Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/k4lVfLSQv2X1m5Qj1SWB2yH8ids.roa
File:                     k4lVfLSQv2X1m5Qj1SWB2yH8ids.roa (download)
Hash identifier:          c9Grl33Zd3U2im1Xn3AYFH1aZlbUKI6zg1TgmSj/v/s=
Subject key identifier:   93:89:55:7C:B4:90:BF:65:F5:9B:94:23:D5:25:81:DB:21:FC:89:DB
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       014CBA6C
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/k4lVfLSQv2X1m5Qj1SWB2yH8ids.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 37.19.64.0/22 maxlen: 22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21805676 (0x14cba6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: May  7 10:44:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9389557cb490bf65f59b9423d52581db21fc89db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:4a:19:36:db:ff:7f:f3:04:fe:3c:c0:06:19:
                    14:a0:8c:de:71:33:1c:ad:79:04:3a:a3:94:14:db:
                    a7:b5:92:d4:ef:5b:13:28:5e:aa:b9:ad:7d:fc:33:
                    9b:b0:54:17:1c:bb:e7:8a:ab:e3:b4:7c:56:f8:41:
                    75:92:50:35:00:7c:34:39:d9:8f:33:b2:50:db:c3:
                    df:6e:dd:09:2f:09:84:48:8f:2b:c4:a2:29:8c:bf:
                    fb:5c:5c:ed:3e:b7:11:79:7e:82:32:a5:02:23:41:
                    68:e3:8b:06:4d:ac:e0:8d:40:92:4a:f1:ce:c5:45:
                    9a:58:c9:b9:fb:92:e8:74:95:9b:d3:7b:dd:76:78:
                    8e:d9:c8:6f:b0:11:94:b5:52:16:04:d3:ad:b0:2e:
                    40:d1:20:58:86:9d:06:f2:8b:64:33:4c:87:23:71:
                    12:4f:a7:5f:13:70:86:f2:74:34:4b:8c:ab:cc:27:
                    ee:6b:56:30:17:1b:d5:25:cc:26:8d:c5:5e:6c:75:
                    4c:b3:7c:01:ac:60:0d:34:a8:49:d3:75:e3:da:3a:
                    f8:b3:7c:3b:3c:41:48:23:b6:89:72:ac:89:f3:2c:
                    f7:fc:34:ef:6e:0c:7b:89:e4:75:6e:f6:7e:ea:dc:
                    63:eb:c1:b6:d8:cc:7b:f5:c1:39:40:78:e9:dd:6b:
                    7d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                93:89:55:7C:B4:90:BF:65:F5:9B:94:23:D5:25:81:DB:21:FC:89:DB
            X509v3 Authority Key Identifier: 
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/k4lVfLSQv2X1m5Qj1SWB2yH8ids.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.19.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:16:c4:7a:ff:3b:5e:2c:e1:cd:98:4a:6a:0d:89:e1:43:47:
         5b:62:bb:da:94:a1:de:27:fc:80:53:73:6d:d1:4e:c5:66:d1:
         9e:32:0c:e8:2b:64:e6:57:56:47:a6:8f:e0:10:23:01:9c:54:
         2f:64:63:43:3c:f5:17:81:f7:5a:11:fc:22:d3:3c:30:20:53:
         7e:5a:84:5f:19:06:7c:22:f3:7a:c1:3b:9b:48:0f:0c:e0:b6:
         8d:5a:43:92:a9:10:e8:26:2f:40:80:4d:bb:69:14:09:1e:c4:
         c7:c0:00:a2:08:03:ac:48:74:d1:53:e3:0f:94:56:b6:12:5b:
         e1:67:b1:3f:58:07:8e:86:af:8f:bd:72:5f:bc:7d:9e:80:57:
         e8:6b:4e:65:2c:3e:4f:52:37:6e:26:96:ec:90:f3:c6:20:dd:
         c8:d5:2a:f7:82:75:8a:dc:da:f3:e1:e8:34:5d:66:ba:3a:53:
         24:6e:41:e6:3b:0a:bb:85:8d:6a:5e:6d:8d:81:3d:2e:d9:a2:
         61:11:82:90:2c:05:1f:43:89:fd:37:e5:8c:34:36:ec:1f:5e:
         31:12:c3:9a:30:50:a5:2e:e2:8d:01:8e:83:b6:d0:d0:6a:64:
         71:6e:79:86:32:76:bb:d9:e5:18:b0:e3:51:ee:a2:2f:16:8a:
         45:06:61:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUy6bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTgyOTYzZmYxYWE3MGFiMTBkMWQzM2U4NmIxZDZkNDk0ZDZjZTUxMB4XDTIyMDUw
NzEwNDQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM4OTU1N2NiNDkw
YmY2NWY1OWI5NDIzZDUyNTgxZGIyMWZjODlkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZKGTbb/3/zBP48wAYZFKCM3nEzHK15BDqjlBTbp7WS1O9b
Eyheqrmtffwzm7BUFxy754qr47R8VvhBdZJQNQB8NDnZjzOyUNvD327dCS8JhEiP
K8SiKYy/+1xc7T63EXl+gjKlAiNBaOOLBk2s4I1AkkrxzsVFmljJufuS6HSVm9N7
3XZ4jtnIb7ARlLVSFgTTrbAuQNEgWIadBvKLZDNMhyNxEk+nXxNwhvJ0NEuMq8wn
7mtWMBcb1SXMJo3FXmx1TLN8AaxgDTSoSdN149o6+LN8OzxBSCO2iXKsifMs9/w0
724Me4nkdW72furcY+vBttjMe/XBOUB46d1rfeECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTiVV8tJC/ZfWblCPVJYHbIfyJ2zAfBgNVHSMEGDAWgBQugpY/8apwqxDR
0z6GsdbUlNbOUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xvS1dQX0dxY0tzUTBkTS1ockhXMUpUV3psRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvOTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8x
L2s0bFZmTFNRdjJYMW01UWoxU1dCMnlIOGlkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
OTU3YzY4LTZmMjctNDBlZC1hYmVkLWRmNjRmMGU4MjM2MC8xL0xvS1dQX0dxY0tz
UTBkTS1ockhXMUpUV3psRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiUTQDANBgkqhkiG9w0BAQsFAAOC
AQEAMBbEev87XizhzZhKag2J4UNHW2K72pSh3if8gFNzbdFOxWbRnjIM6Ctk5ldW
R6aP4BAjAZxUL2RjQzz1F4H3WhH8ItM8MCBTflqEXxkGfCLzesE7m0gPDOC2jVpD
kqkQ6CYvQIBNu2kUCR7Ex8AAoggDrEh00VPjD5RWthJb4WexP1gHjoavj71yX7x9
noBX6GtOZSw+T1I3biaW7JDzxiDdyNUq94J1itza8+HoNF1mujpTJG5B5jsKu4WN
al5tjYE9LtmiYRGCkCwFH0OJ/TfljDQ27B9eMRLDmjBQpS7ijQGOg7bQ0GpkcW55
hjJ2u9nlGLDjUe6iLxaKRQZhNA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:27:49 2022 by rpki-client.