Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/

$ rpki-client -vvf AK6ZVvGGRlIo1iJqqvgRqAIWldo.roa
File:                     AK6ZVvGGRlIo1iJqqvgRqAIWldo.roa (download)
Hash identifier:          77Atdgm3kmCH2uoRy+FyCqXje+FH2b+P59YJgAQwQHE=
Subject key identifier:   00:AE:99:56:F1:86:46:52:28:D6:22:6A:AA:F8:11:A8:02:16:95:DA
Certificate issuer:       /CN=919bf29e1aca23a515e11f66960b4eb95c80cfb9
Certificate serial:       D59C95
Authority key identifier: 91:9B:F2:9E:1A:CA:23:A5:15:E1:1F:66:96:0B:4E:B9:5C:80:CF:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kZvynhrKI6UV4R9mlgtOuVyAz7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/AK6ZVvGGRlIo1iJqqvgRqAIWldo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.51.120.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13999253 (0xd59c95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=919bf29e1aca23a515e11f66960b4eb95c80cfb9
        Validity
            Not Before: Jan  1 05:05:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=00ae9956f186465228d6226aaaf811a8021695da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:07:f0:06:78:23:12:32:f4:7f:33:1e:42:c1:
                    41:ca:67:3c:8f:cc:1c:00:25:dd:d3:9b:64:5f:c6:
                    9f:a8:69:fa:96:06:ac:d2:0d:4a:8c:2c:5a:22:97:
                    14:6e:d6:41:d9:0e:15:2e:7f:da:3d:18:e6:1b:23:
                    d8:b1:33:08:ed:57:c5:be:d2:c6:fb:f7:77:ee:64:
                    5e:20:ae:e9:68:79:89:a7:f4:e6:5d:4d:e6:bf:47:
                    22:2d:cd:2d:30:62:17:6b:18:a2:3e:76:c9:7e:b7:
                    ee:07:91:47:85:ca:1f:61:12:32:f3:31:6d:dd:b2:
                    87:ea:c1:ed:c8:f5:ad:56:eb:1f:4e:6f:92:b0:a8:
                    9a:56:af:9d:c0:f6:27:39:37:72:13:43:3c:c8:ba:
                    f1:2e:06:22:fb:2c:75:10:41:43:c6:da:e7:33:6c:
                    38:4f:af:9a:ec:3e:bb:64:68:b8:8c:be:a9:10:83:
                    17:7f:41:99:da:bd:d4:c8:3b:20:a8:dd:c1:a2:5a:
                    c2:4f:e3:ca:5c:db:74:34:90:4d:bf:e2:5d:72:41:
                    7d:83:54:d9:b2:6e:74:74:49:58:2d:54:fb:e6:49:
                    24:71:7b:fc:a5:7f:b2:5f:59:02:36:b8:28:8a:cd:
                    fb:46:25:14:ca:c6:53:dd:d9:20:ab:73:5f:45:ce:
                    29:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                00:AE:99:56:F1:86:46:52:28:D6:22:6A:AA:F8:11:A8:02:16:95:DA
            X509v3 Authority Key Identifier: 
                keyid:91:9B:F2:9E:1A:CA:23:A5:15:E1:1F:66:96:0B:4E:B9:5C:80:CF:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kZvynhrKI6UV4R9mlgtOuVyAz7k.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/AK6ZVvGGRlIo1iJqqvgRqAIWldo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/e57dcf-36f9-4a4a-ae3c-0bb3affcc2d3/1/kZvynhrKI6UV4R9mlgtOuVyAz7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.51.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:20:41:e8:c7:c1:46:58:ab:62:fa:72:2d:06:34:46:42:d2:
         d4:60:40:45:c3:22:f7:5a:c9:4d:9d:83:0c:b4:e0:71:f7:d0:
         5f:9d:80:17:35:9a:57:6d:a5:9d:c7:7d:80:3a:e8:5a:ce:c9:
         e8:1c:07:9b:1d:61:08:a6:a9:41:d9:ba:28:0f:5d:65:27:85:
         af:ae:65:22:ac:be:67:53:90:d1:fa:be:c3:84:8b:5f:f9:38:
         08:23:30:0e:13:02:1c:32:83:09:8d:15:d7:a4:8a:c5:b0:b2:
         09:a2:d2:bc:6f:28:a0:e7:80:56:62:8c:90:16:59:25:81:fd:
         95:b5:f6:99:fd:2b:33:38:4c:7e:04:23:78:cd:09:33:9b:f0:
         5c:5e:8e:31:d2:9f:31:2b:0b:b6:82:ca:da:8a:f2:9b:50:03:
         50:45:86:d4:6b:90:41:0b:c9:e8:d6:4c:1a:dd:9d:aa:47:c9:
         0c:4d:22:27:00:65:c6:eb:30:b8:ed:c1:48:a3:79:19:2e:c2:
         9a:8c:58:98:61:7f:26:0d:c7:6d:e7:83:39:cf:7c:47:ee:c4:
         ab:be:db:08:dc:b1:30:4d:5c:5a:48:56:b8:91:70:d0:9f:fd:
         56:74:8d:55:52:2f:d2:1e:cf:ea:21:6f:a0:83:62:a7:65:f7:
         f7:3c:00:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANWclTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTliZjI5ZTFhY2EyM2E1MTVlMTFmNjY5NjBiNGViOTVjODBjZmI5MB4XDTIyMDEw
MTA1MDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBhZTk5NTZmMTg2
NDY1MjI4ZDYyMjZhYWFmODExYTgwMjE2OTVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIH8AZ4IxIy9H8zHkLBQcpnPI/MHAAl3dObZF/Gn6hp+pYG
rNINSowsWiKXFG7WQdkOFS5/2j0Y5hsj2LEzCO1Xxb7Sxvv3d+5kXiCu6Wh5iaf0
5l1N5r9HIi3NLTBiF2sYoj52yX637geRR4XKH2ESMvMxbd2yh+rB7cj1rVbrH05v
krComlavncD2Jzk3chNDPMi68S4GIvssdRBBQ8ba5zNsOE+vmuw+u2RouIy+qRCD
F39Bmdq91Mg7IKjdwaJawk/jylzbdDSQTb/iXXJBfYNU2bJudHRJWC1U++ZJJHF7
/KV/sl9ZAja4KIrN+0YlFMrGU93ZIKtzX0XOKRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQArplW8YZGUijWImqq+BGoAhaV2jAfBgNVHSMEGDAWgBSRm/KeGsojpRXh
H2aWC065XIDPuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tadnluaHJLSTZVVjRSOW1sZ3RPdVZ5QXo3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvZTU3ZGNmLTM2ZjktNGE0YS1hZTNjLTBiYjNhZmZjYzJkMy8x
L0FLNlpWdkdHUmxJbzFpSnFxdmdScUFJV2xkby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
ZTU3ZGNmLTM2ZjktNGE0YS1hZTNjLTBiYjNhZmZjYzJkMy8xL2tadnluaHJLSTZV
VjRSOW1sZ3RPdVZ5QXo3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkzeDANBgkqhkiG9w0BAQsFAAOC
AQEAKiBB6MfBRlirYvpyLQY0RkLS1GBARcMi91rJTZ2DDLTgcffQX52AFzWaV22l
ncd9gDroWs7J6BwHmx1hCKapQdm6KA9dZSeFr65lIqy+Z1OQ0fq+w4SLX/k4CCMw
DhMCHDKDCY0V16SKxbCyCaLSvG8ooOeAVmKMkBZZJYH9lbX2mf0rMzhMfgQjeM0J
M5vwXF6OMdKfMSsLtoLK2orym1ADUEWG1GuQQQvJ6NZMGt2dqkfJDE0iJwBlxusw
uO3BSKN5GS7CmoxYmGF/Jg3HbeeDOc98R+7Eq77bCNyxME1cWkhWuJFw0J/9VnSN
VVIv0h7P6iFvoINip2X39zwAtQ==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:35:02 2022 by rpki-client.