Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa
File:                     1-bkejI8i76SuieIMaVvNsHeEF1Y.roa (download)
Hash identifier:          WAqTRZFKsWluS/biwcZZnE3FnTt3g8koaCD4PI+TQKA=
Subject key identifier:   F9:B9:1E:8C:8F:22:EF:A4:AE:89:E2:0C:69:5B:CD:B0:77:84:17:56
Certificate issuer:       /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial:       35CBE128
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 78.136.204.0/22 maxlen: 22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 902553896 (0x35cbe128)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
        Validity
            Not Before: Jul  5 08:40:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f9b91e8c8f22efa4ae89e20c695bcdb077841756
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7a:49:92:be:e1:d2:e0:de:ac:c1:d5:a1:1a:
                    6c:b9:b6:9a:2b:4e:cb:2e:5a:e4:db:1e:f4:46:db:
                    20:0b:40:af:43:92:ec:5f:40:f6:26:4d:77:a5:31:
                    fd:2f:89:eb:6f:2d:9b:cf:ab:2a:1e:7e:8b:a3:bd:
                    f0:f7:b5:91:ae:d1:24:40:22:ad:fb:d6:af:39:2b:
                    42:6e:85:6f:dd:92:09:f0:bc:8a:51:a8:76:db:1a:
                    fe:2c:0c:68:43:61:d0:a7:49:ba:11:2b:ae:ca:cd:
                    b2:35:76:f1:59:6c:79:13:a9:02:8c:76:1c:02:06:
                    81:e5:2f:55:63:77:29:e6:ac:1e:f0:92:01:3e:e1:
                    81:28:9f:42:ba:84:79:fb:39:50:ef:0b:92:b4:18:
                    f7:2c:2b:d6:b0:9d:af:b9:f4:9f:7f:5c:de:d3:24:
                    6c:4f:80:4b:68:ab:45:13:c7:2a:5c:1f:8d:47:24:
                    21:0a:c9:00:4b:fb:17:1f:84:c9:06:4c:3f:07:52:
                    1f:79:7e:bf:39:a8:05:7e:4e:75:28:d4:12:8e:39:
                    b8:ce:bf:df:8b:c7:35:6d:24:c0:bc:c0:2e:c4:71:
                    43:15:b4:dc:d2:e3:ab:db:89:c1:c4:23:ea:8c:d0:
                    a0:61:d0:d0:9e:1b:cd:01:05:65:5e:3c:b4:8e:bd:
                    74:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F9:B9:1E:8C:8F:22:EF:A4:AE:89:E2:0C:69:5B:CD:B0:77:84:17:56
            X509v3 Authority Key Identifier: 
                keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/1-bkejI8i76SuieIMaVvNsHeEF1Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.136.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:91:c1:ea:28:00:ce:f5:61:f3:da:fc:e7:00:9d:69:0f:73:
         2f:6b:bd:27:2e:1c:a1:7a:9e:79:f6:12:c8:47:c1:a6:5e:52:
         33:fe:47:a7:41:7c:0e:f6:37:08:b4:c2:02:59:55:09:36:20:
         66:9c:40:34:b8:87:9c:11:7c:c0:87:71:d4:fa:a1:95:33:5a:
         60:32:a1:05:1f:88:9c:eb:2e:d8:38:c6:a1:1d:b4:76:8c:9a:
         52:de:b7:fd:ce:d7:c8:7e:c1:61:b2:ed:ed:cd:a2:41:f0:be:
         72:06:f3:db:f5:a8:37:85:3c:0e:de:39:b1:f5:f7:6f:3d:12:
         00:a6:9a:10:da:9c:37:31:bd:53:fe:2c:93:cb:0b:06:65:27:
         2b:28:1e:ca:02:6a:a1:46:a3:6f:3a:2f:03:8b:0e:34:6d:ee:
         60:65:8f:87:c2:e3:b7:2a:de:f6:de:b9:d0:6e:35:00:92:85:
         97:97:01:ae:6a:e7:ce:bb:43:cb:e8:4c:34:1b:7c:23:9b:01:
         a2:74:ec:8a:2e:26:0a:bb:76:9c:8d:4b:4f:ee:4e:13:da:4d:
         6b:1a:97:c3:50:8d:7e:37:89:81:71:69:08:e8:11:f8:5f:74:
         02:03:7c:3c:08:44:a7:e8:84:ca:d9:38:2a:e5:4e:e2:16:44:
         42:a6:72:aa
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIENcvhKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjljMjczMDk4YjUyNzY4Y2EwZTQ0YTNhMmMxNmVmZWQ0YTY1Y2EwMB4XDTIyMDcw
NTA4NDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjliOTFlOGM4ZjIy
ZWZhNGFlODllMjBjNjk1YmNkYjA3Nzg0MTc1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL56SZK+4dLg3qzB1aEabLm2mitOyy5a5Nse9EbbIAtAr0OS
7F9A9iZNd6Ux/S+J628tm8+rKh5+i6O98Pe1ka7RJEAirfvWrzkrQm6Fb92SCfC8
ilGodtsa/iwMaENh0KdJuhErrsrNsjV28VlseROpAox2HAIGgeUvVWN3KeasHvCS
AT7hgSifQrqEefs5UO8LkrQY9ywr1rCdr7n0n39c3tMkbE+AS2irRRPHKlwfjUck
IQrJAEv7Fx+EyQZMPwdSH3l+vzmoBX5OdSjUEo45uM6/34vHNW0kwLzALsRxQxW0
3NLjq9uJwcQj6ozQoGHQ0J4bzQEFZV48tI69dKsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5uR6MjyLvpK6J4gxpW82wd4QXVjAfBgNVHSMEGDAWgBRSnCcwmLUnaMoO
RKOiwW7+1KZcoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Vwd25NSmkxSjJqS0RrU2pvc0Z1X3RTbVhLQS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNmQ5MzU5LWFmZWYtNDUzNS05YzkzLWYzM2QzYmIzNjQ4NC8x
LzEtYmtlakk4aTc2U3VpZUlNYVZ2TnNIZUVGMVkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhl
LzZkOTM1OS1hZmVmLTQ1MzUtOWM5My1mMzNkM2JiMzY0ODQvMS9VcHduTUppMUoy
aktEa1Nqb3NGdV90U21YS0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJOiMwwDQYJKoZIhvcNAQELBQAD
ggEBABGRweooAM71YfPa/OcAnWkPcy9rvScuHKF6nnn2EshHwaZeUjP+R6dBfA72
Nwi0wgJZVQk2IGacQDS4h5wRfMCHcdT6oZUzWmAyoQUfiJzrLtg4xqEdtHaMmlLe
t/3O18h+wWGy7e3NokHwvnIG89v1qDeFPA7eObH19289EgCmmhDanDcxvVP+LJPL
CwZlJysoHsoCaqFGo286LwOLDjRt7mBlj4fC47cq3vbeudBuNQCShZeXAa5q5867
Q8voTDQbfCObAaJ07IouJgq7dpyNS0/uThPaTWsal8NQjX43iYFxaQjoEfhfdAID
fDwIRKfohMrZOCrlTuIWREKmcqo=
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:27:08 2022 by rpki-client.