Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/yTX6CjmerXfqPbeUumtSp-IJG2E.roa
File:                     yTX6CjmerXfqPbeUumtSp-IJG2E.roa (download)
Hash identifier:          2kwH2Lxb1c9jHv495BvQlwXmPQcJirTLiFGya9QSZws=
Subject key identifier:   C9:35:FA:0A:39:9E:AD:77:EA:3D:B7:94:BA:6B:52:A7:E2:09:1B:61
Certificate issuer:       /CN=77bc534ba44e9d3cba2f2446d4a3dd6eea9b8f61
Certificate serial:       EF1202
Authority key identifier: 77:BC:53:4B:A4:4E:9D:3C:BA:2F:24:46:D4:A3:DD:6E:EA:9B:8F:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7xTS6ROnTy6LyRG1KPdbuqbj2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/yTX6CjmerXfqPbeUumtSp-IJG2E.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a11:60c0:1::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15667714 (0xef1202)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77bc534ba44e9d3cba2f2446d4a3dd6eea9b8f61
        Validity
            Not Before: Jan  1 10:54:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c935fa0a399ead77ea3db794ba6b52a7e2091b61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:98:5f:e8:93:f9:64:71:4f:60:aa:d6:d2:b8:
                    bc:d7:d0:7a:f8:6c:70:c7:bc:4d:c8:ec:52:98:4f:
                    7f:cd:e2:7c:70:10:a1:63:93:a1:20:97:6d:95:2c:
                    d0:5f:36:2e:dc:77:07:6b:3a:4c:e7:2d:f8:ae:78:
                    54:5d:5e:4e:20:0c:9e:96:af:2f:06:50:74:af:96:
                    80:c6:da:76:9d:6b:70:b2:c9:6a:48:26:ea:b7:fe:
                    35:8b:aa:fe:b0:3b:1c:cd:cb:fd:14:51:24:a6:82:
                    b7:5c:ad:93:eb:2f:9f:5d:d4:dd:e9:0a:8d:f6:36:
                    17:48:ba:55:fa:f3:f4:7e:ac:c7:0b:75:52:20:58:
                    e5:e8:76:bc:4a:2d:d7:bd:a0:ae:44:a8:9c:16:8d:
                    2b:95:1e:40:99:89:36:0e:8c:06:88:f4:f7:86:73:
                    8f:41:71:62:be:f1:87:bc:a5:d3:40:9c:f7:8a:6a:
                    74:41:5d:f4:9f:e7:1b:cd:aa:43:2e:97:36:78:cc:
                    fb:ed:b4:d5:13:93:a4:b5:66:95:b3:fa:18:d2:8f:
                    ff:0b:3b:ce:e2:67:00:df:e9:29:83:48:3c:32:60:
                    2d:10:6f:01:c2:e1:8d:d9:04:93:30:fd:b2:2c:c7:
                    44:c1:f5:6d:cd:75:5f:1e:0d:5a:39:8f:42:9d:61:
                    19:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                C9:35:FA:0A:39:9E:AD:77:EA:3D:B7:94:BA:6B:52:A7:E2:09:1B:61
            X509v3 Authority Key Identifier: 
                keyid:77:BC:53:4B:A4:4E:9D:3C:BA:2F:24:46:D4:A3:DD:6E:EA:9B:8F:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7xTS6ROnTy6LyRG1KPdbuqbj2E.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/yTX6CjmerXfqPbeUumtSp-IJG2E.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/2fdd56-ba2c-46fb-9882-9b257f4fea8d/1/d7xTS6ROnTy6LyRG1KPdbuqbj2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:60c0:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:d7:f3:1f:3d:f5:f0:3b:8e:07:6d:f9:32:c7:62:62:c7:04:
         09:fd:4f:de:02:36:d5:55:17:dd:29:d2:b0:ea:8f:7e:b5:e3:
         15:86:97:b8:89:22:5c:af:a9:41:1e:4f:8c:79:77:39:e7:8e:
         4e:63:6f:2b:28:4e:eb:b8:a3:ee:52:42:92:08:6a:14:cf:fe:
         ec:f0:ac:77:33:bb:b1:1e:94:29:19:55:31:bc:1c:a5:cf:62:
         50:b2:64:5f:07:03:9b:42:5b:5d:dd:13:5d:b1:20:cf:23:7d:
         81:1c:37:c9:bb:d6:32:0a:6c:f0:41:39:6b:0f:ed:69:59:62:
         77:76:16:aa:57:03:b8:6e:b1:94:a7:9e:1c:64:c0:33:87:e3:
         5a:a1:14:cd:0e:db:55:ae:9e:61:28:c2:6f:50:6b:8c:f1:3a:
         00:d9:0f:4b:b4:17:b5:70:27:d8:78:e8:36:95:f3:d6:26:b0:
         f5:d0:20:65:91:58:2a:a8:28:b0:b8:16:97:c6:ba:c0:41:28:
         b4:5f:39:7a:21:1d:e2:1f:91:e8:18:a4:e7:1e:1a:c9:f5:1d:
         a8:58:7f:cc:11:f6:d7:0b:87:27:e9:db:59:8e:7b:bc:e4:cd:
         6f:4f:86:d2:c8:fc:02:57:a9:81:3a:c9:1c:be:c1:c2:5a:0d:
         7f:27:9f:23
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEAO8SAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2JjNTM0YmE0NGU5ZDNjYmEyZjI0NDZkNGEzZGQ2ZWVhOWI4ZjYxMB4XDTIyMDEw
MTEwNTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzkzNWZhMGEzOTll
YWQ3N2VhM2RiNzk0YmE2YjUyYTdlMjA5MWI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqYX+iT+WRxT2Cq1tK4vNfQevhscMe8TcjsUphPf83ifHAQ
oWOToSCXbZUs0F82Ltx3B2s6TOct+K54VF1eTiAMnpavLwZQdK+WgMbadp1rcLLJ
akgm6rf+NYuq/rA7HM3L/RRRJKaCt1ytk+svn13U3ekKjfY2F0i6Vfrz9H6sxwt1
UiBY5eh2vEot172grkSonBaNK5UeQJmJNg6MBoj094Zzj0FxYr7xh7yl00Cc94pq
dEFd9J/nG82qQy6XNnjM++201ROTpLVmlbP6GNKP/ws7zuJnAN/pKYNIPDJgLRBv
AcLhjdkEkzD9sizHRMH1bc11Xx4NWjmPQp1hGVkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTJNfoKOZ6td+o9t5S6a1Kn4gkbYTAfBgNVHSMEGDAWgBR3vFNLpE6dPLov
JEbUo91u6puPYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q3eFRTNlJPblR5Nkx5UkcxS1BkYnVxYmoyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvMmZkZDU2LWJhMmMtNDZmYi05ODgyLTliMjU3ZjRmZWE4ZC8x
L3lUWDZDam1lclhmcVBiZVV1bXRTcC1JSkcyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
MmZkZDU2LWJhMmMtNDZmYi05ODgyLTliMjU3ZjRmZWE4ZC8xL2Q3eFRTNlJPblR5
Nkx5UkcxS1BkYnVxYmoyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoRYMAAATANBgkqhkiG9w0BAQsF
AAOCAQEABtfzHz318DuOB235MsdiYscECf1P3gI21VUX3SnSsOqPfrXjFYaXuIki
XK+pQR5PjHl3OeeOTmNvKyhO67ij7lJCkghqFM/+7PCsdzO7sR6UKRlVMbwcpc9i
ULJkXwcDm0JbXd0TXbEgzyN9gRw3ybvWMgps8EE5aw/taVlid3YWqlcDuG6xlKee
HGTAM4fjWqEUzQ7bVa6eYSjCb1BrjPE6ANkPS7QXtXAn2HjoNpXz1iaw9dAgZZFY
KqgosLgWl8a6wEEotF85eiEd4h+R6Bik5x4ayfUdqFh/zBH21wuHJ+nbWY57vOTN
b0+G0sj8AlepgTrJHL7BwloNfyefIw==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:20:18 2022 by rpki-client.