Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/

$ rpki-client -vvf 3AGBrrHKGw_rG9Tnpq7qg8Kvz9M.roa
File:                     3AGBrrHKGw_rG9Tnpq7qg8Kvz9M.roa (download)
Hash identifier:          PrayI5aalvSlwSikAPbbG8CPmmbn8sv7J2fbq5RBIGc=
Subject key identifier:   DC:01:81:AE:B1:CA:1B:0F:EB:1B:D4:E7:A6:AE:EA:83:C2:AF:CF:D3
Certificate issuer:       /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial:       053FD7E8
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/3AGBrrHKGw_rG9Tnpq7qg8Kvz9M.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 45.82.14.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88070120 (0x53fd7e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
        Validity
            Not Before: Jan  1 11:58:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc0181aeb1ca1b0feb1bd4e7a6aeea83c2afcfd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:0f:16:8b:ff:30:6e:9e:da:88:06:8b:e1:46:
                    f5:5d:02:ba:f7:f6:50:c8:6c:85:8a:24:23:5c:42:
                    18:c2:75:37:70:6c:d4:8b:b0:f6:fc:b3:f1:13:ff:
                    0f:eb:46:cf:77:ca:00:3e:08:4d:cf:8f:04:50:81:
                    03:03:be:3e:48:ae:4b:88:be:3c:e3:4c:6b:49:26:
                    d4:02:9c:4e:a0:33:b0:c8:13:86:c2:f0:1d:61:d4:
                    b2:05:08:bb:59:4b:1d:c3:b0:2f:88:f3:8e:76:79:
                    05:00:c7:27:4f:c5:06:07:a3:a5:97:1a:cc:b5:e6:
                    c0:83:e0:e9:a7:2c:70:a9:a5:af:09:4b:13:62:8e:
                    c6:67:86:80:47:12:1b:86:aa:e1:13:be:d7:c8:b7:
                    1a:ab:89:25:44:f4:70:3d:06:71:53:be:1b:64:23:
                    51:60:9d:d4:1f:4c:59:ee:a9:66:31:8d:40:97:11:
                    49:55:9d:82:4a:ca:9a:ab:ee:c3:da:e6:88:12:ec:
                    dc:6b:9a:a4:52:ba:5f:33:78:f7:e5:4f:10:e2:2a:
                    8e:8b:4b:25:5b:82:3c:06:03:f6:29:cc:85:7a:8d:
                    f2:a4:c5:1b:49:fd:df:f9:ad:1f:9e:b8:a7:dc:31:
                    78:9c:8c:ee:8f:48:52:37:1e:bf:f9:66:df:9b:98:
                    2d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DC:01:81:AE:B1:CA:1B:0F:EB:1B:D4:E7:A6:AE:EA:83:C2:AF:CF:D3
            X509v3 Authority Key Identifier: 
                keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/3AGBrrHKGw_rG9Tnpq7qg8Kvz9M.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.82.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b4:8d:e0:7c:26:ac:c7:12:ce:e8:56:8d:f2:de:8d:2d:81:17:
         3a:b2:61:76:5c:0e:20:53:2f:79:0d:a5:a2:56:04:8c:98:79:
         9c:b8:a7:ca:50:d2:2b:a0:6e:f0:95:9b:ab:da:60:81:0b:a4:
         d3:b3:a1:2c:1e:bb:00:05:5b:e8:01:97:f5:32:32:40:e8:fa:
         a7:d4:10:0e:f8:a8:84:9c:76:45:83:93:17:75:a6:71:22:3d:
         c1:47:a5:d6:4e:1b:a5:75:72:83:f2:7a:df:32:9f:3c:40:c2:
         5d:42:87:ef:72:58:e4:2f:d3:9d:21:33:30:12:35:9e:18:85:
         a3:6d:fa:a7:76:31:90:8b:42:2a:d5:9f:25:d0:47:e8:7b:7b:
         37:dd:40:d6:48:22:58:ff:30:a9:f2:4a:1f:e0:13:9b:97:f5:
         a5:ad:a8:c6:7d:21:07:f3:6d:79:27:65:05:b5:bc:4f:1e:af:
         7d:a9:95:17:ce:52:59:f3:f1:aa:b8:a7:aa:c0:05:00:d3:df:
         b2:44:5b:b1:2c:8f:00:6e:0c:09:02:81:cd:1c:3c:8c:3b:8d:
         e9:d1:87:c2:55:84:2e:aa:35:fe:5e:ba:34:f8:b5:b9:c3:81:
         8e:29:28:75:70:ff:27:e0:5c:b1:70:a1:63:a4:66:4c:86:df:
         76:dc:fb:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBT/X6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjVlYmE1YzFhODBmODZhNDU4OTI3OGVkZDkzMDRiM2Y1MTY5ZjgzMB4XDTIyMDEw
MTExNTg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMwMTgxYWViMWNh
MWIwZmViMWJkNGU3YTZhZWVhODNjMmFmY2ZkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEPFov/MG6e2ogGi+FG9V0Cuvf2UMhshYokI1xCGMJ1N3Bs
1Iuw9vyz8RP/D+tGz3fKAD4ITc+PBFCBAwO+PkiuS4i+PONMa0km1AKcTqAzsMgT
hsLwHWHUsgUIu1lLHcOwL4jzjnZ5BQDHJ0/FBgejpZcazLXmwIPg6acscKmlrwlL
E2KOxmeGgEcSG4aq4RO+18i3GquJJUT0cD0GcVO+G2QjUWCd1B9MWe6pZjGNQJcR
SVWdgkrKmqvuw9rmiBLs3GuapFK6XzN49+VPEOIqjotLJVuCPAYD9inMhXqN8qTF
G0n93/mtH564p9wxeJyM7o9IUjcev/lm35uYLZ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcAYGuscobD+sb1OemruqDwq/P0zAfBgNVHSMEGDAWgBRGXrpcGoD4akWJ
J47dkwSz9RafgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JsNjZYQnFBLUdwRmlTZU8zWk1Fc19VV240TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvYzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8x
LzNBR0JyckhLR3dfckc5VG5wcTdxZzhLdno5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
YzEyYTdiLTVjYWYtNGU3Yy05NzBkLTVjNDc2ZTMzMjVmNS8xL1JsNjZYQnFBLUdw
RmlTZU8zWk1Fc19VV240TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1SDjANBgkqhkiG9w0BAQsFAAOC
AQEAtI3gfCasxxLO6FaN8t6NLYEXOrJhdlwOIFMveQ2lolYEjJh5nLinylDSK6Bu
8JWbq9pggQuk07OhLB67AAVb6AGX9TIyQOj6p9QQDviohJx2RYOTF3WmcSI9wUel
1k4bpXVyg/J63zKfPEDCXUKH73JY5C/TnSEzMBI1nhiFo236p3YxkItCKtWfJdBH
6Ht7N91A1kgiWP8wqfJKH+ATm5f1pa2oxn0hB/NteSdlBbW8Tx6vfamVF85SWfPx
qrinqsAFANPfskRbsSyPAG4MCQKBzRw8jDuN6dGHwlWELqo1/l66NPi1ucOBjiko
dXD/J+BcsXChY6RmTIbfdtz74A==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:01:21 2022 by rpki-client.