Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ZFeDVoJOQ043o2TONC20IW8oj4g.roa
File:                     ZFeDVoJOQ043o2TONC20IW8oj4g.roa (download)
Hash identifier:          /bWHLtTo9geeZAb9KujG96InaIot5KJXPsGQLABM6C8=
Subject key identifier:   64:57:83:56:82:4E:43:4E:37:A3:64:CE:34:2D:B4:21:6F:28:8F:88
Certificate issuer:       /CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
Certificate serial:       0455DA93
Authority key identifier: 6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ZFeDVoJOQ043o2TONC20IW8oj4g.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     400040
IP address blocks:
    1: 141.11.44.0/24 maxlen: 24
    2: 141.11.191.0/24 maxlen: 24
    3: 141.11.6.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72735379 (0x455da93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c4c7986b182ecc36ad74c535beae7299b35ce92
        Validity
            Not Before: May  3 10:40:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=64578356824e434e37a364ce342db4216f288f88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:10:70:a8:5a:2b:23:a5:5a:13:a6:5e:c4:3f:
                    5c:2f:b9:04:d9:67:17:c7:c6:a8:b2:e8:ee:ad:78:
                    30:3b:91:57:c9:e2:ee:7b:9a:f9:f4:1c:de:57:9b:
                    29:bc:f6:e4:f2:98:d8:7d:14:ba:2d:48:59:42:32:
                    1b:a6:03:fa:5b:92:89:3e:28:07:4b:03:9f:62:58:
                    fd:82:6f:d9:5c:16:1b:4f:da:cc:2c:45:1e:67:34:
                    97:14:80:79:1e:45:fc:44:79:a7:f2:29:ff:4d:a3:
                    6e:31:e6:aa:2b:d9:32:8c:5a:01:3c:65:e7:db:d8:
                    d9:e3:4b:b6:5d:95:a2:59:95:dd:3e:1d:c0:3b:45:
                    ea:f9:9a:9f:3c:ec:3c:88:eb:8c:cb:c6:31:1c:46:
                    62:2f:b7:77:25:be:af:8e:ab:de:5f:f0:4a:34:f2:
                    8c:51:15:d7:b4:56:a6:fe:1c:60:c6:3e:b0:18:1a:
                    f2:71:e2:46:35:a1:4c:a0:77:58:d8:8c:16:53:3d:
                    9b:45:54:e8:a8:2b:96:48:72:1f:04:0a:eb:93:2a:
                    dc:e4:6e:e4:be:e2:9e:0a:06:e5:ea:ec:8f:6d:8c:
                    63:97:43:c2:22:ce:b8:ce:8f:fc:03:7f:35:fe:5c:
                    db:cc:fa:f8:b5:b2:33:83:70:b3:80:fd:2f:1d:46:
                    e9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                64:57:83:56:82:4E:43:4E:37:A3:64:CE:34:2D:B4:21:6F:28:8F:88
            X509v3 Authority Key Identifier: 
                keyid:6C:4C:79:86:B1:82:EC:C3:6A:D7:4C:53:5B:EA:E7:29:9B:35:CE:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bEx5hrGC7MNq10xTW-rnKZs1zpI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/ZFeDVoJOQ043o2TONC20IW8oj4g.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/c4e5ca-8aa5-4e64-a022-26ca148d07af/1/bEx5hrGC7MNq10xTW-rnKZs1zpI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.6.0/24
                  141.11.44.0/24
                  141.11.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:0d:bc:d8:43:87:58:00:d6:14:e8:00:ad:a7:1c:2e:c9:7f:
         bb:cc:1c:cd:1a:07:40:5d:d6:ac:06:2f:21:79:ac:eb:76:10:
         e0:08:38:a4:be:d4:c6:30:01:00:8f:d3:7d:b9:68:8e:11:8d:
         75:ec:79:33:47:df:4a:23:79:c1:76:a8:89:2f:ad:c8:fe:53:
         10:5a:68:33:f7:97:4c:59:1b:9f:cf:d0:1c:47:cc:52:ea:69:
         9a:e1:88:7f:29:26:b1:d5:4a:8c:9a:eb:fd:f3:b1:16:a9:93:
         b6:23:b6:e5:25:74:37:56:48:1c:8d:ee:29:df:72:95:7b:57:
         ab:f5:dc:25:ce:e8:cd:bb:41:fd:aa:a6:da:20:a0:7c:1e:c8:
         29:77:88:5f:b7:e5:be:4a:01:da:6a:82:4e:54:73:17:19:0c:
         92:ce:3d:c1:69:34:9a:dd:2a:04:c3:9b:3e:40:77:17:22:41:
         fb:a3:9f:11:b8:3f:40:91:5f:57:2f:26:7e:18:4b:8b:db:59:
         f5:61:eb:6b:31:ad:2b:13:d2:53:ad:ce:ea:ec:53:4d:ef:a7:
         0d:ef:f7:60:bb:ea:7b:9e:3b:e7:61:1d:26:e8:2b:1b:b0:db:
         f7:de:71:53:3c:d8:e2:16:45:14:ec:66:bf:54:91:28:09:97:
         25:74:db:3a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBFXakzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRjNzk4NmIxODJlY2MzNmFkNzRjNTM1YmVhZTcyOTliMzVjZTkyMB4XDTIyMDUw
MzEwNDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ1NzgzNTY4MjRl
NDM0ZTM3YTM2NGNlMzQyZGI0MjE2ZjI4OGY4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIQcKhaKyOlWhOmXsQ/XC+5BNlnF8fGqLLo7q14MDuRV8ni
7nua+fQc3lebKbz25PKY2H0Uui1IWUIyG6YD+luSiT4oB0sDn2JY/YJv2VwWG0/a
zCxFHmc0lxSAeR5F/ER5p/Ip/02jbjHmqivZMoxaATxl59vY2eNLtl2VolmV3T4d
wDtF6vmanzzsPIjrjMvGMRxGYi+3dyW+r46r3l/wSjTyjFEV17RWpv4cYMY+sBga
8nHiRjWhTKB3WNiMFlM9m0VU6KgrlkhyHwQK65Mq3ORu5L7ingoG5ersj22MY5dD
wiLOuM6P/AN/Nf5c28z6+LWyM4Nws4D9Lx1G6TECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRkV4NWgk5DTjejZM40LbQhbyiPiDAfBgNVHSMEGDAWgBRsTHmGsYLsw2rX
TFNb6ucpmzXOkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFeDVockdDN01OcTEweFRXLXJuS1pzMXpwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8x
L1pGZURWb0pPUTA0M28yVE9OQzIwSVc4b2o0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YzRlNWNhLThhYTUtNGU2NC1hMDIyLTI2Y2ExNDhkMDdhZi8xL2JFeDVockdDN01O
cTEweFRXLXJuS1pzMXpwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAI0LBgMEAI0LLAMEAI0LvzANBgkq
hkiG9w0BAQsFAAOCAQEAFg282EOHWADWFOgAraccLsl/u8wczRoHQF3WrAYvIXms
63YQ4Ag4pL7UxjABAI/TfblojhGNdex5M0ffSiN5wXaoiS+tyP5TEFpoM/eXTFkb
n8/QHEfMUuppmuGIfykmsdVKjJrr/fOxFqmTtiO25SV0N1ZIHI3uKd9ylXtXq/Xc
Jc7ozbtB/aqm2iCgfB7IKXeIX7flvkoB2mqCTlRzFxkMks49wWk0mt0qBMObPkB3
FyJB+6OfEbg/QJFfVy8mfhhLi9tZ9WHrazGtKxPSU63O6uxTTe+nDe/3YLvqe547
52EdJugrG7Db995xUzzY4hZFFOxmv1SRKAmXJXTbOg==
-----END CERTIFICATE-----
Generated at Wed Dec 7 02:38:09 2022 by rpki-client.