Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/FbyJUfUOqBLyVf-QH0R-V6ePlJM.roa
File:                     FbyJUfUOqBLyVf-QH0R-V6ePlJM.roa (download)
Hash identifier:          E+yctWCPX2JGAU7yy7ywUpDUktUffV6DDdkifG45Nek=
Subject key identifier:   15:BC:89:51:F5:0E:A8:12:F2:55:FF:90:1F:44:7E:57:A7:8F:94:93
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       0958745A
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/FbyJUfUOqBLyVf-QH0R-V6ePlJM.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 45.9.8.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 156791898 (0x958745a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Jan  1 09:03:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=15bc8951f50ea812f255ff901f447e57a78f9493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:78:c9:cb:a6:f2:df:d5:da:ca:0d:04:18:91:
                    3e:b2:ec:81:cc:b9:e9:46:15:36:68:92:58:d5:49:
                    ba:17:60:4e:a1:5e:e6:b4:da:3e:40:4b:7b:74:5e:
                    6c:0a:d7:2c:f9:a1:1f:e5:ad:a1:2b:ab:dd:4d:97:
                    de:a5:78:3f:d6:e8:a6:aa:ef:af:b9:a0:12:6e:78:
                    2a:53:13:81:49:2c:0f:0f:93:3d:6d:6d:b6:b4:8b:
                    36:10:79:96:47:03:56:7e:2d:5d:f1:0c:ab:1c:a2:
                    8a:a2:e1:b9:88:a5:ea:85:7d:a5:ad:18:b7:79:d9:
                    e6:f7:e7:5e:69:ab:09:d1:3c:72:c1:9b:8b:d4:74:
                    6d:3a:2f:88:47:93:cf:c9:a6:e9:5d:16:ee:26:04:
                    61:44:3c:29:4f:3b:2f:2e:e2:50:75:4a:55:e5:11:
                    79:56:a8:43:09:a4:f3:21:3c:7a:cc:8c:42:71:68:
                    d8:e2:45:7d:28:3d:cf:df:40:fb:08:60:e6:f3:75:
                    e9:1b:49:9a:d8:da:0e:2c:bc:d1:dd:41:d1:38:9c:
                    89:6d:fc:b2:cf:4b:2b:b1:0e:bd:8b:33:49:8f:60:
                    1b:30:4f:69:96:52:71:ca:82:a8:3a:e6:b0:bb:4c:
                    da:f7:cf:a6:3b:06:98:59:8b:40:57:2a:8c:ff:1b:
                    ae:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                15:BC:89:51:F5:0E:A8:12:F2:55:FF:90:1F:44:7E:57:A7:8F:94:93
            X509v3 Authority Key Identifier: 
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/FbyJUfUOqBLyVf-QH0R-V6ePlJM.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:b2:85:16:90:ce:d6:83:98:41:e1:70:68:1f:fa:be:50:28:
         f8:6f:12:df:28:01:5b:0f:65:a7:ed:0b:05:58:65:22:c5:2a:
         25:9c:3c:89:b4:e0:b0:55:96:68:f0:24:07:20:d7:5c:e1:32:
         4a:9e:75:21:fc:8e:b0:28:08:ab:ea:79:db:2c:ca:a1:02:e1:
         e7:9d:f4:80:9d:1c:46:d9:03:59:d9:52:62:af:3a:99:fb:5c:
         c9:48:5a:ba:66:79:8f:e8:02:26:36:38:e5:d5:d4:d8:f8:5b:
         ed:ef:55:be:f7:01:05:11:7d:56:cb:d4:00:fa:9c:29:d8:1e:
         45:c8:d6:b0:d6:55:45:fa:96:99:0b:ce:2a:be:7b:b6:2f:8c:
         70:6d:c2:8e:95:80:dd:7f:71:12:4e:f9:cf:6d:81:53:6e:17:
         65:6f:39:01:ef:34:a6:af:f4:f6:fa:c8:88:e9:cd:63:e1:a2:
         a5:24:d9:0b:fa:db:29:cb:09:19:c0:3c:27:44:01:5f:bc:27:
         fa:5d:94:c1:2a:ea:03:46:e2:ed:44:85:73:5b:3c:56:d3:8a:
         56:cd:dd:91:82:73:b7:26:68:bc:37:56:1f:30:dd:97:41:45:
         9b:5b:7f:c8:bb:cc:9b:da:d4:62:83:cd:6a:ba:94:56:ed:23:
         28:91:20:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECVh0WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTViYzg5NTFmNTBl
YTgxMmYyNTVmZjkwMWY0NDdlNTdhNzhmOTQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK54ycum8t/V2soNBBiRPrLsgcy56UYVNmiSWNVJuhdgTqFe
5rTaPkBLe3RebArXLPmhH+WtoSur3U2X3qV4P9bopqrvr7mgEm54KlMTgUksDw+T
PW1ttrSLNhB5lkcDVn4tXfEMqxyiiqLhuYil6oV9pa0Yt3nZ5vfnXmmrCdE8csGb
i9R0bToviEeTz8mm6V0W7iYEYUQ8KU87Ly7iUHVKVeUReVaoQwmk8yE8esyMQnFo
2OJFfSg9z99A+whg5vN16RtJmtjaDiy80d1B0TiciW38ss9LK7EOvYszSY9gGzBP
aZZSccqCqDrmsLtM2vfPpjsGmFmLQFcqjP8brgMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQVvIlR9Q6oEvJV/5AfRH5Xp4+UkzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L0ZieUpVZlVPcUJMeVZmLVFIMFItVjZlUGxKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0JCDANBgkqhkiG9w0BAQsFAAOC
AQEAl7KFFpDO1oOYQeFwaB/6vlAo+G8S3ygBWw9lp+0LBVhlIsUqJZw8ibTgsFWW
aPAkByDXXOEySp51IfyOsCgIq+p52yzKoQLh5530gJ0cRtkDWdlSYq86mftcyUha
umZ5j+gCJjY45dXU2Phb7e9VvvcBBRF9VsvUAPqcKdgeRcjWsNZVRfqWmQvOKr57
ti+McG3CjpWA3X9xEk75z22BU24XZW85Ae80pq/09vrIiOnNY+GipSTZC/rbKcsJ
GcA8J0QBX7wn+l2UwSrqA0bi7USFc1s8VtOKVs3dkYJztyZovDdWHzDdl0FFm1t/
yLvMm9rUYoPNarqUVu0jKJEg7g==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:59:36 2022 by rpki-client.