Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/SKXoI9Lsp0t7MKnmUnZ1sXr7PAc.roa
File:                     SKXoI9Lsp0t7MKnmUnZ1sXr7PAc.roa (download)
Hash identifier:          cQpEz3DemLD0oNMlyvfaCdOS+hOYo+qDcfwYyUy6nGA=
Subject key identifier:   48:A5:E8:23:D2:EC:A7:4B:7B:30:A9:E6:52:76:75:B1:7A:FB:3C:07
Certificate issuer:       /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial:       CCAA81
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/SKXoI9Lsp0t7MKnmUnZ1sXr7PAc.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 45.145.152.0/22 maxlen: 24
    2: 80.83.80.0/21 maxlen: 24
    3: 80.83.88.0/23 maxlen: 24
    4: 80.83.92.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13412993 (0xccaa81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
        Validity
            Not Before: Jan  1 06:58:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=48a5e823d2eca74b7b30a9e6527675b17afb3c07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ea:e8:c4:bf:bb:12:5d:08:fc:02:97:a9:3c:
                    84:8b:99:47:3a:8e:53:c3:06:02:31:67:bf:9a:a8:
                    a5:3e:f1:48:0b:9a:c2:52:86:53:d1:8c:8f:da:c6:
                    76:55:1e:e3:23:21:ef:c8:60:72:d5:24:9e:3b:de:
                    7a:f7:54:74:72:5a:d5:13:13:0d:89:21:79:08:44:
                    41:30:e3:91:c3:9f:d6:a9:1f:f7:33:fb:12:30:cc:
                    b9:10:95:29:7a:2a:4a:03:ae:2e:ca:e1:e3:d1:77:
                    5d:b1:a4:ca:2a:c7:09:77:27:dd:2d:76:c3:e9:5e:
                    f3:e2:8a:0a:65:c6:0e:33:a5:aa:c1:e4:3f:30:be:
                    9f:22:e4:a7:35:85:97:df:d6:1f:4e:45:7e:65:79:
                    6f:37:3f:f8:89:09:bb:8a:28:68:92:42:36:40:19:
                    cd:d2:d7:cc:1e:d3:86:d1:2f:66:b4:ea:a5:67:f4:
                    a3:0a:75:4b:68:c2:36:49:f0:42:45:de:9a:10:49:
                    06:7d:66:d4:51:ad:68:79:10:b3:40:27:6e:12:8b:
                    ab:c9:17:17:a6:62:8e:91:fc:f7:32:65:d8:ce:5b:
                    75:ad:67:d2:f0:f3:3d:09:b7:5e:25:68:43:65:c8:
                    4f:2f:f5:6d:11:8c:55:05:ab:4b:6e:ff:7c:00:f4:
                    39:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                48:A5:E8:23:D2:EC:A7:4B:7B:30:A9:E6:52:76:75:B1:7A:FB:3C:07
            X509v3 Authority Key Identifier: 
                keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/SKXoI9Lsp0t7MKnmUnZ1sXr7PAc.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.152.0/22
                  80.83.80.0-80.83.89.255
                  80.83.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:17:31:bf:56:d4:24:47:29:8f:32:93:72:f4:75:38:37:a6:
         1c:c2:75:ed:3d:af:a9:d9:89:ef:81:17:92:11:33:8c:82:be:
         3e:fc:39:24:8b:2f:a8:54:44:b6:82:fb:84:0c:a2:70:63:0e:
         41:47:50:8d:78:74:32:9b:8f:16:c4:7b:4c:e2:30:a1:88:32:
         ae:ec:c1:35:14:bd:3b:f6:ff:0d:76:0d:d2:6e:46:e0:e5:58:
         61:5e:a0:1c:bf:b7:a1:01:ba:e2:96:4a:a8:4a:be:42:4b:78:
         07:71:d0:9b:cf:97:be:41:26:1d:58:44:a9:71:b3:5c:f9:c5:
         b0:39:10:e1:db:7c:d3:7a:f5:dd:6c:83:8f:f0:5b:cb:7a:2d:
         db:66:4c:51:ba:c0:78:72:bf:16:93:d1:53:d7:2d:73:b6:52:
         32:e5:82:40:43:2d:c7:f9:a9:49:0f:ef:41:3e:0d:0f:27:33:
         21:26:15:1a:6e:0d:44:79:70:21:d6:40:5e:83:9b:17:92:f5:
         54:a8:b4:95:f3:a7:38:40:9e:18:37:bf:5f:f9:76:2a:98:6a:
         75:58:ad:15:f2:fa:ac:23:67:e8:92:f4:18:f2:a8:89:6e:6d:
         14:1b:f6:ce:77:f7:88:70:70:cd:01:51:98:44:1f:87:20:0e:
         3c:df:64:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEAMyqgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWM1YWZlNzY5Yjk0MzQ2ZTFjZDM2MmViODVmODc1YjIzYjE3Mjc3MB4XDTIyMDEw
MTA2NTgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhhNWU4MjNkMmVj
YTc0YjdiMzBhOWU2NTI3Njc1YjE3YWZiM2MwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfq6MS/uxJdCPwCl6k8hIuZRzqOU8MGAjFnv5qopT7xSAua
wlKGU9GMj9rGdlUe4yMh78hgctUknjveevdUdHJa1RMTDYkheQhEQTDjkcOf1qkf
9zP7EjDMuRCVKXoqSgOuLsrh49F3XbGkyirHCXcn3S12w+le8+KKCmXGDjOlqsHk
PzC+nyLkpzWFl9/WH05FfmV5bzc/+IkJu4ooaJJCNkAZzdLXzB7ThtEvZrTqpWf0
owp1S2jCNknwQkXemhBJBn1m1FGtaHkQs0AnbhKLq8kXF6ZijpH89zJl2M5bda1n
0vDzPQm3XiVoQ2XITy/1bRGMVQWrS27/fAD0ObUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRIpegj0uynS3swqeZSdnWxevs8BzAfBgNVHSMEGDAWgBTOxa/nablDRuHN
Ni64X4dbI7FydzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pzV3Y1Mm01UTBiaHpUWXV1Ri1IV3lPeGNuYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvM2Q1NjljLTE5MDctNGQyYy1hY2VkLTMzMjQ3YzhlMWMxZi8x
L1NLWG9JOUxzcDB0N01Lbm1Vbloxc1hyN1BBYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
M2Q1NjljLTE5MDctNGQyYy1hY2VkLTMzMjQ3YzhlMWMxZi8xL3pzV3Y1Mm01UTBi
aHpUWXV1Ri1IV3lPeGNuYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAi2RmDAMAwQEUFNQAwQBUFNYAwQC
UFNcMA0GCSqGSIb3DQEBCwUAA4IBAQCCFzG/VtQkRymPMpNy9HU4N6YcwnXtPa+p
2YnvgReSETOMgr4+/Dkkiy+oVES2gvuEDKJwYw5BR1CNeHQym48WxHtM4jChiDKu
7ME1FL079v8Ndg3Sbkbg5VhhXqAcv7ehAbrilkqoSr5CS3gHcdCbz5e+QSYdWESp
cbNc+cWwORDh23zTevXdbIOP8FvLei3bZkxRusB4cr8Wk9FT1y1ztlIy5YJAQy3H
+alJD+9BPg0PJzMhJhUabg1EeXAh1kBeg5sXkvVUqLSV86c4QJ4YN79f+XYqmGp1
WK0V8vqsI2fokvQY8qiJbm0UG/bOd/eIcHDNAVGYRB+HIA4832RB
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:17:51 2022 by rpki-client.