Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/cb6995-d591-487d-a48e-bc7ce6d0ea97/1/LAZrGhZXPaOW2WfBFckhTaxVB8s.roa
File:                     LAZrGhZXPaOW2WfBFckhTaxVB8s.roa (download)
Hash identifier:          WqbOw2mhCJqG3tCdUt5thHOkb0vfBm2UDh1bVNjKTk8=
Subject key identifier:   2C:06:6B:1A:16:57:3D:A3:96:D9:67:C1:15:C9:21:4D:AC:55:07:CB
Certificate issuer:       /CN=39bf0ff962f0400dfc34ed2aa519b247d56a5a2a
Certificate serial:       011251B6
Authority key identifier: 39:BF:0F:F9:62:F0:40:0D:FC:34:ED:2A:A5:19:B2:47:D5:6A:5A:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ob8P-WLwQA38NO0qpRmyR9VqWio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/cb6995-d591-487d-a48e-bc7ce6d0ea97/1/LAZrGhZXPaOW2WfBFckhTaxVB8s.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 95.130.228.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17977782 (0x11251b6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39bf0ff962f0400dfc34ed2aa519b247d56a5a2a
        Validity
            Not Before: Jan  1 13:07:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2c066b1a16573da396d967c115c9214dac5507cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c4:93:53:f9:9a:cd:c5:d4:f1:78:58:16:7a:
                    6e:42:b8:30:48:fb:10:6b:99:eb:bb:ef:b8:c7:6f:
                    3c:22:2c:49:23:b9:80:6b:04:52:88:54:9e:b3:01:
                    18:34:d7:9c:7b:b3:7b:1a:e8:a1:2c:33:10:a5:c6:
                    68:66:22:8c:e4:f7:1e:a2:44:e6:01:9a:a2:75:42:
                    66:a7:e4:b9:ea:44:30:53:04:0f:68:ac:44:a6:ea:
                    41:0a:25:3d:6e:6f:87:d6:8f:89:3b:44:7e:33:29:
                    f5:68:34:a2:c2:2f:42:fb:58:67:72:2f:76:f6:3f:
                    1c:c1:90:ad:0b:45:21:20:a8:09:07:5c:e7:a1:4f:
                    2b:f3:69:71:fd:1b:04:fe:55:a5:7a:5a:49:7e:a1:
                    83:55:3e:c2:f8:0d:10:4c:2e:a8:20:e3:a0:74:22:
                    e9:eb:86:b2:17:8a:b0:4b:b9:a1:08:ce:21:37:30:
                    9f:b2:a0:d4:c1:37:62:5f:f8:16:69:a5:24:bb:25:
                    58:0e:29:59:85:a5:50:c0:b4:07:11:45:94:88:5b:
                    53:f1:06:99:a7:95:34:01:50:b9:a3:80:0d:72:13:
                    c1:03:5a:10:31:aa:38:6a:0a:02:43:e5:31:e0:d5:
                    5e:ad:27:69:0a:a4:41:85:73:1b:54:51:d3:b9:f4:
                    29:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2C:06:6B:1A:16:57:3D:A3:96:D9:67:C1:15:C9:21:4D:AC:55:07:CB
            X509v3 Authority Key Identifier: 
                keyid:39:BF:0F:F9:62:F0:40:0D:FC:34:ED:2A:A5:19:B2:47:D5:6A:5A:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ob8P-WLwQA38NO0qpRmyR9VqWio.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/cb6995-d591-487d-a48e-bc7ce6d0ea97/1/LAZrGhZXPaOW2WfBFckhTaxVB8s.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/cb6995-d591-487d-a48e-bc7ce6d0ea97/1/Ob8P-WLwQA38NO0qpRmyR9VqWio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.130.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:e8:0e:03:2d:e9:d1:62:2a:26:1c:0d:d4:aa:5c:0a:e7:ed:
         50:14:22:21:79:08:39:81:cd:d1:1d:8b:30:e1:86:8c:df:9f:
         d7:f6:a6:7a:72:1c:50:ff:65:6c:3b:d5:13:5a:3d:2f:e0:9a:
         26:4e:a6:78:0f:53:e8:fd:44:0d:00:1b:a5:95:1c:27:bf:a7:
         1f:4e:ac:9b:30:86:04:2b:41:3a:eb:11:34:45:3c:d2:74:07:
         be:ea:26:9c:6a:e4:de:d0:38:3c:35:ac:dc:13:ba:e0:35:79:
         6d:26:c9:73:07:59:89:f4:d1:f9:34:b9:db:d7:d9:01:d7:e7:
         7d:bf:8c:90:33:ec:25:e7:be:09:46:20:6e:69:e4:af:d7:e4:
         dd:ab:0a:dd:34:27:ce:d8:61:64:92:2a:41:20:09:e3:9d:02:
         a1:59:0c:08:ee:a9:85:ea:6c:97:92:7f:68:8f:4c:14:c6:3e:
         7c:54:ca:21:0a:50:64:83:1b:24:20:55:5a:c3:0b:ea:7b:06:
         8b:54:34:bf:0a:5b:8d:de:1b:6f:dc:2e:4e:66:dd:20:5e:bd:
         c9:64:9d:f5:c8:f8:46:c9:55:3b:2e:cd:f0:fc:c5:75:65:0f:
         63:a1:5e:3d:a0:05:87:11:da:1a:50:cd:a6:08:f7:df:d5:ea:
         b6:b8:59:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARJRtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OWJmMGZmOTYyZjA0MDBkZmMzNGVkMmFhNTE5YjI0N2Q1NmE1YTJhMB4XDTIyMDEw
MTEzMDcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmMwNjZiMWExNjU3
M2RhMzk2ZDk2N2MxMTVjOTIxNGRhYzU1MDdjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHEk1P5ms3F1PF4WBZ6bkK4MEj7EGuZ67vvuMdvPCIsSSO5
gGsEUohUnrMBGDTXnHuzexrooSwzEKXGaGYijOT3HqJE5gGaonVCZqfkuepEMFME
D2isRKbqQQolPW5vh9aPiTtEfjMp9Wg0osIvQvtYZ3IvdvY/HMGQrQtFISCoCQdc
56FPK/Npcf0bBP5VpXpaSX6hg1U+wvgNEEwuqCDjoHQi6euGsheKsEu5oQjOITcw
n7Kg1ME3Yl/4FmmlJLslWA4pWYWlUMC0BxFFlIhbU/EGmaeVNAFQuaOADXITwQNa
EDGqOGoKAkPlMeDVXq0naQqkQYVzG1RR07n0KRMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsBmsaFlc9o5bZZ8EVySFNrFUHyzAfBgNVHSMEGDAWgBQ5vw/5YvBADfw0
7SqlGbJH1WpaKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09iOFAtV0x3UUEzOE5PMHFwUm15UjlWcVdpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvY2I2OTk1LWQ1OTEtNDg3ZC1hNDhlLWJjN2NlNmQwZWE5Ny8x
L0xBWnJHaFpYUGFPVzJXZkJGY2toVGF4VkI4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
Y2I2OTk1LWQ1OTEtNDg3ZC1hNDhlLWJjN2NlNmQwZWE5Ny8xL09iOFAtV0x3UUEz
OE5PMHFwUm15UjlWcVdpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+C5DANBgkqhkiG9w0BAQsFAAOC
AQEARegOAy3p0WIqJhwN1KpcCuftUBQiIXkIOYHN0R2LMOGGjN+f1/amenIcUP9l
bDvVE1o9L+CaJk6meA9T6P1EDQAbpZUcJ7+nH06smzCGBCtBOusRNEU80nQHvuom
nGrk3tA4PDWs3BO64DV5bSbJcwdZifTR+TS529fZAdfnfb+MkDPsJee+CUYgbmnk
r9fk3asK3TQnzthhZJIqQSAJ450CoVkMCO6phepsl5J/aI9MFMY+fFTKIQpQZIMb
JCBVWsML6nsGi1Q0vwpbjd4bb9wuTmbdIF69yWSd9cj4RslVOy7N8PzFdWUPY6Fe
PaAFhxHaGlDNpgj339XqtrhZOg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 10:33:58 2022 by rpki-client.