Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/81ebdd-dc9d-4d82-8d2f-e79aeae39940/1/3Sv-qADDrm9fxCpD6MrP4HMTGKQ.roa
File:                     3Sv-qADDrm9fxCpD6MrP4HMTGKQ.roa (download)
Hash identifier:          qcsivtkmBQaew7lZalf4whJzzti8eIc4EXUog+Gy4hM=
Subject key identifier:   DD:2B:FE:A8:00:C3:AE:6F:5F:C4:2A:43:E8:CA:CF:E0:73:13:18:A4
Certificate issuer:       /CN=715b900ab9fff1388a4f746a89ec41859ef4779e
Certificate serial:       D358B2
Authority key identifier: 71:5B:90:0A:B9:FF:F1:38:8A:4F:74:6A:89:EC:41:85:9E:F4:77:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cVuQCrn_8TiKT3RqiexBhZ70d54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/81ebdd-dc9d-4d82-8d2f-e79aeae39940/1/3Sv-qADDrm9fxCpD6MrP4HMTGKQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 86.106.22.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13850802 (0xd358b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=715b900ab9fff1388a4f746a89ec41859ef4779e
        Validity
            Not Before: Jan  1 01:53:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd2bfea800c3ae6f5fc42a43e8cacfe0731318a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:37:00:7a:ff:f7:e4:1e:92:3a:4a:ec:e9:5b:
                    09:01:31:ff:c7:61:a1:9a:4a:93:25:a0:15:62:d1:
                    80:bd:a6:e8:03:4f:8b:cb:3b:7e:f1:06:a4:87:2e:
                    ac:fd:24:4c:bc:fe:e5:d9:2d:82:e5:d3:28:68:5a:
                    5f:33:6d:d3:94:f4:76:a9:98:53:86:4a:e6:4a:26:
                    2b:b8:91:53:de:8a:a6:4c:ad:bb:42:11:34:46:96:
                    c2:da:b8:72:55:67:6d:f8:65:18:26:3d:d2:bf:e3:
                    46:5d:48:26:9b:1e:f2:b2:a1:43:8a:07:d7:c8:d6:
                    9e:5b:f1:e5:78:51:06:37:e1:f4:63:68:60:b2:7a:
                    c7:a9:2c:99:52:04:32:90:87:05:7e:55:5b:e3:c4:
                    a9:23:88:73:cf:e5:53:d9:b7:d6:7d:d7:f8:cd:7d:
                    34:26:89:14:1e:db:77:bd:ed:2e:5a:3c:66:d8:96:
                    c0:9b:52:92:18:b6:2e:4e:c2:c5:cf:3b:b4:a7:a4:
                    bd:a3:ab:d0:45:c7:96:5c:29:9d:10:00:39:66:90:
                    47:75:4c:2f:59:9e:e3:13:29:14:b5:02:ea:71:f4:
                    1a:ad:db:35:70:c4:ae:ec:b9:de:6f:82:be:1b:72:
                    4b:e3:38:08:f8:9e:c2:18:ba:1b:f6:95:af:cf:50:
                    aa:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DD:2B:FE:A8:00:C3:AE:6F:5F:C4:2A:43:E8:CA:CF:E0:73:13:18:A4
            X509v3 Authority Key Identifier: 
                keyid:71:5B:90:0A:B9:FF:F1:38:8A:4F:74:6A:89:EC:41:85:9E:F4:77:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVuQCrn_8TiKT3RqiexBhZ70d54.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/81ebdd-dc9d-4d82-8d2f-e79aeae39940/1/3Sv-qADDrm9fxCpD6MrP4HMTGKQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/81ebdd-dc9d-4d82-8d2f-e79aeae39940/1/cVuQCrn_8TiKT3RqiexBhZ70d54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.106.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:7d:d1:74:5e:29:0c:ce:5b:51:62:75:64:67:ff:a6:56:59:
         a7:51:13:98:6a:95:a5:7c:cb:1e:eb:6b:cb:35:89:13:77:66:
         f9:a0:84:43:5f:6c:f5:92:c7:24:30:a5:dc:dd:39:7a:db:bb:
         ba:dc:5b:cb:09:1b:d5:55:ac:76:35:db:c9:0e:a6:ee:8b:03:
         01:2a:39:7f:0e:08:10:9c:ce:d2:be:6b:64:0e:a2:41:42:5e:
         22:46:0f:77:ca:22:4a:a1:02:49:1e:85:e8:29:06:68:79:a2:
         65:a9:e0:c4:e2:44:06:27:64:b5:ce:53:bf:fe:0b:30:3b:e5:
         0d:7a:60:cb:4b:b4:1b:f8:b4:d8:df:15:6a:a2:87:45:e7:8f:
         95:50:fd:06:69:aa:0d:a4:ac:9d:2d:e2:33:8b:42:56:4a:b3:
         6f:1b:e7:b2:d8:61:77:8a:ef:47:a2:8f:fe:a5:85:23:08:57:
         ea:6b:98:81:70:ac:44:fa:1a:51:7e:b0:dc:08:0c:29:a9:fa:
         90:e9:0d:4d:94:eb:73:bf:f9:dc:d1:ba:47:ab:43:72:e6:2c:
         a0:ee:ab:ab:d8:7b:1a:c3:da:e1:97:94:00:9d:43:9f:08:d3:
         da:9f:f1:e6:db:5d:45:6b:8b:a2:56:6a:28:c8:9c:53:0d:9e:
         58:4e:87:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANNYsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTViOTAwYWI5ZmZmMTM4OGE0Zjc0NmE4OWVjNDE4NTllZjQ3NzllMB4XDTIyMDEw
MTAxNTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQyYmZlYTgwMGMz
YWU2ZjVmYzQyYTQzZThjYWNmZTA3MzEzMThhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL43AHr/9+QekjpK7OlbCQEx/8dhoZpKkyWgFWLRgL2m6ANP
i8s7fvEGpIcurP0kTLz+5dktguXTKGhaXzNt05T0dqmYU4ZK5komK7iRU96Kpkyt
u0IRNEaWwtq4clVnbfhlGCY90r/jRl1IJpse8rKhQ4oH18jWnlvx5XhRBjfh9GNo
YLJ6x6ksmVIEMpCHBX5VW+PEqSOIc8/lU9m31n3X+M19NCaJFB7bd73tLlo8ZtiW
wJtSkhi2Lk7Cxc87tKekvaOr0EXHllwpnRAAOWaQR3VML1me4xMpFLUC6nH0Gq3b
NXDEruy53m+CvhtyS+M4CPiewhi6G/aVr89QqtUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdK/6oAMOub1/EKkPoys/gcxMYpDAfBgNVHSMEGDAWgBRxW5AKuf/xOIpP
dGqJ7EGFnvR3njAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NWdVFDcm5fOFRpS1QzUnFpZXhCaFo3MGQ1NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvODFlYmRkLWRjOWQtNGQ4Mi04ZDJmLWU3OWFlYWUzOTk0MC8x
LzNTdi1xQUREcm05ZnhDcEQ2TXJQNEhNVEdLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
ODFlYmRkLWRjOWQtNGQ4Mi04ZDJmLWU3OWFlYWUzOTk0MC8xL2NWdVFDcm5fOFRp
S1QzUnFpZXhCaFo3MGQ1NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFZqFjANBgkqhkiG9w0BAQsFAAOC
AQEAGn3RdF4pDM5bUWJ1ZGf/plZZp1ETmGqVpXzLHutryzWJE3dm+aCEQ19s9ZLH
JDCl3N05etu7utxbywkb1VWsdjXbyQ6m7osDASo5fw4IEJzO0r5rZA6iQUJeIkYP
d8oiSqECSR6F6CkGaHmiZangxOJEBidktc5Tv/4LMDvlDXpgy0u0G/i02N8VaqKH
ReePlVD9BmmqDaSsnS3iM4tCVkqzbxvnsthhd4rvR6KP/qWFIwhX6muYgXCsRPoa
UX6w3AgMKan6kOkNTZTrc7/53NG6R6tDcuYsoO6rq9h7GsPa4ZeUAJ1DnwjT2p/x
5ttdRWuLolZqKMicUw2eWE6H+A==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:18:09 2022 by rpki-client.