Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/a9/7106a8-7252-4ad3-afd7-9379e5dfa3a7/1/

$ rpki-client -vvf LWRBgaHO0OXnj2hA6kLrdROjiPg.roa
File:                     LWRBgaHO0OXnj2hA6kLrdROjiPg.roa (download)
Hash identifier:          /BLke6D1dsKymzwu7BjHqpmXL9VbEKoVJuFcjacVEMI=
Subject key identifier:   2D:64:41:81:A1:CE:D0:E5:E7:8F:68:40:EA:42:EB:75:13:A3:88:F8
Certificate issuer:       /CN=f661d8c4c9c4b9f68aa6c7f53c76e6309f077913
Certificate serial:       8AC088
Authority key identifier: F6:61:D8:C4:C9:C4:B9:F6:8A:A6:C7:F5:3C:76:E6:30:9F:07:79:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9mHYxMnEufaKpsf1PHbmMJ8HeRM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/7106a8-7252-4ad3-afd7-9379e5dfa3a7/1/LWRBgaHO0OXnj2hA6kLrdROjiPg.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 212.18.107.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9093256 (0x8ac088)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f661d8c4c9c4b9f68aa6c7f53c76e6309f077913
        Validity
            Not Before: Jan  1 02:54:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2d644181a1ced0e5e78f6840ea42eb7513a388f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a0:94:e3:d3:25:b7:7f:c2:ec:58:aa:a8:ec:
                    70:62:7b:a4:f7:05:24:1a:2f:c0:a4:5b:c7:0b:db:
                    8b:43:0d:11:8c:30:a8:6d:24:a2:d1:17:3b:65:25:
                    59:cb:fd:9e:da:57:f9:21:7b:4b:e0:27:33:56:34:
                    e5:a2:7c:9b:fa:13:d1:86:7c:a5:20:83:37:3b:1d:
                    dd:00:60:04:dc:be:11:8d:52:59:65:9a:14:71:f2:
                    92:ae:a9:ec:c8:e6:4d:42:93:47:c9:8f:48:c2:b6:
                    a6:da:32:54:cc:6f:26:a7:2f:1f:9f:10:db:99:85:
                    84:25:ca:8b:ed:41:a3:68:1c:53:e0:55:30:f9:94:
                    fa:8f:f5:23:7a:54:dc:a6:23:8b:97:60:c9:b4:6d:
                    d7:28:1a:be:6f:32:8f:51:8e:8d:65:cc:69:76:d9:
                    2a:25:0e:5e:12:fb:71:7f:0e:8e:4e:9d:93:1b:d7:
                    48:9d:45:f8:77:b6:fc:7e:66:fe:4c:af:43:1d:f2:
                    11:83:19:06:68:36:dc:a1:f4:21:f5:41:00:bf:24:
                    d0:1f:81:f0:c0:73:65:db:a6:4e:f9:b6:d8:c0:dc:
                    1a:7d:d4:bf:05:7d:08:d8:68:f2:8f:8a:26:d2:60:
                    0e:e4:28:89:16:11:2f:85:ff:7d:49:1a:e2:b1:e8:
                    35:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2D:64:41:81:A1:CE:D0:E5:E7:8F:68:40:EA:42:EB:75:13:A3:88:F8
            X509v3 Authority Key Identifier: 
                keyid:F6:61:D8:C4:C9:C4:B9:F6:8A:A6:C7:F5:3C:76:E6:30:9F:07:79:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9mHYxMnEufaKpsf1PHbmMJ8HeRM.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/7106a8-7252-4ad3-afd7-9379e5dfa3a7/1/LWRBgaHO0OXnj2hA6kLrdROjiPg.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/7106a8-7252-4ad3-afd7-9379e5dfa3a7/1/9mHYxMnEufaKpsf1PHbmMJ8HeRM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:db:0d:cc:3b:2b:f6:c9:10:21:e4:98:24:31:90:8e:ee:50:
         f2:03:9c:85:47:45:0a:c4:41:77:24:55:0b:3f:db:12:2c:b8:
         ff:83:9c:0e:9f:cf:87:fb:cd:b1:b9:bf:da:bb:5e:29:a1:47:
         98:1c:c5:7b:61:38:3e:2f:e4:00:56:d0:f0:64:c3:88:aa:eb:
         a1:21:b7:c1:83:93:58:92:99:69:09:4c:7d:d4:9a:3e:26:fc:
         fe:50:2e:2c:0c:b4:89:9c:d2:d4:70:ed:6d:da:82:30:2b:34:
         e5:a6:ac:a9:76:d4:4d:68:9c:b9:52:13:7b:2a:10:7a:77:2e:
         a1:58:43:a4:8a:b6:12:a5:6f:77:41:2e:9e:af:e8:79:b4:ad:
         01:7d:e8:87:64:de:46:44:5b:7c:b2:b7:29:5b:6f:d8:ad:e3:
         35:46:2b:21:15:91:08:8a:bc:01:b1:a8:57:78:8f:77:91:30:
         ca:53:1f:57:7a:04:59:28:2f:24:de:43:5e:24:13:3e:3a:2e:
         07:cb:8d:06:47:ff:f5:f3:e2:25:e0:33:a9:d4:a9:eb:04:0a:
         c8:54:40:84:bd:e2:09:66:3c:b6:b7:54:d0:67:60:dc:15:6b:
         26:c2:fd:ff:fe:e9:a6:e9:1c:a2:4d:8e:af:1f:9b:56:1b:df:
         e9:6e:cc:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIrAiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjYxZDhjNGM5YzRiOWY2OGFhNmM3ZjUzYzc2ZTYzMDlmMDc3OTEzMB4XDTIyMDEw
MTAyNTQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ2NDQxODFhMWNl
ZDBlNWU3OGY2ODQwZWE0MmViNzUxM2EzODhmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWglOPTJbd/wuxYqqjscGJ7pPcFJBovwKRbxwvbi0MNEYww
qG0kotEXO2UlWcv9ntpX+SF7S+AnM1Y05aJ8m/oT0YZ8pSCDNzsd3QBgBNy+EY1S
WWWaFHHykq6p7MjmTUKTR8mPSMK2ptoyVMxvJqcvH58Q25mFhCXKi+1Bo2gcU+BV
MPmU+o/1I3pU3KYji5dgybRt1ygavm8yj1GOjWXMaXbZKiUOXhL7cX8Ojk6dkxvX
SJ1F+He2/H5m/kyvQx3yEYMZBmg23KH0IfVBAL8k0B+B8MBzZdumTvm22MDcGn3U
vwV9CNho8o+KJtJgDuQoiRYRL4X/fUka4rHoNeMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtZEGBoc7Q5eePaEDqQut1E6OI+DAfBgNVHSMEGDAWgBT2YdjEycS59oqm
x/U8duYwnwd5EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzltSFl4TW5FdWZhS3BzZjFQSGJtTUo4SGVSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNzEwNmE4LTcyNTItNGFkMy1hZmQ3LTkzNzllNWRmYTNhNy8x
L0xXUkJnYUhPME9YbmoyaEE2a0xyZFJPamlQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NzEwNmE4LTcyNTItNGFkMy1hZmQ3LTkzNzllNWRmYTNhNy8xLzltSFl4TW5FdWZh
S3BzZjFQSGJtTUo4SGVSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQSazANBgkqhkiG9w0BAQsFAAOC
AQEAYdsNzDsr9skQIeSYJDGQju5Q8gOchUdFCsRBdyRVCz/bEiy4/4OcDp/Ph/vN
sbm/2rteKaFHmBzFe2E4Pi/kAFbQ8GTDiKrroSG3wYOTWJKZaQlMfdSaPib8/lAu
LAy0iZzS1HDtbdqCMCs05aasqXbUTWicuVITeyoQencuoVhDpIq2EqVvd0Eunq/o
ebStAX3oh2TeRkRbfLK3KVtv2K3jNUYrIRWRCIq8AbGoV3iPd5EwylMfV3oEWSgv
JN5DXiQTPjouB8uNBkf/9fPiJeAzqdSp6wQKyFRAhL3iCWY8trdU0Gdg3BVrJsL9
//7ppukcok2Orx+bVhvf6W7M2A==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:36:20 2022 by rpki-client.