Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/

$ rpki-client -vvf AUawb8umFGYzAXQokIYd65pTQyk.roa
File:                     AUawb8umFGYzAXQokIYd65pTQyk.roa (download)
Hash identifier:          IZbnNSNKxuPqS0Ng0ZnUhxUud9kK4CuG4lsGYLzkEhs=
Subject key identifier:   01:46:B0:6F:CB:A6:14:66:33:01:74:28:90:86:1D:EB:9A:53:43:29
Certificate issuer:       /CN=dd4988b0956206cf86bb680568a247723a46a94b
Certificate serial:       A7AA41
Authority key identifier: DD:49:88:B0:95:62:06:CF:86:BB:68:05:68:A2:47:72:3A:46:A9:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3UmIsJViBs-Gu2gFaKJHcjpGqUs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/AUawb8umFGYzAXQokIYd65pTQyk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 91.242.242.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10988097 (0xa7aa41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd4988b0956206cf86bb680568a247723a46a94b
        Validity
            Not Before: Jan  1 05:58:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0146b06fcba614663301742890861deb9a534329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:aa:87:23:9b:ce:55:69:3d:0e:48:c6:f9:ea:
                    ff:80:f5:d1:e6:6a:b2:ee:bc:b9:26:13:96:6b:30:
                    59:91:3d:f8:f8:66:e2:cc:6c:ec:22:c3:3e:21:8b:
                    e1:1e:36:ff:9d:1e:26:c3:ff:d7:cf:f2:2f:a3:91:
                    9f:cd:f5:6f:bc:60:1e:10:3b:ca:cf:8d:ca:64:7f:
                    f4:21:b7:be:83:92:0c:7a:e1:bf:f6:db:c2:61:d1:
                    4e:fa:c3:a7:1a:1b:da:5a:02:31:c9:55:29:09:29:
                    97:c6:ae:f8:8d:56:94:89:71:03:c8:78:1c:ee:01:
                    72:6b:4f:84:a9:33:7b:f8:26:b6:5c:f8:47:4f:61:
                    a4:f3:eb:9c:6e:1d:92:ba:da:87:a2:4c:9d:4f:42:
                    42:33:11:a9:14:6b:e5:4d:ff:5e:24:e1:03:b2:e7:
                    a9:04:fe:aa:06:57:a7:67:6b:53:c1:4f:c3:57:45:
                    c7:42:7b:4a:a9:85:83:7d:3e:21:77:09:97:e3:e9:
                    31:39:05:66:10:ee:00:50:d5:c7:38:ee:81:1b:a2:
                    fa:d7:62:eb:a1:30:8c:24:8f:13:99:08:d8:e3:97:
                    eb:1e:8f:26:0f:bc:e7:eb:90:89:56:c5:e9:10:95:
                    53:9f:dc:51:e8:2a:ce:03:92:46:e7:5d:f0:72:c6:
                    9e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                01:46:B0:6F:CB:A6:14:66:33:01:74:28:90:86:1D:EB:9A:53:43:29
            X509v3 Authority Key Identifier: 
                keyid:DD:49:88:B0:95:62:06:CF:86:BB:68:05:68:A2:47:72:3A:46:A9:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UmIsJViBs-Gu2gFaKJHcjpGqUs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/AUawb8umFGYzAXQokIYd65pTQyk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/349835-9cde-473a-9a11-67d95a5f2441/1/3UmIsJViBs-Gu2gFaKJHcjpGqUs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.242.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:e3:4d:0d:37:11:12:f2:66:2d:e8:73:ed:06:f3:22:62:3d:
         a8:7a:ff:06:e1:3a:50:8b:78:b1:a6:a5:13:70:29:e0:d5:34:
         79:f4:2e:92:ba:f4:53:6b:cd:8e:cb:50:29:46:ba:d4:3d:22:
         32:b4:0c:49:81:84:2e:01:ab:0c:45:02:0b:0a:12:b4:a4:60:
         7f:90:c2:6a:65:1a:19:20:d6:3e:af:f5:2c:d5:48:34:e3:7d:
         84:89:13:f6:b6:b9:45:23:72:ab:b5:be:3e:6c:46:36:f1:c0:
         63:11:0c:f9:1d:ef:c1:4f:50:a7:f5:4b:3d:fa:99:d7:8f:ba:
         31:3a:8f:65:dc:87:b0:4b:54:be:2a:8d:16:c1:2b:64:ec:46:
         50:f3:65:27:85:49:09:8c:d7:99:21:98:31:04:92:76:01:45:
         8a:0a:ee:2c:a2:cb:46:55:9b:6b:63:73:ed:81:ef:5c:f1:16:
         fc:50:11:9c:64:1e:e1:8d:e8:ff:9f:03:97:4a:31:fd:46:d2:
         d4:d2:dd:d7:c7:7c:c8:e1:7e:de:39:cf:09:57:49:81:28:5b:
         32:4f:85:1f:44:35:ca:a0:50:dc:c0:9c:93:e6:1e:d8:3c:be:
         83:c1:99:11:42:8b:b2:f4:f6:b6:53:85:97:85:2c:b7:14:bb:
         8a:3a:05:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKeqQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDQ5ODhiMDk1NjIwNmNmODZiYjY4MDU2OGEyNDc3MjNhNDZhOTRiMB4XDTIyMDEw
MTA1NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE0NmIwNmZjYmE2
MTQ2NjMzMDE3NDI4OTA4NjFkZWI5YTUzNDMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6qhyObzlVpPQ5Ixvnq/4D10eZqsu68uSYTlmswWZE9+Phm
4sxs7CLDPiGL4R42/50eJsP/18/yL6ORn831b7xgHhA7ys+NymR/9CG3voOSDHrh
v/bbwmHRTvrDpxob2loCMclVKQkpl8au+I1WlIlxA8h4HO4BcmtPhKkze/gmtlz4
R09hpPPrnG4dkrrah6JMnU9CQjMRqRRr5U3/XiThA7LnqQT+qgZXp2drU8FPw1dF
x0J7SqmFg30+IXcJl+PpMTkFZhDuAFDVxzjugRui+tdi66EwjCSPE5kI2OOX6x6P
Jg+85+uQiVbF6RCVU5/cUegqzgOSRudd8HLGni8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBRrBvy6YUZjMBdCiQhh3rmlNDKTAfBgNVHSMEGDAWgBTdSYiwlWIGz4a7
aAVookdyOkapSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNVbUlzSlZpQnMtR3UyZ0ZhS0pIY2pwR3FVcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMzQ5ODM1LTljZGUtNDczYS05YTExLTY3ZDk1YTVmMjQ0MS8x
L0FVYXdiOHVtRkdZekFYUW9rSVlkNjVwVFF5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MzQ5ODM1LTljZGUtNDczYS05YTExLTY3ZDk1YTVmMjQ0MS8xLzNVbUlzSlZpQnMt
R3UyZ0ZhS0pIY2pwR3FVcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvy8jANBgkqhkiG9w0BAQsFAAOC
AQEAceNNDTcREvJmLehz7QbzImI9qHr/BuE6UIt4saalE3Ap4NU0efQukrr0U2vN
jstQKUa61D0iMrQMSYGELgGrDEUCCwoStKRgf5DCamUaGSDWPq/1LNVINON9hIkT
9ra5RSNyq7W+PmxGNvHAYxEM+R3vwU9Qp/VLPfqZ14+6MTqPZdyHsEtUviqNFsEr
ZOxGUPNlJ4VJCYzXmSGYMQSSdgFFigruLKLLRlWba2Nz7YHvXPEW/FARnGQe4Y3o
/58Dl0ox/UbS1NLd18d8yOF+3jnPCVdJgShbMk+FH0Q1yqBQ3MCck+Ye2Dy+g8GZ
EUKLsvT2tlOFl4UstxS7ijoFCg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:01:03 2022 by rpki-client.