Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa
File:                     EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa (download)
Hash identifier:          65Z6SjYhnJomTvpigscYDnAeg7KwYN8aZLtTF8nSNu8=
Subject key identifier:   10:1C:E6:13:40:39:65:BB:B7:8C:24:E7:68:CD:C6:DB:26:D6:FE:D7
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       08E7EFEB
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     39396
IP address blocks:
    1: 212.21.129.0/24 maxlen: 24
    2: 212.21.133.0/24 maxlen: 24
    3: 212.21.159.0/24 maxlen: 24
    4: 2a00:e200:100::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 149417963 (0x8e7efeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  1 08:05:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=101ce613403965bbb78c24e768cdc6db26d6fed7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:12:cd:0a:79:5d:89:6a:89:0d:a0:fb:e3:6c:
                    58:8f:79:87:fd:4f:32:8a:0d:c7:72:9d:87:2c:d8:
                    46:71:8e:14:8a:1d:95:b8:38:8d:aa:97:17:17:c0:
                    40:d2:2e:35:9d:20:ec:97:77:3f:a8:f1:b3:5f:27:
                    e4:f7:4e:8d:2a:07:78:ac:80:63:2f:09:33:86:bb:
                    45:d9:0b:c2:a9:1b:1c:0e:bf:b1:87:2d:40:b9:de:
                    cb:d5:7d:f9:a7:26:46:d9:3c:b7:0d:cc:37:4d:15:
                    fd:41:f2:27:5b:9c:2b:1c:9c:b8:de:b3:02:a1:f3:
                    f5:35:6e:ea:3e:00:21:92:6b:d4:3a:3d:f9:19:d3:
                    d9:f3:a9:b6:38:86:1a:ed:36:e8:95:db:87:f7:87:
                    e6:00:9e:00:78:b9:e3:bc:4b:9d:6b:2b:a5:b1:23:
                    f6:85:e8:77:b2:c9:65:28:97:af:43:d3:fe:07:0f:
                    ed:e5:a2:83:13:6a:0f:24:03:9b:86:10:2a:88:23:
                    9a:8b:cd:86:14:c6:40:08:db:3b:e5:72:ca:aa:b5:
                    72:cf:a8:10:ef:29:77:d1:73:dc:b9:6d:93:12:af:
                    f8:d0:ea:1d:1b:29:94:b2:b4:72:18:36:6e:d2:5b:
                    dd:cd:fb:4b:93:8a:fa:9a:a6:7c:b0:d4:15:72:7a:
                    15:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                10:1C:E6:13:40:39:65:BB:B7:8C:24:E7:68:CD:C6:DB:26:D6:FE:D7
            X509v3 Authority Key Identifier: 
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/EBzmE0A5Zbu3jCTnaM3G2ybW_tc.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.21.129.0/24
                  212.21.133.0/24
                  212.21.159.0/24
                IPv6:
                  2a00:e200:100::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:9e:3e:90:ef:37:af:c2:2f:f1:a9:a0:a9:a5:93:6d:fb:91:
         cf:bc:b1:08:07:73:b2:21:96:bb:07:91:54:98:0f:ab:c7:8d:
         ff:02:70:8b:d9:8d:ad:a8:ff:67:05:1d:ac:fb:8f:51:d7:13:
         80:89:7e:10:bb:76:d0:a9:25:30:be:bf:4b:c7:0a:8a:f2:25:
         9b:97:a1:e6:ef:df:99:82:13:8a:50:0c:ef:c6:b5:aa:1c:60:
         0b:e4:0f:e0:c6:97:3f:ea:c7:60:c4:62:1d:51:7c:89:bc:d4:
         f0:2a:4f:e1:14:bf:82:46:c6:69:3a:af:52:8d:5a:e0:f4:a8:
         bd:8e:ea:19:4b:3f:0d:ec:82:93:28:4a:30:4b:ab:77:fc:08:
         4a:1f:45:c7:b5:36:4b:e6:a4:74:da:7a:d5:3c:51:aa:a0:2f:
         cc:6e:c6:9b:b3:f8:56:7f:48:5f:56:90:88:43:6a:47:8d:db:
         12:81:bf:6b:bf:d5:81:58:a5:34:6a:20:24:46:d8:41:43:42:
         30:7c:2a:ba:fa:0f:8c:93:d1:49:94:c4:c8:58:84:7f:a8:44:
         7d:f9:99:b1:ec:d4:35:6a:22:54:8b:25:ce:65:67:41:7f:e3:
         ba:1b:2d:38:be:70:05:18:69:db:82:08:02:d5:8d:31:9f:cd:
         f4:75:09:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECOfv6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTAxY2U2MTM0MDM5
NjViYmI3OGMyNGU3NjhjZGM2ZGIyNmQ2ZmVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgSzQp5XYlqiQ2g++NsWI95h/1PMooNx3KdhyzYRnGOFIod
lbg4jaqXFxfAQNIuNZ0g7Jd3P6jxs18n5PdOjSoHeKyAYy8JM4a7RdkLwqkbHA6/
sYctQLney9V9+acmRtk8tw3MN00V/UHyJ1ucKxycuN6zAqHz9TVu6j4AIZJr1Do9
+RnT2fOptjiGGu026JXbh/eH5gCeAHi547xLnWsrpbEj9oXod7LJZSiXr0PT/gcP
7eWigxNqDyQDm4YQKogjmovNhhTGQAjbO+Vyyqq1cs+oEO8pd9Fz3LltkxKv+NDq
HRsplLK0chg2btJb3c37S5OK+pqmfLDUFXJ6FTcCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQQHOYTQDllu7eMJOdozcbbJtb+1zAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L0VCem1FMEE1WmJ1M2pDVG5hTTNHMnliV190Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEANQVgQMEANQVhQMEANQVnzAPBAIA
AjAJAwcAKgDiAAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCRnj6Q7zevwi/xqaCppZNt
+5HPvLEIB3OyIZa7B5FUmA+rx43/AnCL2Y2tqP9nBR2s+49R1xOAiX4Qu3bQqSUw
vr9LxwqK8iWbl6Hm79+ZghOKUAzvxrWqHGAL5A/gxpc/6sdgxGIdUXyJvNTwKk/h
FL+CRsZpOq9SjVrg9Ki9juoZSz8N7IKTKEowS6t3/AhKH0XHtTZL5qR02nrVPFGq
oC/Mbsabs/hWf0hfVpCIQ2pHjdsSgb9rv9WBWKU0aiAkRthBQ0IwfCq6+g+Mk9FJ
lMTIWIR/qER9+Zmx7NQ1aiJUiyXOZWdBf+O6Gy04vnAFGGnbgggC1Y0xn830dQkc
-----END CERTIFICATE-----
Generated at Thu Dec 8 06:10:34 2022 by rpki-client.