Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/nsRjEEBMskWZUt8cbSJUEc4bXF4.roa
File:                     nsRjEEBMskWZUt8cbSJUEc4bXF4.roa (download)
Hash identifier:          IdANN3s+/ceu2RYXnkjYMC2zRrNsk4VQIQ9DM4G7Cp4=
Subject key identifier:   9E:C4:63:10:40:4C:B2:45:99:52:DF:1C:6D:22:54:11:CE:1B:5C:5E
Certificate issuer:       /CN=271925e29ae039d43619d6b4f6442cb37c9e9705
Certificate serial:       8BBDCB
Authority key identifier: 27:19:25:E2:9A:E0:39:D4:36:19:D6:B4:F6:44:2C:B3:7C:9E:97:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jxkl4prgOdQ2Gda09kQss3yelwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/nsRjEEBMskWZUt8cbSJUEc4bXF4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 212.18.102.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9158091 (0x8bbdcb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=271925e29ae039d43619d6b4f6442cb37c9e9705
        Validity
            Not Before: Jan  1 03:56:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9ec46310404cb2459952df1c6d225411ce1b5c5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a6:cd:21:dc:e2:e2:a1:10:0b:75:28:f9:63:
                    76:dc:d7:c7:79:52:1d:4d:e9:dd:de:72:79:f1:f9:
                    3e:41:cc:ee:e8:a5:b9:3c:3e:b2:d7:5d:30:00:17:
                    2b:2b:a7:ff:7c:c0:fc:9a:c2:ba:09:b6:15:2d:ae:
                    4b:9d:28:9d:73:74:4b:dd:9f:af:84:d4:4a:a7:b1:
                    06:88:65:28:3a:41:14:99:30:44:06:7c:09:f6:db:
                    a8:d9:c5:df:2f:47:ac:0e:9b:15:03:c5:89:55:7d:
                    ed:8c:9b:11:61:51:98:c7:28:5b:95:4a:4b:a3:45:
                    11:5b:ca:8c:c8:8a:12:35:cc:f9:5d:56:47:80:eb:
                    7d:a4:d8:3c:0e:b6:ff:cf:ea:9b:9b:38:48:ee:ff:
                    d7:7e:72:28:c8:8f:a4:09:16:e5:88:8e:c7:72:40:
                    20:a0:36:2e:83:56:b5:c7:d8:c2:d0:fc:e3:ed:76:
                    74:10:52:12:e1:a5:f2:76:5f:cb:82:de:7b:0a:e7:
                    20:c8:9c:a3:65:a6:aa:d4:07:af:a4:6a:b5:25:ba:
                    a9:24:4b:3c:54:f2:cb:8d:2f:cb:07:0a:9e:76:d5:
                    79:9a:88:04:f6:54:43:4e:ad:02:55:21:4b:de:bb:
                    30:37:8e:83:b0:ee:25:c8:f4:e8:13:2f:20:b8:b0:
                    1c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9E:C4:63:10:40:4C:B2:45:99:52:DF:1C:6D:22:54:11:CE:1B:5C:5E
            X509v3 Authority Key Identifier: 
                keyid:27:19:25:E2:9A:E0:39:D4:36:19:D6:B4:F6:44:2C:B3:7C:9E:97:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jxkl4prgOdQ2Gda09kQss3yelwU.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/nsRjEEBMskWZUt8cbSJUEc4bXF4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/Jxkl4prgOdQ2Gda09kQss3yelwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:9c:6b:23:fc:bb:cb:f8:c8:ad:c9:b9:25:41:d4:82:99:f6:
         2e:c5:dc:98:67:46:b3:60:21:11:e7:be:63:c5:6b:08:92:b3:
         03:74:39:88:4f:e3:ed:2c:33:d6:27:a8:b0:d8:04:cc:69:8f:
         d5:e6:63:1b:09:c9:ab:0b:b9:de:10:db:3a:e3:2a:5c:27:29:
         17:25:92:02:60:bc:a7:4f:5c:4e:a1:e0:08:e5:b5:c0:2b:6b:
         e6:25:dc:08:48:11:f6:97:d3:95:dc:29:d0:13:a9:f8:8e:d3:
         85:c0:86:dc:bb:4b:50:53:63:0c:f6:33:5a:d9:a8:f3:5b:85:
         e9:34:97:2d:36:58:e1:60:f9:6f:f1:20:9b:57:b0:92:d0:0c:
         3d:8a:e8:c1:96:c1:52:4f:18:ca:56:5b:d1:97:0f:41:a4:10:
         66:07:dc:59:08:a3:32:0a:29:d2:3e:6a:cd:e8:19:71:91:ae:
         4c:13:75:05:69:32:a2:ac:bc:48:d4:67:02:ad:94:e6:e5:4e:
         70:01:83:41:22:37:0d:98:84:a8:7e:09:ca:2b:05:0c:f4:61:
         04:fb:0d:b9:e6:94:2e:5c:64:c7:69:13:32:1c:10:9d:cd:a4:
         e2:7a:9f:1f:4c:b8:1e:e2:7f:8e:71:87:87:c6:65:aa:73:52:
         22:69:9f:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIu9yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzE5MjVlMjlhZTAzOWQ0MzYxOWQ2YjRmNjQ0MmNiMzdjOWU5NzA1MB4XDTIyMDEw
MTAzNTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVjNDYzMTA0MDRj
YjI0NTk5NTJkZjFjNmQyMjU0MTFjZTFiNWM1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCmzSHc4uKhEAt1KPljdtzXx3lSHU3p3d5yefH5PkHM7uil
uTw+stddMAAXKyun/3zA/JrCugm2FS2uS50onXN0S92fr4TUSqexBohlKDpBFJkw
RAZ8CfbbqNnF3y9HrA6bFQPFiVV97YybEWFRmMcoW5VKS6NFEVvKjMiKEjXM+V1W
R4DrfaTYPA62/8/qm5s4SO7/135yKMiPpAkW5YiOx3JAIKA2LoNWtcfYwtD84+12
dBBSEuGl8nZfy4LeewrnIMico2WmqtQHr6RqtSW6qSRLPFTyy40vywcKnnbVeZqI
BPZUQ06tAlUhS967MDeOg7DuJcj06BMvILiwHLMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSexGMQQEyyRZlS3xxtIlQRzhtcXjAfBgNVHSMEGDAWgBQnGSXimuA51DYZ
1rT2RCyzfJ6XBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0p4a2w0cHJnT2RRMkdkYTA5a1FzczN5ZWx3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvOTk0ZTg2LWQ1N2YtNDljZi04MjQ2LWY3NzZkMzMzNmM2Mi8x
L25zUmpFRUJNc2tXWlV0OGNiU0pVRWM0YlhGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
OTk0ZTg2LWQ1N2YtNDljZi04MjQ2LWY3NzZkMzMzNmM2Mi8xL0p4a2w0cHJnT2RR
MkdkYTA5a1FzczN5ZWx3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQSZjANBgkqhkiG9w0BAQsFAAOC
AQEAfJxrI/y7y/jIrcm5JUHUgpn2LsXcmGdGs2AhEee+Y8VrCJKzA3Q5iE/j7Swz
1ieosNgEzGmP1eZjGwnJqwu53hDbOuMqXCcpFyWSAmC8p09cTqHgCOW1wCtr5iXc
CEgR9pfTldwp0BOp+I7ThcCG3LtLUFNjDPYzWtmo81uF6TSXLTZY4WD5b/Egm1ew
ktAMPYrowZbBUk8YylZb0ZcPQaQQZgfcWQijMgop0j5qzegZcZGuTBN1BWkyoqy8
SNRnAq2U5uVOcAGDQSI3DZiEqH4JyisFDPRhBPsNueaULlxkx2kTMhwQnc2k4nqf
H0y4HuJ/jnGHh8ZlqnNSImmftA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 18:04:35 2022 by rpki-client.