyid:33:51:8B:BF:71:15:CD:85:73:E0:DE:B8:EB:E6:75:84:8F:25:BD:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1GLv3EVzYVz4N646-Z1hI8lvfs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b50d8f-a95f-4eca-a822-658bc41b10fa/1/aIXMUlNGVRozXbdtFct2coIM8Rg.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b50d8f-a95f-4eca-a822-658bc41b10fa/1/M1GLv3EVzYVz4N646-Z1hI8lvfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.233.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:5a:10:9c:4e:55:10:75:00:1e:58:0f:0d:49:06:b5:89:d0:
         9a:10:70:6c:3a:d0:c5:36:9c:4c:b0:32:f8:6b:4f:ee:c9:0e:
         ce:1a:f8:6b:30:d6:b3:97:5b:01:39:1e:d5:3e:cf:d4:4e:d5:
         c6:d8:86:82:f8:6a:ee:e0:90:b2:66:80:80:b4:26:a0:a7:29:
         2e:3e:62:2e:d8:43:0b:9c:fa:7c:d4:9f:a2:69:b1:68:5b:04:
         ee:92:98:fd:5a:ca:77:aa:54:87:d9:eb:24:99:87:0b:18:dd:
         43:7c:4a:ea:6d:08:a7:42:33:96:29:48:ff:ae:ff:2a:21:d7:
         54:d4:38:7a:c3:52:b6:64:2a:2c:02:bb:48:07:13:b2:a7:b1:
         6d:67:87:2d:9d:e4:96:f8:e9:6a:3c:84:e1:95:dd:78:69:d3:
         7d:1c:d8:94:4c:ee:92:9d:59:61:fe:12:a3:a7:c7:aa:d1:9e:
         f4:a8:5d:e8:70:c5:33:33:83:55:7a:25:21:a7:40:92:ad:05:
         20:66:be:2c:75:f8:a2:03:3e:cc:83:45:05:a5:e0:92:ab:34:
         aa:98:3c:4f:39:85:5f:fa:d6:6b:11:aa:38:c4:8f:77:16:d1:
         cf:a9:bd:a4:8b:52:fd:08:cb:58:fa:cd:26:e2:34:52:4e:da:
         0f:2f:71:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALac0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzUxOGJiZjcxMTVjZDg1NzNlMGRlYjhlYmU2NzU4NDhmMjViZGZiMB4XDTIyMDEw
MTA3NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg4NWNjNTI1MzQ2
NTUxYTMzNWRiNzZkMTVjYjc2NzI4MjBjZjExODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc4qrNR/8tFdMJdLRFkfiH4AeZgslmbc083H5om4Tc/aock
OWGujuVDHIYrnnmStc9TmeVqevirqPWn0CAYg/9G3Iv/KGOqAcIbcE596wa8LX/o
teeINMXEhMxFMiru1m4EDvlzyea3PmN9oWx7c+XcU3fOPIF4lJefnVMjhivOOCuI
9LSMk7EhXgRGAGgquLuy7HHPbzaTGMJIrXBNRIcPCKcvP1R1Fa/daLe54eT9fvaF
c+bJcqD8pixRkayLcJJCG6tiN9jdKxdmCWDsHPfAp5vpbbcVc+qgvqK+X5CKWh9a
TvIQV0oFFtymRhqe0zunJ3XmWvwCSSWU6co2B3MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRohcxSU0ZVGjNdt20Vy3ZyggzxGDAfBgNVHSMEGDAWgBQzUYu/cRXNhXPg
3rjr5nWEjyW9+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L00xR0x2M0VWellWejRONjQ2LVoxaEk4bHZmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvYjUwZDhmLWE5NWYtNGVjYS1hODIyLTY1OGJjNDFiMTBmYS8x
L2FJWE1VbE5HVlJvelhiZHRGY3QyY29JTThSZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
YjUwZDhmLWE5NWYtNGVjYS1hODIyLTY1OGJjNDFiMTBmYS8xL00xR0x2M0VWellW
ejRONjQ2LVoxaEk4bHZmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7pNDANBgkqhkiG9w0BAQsFAAOC
AQEAfloQnE5VEHUAHlgPDUkGtYnQmhBwbDrQxTacTLAy+GtP7skOzhr4azDWs5db
ATke1T7P1E7VxtiGgvhq7uCQsmaAgLQmoKcpLj5iLthDC5z6fNSfommxaFsE7pKY
/VrKd6pUh9nrJJmHCxjdQ3xK6m0Ip0IzlilI/67/KiHXVNQ4esNStmQqLAK7SAcT
sqexbWeHLZ3klvjpajyE4ZXdeGnTfRzYlEzukp1ZYf4So6fHqtGe9Khd6HDFMzOD
VXolIadAkq0FIGa+LHX4ogM+zINFBaXgkqs0qpg8TzmFX/rWaxGqOMSPdxbRz6m9
pItS/QjLWPrNJuI0Uk7aDy9xGA==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:35:02 2022 by rpki-client.