Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa
File:                     44IyM1e2aiSg03yKBJntin1j8tw.roa (download)
Hash identifier:          bpdfVYpH9OaNpTujHxpLjSid1yzhQNfPUAG4IoP4RKI=
Subject key identifier:   E3:82:32:33:57:B6:6A:24:A0:D3:7C:8A:04:99:ED:8A:7D:63:F2:DC
Certificate issuer:       /CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
Certificate serial:       0104AF59
Authority key identifier: AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 109.234.75.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17084249 (0x104af59)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
        Validity
            Not Before: Jan  1 08:02:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e382323357b66a24a0d37c8a0499ed8a7d63f2dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d9:30:64:52:41:85:c4:4e:e9:dd:fc:af:62:
                    0a:e9:a0:35:2b:2d:60:c3:57:9b:3f:96:98:31:29:
                    28:f0:8e:77:24:91:51:7f:03:56:e5:f7:fe:3a:55:
                    34:f5:e4:91:67:69:2a:a8:f6:93:7f:1e:3e:38:64:
                    db:dd:85:71:da:39:bd:a0:88:b4:ad:ce:18:2c:86:
                    01:e3:6e:d7:9a:06:96:ac:90:aa:de:14:76:d1:a3:
                    05:b2:7a:02:e3:80:70:0d:9e:81:fa:25:52:65:60:
                    f1:ee:7c:7e:06:25:eb:f0:64:c2:70:c9:85:d6:00:
                    cc:b2:91:b7:9d:71:17:cc:0b:e0:48:78:4d:3a:09:
                    1a:ef:54:f8:15:e0:2a:e0:e3:1d:89:6c:dc:65:2b:
                    7f:48:20:44:49:3e:05:e5:a5:8e:ae:38:49:80:00:
                    a3:7a:64:4c:56:cb:3f:5a:83:da:bf:33:9a:2f:4d:
                    47:e1:37:b3:da:59:fd:30:88:35:28:51:d5:af:45:
                    5a:14:20:07:21:38:ff:2d:3c:33:7c:2a:23:df:44:
                    bc:06:60:44:65:f5:5a:65:b7:e8:c8:2e:09:95:0e:
                    9f:63:11:69:cd:7a:8d:1f:c5:4c:81:dd:39:ab:96:
                    e7:ba:2e:c6:c7:55:92:99:6f:d6:81:0e:8b:67:be:
                    dd:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E3:82:32:33:57:B6:6A:24:A0:D3:7C:8A:04:99:ED:8A:7D:63:F2:DC
            X509v3 Authority Key Identifier: 
                keyid:AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.234.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:e4:5c:76:57:6e:69:ef:18:10:b5:7c:a8:d1:45:61:6a:e5:
         15:fe:a4:60:c9:24:b4:c0:a5:e1:9f:7f:e9:7f:22:7c:5b:b6:
         ba:2c:1f:83:36:61:dc:b3:6c:eb:1a:75:21:a0:15:e0:23:d2:
         2a:6a:3c:f5:20:9c:df:36:98:51:4c:4b:d1:b4:03:20:40:61:
         47:c2:9f:68:e5:a7:2c:eb:f3:1e:ea:e1:aa:54:07:e0:76:39:
         d9:07:e6:f7:23:f1:f3:c7:59:64:64:50:89:2f:9e:14:d8:3d:
         4a:92:25:57:a8:fb:a9:92:23:a7:12:b1:43:2b:5f:94:c1:bb:
         45:57:36:e9:28:f8:9f:81:c2:f2:cf:de:44:b5:c3:ca:e8:b4:
         59:a8:31:5f:86:9c:9e:77:00:05:d7:b2:2b:1b:f8:50:01:c4:
         92:85:fb:31:b8:3d:12:02:6d:22:35:fe:d2:6b:2d:ff:9a:81:
         a9:0d:4c:2b:3f:9b:b2:7b:7c:94:aa:bc:39:26:ac:a9:d3:e5:
         b0:98:1f:5d:71:90:d5:dd:aa:61:5b:6b:90:d3:26:8a:0b:bc:
         46:49:57:fe:a6:bc:6b:15:c2:e0:fa:73:e4:7e:c6:3c:09:c7:
         b7:af:f5:db:24:1a:8a:c1:d9:31:28:fe:bd:a5:16:9b:65:9b:
         9c:a1:19:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQSvWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTVkNWZiYmQ0Mjc3ZTAyMjk3ZWNkMDFiNWNkN2UxYmYyOWZjNzU5MB4XDTIyMDEw
MTA4MDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM4MjMyMzM1N2I2
NmEyNGEwZDM3YzhhMDQ5OWVkOGE3ZDYzZjJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnZMGRSQYXETund/K9iCumgNSstYMNXmz+WmDEpKPCOdySR
UX8DVuX3/jpVNPXkkWdpKqj2k38ePjhk292Fcdo5vaCItK3OGCyGAeNu15oGlqyQ
qt4UdtGjBbJ6AuOAcA2egfolUmVg8e58fgYl6/BkwnDJhdYAzLKRt51xF8wL4Eh4
TToJGu9U+BXgKuDjHYls3GUrf0ggREk+BeWljq44SYAAo3pkTFbLP1qD2r8zmi9N
R+E3s9pZ/TCINShR1a9FWhQgByE4/y08M3wqI99EvAZgRGX1WmW36MguCZUOn2MR
ac16jR/FTIHdOauW57ouxsdVkplv1oEOi2e+3ekCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjgjIzV7ZqJKDTfIoEme2KfWPy3DAfBgNVHSMEGDAWgBSuXV+71Cd+Ail+
zQG1zX4b8p/HWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JsMWZ1OVFuZmdJcGZzMEJ0YzEtR19LZngxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNDRmMzJmLTg3MjMtNDFhMC04MDE0LTM3NjI5MmQ4YjJmZS8x
LzQ0SXlNMWUyYWlTZzAzeUtCSm50aW4xajh0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NDRmMzJmLTg3MjMtNDFhMC04MDE0LTM3NjI5MmQ4YjJmZS8xL3JsMWZ1OVFuZmdJ
cGZzMEJ0YzEtR19LZngxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3qSzANBgkqhkiG9w0BAQsFAAOC
AQEAJuRcdlduae8YELV8qNFFYWrlFf6kYMkktMCl4Z9/6X8ifFu2uiwfgzZh3LNs
6xp1IaAV4CPSKmo89SCc3zaYUUxL0bQDIEBhR8KfaOWnLOvzHurhqlQH4HY52Qfm
9yPx88dZZGRQiS+eFNg9SpIlV6j7qZIjpxKxQytflMG7RVc26Sj4n4HC8s/eRLXD
yui0WagxX4acnncABdeyKxv4UAHEkoX7Mbg9EgJtIjX+0mst/5qBqQ1MKz+bsnt8
lKq8OSasqdPlsJgfXXGQ1d2qYVtrkNMmigu8RklX/qa8axXC4Ppz5H7GPAnHt6/1
2yQaisHZMSj+vaUWm2WbnKEZCQ==
-----END CERTIFICATE-----
Generated at Thu Dec 8 20:48:15 2022 by rpki-client.