Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/1-7_PDo0_-Prw5yZcsE-Hhnsz6Xk.roa
File:                     1-7_PDo0_-Prw5yZcsE-Hhnsz6Xk.roa (download)
Hash identifier:          TuynOXZFBvbL8Dfu6qBxIlORPX/NgY+GZ6eRQGkJZXA=
Subject key identifier:   FB:BF:CF:0E:8D:3F:F8:FA:F0:E7:26:5C:B0:4F:87:86:7B:33:E9:79
Certificate issuer:       /CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
Certificate serial:       01828E7EAA89E9E6CE2D6169BA83F112386B
Authority key identifier: 9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/1-7_PDo0_-Prw5yZcsE-Hhnsz6Xk.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 188.208.103.0/24 maxlen: 24
    2: 62.192.152.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:8e:7e:aa:89:e9:e6:ce:2d:61:69:ba:83:f1:12:38:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b1ea15c21b7d55dea4bdc861b1c0afc9e437031
        Validity
            Not Before: Aug 11 20:00:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fbbfcf0e8d3ff8faf0e7265cb04f87867b33e979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a9:b8:d7:15:98:a6:62:5e:db:dd:45:04:c0:
                    2b:d1:21:dc:61:86:9b:2e:37:99:39:f6:f7:24:3f:
                    83:0f:e9:a1:1d:dd:f8:6f:e3:19:04:9a:44:9a:56:
                    ec:2d:43:9e:00:1a:00:d8:ee:1b:11:c5:1b:91:fd:
                    ae:02:8c:8f:82:2c:ab:ec:ae:e4:84:79:43:30:b1:
                    a6:7e:8b:2f:7b:97:d1:e6:e5:5b:0b:59:af:eb:b7:
                    4c:3c:c0:e0:c4:ea:7b:83:6f:5b:38:d3:22:6c:79:
                    a3:e7:c0:42:a0:0b:15:b5:17:37:55:33:ad:74:72:
                    4e:71:e3:0f:aa:3c:7d:1d:ec:5b:71:cc:92:ca:9a:
                    6b:ae:e3:1e:85:b4:28:65:fe:f3:fd:04:80:b0:36:
                    e6:73:97:3b:85:48:47:1c:0e:83:38:b0:b5:1d:00:
                    30:44:ce:00:78:1f:fc:34:be:c9:34:8f:d7:58:ac:
                    eb:66:25:6a:b3:bf:11:f0:15:06:73:b7:c3:63:0e:
                    c9:49:36:a7:9c:cf:16:0e:a6:f6:a3:dc:02:97:52:
                    8d:94:41:02:f0:f7:dd:eb:8b:b7:72:c9:0b:b4:fa:
                    20:86:cc:47:5e:a9:cb:5f:3f:23:cc:b6:93:88:22:
                    13:74:85:35:b7:72:66:be:3e:af:e2:dd:64:f3:e9:
                    8e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FB:BF:CF:0E:8D:3F:F8:FA:F0:E7:26:5C:B0:4F:87:86:7B:33:E9:79
            X509v3 Authority Key Identifier: 
                keyid:9B:1E:A1:5C:21:B7:D5:5D:EA:4B:DC:86:1B:1C:0A:FC:9E:43:70:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mx6hXCG31V3qS9yGGxwK_J5DcDE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/1-7_PDo0_-Prw5yZcsE-Hhnsz6Xk.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ee01f-e976-4803-961e-94cf22dee5fe/1/mx6hXCG31V3qS9yGGxwK_J5DcDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.192.152.0/24
                  188.208.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:3c:0d:d3:6c:dc:53:11:82:4b:c7:3f:5f:80:26:fc:b4:64:
         cd:87:e4:a9:9b:9f:c0:2a:1b:3d:a4:0c:8d:03:7c:5c:50:3d:
         b3:3b:af:42:20:d8:86:e3:de:fb:65:da:8a:97:51:4b:d9:6b:
         ba:b2:9d:60:e4:49:45:45:1d:be:00:57:f7:a5:54:24:22:7e:
         45:29:81:7a:5a:8e:e6:d6:cf:d1:35:45:3e:a0:bc:8f:aa:5c:
         55:23:f5:aa:27:0f:94:59:f5:3c:b6:a1:8d:ce:c4:a1:50:ad:
         41:90:a6:91:07:a3:a0:ed:be:68:d4:c9:14:dd:49:cc:29:2a:
         18:21:46:52:f6:b3:40:b0:4b:42:88:85:0d:a5:f3:0e:d2:6e:
         66:56:b7:89:6d:9b:04:ba:30:80:5c:d0:3a:4a:69:8d:a1:a7:
         28:bf:a7:d9:2f:fc:8e:e9:7a:a5:cb:6d:b4:01:d8:e9:fa:2d:
         bc:4d:b2:b7:47:50:3b:c7:cc:b6:76:a9:3a:7e:52:75:8e:2f:
         90:26:3e:8c:10:af:26:f6:36:18:6a:09:b4:e0:16:39:6d:74:
         b1:4b:cf:de:cd:99:c4:3e:60:ca:26:a3:a1:02:5d:68:f7:2d:
         3b:00:23:ea:95:41:07:cd:fa:35:58:24:c5:fd:b9:23:74:95:
         c8:ec:b2:ef
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYKOfqqJ6ebOLWFpuoPxEjhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMWVhMTVjMjFiN2Q1NWRlYTRiZGM4NjFiMWMwYWZjOWU0
MzcwMzEwHhcNMjIwODExMjAwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJmY2YwZThkM2ZmOGZhZjBlNzI2NWNiMDRmODc4NjdiMzNlOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmam41xWYpmJe291FBMAr0SHcYYab
LjeZOfb3JD+DD+mhHd34b+MZBJpEmlbsLUOeABoA2O4bEcUbkf2uAoyPgiyr7K7k
hHlDMLGmfosve5fR5uVbC1mv67dMPMDgxOp7g29bONMibHmj58BCoAsVtRc3VTOt
dHJOceMPqjx9HexbccySypprruMehbQoZf7z/QSAsDbmc5c7hUhHHA6DOLC1HQAw
RM4AeB/8NL7JNI/XWKzrZiVqs78R8BUGc7fDYw7JSTannM8WDqb2o9wCl1KNlEEC
8Pfd64u3cskLtPoghsxHXqnLXz8jzLaTiCITdIU1t3Jmvj6v4t1k8+mOeQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPu/zw6NP/j68OcmXLBPh4Z7M+l5MB8GA1UdIwQY
MBaAFJseoVwht9Vd6kvchhscCvyeQ3AxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXg2aFhDRzMxVjNxUzl5R0d4d0tfSjVEY0RFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85ZWUwMWYtZTk3Ni00ODAzLTk2MWUt
OTRjZjIyZGVlNWZlLzEvMS03X1BEbzBfLVBydzV5WmNzRS1IaG5zejZYay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWEvOWVlMDFmLWU5NzYtNDgwMy05NjFlLTk0Y2YyMmRlZTVm
ZS8xL214NmhYQ0czMVYzcVM5eUdHeHdLX0o1RGNERS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAD7AmAME
ALzQZzANBgkqhkiG9w0BAQsFAAOCAQEAeDwN02zcUxGCS8c/X4Am/LRkzYfkqZuf
wCobPaQMjQN8XFA9szuvQiDYhuPe+2XaipdRS9lrurKdYORJRUUdvgBX96VUJCJ+
RSmBelqO5tbP0TVFPqC8j6pcVSP1qicPlFn1PLahjc7EoVCtQZCmkQejoO2+aNTJ
FN1JzCkqGCFGUvazQLBLQoiFDaXzDtJuZla3iW2bBLowgFzQOkppjaGnKL+n2S/8
jul6pctttAHY6fotvE2yt0dQO8fMtnapOn5SdY4vkCY+jBCvJvY2GGoJtOAWOW10
sUvP3s2ZxD5gyiajoQJdaPctOwAj6pVBB836NVgkxf25I3SVyOyy7w==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:56:54 2022 by rpki-client.