Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/

$ rpki-client -vvf YqLRRdHFl4w_XeW_c1chC_HZYs8.roa
File:                     YqLRRdHFl4w_XeW_c1chC_HZYs8.roa (download)
Hash identifier:          92rxEm8PQw2YUJkDqVqU92U35sRze6/occ7PVhA2clw=
Subject key identifier:   62:A2:D1:45:D1:C5:97:8C:3F:5D:E5:BF:73:57:21:0B:F1:D9:62:CF
Certificate serial:       02F4C73B
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/YqLRRdHFl4w_XeW_c1chC_HZYs8.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     2914
IP address blocks:
    1: 141.11.22.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 49596219 (0x2f4c73b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
        Validity
            Not Before: Feb  7 09:30:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=62a2d145d1c5978c3f5de5bf7357210bf1d962cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:11:2d:77:94:0d:e4:e5:79:25:0f:06:22:78:
                    48:b6:b4:3d:9b:d3:d9:f4:06:66:48:35:2e:4a:56:
                    03:58:00:70:2c:70:b0:ab:07:5b:8f:1c:31:dd:9a:
                    58:49:0f:c1:6b:8d:3f:95:b2:ad:6f:31:5b:0c:c4:
                    1f:63:53:47:29:fd:da:93:b5:98:b3:89:66:3c:8d:
                    16:9b:90:a8:e9:5b:e6:aa:d9:76:fb:ed:c9:e3:cd:
                    2f:af:70:f6:53:81:03:6d:1f:b4:7a:87:b4:06:4b:
                    f8:a4:04:48:bf:77:44:65:3a:40:ef:68:ae:d1:52:
                    e8:35:6b:3d:af:c7:89:03:01:37:b7:ea:40:11:89:
                    10:44:f7:3b:9d:89:74:b4:e4:9c:c5:c4:4b:97:48:
                    d2:a7:8e:6f:c7:fa:df:67:18:b9:32:3f:98:ff:93:
                    5d:b3:c5:96:96:6a:a1:d7:34:d1:93:73:a2:bf:f7:
                    58:12:e3:9c:01:91:dd:46:9b:50:ba:a7:db:08:07:
                    5c:44:63:fb:59:ed:f9:51:4e:f6:f3:f0:ec:fe:89:
                    2e:3e:60:b4:0e:12:7c:ad:4c:8f:36:65:8a:9e:ba:
                    c7:2c:a3:e9:6c:b2:ca:3e:08:92:45:33:49:90:f5:
                    e6:7d:c7:19:c4:60:0a:82:4b:dd:e9:f6:cf:69:2f:
                    e4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                62:A2:D1:45:D1:C5:97:8C:3F:5D:E5:BF:73:57:21:0B:F1:D9:62:CF
            X509v3 Authority Key Identifier: 
                keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/YqLRRdHFl4w_XeW_c1chC_HZYs8.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:69:85:63:22:40:26:f6:8f:49:4b:b6:a5:33:d3:bc:da:bd:
         2c:b1:b8:6b:42:47:d8:05:8c:09:d1:90:40:d3:87:d6:6d:29:
         64:d0:4a:5e:5b:63:01:ed:4f:1d:a6:ae:1e:80:19:fb:eb:f0:
         bd:18:99:68:84:4d:93:cc:01:e1:46:8d:ce:6e:80:55:44:03:
         3b:52:85:0e:7f:27:0e:01:59:d8:18:3c:9d:04:76:97:3b:27:
         46:bf:06:49:53:82:55:49:df:09:f0:18:00:f7:31:f0:b7:04:
         46:6b:42:f2:0c:f0:fb:95:ba:c1:77:27:4a:bd:e1:38:f7:5d:
         b1:13:1a:d1:ab:72:68:58:42:2d:b0:4d:fa:a1:df:39:8e:7a:
         52:7e:79:98:e3:4a:86:a7:a3:14:92:2f:55:21:63:1f:72:cc:
         5d:f4:26:73:5f:64:2a:97:bf:89:54:11:05:06:7e:89:cb:df:
         1f:f8:c1:89:b4:85:d9:6f:90:f1:53:d2:4e:f9:be:ea:ce:8f:
         0f:d4:d3:a0:d7:45:3e:a8:be:e8:86:35:a6:a8:2a:14:9c:42:
         ac:00:e8:4b:25:6b:19:db:ae:85:02:51:92:98:48:4d:c4:b8:
         2e:14:61:94:b0:88:84:41:a7:9c:97:63:bd:a2:55:4d:bf:df:
         89:40:eb:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvTHOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDIw
NzA5MzAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJhMmQxNDVkMWM1
OTc4YzNmNWRlNWJmNzM1NzIxMGJmMWQ5NjJjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMRLXeUDeTleSUPBiJ4SLa0PZvT2fQGZkg1LkpWA1gAcCxw
sKsHW48cMd2aWEkPwWuNP5WyrW8xWwzEH2NTRyn92pO1mLOJZjyNFpuQqOlb5qrZ
dvvtyePNL69w9lOBA20ftHqHtAZL+KQESL93RGU6QO9ortFS6DVrPa/HiQMBN7fq
QBGJEET3O52JdLTknMXES5dI0qeOb8f632cYuTI/mP+TXbPFlpZqodc00ZNzor/3
WBLjnAGR3UabULqn2wgHXERj+1nt+VFO9vPw7P6JLj5gtA4SfK1MjzZlip66xyyj
6Wyyyj4IkkUzSZD15n3HGcRgCoJL3en2z2kv5LkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiotFF0cWXjD9d5b9zVyEL8dlizzAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
L1lxTFJSZEhGbDR3X1hlV19jMWNoQ19IWllzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI0LFjANBgkqhkiG9w0BAQsFAAOC
AQEAM2mFYyJAJvaPSUu2pTPTvNq9LLG4a0JH2AWMCdGQQNOH1m0pZNBKXltjAe1P
HaauHoAZ++vwvRiZaIRNk8wB4UaNzm6AVUQDO1KFDn8nDgFZ2Bg8nQR2lzsnRr8G
SVOCVUnfCfAYAPcx8LcERmtC8gzw+5W6wXcnSr3hOPddsRMa0atyaFhCLbBN+qHf
OY56Un55mONKhqejFJIvVSFjH3LMXfQmc19kKpe/iVQRBQZ+icvfH/jBibSF2W+Q
8VPSTvm+6s6PD9TToNdFPqi+6IY1pqgqFJxCrADoSyVrGduuhQJRkphITcS4LhRh
lLCIhEGnnJdjvaJVTb/fiUDrnQ==
-----END CERTIFICATE-----
Generated at Thu Dec 1 23:04:57 2022 by rpki-client.