Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/JfyD1KoBe1kbM_PHmStM5szGxMk.roa
File:                     JfyD1KoBe1kbM_PHmStM5szGxMk.roa (download)
Hash identifier:          cFvJkAcMEDAMEbQ1eyJ8Wqb11OVwP9LC7a/ayDnvi4w=
Subject key identifier:   25:FC:83:D4:AA:01:7B:59:1B:33:F3:C7:99:2B:4C:E6:CC:C6:C4:C9
Certificate issuer:       /CN=d4cad8d06df6f42bc8a27bdbaabf6c736cc324e6
Certificate serial:       012CC97C
Authority key identifier: D4:CA:D8:D0:6D:F6:F4:2B:C8:A2:7B:DB:AA:BF:6C:73:6C:C3:24:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MrY0G329CvIonvbqr9sc2zDJOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/JfyD1KoBe1kbM_PHmStM5szGxMk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.38.155.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19712380 (0x12cc97c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4cad8d06df6f42bc8a27bdbaabf6c736cc324e6
        Validity
            Not Before: Jan  1 03:58:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25fc83d4aa017b591b33f3c7992b4ce6ccc6c4c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:60:4b:d6:91:89:3b:64:a5:98:d2:e4:99:e2:
                    4f:97:49:c2:dc:b1:56:f0:83:29:90:1d:d2:88:aa:
                    fe:b2:5d:f7:43:d4:78:62:41:ce:1b:a9:d7:73:ef:
                    31:eb:1c:67:ad:5f:eb:e0:08:5d:e2:61:97:9d:56:
                    4a:c8:02:f8:29:11:66:e8:e9:e2:77:c5:39:5e:65:
                    5d:a7:8f:ee:61:35:75:90:2e:ba:67:fc:79:12:c7:
                    10:3e:4a:b1:81:17:d9:d1:b4:6d:e9:ed:c5:2c:30:
                    e9:99:a7:df:be:3e:5e:c9:dc:7e:c2:a6:84:95:1c:
                    5d:5b:c9:67:bb:c0:78:d6:0e:fa:87:ff:0c:a9:9f:
                    9f:33:a5:41:04:c1:48:a7:29:3a:a4:6f:8c:c9:28:
                    ef:71:6e:2b:b4:6d:56:91:a5:c1:f3:b7:2c:44:76:
                    d6:35:3a:81:ca:4e:01:38:f4:e2:10:f3:33:44:65:
                    d0:75:dc:d1:5a:37:bd:a0:c1:4a:f9:8f:2a:00:d7:
                    cb:49:65:bb:90:ad:33:fe:08:5d:e9:d3:83:0f:61:
                    5a:28:08:e1:ec:e8:4c:68:9e:d9:c8:9e:f9:75:6f:
                    5f:86:d7:a7:f4:d5:51:b1:60:c4:ac:e1:fd:e9:b1:
                    ef:ab:f1:42:18:f7:f1:49:1e:96:32:e6:f3:42:11:
                    b3:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                25:FC:83:D4:AA:01:7B:59:1B:33:F3:C7:99:2B:4C:E6:CC:C6:C4:C9
            X509v3 Authority Key Identifier: 
                keyid:D4:CA:D8:D0:6D:F6:F4:2B:C8:A2:7B:DB:AA:BF:6C:73:6C:C3:24:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MrY0G329CvIonvbqr9sc2zDJOY.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/JfyD1KoBe1kbM_PHmStM5szGxMk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ffbbd7-ba26-473e-88b1-a8d6683018dc/1/1MrY0G329CvIonvbqr9sc2zDJOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.38.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:e2:e3:79:80:2a:e1:3e:f6:d4:a0:8c:99:ee:e7:c5:29:05:
         b7:7a:5e:c4:83:4d:ff:68:19:8a:ac:85:75:68:00:49:df:84:
         26:b6:54:23:cc:e2:1b:e4:ab:bc:94:3b:42:3b:4d:1a:0d:a7:
         9e:4e:6b:12:5f:f4:a0:10:3c:81:3e:0d:87:23:d5:c0:ef:de:
         30:e2:cc:63:85:5c:02:16:89:f3:1e:78:75:03:b6:9e:f6:17:
         78:f8:70:a2:fe:f8:e9:3f:51:1f:c3:7e:47:97:e8:48:90:82:
         cb:66:c5:79:01:8c:af:2b:3f:46:70:70:ca:8e:80:87:9b:43:
         29:46:61:28:95:f5:2a:2b:be:1d:0b:16:7b:9e:c8:6f:5b:e9:
         62:a3:8b:7b:3a:f9:bf:6d:66:c0:14:a7:ae:df:d5:ce:e5:75:
         b5:b6:aa:7f:93:cc:e3:6a:1d:64:3e:fe:18:4a:e5:e2:4c:27:
         38:5f:4b:f8:dc:0b:f5:4e:d4:fd:b4:ef:25:8d:64:cf:76:8b:
         61:f6:41:af:c1:a5:63:74:cd:1f:16:eb:46:2c:19:de:dd:c2:
         37:aa:0c:d7:2e:67:b9:fc:57:91:4b:92:47:17:a1:42:c4:22:
         ac:35:55:14:35:81:d1:28:d3:ac:4e:c0:06:2a:01:06:a9:46:
         87:66:3d:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASzJfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGNhZDhkMDZkZjZmNDJiYzhhMjdiZGJhYWJmNmM3MzZjYzMyNGU2MB4XDTIyMDEw
MTAzNTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVmYzgzZDRhYTAx
N2I1OTFiMzNmM2M3OTkyYjRjZTZjY2M2YzRjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNgS9aRiTtkpZjS5JniT5dJwtyxVvCDKZAd0oiq/rJd90PU
eGJBzhup13PvMescZ61f6+AIXeJhl51WSsgC+CkRZujp4nfFOV5lXaeP7mE1dZAu
umf8eRLHED5KsYEX2dG0bentxSww6Zmn374+XsncfsKmhJUcXVvJZ7vAeNYO+of/
DKmfnzOlQQTBSKcpOqRvjMko73FuK7RtVpGlwfO3LER21jU6gcpOATj04hDzM0Rl
0HXc0Vo3vaDBSvmPKgDXy0llu5CtM/4IXenTgw9hWigI4ezoTGie2cie+XVvX4bX
p/TVUbFgxKzh/emx76vxQhj38UkeljLm80IRs2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQl/IPUqgF7WRsz88eZK0zmzMbEyTAfBgNVHSMEGDAWgBTUytjQbfb0K8ii
e9uqv2xzbMMk5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNclkwRzMyOUN2SW9udmJxcjlzYzJ6REpPWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvZmZiYmQ3LWJhMjYtNDczZS04OGIxLWE4ZDY2ODMwMThkYy8x
L0pmeUQxS29CZTFrYk1fUEhtU3RNNXN6R3hNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
ZmZiYmQ3LWJhMjYtNDczZS04OGIxLWE4ZDY2ODMwMThkYy8xLzFNclkwRzMyOUN2
SW9udmJxcjlzYzJ6REpPWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEmmzANBgkqhkiG9w0BAQsFAAOC
AQEAVuLjeYAq4T721KCMme7nxSkFt3pexINN/2gZiqyFdWgASd+EJrZUI8ziG+Sr
vJQ7QjtNGg2nnk5rEl/0oBA8gT4NhyPVwO/eMOLMY4VcAhaJ8x54dQO2nvYXePhw
ov746T9RH8N+R5foSJCCy2bFeQGMrys/RnBwyo6Ah5tDKUZhKJX1Kiu+HQsWe57I
b1vpYqOLezr5v21mwBSnrt/VzuV1tbaqf5PM42odZD7+GErl4kwnOF9L+NwL9U7U
/bTvJY1kz3aLYfZBr8GlY3TNHxbrRiwZ3t3CN6oM1y5nufxXkUuSRxehQsQirDVV
FDWB0SjTrE7ABioBBqlGh2Y9jw==
-----END CERTIFICATE-----
Generated at Thu Dec 8 10:33:21 2022 by rpki-client.