Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/Tw4xakhc8Z34slhuedAc7GxWCs4.roa
File:                     Tw4xakhc8Z34slhuedAc7GxWCs4.roa (download)
Hash identifier:          uH3WzsfTlIIlFHn39nFXyi9l5kNqtCWa8pijTeGBLr8=
Subject key identifier:   4F:0E:31:6A:48:5C:F1:9D:F8:B2:58:6E:79:D0:1C:EC:6C:56:0A:CE
Certificate issuer:       /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial:       37F2D0FA
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/Tw4xakhc8Z34slhuedAc7GxWCs4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     46071
IP address blocks:
    1: 94.207.40.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 938660090 (0x37f2d0fa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
        Validity
            Not Before: Jan  1 06:52:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4f0e316a485cf19df8b2586e79d01cec6c560ace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a3:50:15:d5:98:1e:ce:f5:9c:dc:67:89:ab:
                    43:38:02:0b:0f:99:df:0c:26:4a:27:ca:9a:f8:52:
                    19:e7:79:57:e4:18:a3:7c:f1:5f:d3:70:07:80:77:
                    44:c9:74:3f:bd:6e:ff:7b:88:d9:fe:64:40:f0:be:
                    a6:30:6a:6d:75:bf:42:32:23:1e:d9:a8:a6:13:bc:
                    4c:cd:57:d7:e7:79:ae:7f:0c:27:41:58:73:aa:f4:
                    60:8c:65:9b:45:8a:80:f4:b9:65:b6:40:35:7a:2e:
                    d9:61:92:5c:c8:8c:f0:5b:b4:3b:90:8c:a4:f6:bc:
                    e0:73:89:a5:c1:59:05:8f:9a:11:ac:02:91:85:13:
                    d1:77:53:7c:7e:bc:ee:88:d9:2d:f6:01:b4:88:34:
                    1a:aa:56:66:0c:d4:ee:3c:e9:e1:d1:00:60:b4:dd:
                    a8:cc:4f:fc:20:a7:f5:aa:7a:0c:8c:58:15:35:4a:
                    12:0a:47:cc:84:c9:e5:11:7a:4e:dc:f1:49:e7:ee:
                    eb:a2:f3:4f:22:a3:74:aa:59:70:af:11:22:b2:4a:
                    48:01:af:a5:3d:be:3c:cd:f5:8d:cd:e9:6a:ff:3f:
                    06:92:a5:76:c4:4a:fe:b4:0b:e0:6d:6e:36:56:f4:
                    4d:39:ee:ec:20:6b:23:16:3c:84:9e:40:bf:6b:ed:
                    0b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4F:0E:31:6A:48:5C:F1:9D:F8:B2:58:6E:79:D0:1C:EC:6C:56:0A:CE
            X509v3 Authority Key Identifier: 
                keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/Tw4xakhc8Z34slhuedAc7GxWCs4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.207.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:16:be:f3:ea:3a:01:70:33:67:3c:df:88:ca:70:2c:e5:5b:
         12:e3:2b:03:cc:1c:57:68:ba:7a:69:6b:b5:18:77:6e:77:6d:
         ae:2d:a9:48:cc:18:de:ed:66:fe:c7:db:7c:05:f0:46:19:c8:
         06:67:5b:0c:79:97:37:f3:d2:ed:82:bb:13:a0:f2:68:0c:1a:
         1b:63:cb:b3:a3:01:79:cf:61:6a:16:75:1d:51:f5:d8:95:76:
         5d:4f:56:57:ed:fd:46:68:28:9b:b5:da:41:c5:8c:8f:24:39:
         7e:45:d2:7b:75:f8:4c:db:88:40:19:f8:4b:63:85:da:5e:8b:
         20:83:e9:d5:df:7b:ee:ec:cb:0c:96:90:4d:f9:20:bf:d4:ad:
         5b:c4:ea:83:aa:3a:da:e5:1b:db:2d:75:10:42:a4:19:22:a2:
         ed:3d:ca:dd:97:b9:32:fc:25:1c:8b:1d:ff:28:2f:34:2d:a3:
         b5:a6:90:20:be:7b:86:7b:73:f9:06:6f:95:3b:54:84:5e:46:
         89:36:cd:02:00:7a:2e:7a:e9:60:cc:6d:a2:e1:16:12:37:36:
         49:bf:86:c0:e4:06:0e:65:25:e9:3a:9d:30:94:0d:4d:72:fd:
         08:f1:c0:93:c6:8e:6f:7e:4d:2d:46:cd:78:3e:12:16:a5:c4:
         c9:3d:45:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN/LQ+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWRhNjBmMDQ5ZGZiYTM0YmU0YjRlODQxOGI5ZmY0OTIxMjVjNDQ5MB4XDTIyMDEw
MTA2NTI1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYwZTMxNmE0ODVj
ZjE5ZGY4YjI1ODZlNzlkMDFjZWM2YzU2MGFjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJujUBXVmB7O9ZzcZ4mrQzgCCw+Z3wwmSifKmvhSGed5V+QY
o3zxX9NwB4B3RMl0P71u/3uI2f5kQPC+pjBqbXW/QjIjHtmophO8TM1X1+d5rn8M
J0FYc6r0YIxlm0WKgPS5ZbZANXou2WGSXMiM8Fu0O5CMpPa84HOJpcFZBY+aEawC
kYUT0XdTfH687ojZLfYBtIg0GqpWZgzU7jzp4dEAYLTdqMxP/CCn9ap6DIxYFTVK
EgpHzITJ5RF6TtzxSefu66LzTyKjdKpZcK8RIrJKSAGvpT2+PM31jc3pav8/BpKl
dsRK/rQL4G1uNlb0TTnu7CBrIxY8hJ5Av2vtC1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPDjFqSFzxnfiyWG550BzsbFYKzjAfBgNVHSMEGDAWgBSJ2mDwSd+6NL5L
ToQYuf9JISXESTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lkcGc4RW5mdWpTLVMwNkVHTG5fU1NFbHhFay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU0NzdmLTA3ODUtNDAyNi04M2JlLTY5ODkwYzgyOWUzMy8x
L1R3NHhha2hjOFozNHNsaHVlZEFjN0d4V0NzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU0NzdmLTA3ODUtNDAyNi04M2JlLTY5ODkwYzgyOWUzMy8xL2lkcGc4RW5mdWpT
LVMwNkVHTG5fU1NFbHhFay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF7PKDANBgkqhkiG9w0BAQsFAAOC
AQEAFBa+8+o6AXAzZzzfiMpwLOVbEuMrA8wcV2i6emlrtRh3bndtri2pSMwY3u1m
/sfbfAXwRhnIBmdbDHmXN/PS7YK7E6DyaAwaG2PLs6MBec9hahZ1HVH12JV2XU9W
V+39Rmgom7XaQcWMjyQ5fkXSe3X4TNuIQBn4S2OF2l6LIIPp1d977uzLDJaQTfkg
v9StW8Tqg6o62uUb2y11EEKkGSKi7T3K3Ze5MvwlHIsd/ygvNC2jtaaQIL57hntz
+QZvlTtUhF5GiTbNAgB6LnrpYMxtouEWEjc2Sb+GwOQGDmUl6TqdMJQNTXL9CPHA
k8aOb35NLUbNeD4SFqXEyT1FKQ==
-----END CERTIFICATE-----
Generated at Tue Dec 6 09:12:55 2022 by rpki-client.