Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/464662-f400-41aa-ba12-b4d209ec3a73/1/dAMRzA_MdR9S3zlQJVYWMWtpkH0.roa
File:                     dAMRzA_MdR9S3zlQJVYWMWtpkH0.roa (download)
Hash identifier:          T6yv1R3/invv+b6ZuaHZVjwPV8ExVUgN/EPVpWG+nIM=
Subject key identifier:   74:03:11:CC:0F:CC:75:1F:52:DF:39:50:25:56:16:31:6B:69:90:7D
Certificate issuer:       /CN=6abe4b2be924e56962dfa404b4791c230e14c54c
Certificate serial:       013F8B93
Authority key identifier: 6A:BE:4B:2B:E9:24:E5:69:62:DF:A4:04:B4:79:1C:23:0E:14:C5:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ar5LK-kk5Wli36QEtHkcIw4UxUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/464662-f400-41aa-ba12-b4d209ec3a73/1/dAMRzA_MdR9S3zlQJVYWMWtpkH0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 194.32.105.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20941715 (0x13f8b93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6abe4b2be924e56962dfa404b4791c230e14c54c
        Validity
            Not Before: Jan  1 04:56:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=740311cc0fcc751f52df3950255616316b69907d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:de:1a:b7:02:47:90:ff:54:a4:45:61:6b:41:
                    60:d5:13:a0:0f:ea:fc:3e:57:36:37:f8:45:bf:f9:
                    bb:87:25:3b:12:62:c0:d2:a0:ae:29:19:50:1f:e3:
                    d9:5a:1d:cf:64:a5:f1:22:38:c3:bc:f8:43:8e:72:
                    8e:81:72:03:b4:d5:33:92:de:4e:3d:03:f0:05:94:
                    62:af:99:3b:f7:7f:23:59:5d:0c:26:d9:2c:a0:a7:
                    ff:c2:15:45:e5:ae:5b:5e:49:88:fa:31:a9:15:7e:
                    7b:9c:ac:e4:8c:f5:58:61:ab:e1:e6:3b:89:24:43:
                    8c:0a:ac:87:32:03:67:12:a2:0d:4d:1e:44:3b:a7:
                    5a:02:2a:99:6a:fe:5c:b5:1b:b3:88:ef:5f:c8:ef:
                    1a:fc:b9:9b:2c:2b:ec:2f:28:5b:78:45:9e:82:cb:
                    7a:fe:f3:e7:04:1f:f4:4e:0c:3b:aa:78:3f:f4:b3:
                    00:0a:d3:2b:23:bb:de:a1:ff:98:e8:2a:f1:75:0d:
                    e9:f2:20:a5:fd:a6:d9:c2:a1:0c:0e:54:de:2b:ba:
                    b6:02:41:8f:82:04:f3:7d:74:91:94:f0:99:64:92:
                    cf:c7:23:0c:86:25:00:c9:48:cf:b3:86:5d:de:8a:
                    24:96:09:fd:d7:07:31:56:f4:f3:10:b0:b1:d7:b8:
                    af:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                74:03:11:CC:0F:CC:75:1F:52:DF:39:50:25:56:16:31:6B:69:90:7D
            X509v3 Authority Key Identifier: 
                keyid:6A:BE:4B:2B:E9:24:E5:69:62:DF:A4:04:B4:79:1C:23:0E:14:C5:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ar5LK-kk5Wli36QEtHkcIw4UxUw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/464662-f400-41aa-ba12-b4d209ec3a73/1/dAMRzA_MdR9S3zlQJVYWMWtpkH0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/464662-f400-41aa-ba12-b4d209ec3a73/1/ar5LK-kk5Wli36QEtHkcIw4UxUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:df:5d:f5:81:03:76:49:c7:cc:6b:ae:a6:db:56:ea:29:cd:
         6b:1b:ef:2a:11:cf:82:63:e9:02:3c:ca:b5:ce:e8:b0:26:ae:
         72:47:3e:c1:86:4b:2e:5f:af:08:1f:1e:a6:aa:b4:4b:7f:86:
         ea:d6:de:71:53:d7:1a:4d:63:7b:a8:f4:04:65:f5:03:a6:8f:
         54:52:fd:33:2d:41:63:c5:d4:42:7d:56:b1:0e:f6:88:84:6d:
         4d:30:1e:d9:8f:c5:50:39:59:20:27:0b:8f:80:67:9f:10:41:
         90:61:9b:11:1e:54:f8:a1:99:75:38:7b:40:13:73:17:fc:5c:
         45:b9:e7:71:83:a4:03:e5:63:df:bc:37:fb:90:e9:05:d4:7e:
         be:2b:49:e5:92:32:9e:51:5a:f3:7e:9c:42:ec:04:48:c0:27:
         0c:ad:40:6f:db:1b:24:cf:1f:af:de:6e:72:61:2d:60:75:08:
         1b:88:9c:ae:1e:5d:f5:3e:d0:b0:7b:ca:23:63:d3:4e:a0:38:
         e3:9e:76:d3:05:c4:fb:05:8a:2d:15:81:88:e3:e7:45:a0:af:
         aa:55:59:8c:19:a2:9c:0e:de:33:67:d9:ca:19:bd:96:d0:f4:
         cc:2c:54:6a:25:64:cd:81:a2:c2:01:39:d4:e3:c3:55:ec:86:
         6f:ec:60:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAT+LkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YWJlNGIyYmU5MjRlNTY5NjJkZmE0MDRiNDc5MWMyMzBlMTRjNTRjMB4XDTIyMDEw
MTA0NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQwMzExY2MwZmNj
NzUxZjUyZGYzOTUwMjU1NjE2MzE2YjY5OTA3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANveGrcCR5D/VKRFYWtBYNUToA/q/D5XNjf4Rb/5u4clOxJi
wNKgrikZUB/j2Vodz2Sl8SI4w7z4Q45yjoFyA7TVM5LeTj0D8AWUYq+ZO/d/I1ld
DCbZLKCn/8IVReWuW15JiPoxqRV+e5ys5Iz1WGGr4eY7iSRDjAqshzIDZxKiDU0e
RDunWgIqmWr+XLUbs4jvX8jvGvy5mywr7C8oW3hFnoLLev7z5wQf9E4MO6p4P/Sz
AArTKyO73qH/mOgq8XUN6fIgpf2m2cKhDA5U3iu6tgJBj4IE8310kZTwmWSSz8cj
DIYlAMlIz7OGXd6KJJYJ/dcHMVb08xCwsde4rxMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0AxHMD8x1H1LfOVAlVhYxa2mQfTAfBgNVHSMEGDAWgBRqvksr6STlaWLf
pAS0eRwjDhTFTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FyNUxLLWtrNVdsaTM2UUV0SGtjSXc0VXhVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvNDY0NjYyLWY0MDAtNDFhYS1iYTEyLWI0ZDIwOWVjM2E3My8x
L2RBTVJ6QV9NZFI5UzN6bFFKVllXTVd0cGtIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
NDY0NjYyLWY0MDAtNDFhYS1iYTEyLWI0ZDIwOWVjM2E3My8xL2FyNUxLLWtrNVds
aTM2UUV0SGtjSXc0VXhVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIgaTANBgkqhkiG9w0BAQsFAAOC
AQEAOt9d9YEDdknHzGuupttW6inNaxvvKhHPgmPpAjzKtc7osCauckc+wYZLLl+v
CB8epqq0S3+G6tbecVPXGk1je6j0BGX1A6aPVFL9My1BY8XUQn1WsQ72iIRtTTAe
2Y/FUDlZICcLj4BnnxBBkGGbER5U+KGZdTh7QBNzF/xcRbnncYOkA+Vj37w3+5Dp
BdR+vitJ5ZIynlFa836cQuwESMAnDK1Ab9sbJM8fr95ucmEtYHUIG4icrh5d9T7Q
sHvKI2PTTqA445520wXE+wWKLRWBiOPnRaCvqlVZjBminA7eM2fZyhm9ltD0zCxU
aiVkzYGiwgE51OPDVeyGb+xgoA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:40:31 2022 by rpki-client.