Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/

$ rpki-client -vvf ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa
File:                     ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa (download)
Hash identifier:          rLdcC4Fu6v8ftpqjWb/R+Awf42uJdXAtsKhIZ+HZWJ4=
Subject key identifier:   65:A5:65:FA:64:BD:40:61:2F:F8:A1:B1:3F:E8:12:E1:59:C8:DE:5D
Certificate issuer:       /CN=891d6101d729bc95597da528604ec0b0b7e0042c
Certificate serial:       0181ED3FCB295A41889C836854838D884D1C
Authority key identifier: 89:1D:61:01:D7:29:BC:95:59:7D:A5:28:60:4E:C0:B0:B7:E0:04:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iR1hAdcpvJVZfaUoYE7AsLfgBCw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 86.104.192.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:ed:3f:cb:29:5a:41:88:9c:83:68:54:83:8d:88:4d:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=891d6101d729bc95597da528604ec0b0b7e0042c
        Validity
            Not Before: Jul 11 12:33:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=65a565fa64bd40612ff8a1b13fe812e159c8de5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e8:e1:a2:92:6b:49:df:52:1c:ef:b4:cc:ae:
                    94:2e:10:b1:99:bc:57:56:f1:42:07:d5:44:0f:de:
                    1e:13:40:4e:a0:08:77:c2:8a:0b:fe:4a:9a:21:cb:
                    82:78:65:4c:5f:78:11:7c:3c:7b:2a:43:07:77:6d:
                    14:ce:4c:1f:a2:fd:16:b1:8e:2d:34:fa:f7:0c:97:
                    89:cd:38:d4:cb:19:61:07:d1:b4:e1:76:d0:3c:80:
                    e2:cd:3b:90:5d:8a:36:e6:a6:5d:e5:df:89:d3:76:
                    dd:88:6d:e5:e6:22:7f:f7:79:02:db:17:3e:8d:ca:
                    13:1c:8b:8d:d5:a6:e2:a8:0f:60:93:08:84:f8:04:
                    b2:65:04:08:40:c8:c3:a7:00:41:ae:25:e1:5a:65:
                    d4:96:eb:ab:6f:76:6a:c1:97:d4:b9:75:ba:59:0f:
                    79:6e:70:d4:06:3f:9f:80:8c:f9:df:53:37:cf:3d:
                    df:77:52:e8:78:37:06:bf:52:40:34:16:7d:40:0d:
                    da:99:96:c0:e5:1e:90:60:d1:6f:c4:6e:d9:fe:85:
                    69:35:53:0f:e4:19:9e:2c:c1:ec:ae:5d:70:da:77:
                    49:46:58:3c:73:05:33:f4:29:7e:31:d0:b2:24:df:
                    a5:ed:20:6e:56:b0:a2:a2:f2:74:9e:b9:44:bc:26:
                    2e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                65:A5:65:FA:64:BD:40:61:2F:F8:A1:B1:3F:E8:12:E1:59:C8:DE:5D
            X509v3 Authority Key Identifier: 
                keyid:89:1D:61:01:D7:29:BC:95:59:7D:A5:28:60:4E:C0:B0:B7:E0:04:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iR1hAdcpvJVZfaUoYE7AsLfgBCw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/ZaVl-mS9QGEv-KGxP-gS4VnI3l0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4b90d6-87e6-473e-b36d-6e54215b24e7/1/iR1hAdcpvJVZfaUoYE7AsLfgBCw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:4f:ba:50:b2:d5:63:45:bb:cd:a4:08:9d:81:ca:60:58:b0:
         cc:f3:03:88:8e:a6:4d:43:9a:48:aa:6e:ac:6b:8f:db:e6:b8:
         d7:b6:8c:e9:42:a2:b9:ec:7e:b8:73:0f:69:cb:9f:67:97:3f:
         9e:5b:cc:4b:26:d2:07:07:d4:62:4b:94:dc:d2:bd:ba:8b:8f:
         53:f1:52:9f:30:34:33:e9:02:93:9d:50:0d:a3:7b:53:5d:26:
         be:61:1b:94:5a:51:08:fd:e5:04:ab:a9:5c:22:2b:a5:b7:57:
         da:01:ca:30:31:fa:ae:94:7a:de:38:0e:17:f2:7a:30:1f:ad:
         e9:a0:01:e3:4c:d7:d4:5e:e0:04:98:56:9b:25:75:bc:9d:83:
         07:94:5b:95:03:0e:6e:f9:c9:73:cf:bf:f5:8c:6a:c3:8c:8e:
         a2:94:82:8c:63:34:00:50:34:d5:6c:07:46:45:37:95:b6:b6:
         f2:52:be:90:c8:a6:cb:2d:78:ea:ed:92:c6:73:9e:c2:a4:29:
         c5:43:ad:d6:c1:96:d7:53:58:cd:a9:cc:3f:25:e8:9a:4d:5c:
         cb:70:48:15:cc:66:bd:06:93:24:52:0c:49:01:25:c7:e5:56:
         68:9c:9d:a4:55:05:47:51:27:90:b2:18:15:73:ba:23:54:5a:
         47:85:31:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHtP8spWkGInINoVIONiE0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MWQ2MTAxZDcyOWJjOTU1OTdkYTUyODYwNGVjMGIwYjdl
MDA0MmMwHhcNMjIwNzExMTIzMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE1NjVmYTY0YmQ0MDYxMmZmOGExYjEzZmU4MTJlMTU5YzhkZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApujhopJrSd9SHO+0zK6ULhCxmbxX
VvFCB9VED94eE0BOoAh3wooL/kqaIcuCeGVMX3gRfDx7KkMHd20Uzkwfov0WsY4t
NPr3DJeJzTjUyxlhB9G04XbQPIDizTuQXYo25qZd5d+J03bdiG3l5iJ/93kC2xc+
jcoTHIuN1abiqA9gkwiE+ASyZQQIQMjDpwBBriXhWmXUluurb3ZqwZfUuXW6WQ95
bnDUBj+fgIz531M3zz3fd1LoeDcGv1JANBZ9QA3amZbA5R6QYNFvxG7Z/oVpNVMP
5BmeLMHsrl1w2ndJRlg8cwUz9Cl+MdCyJN+l7SBuVrCiovJ0nrlEvCYuAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWlZfpkvUBhL/ihsT/oEuFZyN5dMB8GA1UdIwQY
MBaAFIkdYQHXKbyVWX2lKGBOwLC34AQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVIxaEFkY3B2SlZaZmFVb1lFN0FzTGZnQkN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80YjkwZDYtODdlNi00NzNlLWIzNmQt
NmU1NDIxNWIyNGU3LzEvWmFWbC1tUzlRR0V2LUtHeFAtZ1M0Vm5JM2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80YjkwZDYtODdlNi00NzNlLWIzNmQtNmU1NDIxNWIyNGU3
LzEvaVIxaEFkY3B2SlZaZmFVb1lFN0FzTGZnQkN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmjAMA0G
CSqGSIb3DQEBCwUAA4IBAQC4T7pQstVjRbvNpAidgcpgWLDM8wOIjqZNQ5pIqm6s
a4/b5rjXtozpQqK57H64cw9py59nlz+eW8xLJtIHB9RiS5Tc0r26i49T8VKfMDQz
6QKTnVANo3tTXSa+YRuUWlEI/eUEq6lcIiult1faAcowMfqulHreOA4X8nowH63p
oAHjTNfUXuAEmFabJXW8nYMHlFuVAw5u+clzz7/1jGrDjI6ilIKMYzQAUDTVbAdG
RTeVtrbyUr6QyKbLLXjq7ZLGc57CpCnFQ63WwZbXU1jNqcw/JeiaTVzLcEgVzGa9
BpMkUgxJASXH5VZonJ2kVQVHUSeQshgVc7ojVFpHhTFX
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:36:29 2022 by rpki-client.