Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/7c/212ee6-874e-431d-85d1-b366f53e2891/1/

$ rpki-client -vvf j278OPVqwacr5X1Gn2xVRv_HZiQ.roa
File:                     j278OPVqwacr5X1Gn2xVRv_HZiQ.roa (download)
Hash identifier:          b8R4/qZ4XSqLk67zE8rr1R8om/uiO8zvtaQX4dWGSO8=
Subject key identifier:   8F:6E:FC:38:F5:6A:C1:A7:2B:E5:7D:46:9F:6C:55:46:FF:C7:66:24
Certificate serial:       0228FB8E
Authority key identifier: 31:0A:E8:94:84:08:28:0D:47:A8:4F:DE:24:05:8A:D3:B3:C1:9E:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MQrolIQIKA1HqE_eJAWK07PBnmU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/212ee6-874e-431d-85d1-b366f53e2891/1/j278OPVqwacr5X1Gn2xVRv_HZiQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     2914
IP address blocks:
    1: 193.29.221.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36240270 (0x228fb8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=310ae8948408280d47a84fde24058ad3b3c19e65
        Validity
            Not Before: Jan  1 05:51:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8f6efc38f56ac1a72be57d469f6c5546ffc76624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f4:48:cf:4a:35:d4:7a:ae:8e:3f:7a:bd:55:
                    ef:a9:fb:e3:10:fa:05:a1:36:30:37:b4:0b:bc:2c:
                    e9:79:7e:4c:47:de:32:ba:72:32:58:9d:5a:0e:72:
                    7a:9d:0f:1f:eb:82:1b:a7:5b:42:11:58:65:6a:8f:
                    61:f4:8f:ae:e1:8d:20:3c:0b:b8:29:c6:3b:45:75:
                    4a:fc:96:5c:c5:46:02:6e:c5:ec:d6:bf:22:7b:15:
                    be:0c:d0:11:ec:03:7d:b2:0e:1b:3a:94:42:f7:2c:
                    71:1a:16:79:04:f6:3d:86:9b:ad:a0:6e:55:fa:0f:
                    4f:a0:47:a1:3c:df:38:c9:8c:3f:11:6a:4d:6e:fd:
                    17:15:9a:5e:c4:07:fb:47:fa:68:6d:7d:26:08:29:
                    3b:a5:22:39:d9:bb:42:ec:75:fb:80:95:6f:84:38:
                    be:fa:4d:f2:44:05:0b:4b:d7:55:70:11:43:8c:1a:
                    df:48:df:c4:af:4f:05:92:d0:01:ba:95:92:1b:62:
                    a2:15:14:b6:1a:d2:2e:12:ef:71:99:29:97:44:d5:
                    b4:de:05:0e:2f:ed:a9:73:27:a2:62:fb:51:21:89:
                    46:12:11:ca:99:9d:e3:fa:dd:f9:1e:b2:de:38:fe:
                    4b:fa:bf:f2:fa:79:60:4e:3c:72:0a:48:73:7e:57:
                    6c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8F:6E:FC:38:F5:6A:C1:A7:2B:E5:7D:46:9F:6C:55:46:FF:C7:66:24
            X509v3 Authority Key Identifier: 
                keyid:31:0A:E8:94:84:08:28:0D:47:A8:4F:DE:24:05:8A:D3:B3:C1:9E:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQrolIQIKA1HqE_eJAWK07PBnmU.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/212ee6-874e-431d-85d1-b366f53e2891/1/j278OPVqwacr5X1Gn2xVRv_HZiQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/212ee6-874e-431d-85d1-b366f53e2891/1/MQrolIQIKA1HqE_eJAWK07PBnmU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.29.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:0f:c4:8f:73:a4:e3:9b:62:de:57:ad:77:88:30:eb:d2:87:
         a8:6f:01:a2:2b:d5:dd:88:ce:d3:60:fa:8e:e4:cd:4c:9f:81:
         77:8d:38:d7:07:1b:5c:54:e0:0c:b8:43:bf:ba:e8:b7:8f:08:
         10:9a:46:d6:23:66:5c:60:4d:e3:35:ab:55:95:54:46:25:19:
         45:12:91:9b:4e:4a:e2:32:92:b1:bf:bf:75:d1:76:2b:2e:70:
         a3:b9:9e:bc:5f:d3:2a:25:34:79:71:bd:89:2c:fc:91:20:35:
         ba:d1:6c:d1:9a:49:f5:b1:35:6b:b4:91:7e:32:6e:d7:2d:f0:
         4d:f5:96:b1:30:05:da:8f:bb:75:03:46:1e:2e:70:f5:c8:e4:
         29:1b:15:0a:80:74:19:c6:c5:7a:f5:08:1f:e8:87:0b:ff:85:
         ac:9c:9e:8e:40:a0:41:88:d4:c4:4c:85:8a:c2:ae:3c:2e:7b:
         c3:32:58:e1:fa:a4:8c:57:97:6e:1f:71:16:0e:89:c1:ef:0f:
         45:60:34:e7:5d:ac:94:22:8c:aa:91:92:1f:97:09:04:d4:70:
         57:0b:ae:b2:5b:be:e6:38:87:f1:d5:41:34:9e:2e:ae:87:26:
         ff:86:7a:99:fd:84:f0:c5:16:d3:f5:da:5f:cf:b8:39:d7:48:
         d1:52:be:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAij7jjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTBhZTg5NDg0MDgyODBkNDdhODRmZGUyNDA1OGFkM2IzYzE5ZTY1MB4XDTIyMDEw
MTA1NTE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY2ZWZjMzhmNTZh
YzFhNzJiZTU3ZDQ2OWY2YzU1NDZmZmM3NjYyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJX0SM9KNdR6ro4/er1V76n74xD6BaE2MDe0C7ws6Xl+TEfe
MrpyMlidWg5yep0PH+uCG6dbQhFYZWqPYfSPruGNIDwLuCnGO0V1SvyWXMVGAm7F
7Na/InsVvgzQEewDfbIOGzqUQvcscRoWeQT2PYabraBuVfoPT6BHoTzfOMmMPxFq
TW79FxWaXsQH+0f6aG19JggpO6UiOdm7Qux1+4CVb4Q4vvpN8kQFC0vXVXARQ4wa
30jfxK9PBZLQAbqVkhtiohUUthrSLhLvcZkpl0TVtN4FDi/tqXMnomL7USGJRhIR
ypmd4/rd+R6y3jj+S/q/8vp5YE48cgpIc35XbD0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPbvw49WrBpyvlfUafbFVG/8dmJDAfBgNVHSMEGDAWgBQxCuiUhAgoDUeo
T94kBYrTs8GeZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01Rcm9sSVFJS0ExSHFFX2VKQVdLMDdQQm5tVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMjEyZWU2LTg3NGUtNDMxZC04NWQxLWIzNjZmNTNlMjg5MS8x
L2oyNzhPUFZxd2FjcjVYMUduMnhWUnZfSFppUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MjEyZWU2LTg3NGUtNDMxZC04NWQxLWIzNjZmNTNlMjg5MS8xL01Rcm9sSVFJS0Ex
SHFFX2VKQVdLMDdQQm5tVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEd3TANBgkqhkiG9w0BAQsFAAOC
AQEApg/Ej3Ok45ti3letd4gw69KHqG8BoivV3YjO02D6juTNTJ+Bd4041wcbXFTg
DLhDv7rot48IEJpG1iNmXGBN4zWrVZVURiUZRRKRm05K4jKSsb+/ddF2Ky5wo7me
vF/TKiU0eXG9iSz8kSA1utFs0ZpJ9bE1a7SRfjJu1y3wTfWWsTAF2o+7dQNGHi5w
9cjkKRsVCoB0GcbFevUIH+iHC/+FrJyejkCgQYjUxEyFisKuPC57wzJY4fqkjFeX
bh9xFg6Jwe8PRWA0512slCKMqpGSH5cJBNRwVwuuslu+5jiH8dVBNJ4urocm/4Z6
mf2E8MUW0/XaX8+4OddI0VK+0g==
-----END CERTIFICATE-----
Generated at Thu Dec 1 23:03:17 2022 by rpki-client.