Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/GaVhS6je0ubeVDEtpQ13MtDeDSI.roa
File:                     GaVhS6je0ubeVDEtpQ13MtDeDSI.roa (download)
Hash identifier:          NCgOCx5fhxI3RwLdc8qco4Dfu6FBx7vqjoeouqwWZSU=
Subject key identifier:   19:A5:61:4B:A8:DE:D2:E6:DE:54:31:2D:A5:0D:77:32:D0:DE:0D:22
Certificate issuer:       /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial:       29BEFE66
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/GaVhS6je0ubeVDEtpQ13MtDeDSI.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.14.237.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 700382822 (0x29befe66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
        Validity
            Not Before: Mar 20 17:34:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=19a5614ba8ded2e6de54312da50d7732d0de0d22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:bf:2a:9c:1c:0c:5e:6d:a6:64:f2:0e:23:8d:
                    1e:ae:1b:07:01:d8:11:f2:02:9d:84:d0:d3:84:79:
                    c7:14:ff:47:f2:b5:f7:c5:13:8d:08:1e:be:25:c9:
                    9e:d7:41:e2:7e:50:36:b3:53:14:7a:2a:f8:a6:b3:
                    1c:7f:ee:a4:4c:e3:91:fe:eb:68:00:95:cd:c3:f9:
                    63:19:e8:ba:57:b6:03:a1:1f:a5:8a:f7:a4:81:5b:
                    a2:d3:c5:69:fe:b0:f6:37:6b:51:fb:72:28:e1:0e:
                    46:68:ed:b2:3b:c3:34:ad:8f:76:cc:8c:88:c8:88:
                    b4:11:1c:f4:99:7d:b8:e8:92:60:f0:e1:70:37:0f:
                    b0:8d:61:c2:fa:af:e8:42:f5:47:db:1a:61:e3:9e:
                    49:70:ce:80:f8:8e:7a:5b:10:1d:42:35:05:b3:46:
                    3e:fe:1e:d2:ff:e3:70:bf:6f:2d:ff:97:d7:c0:4d:
                    6a:d1:59:ae:75:fa:7b:ca:76:44:c1:2e:dc:0a:2b:
                    84:10:5e:b1:b0:7a:88:a3:f8:e6:fe:55:17:92:ed:
                    63:5e:7a:bf:6f:8f:92:e9:f7:1f:9b:ac:95:6e:2c:
                    1c:94:a7:8a:7b:b3:90:fd:f5:17:a3:36:a0:93:e1:
                    8d:c3:6d:60:15:cf:31:4f:31:1c:d4:b6:28:1b:ba:
                    07:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                19:A5:61:4B:A8:DE:D2:E6:DE:54:31:2D:A5:0D:77:32:D0:DE:0D:22
            X509v3 Authority Key Identifier: 
                keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/GaVhS6je0ubeVDEtpQ13MtDeDSI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:a9:9e:6a:6a:a1:28:2e:10:a7:63:ee:28:73:7c:08:01:c1:
         37:11:91:ee:8e:7b:2f:0a:73:d0:09:19:3f:76:ff:22:16:3e:
         89:25:32:01:2a:41:dd:c1:3e:35:8d:3d:eb:fd:61:2b:8a:aa:
         a7:5f:dd:2a:59:67:48:d1:2e:f0:8a:11:0f:dc:5e:e7:7e:67:
         b9:11:f9:57:a5:9f:a9:3e:e1:a5:b6:3f:ff:ad:f6:fd:77:95:
         26:b6:b1:d5:18:1c:a0:43:4e:9d:24:c4:61:d0:f0:d2:af:ef:
         92:0b:7e:7b:df:e3:a3:bd:87:73:f7:d1:5c:1e:15:08:27:24:
         9a:b2:47:20:2f:56:55:f6:f5:af:98:8f:22:7b:45:2c:6c:db:
         18:1a:a3:41:42:79:9a:cc:9f:38:3e:52:7c:17:dc:c2:89:4e:
         7e:fd:2b:40:51:07:c5:4e:a5:8f:46:c3:1e:f9:f1:68:63:39:
         85:7f:87:5d:c9:f8:45:88:ef:1e:a8:06:20:34:ba:37:82:89:
         28:8d:c5:ae:82:83:82:55:9e:6d:bc:30:6d:69:c1:32:11:ca:
         f2:8f:8a:e8:67:14:34:39:45:f3:f0:ff:96:54:ad:c5:6a:64:
         d0:d5:dd:b3:d6:41:4a:a4:40:d1:d0:bc:90:49:68:c9:04:db:
         db:be:db:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKb7+ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGM4MWQyNGM0NWRkYWEzNDVmOTA2NGRlMjlmYmNhN2IxMjlhNTJjMB4XDTIyMDMy
MDE3MzQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTlhNTYxNGJhOGRl
ZDJlNmRlNTQzMTJkYTUwZDc3MzJkMGRlMGQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJa/KpwcDF5tpmTyDiONHq4bBwHYEfICnYTQ04R5xxT/R/K1
98UTjQgeviXJntdB4n5QNrNTFHoq+KazHH/upEzjkf7raACVzcP5Yxnoule2A6Ef
pYr3pIFbotPFaf6w9jdrUftyKOEORmjtsjvDNK2PdsyMiMiItBEc9Jl9uOiSYPDh
cDcPsI1hwvqv6EL1R9saYeOeSXDOgPiOelsQHUI1BbNGPv4e0v/jcL9vLf+X18BN
atFZrnX6e8p2RMEu3AorhBBesbB6iKP45v5VF5LtY156v2+Pkun3H5uslW4sHJSn
inuzkP31F6M2oJPhjcNtYBXPMU8xHNS2KBu6B98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQZpWFLqN7S5t5UMS2lDXcy0N4NIjAfBgNVHSMEGDAWgBQtyB0kxF3ao0X5
Bk3in7ynsSmlLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xjZ2RKTVJkMnFORi1RWk40cC04cDdFcHBTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvYmYzZGI1LWEzM2YtNDMxMS1hY2Q5LTJmY2MwYjc0OWIzMi8x
L0dhVmhTNmplMHViZVZERXRwUTEzTXREZURTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
YmYzZGI1LWEzM2YtNDMxMS1hY2Q5LTJmY2MwYjc0OWIzMi8xL0xjZ2RKTVJkMnFO
Ri1RWk40cC04cDdFcHBTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkO7TANBgkqhkiG9w0BAQsFAAOC
AQEAB6meamqhKC4Qp2PuKHN8CAHBNxGR7o57Lwpz0AkZP3b/IhY+iSUyASpB3cE+
NY096/1hK4qqp1/dKllnSNEu8IoRD9xe535nuRH5V6WfqT7hpbY//632/XeVJrax
1RgcoENOnSTEYdDw0q/vkgt+e9/jo72Hc/fRXB4VCCckmrJHIC9WVfb1r5iPIntF
LGzbGBqjQUJ5msyfOD5SfBfcwolOfv0rQFEHxU6lj0bDHvnxaGM5hX+HXcn4RYjv
HqgGIDS6N4KJKI3FroKDglWebbwwbWnBMhHK8o+K6GcUNDlF8/D/llStxWpk0NXd
s9ZBSqRA0dC8kEloyQTb277bMQ==
-----END CERTIFICATE-----
Generated at Thu Dec 8 20:47:27 2022 by rpki-client.