Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/emaxmIJYUd3zSHZrNtXmUrWOCXo.roa
File:                     emaxmIJYUd3zSHZrNtXmUrWOCXo.roa (download)
Hash identifier:          b4Bsi0HZ9Low9wt4eNK3/E+FB5LxBVSOHdbUpWJLJ5k=
Subject key identifier:   7A:66:B1:98:82:58:51:DD:F3:48:76:6B:36:D5:E6:52:B5:8E:09:7A
Certificate issuer:       /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial:       45FE
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/emaxmIJYUd3zSHZrNtXmUrWOCXo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 45.133.136.0/24 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17918 (0x45fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
        Validity
            Not Before: Jan 31 14:26:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7a66b198825851ddf348766b36d5e652b58e097a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b3:a4:7b:cf:01:60:7d:56:9e:71:db:16:a2:
                    de:95:3c:b1:cc:7d:dd:34:73:6b:d2:7a:1a:6e:95:
                    9b:c4:f7:a3:e4:30:2d:2f:b6:75:91:1d:12:3d:8a:
                    64:a9:49:ef:fc:31:6e:19:be:4e:c9:79:fb:7f:40:
                    42:97:31:56:63:b8:07:95:d6:a3:48:07:11:38:89:
                    ce:43:fe:4c:a7:d8:ea:9e:c7:26:4a:30:80:95:fb:
                    c0:f2:7b:ad:d5:2c:cb:cf:7e:01:e1:a2:3d:bf:04:
                    c7:c9:5b:3f:b3:86:cf:34:d8:eb:c7:bf:d1:c7:aa:
                    da:f2:33:1b:58:af:54:1e:91:4e:f3:85:48:d5:08:
                    56:71:04:fd:a8:12:23:6b:e3:bd:73:a2:34:ce:42:
                    df:11:75:b9:b8:ba:70:ca:07:49:5e:6b:ea:de:24:
                    1f:23:c1:ac:37:65:f0:1d:2e:63:fd:6a:bb:c4:61:
                    74:15:f3:43:5b:35:87:da:4a:db:b1:1f:6f:1f:04:
                    15:4f:aa:f7:7b:7d:fb:ac:5b:bc:08:28:9a:f9:87:
                    7a:08:4d:a3:28:ee:f4:b8:1f:7b:4d:25:9c:fa:32:
                    c4:d5:d7:2b:02:68:17:4b:a5:0b:34:d6:42:a0:02:
                    88:fd:2d:42:c3:19:71:c6:1c:fd:a9:51:b8:0c:da:
                    11:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7A:66:B1:98:82:58:51:DD:F3:48:76:6B:36:D5:E6:52:B5:8E:09:7A
            X509v3 Authority Key Identifier: 
                keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/emaxmIJYUd3zSHZrNtXmUrWOCXo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:6b:a2:93:3f:ad:64:bf:ae:6f:36:35:26:93:34:ad:12:a6:
         3a:05:2d:0d:6f:98:4c:7f:6a:eb:15:80:76:e4:71:e6:0e:af:
         45:b3:77:97:cb:c7:0e:64:46:1a:43:d7:0b:45:69:ef:a0:4a:
         1c:af:e7:0c:30:a8:d4:21:e1:bc:a3:ec:56:9c:45:03:da:6f:
         c4:77:d4:0e:77:48:c1:e0:78:85:b5:ff:2c:f6:6c:e8:eb:62:
         5d:29:49:ec:a1:47:e0:55:c9:ff:16:7d:ba:84:4b:77:65:c6:
         ee:a0:5a:b0:72:6a:c3:94:ff:6e:6f:51:ec:37:3f:92:0b:44:
         de:c7:32:40:b4:84:ce:1a:9d:93:08:bf:5e:15:6c:d6:0b:3e:
         f1:70:0d:95:50:4a:62:07:7b:5a:66:cb:ac:7b:3a:90:b1:29:
         c0:ff:a0:fe:9c:98:23:18:f6:2c:cc:0c:49:3e:31:f5:46:98:
         e3:da:01:4c:09:37:6e:8b:f5:02:4c:de:4e:27:c9:07:b3:72:
         c2:3a:1a:50:34:72:8b:62:53:17:d7:3b:51:4c:83:76:ed:44:
         be:8d:51:73:78:62:df:49:c1:d6:f7:83:ba:db:8d:3f:af:d0:
         8c:a0:09:b2:b3:a4:c3:ef:5f:2a:6e:0c:01:7e:86:6b:06:c8:
         ec:ca:af:38
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICRf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDM1
NDE2YjIyODJiNDUzM2MzNTA5YzE4ZTk1N2NlMGM4MzZiYzgzNzAeFw0yMjAxMzEx
NDI2MDNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDdhNjZiMTk4ODI1ODUx
ZGRmMzQ4NzY2YjM2ZDVlNjUyYjU4ZTA5N2EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFs6R7zwFgfVaecdsWot6VPLHMfd00c2vSehpulZvE96PkMC0v
tnWRHRI9imSpSe/8MW4Zvk7Jeft/QEKXMVZjuAeV1qNIBxE4ic5D/kyn2OqexyZK
MICV+8Dye63VLMvPfgHhoj2/BMfJWz+zhs802OvHv9HHqtryMxtYr1QekU7zhUjV
CFZxBP2oEiNr471zojTOQt8Rdbm4unDKB0lea+reJB8jwaw3ZfAdLmP9arvEYXQV
80NbNYfaStuxH28fBBVPqvd7ffusW7wIKJr5h3oITaMo7vS4H3tNJZz6MsTV1ysC
aBdLpQs01kKgAoj9LULDGXHGHP2pUbgM2hF9AgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUemaxmIJYUd3zSHZrNtXmUrWOCXowHwYDVR0jBBgwFoAUQ1QWsigrRTPDUJwY
6VfODINryDcwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9R
MVFXc2lnclJUUERVSndZNlZmT0RJTnJ5RGMuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2IzLzYzZmY4MS02NDYwLTRjMDUtODUyZC0yNjJlYjM5YmJlNzYvMS9l
bWF4bUlKWVVkM3pTSFpyTnRYbVVyV09DWG8ucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzYz
ZmY4MS02NDYwLTRjMDUtODUyZC0yNjJlYjM5YmJlNzYvMS9RMVFXc2lnclJUUERV
SndZNlZmT0RJTnJ5RGMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAthYgwDQYJKoZIhvcNAQELBQADggEB
ABBropM/rWS/rm82NSaTNK0SpjoFLQ1vmEx/ausVgHbkceYOr0Wzd5fLxw5kRhpD
1wtFae+gShyv5wwwqNQh4byj7FacRQPab8R31A53SMHgeIW1/yz2bOjrYl0pSeyh
R+BVyf8WfbqES3dlxu6gWrByasOU/25vUew3P5ILRN7HMkC0hM4anZMIv14VbNYL
PvFwDZVQSmIHe1pmy6x7OpCxKcD/oP6cmCMY9izMDEk+MfVGmOPaAUwJN26L9QJM
3k4nyQezcsI6GlA0cotiUxfXO1FMg3btRL6NUXN4Yt9Jwdb3g7rbjT+v0IygCbKz
pMPvXypuDAF+hmsGyOzKrzg=
-----END CERTIFICATE-----
Generated at Thu Dec 8 20:08:28 2022 by rpki-client.