Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/OnY1YTc4KHMJOBfLpHDyPygliYs.roa
File:                     OnY1YTc4KHMJOBfLpHDyPygliYs.roa (download)
Hash identifier:          f7j+vTogXlOUzwx5snQ5Jn8Tib8JPYBTiDnPuk9tTUM=
Subject key identifier:   3A:76:35:61:37:38:28:73:09:38:17:CB:A4:70:F2:3F:28:25:89:8B
Certificate issuer:       /CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
Certificate serial:       04BF1C12
Authority key identifier: 5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/OnY1YTc4KHMJOBfLpHDyPygliYs.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a10:4741:23::/48 maxlen: 48
    2: 2a10:4741:30::/44 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79633426 (0x4bf1c12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5df53645843e6d2883dc8f9c4f415c1eadbbf60a
        Validity
            Not Before: Feb 10 17:22:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a76356137382873093817cba470f23f2825898b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a2:4a:79:63:b2:8e:01:f3:62:e1:0d:fd:cb:
                    f0:13:8d:ed:ed:1e:99:b1:43:86:8e:91:48:33:74:
                    9b:8b:27:61:1c:83:3b:8a:8c:10:6f:26:02:38:4c:
                    0a:de:c6:ed:47:53:d1:45:b9:56:e6:be:49:24:b4:
                    31:d1:11:3a:42:39:69:ed:50:2f:4d:23:e0:41:7c:
                    e6:90:ca:b9:1e:0c:e6:d3:c0:76:f0:d7:c0:81:b5:
                    6e:26:52:f5:aa:3c:e2:d3:a9:50:61:3e:69:fa:c7:
                    5a:7a:80:f2:d2:44:2b:8c:e7:07:f3:9a:26:af:f3:
                    4a:41:74:e7:39:46:7d:6c:95:58:f9:ab:6a:a0:0c:
                    ec:6f:7a:af:63:c0:7b:a7:b5:a3:bb:6e:81:82:f2:
                    a5:2e:32:54:52:c8:f4:6c:ae:fb:63:ec:95:4b:6b:
                    fa:c1:8a:fa:d8:6b:c5:b1:24:bd:a1:1a:3a:62:0f:
                    48:cd:74:77:d6:91:de:b0:7b:40:50:fb:29:28:e4:
                    1a:6e:cb:db:da:cd:e0:44:fd:c9:ca:33:10:41:38:
                    5d:ce:49:8d:8e:1d:4f:57:d6:c1:4b:1f:c7:07:2a:
                    d7:40:ef:38:9f:25:5a:ed:a6:4d:78:92:dc:80:36:
                    48:6f:35:77:7b:74:62:f5:96:be:38:a7:0c:8f:a2:
                    e8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3A:76:35:61:37:38:28:73:09:38:17:CB:A4:70:F2:3F:28:25:89:8B
            X509v3 Authority Key Identifier: 
                keyid:5D:F5:36:45:84:3E:6D:28:83:DC:8F:9C:4F:41:5C:1E:AD:BB:F6:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfU2RYQ-bSiD3I-cT0FcHq279go.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/OnY1YTc4KHMJOBfLpHDyPygliYs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d107de-e2e5-4727-98ad-3821810344e6/1/XfU2RYQ-bSiD3I-cT0FcHq279go.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a10:4741:23::/48
                  2a10:4741:30::/44

    Signature Algorithm: sha256WithRSAEncryption
         0d:fc:7f:73:39:b1:41:40:13:66:02:09:b9:05:6a:68:97:37:
         f2:dc:e8:8e:2d:d8:a1:c9:1b:00:fe:e8:83:d5:35:2e:7b:ae:
         b0:fb:90:6b:1a:88:37:a5:1f:4a:92:1b:1f:67:b4:9a:42:c9:
         b3:c0:82:eb:68:12:53:58:d4:0a:59:58:7d:bd:90:1b:e5:4f:
         07:e3:f9:a5:6d:0a:2a:58:51:d3:ce:f9:cd:47:a1:0d:3b:11:
         4f:71:98:39:5d:b0:05:06:3a:8c:c0:22:60:82:98:44:ca:84:
         c7:30:14:62:5f:15:39:c5:44:68:1e:20:e2:57:50:98:2f:74:
         df:9d:cd:1c:d4:7b:42:fe:d8:67:a9:e9:1f:46:81:b7:d8:53:
         ff:da:4f:ed:b9:d1:b9:5d:79:f5:b2:35:ad:0e:f5:5e:df:8d:
         7d:cf:2e:4f:90:7e:60:69:41:88:d7:3a:d4:58:63:aa:d5:1a:
         70:bc:1a:4b:dd:76:fb:70:0d:b9:cf:ac:73:8c:69:e1:bf:ec:
         4a:ee:ed:c3:bb:c9:d2:bc:4d:cb:ce:d5:c4:9d:0d:69:87:f0:
         cd:3a:d8:e4:70:e4:a5:e0:97:87:f3:7e:e9:7f:47:e3:02:20:
         b3:01:22:38:db:cf:6c:35:47:9f:e3:0f:25:69:7e:41:9e:63:
         18:b2:fa:20
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBL8cEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGY1MzY0NTg0M2U2ZDI4ODNkYzhmOWM0ZjQxNWMxZWFkYmJmNjBhMB4XDTIyMDIx
MDE3MjIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E3NjM1NjEzNzM4
Mjg3MzA5MzgxN2NiYTQ3MGYyM2YyODI1ODk4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyiSnljso4B82LhDf3L8BON7e0embFDho6RSDN0m4snYRyD
O4qMEG8mAjhMCt7G7UdT0UW5Vua+SSS0MdEROkI5ae1QL00j4EF85pDKuR4M5tPA
dvDXwIG1biZS9ao84tOpUGE+afrHWnqA8tJEK4znB/OaJq/zSkF05zlGfWyVWPmr
aqAM7G96r2PAe6e1o7tugYLypS4yVFLI9Gyu+2PslUtr+sGK+thrxbEkvaEaOmIP
SM10d9aR3rB7QFD7KSjkGm7L29rN4ET9ycozEEE4Xc5JjY4dT1fWwUsfxwcq10Dv
OJ8lWu2mTXiS3IA2SG81d3t0YvWWvjinDI+i6AUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ6djVhNzgocwk4F8ukcPI/KCWJizAfBgNVHSMEGDAWgBRd9TZFhD5tKIPc
j5xPQVwerbv2CjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hmVTJSWVEtYlNpRDNJLWNUMEZjSHEyNzlnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8x
L09uWTFZVGM0S0hNSk9CZkxwSER5UHlnbGlZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZDEwN2RlLWUyZTUtNDcyNy05OGFkLTM4MjE4MTAzNDRlNi8xL1hmVTJSWVEtYlNp
RDNJLWNUMEZjSHEyNzlnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoQR0EAIwMHBCoQR0EAMDANBgkq
hkiG9w0BAQsFAAOCAQEADfx/czmxQUATZgIJuQVqaJc38tzoji3YockbAP7og9U1
LnuusPuQaxqIN6UfSpIbH2e0mkLJs8CC62gSU1jUCllYfb2QG+VPB+P5pW0KKlhR
0875zUehDTsRT3GYOV2wBQY6jMAiYIKYRMqExzAUYl8VOcVEaB4g4ldQmC90353N
HNR7Qv7YZ6npH0aBt9hT/9pP7bnRuV159bI1rQ71Xt+Nfc8uT5B+YGlBiNc61Fhj
qtUacLwaS912+3ANuc+sc4xp4b/sSu7tw7vJ0rxNy87VxJ0NaYfwzTrY5HDkpeCX
h/N+6X9H4wIgswEiONvPbDVHn+MPJWl+QZ5jGLL6IA==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:59:59 2022 by rpki-client.