Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/t7KSyWhtPUsM8nkPfEqBx9KxAPE.roa
File:                     t7KSyWhtPUsM8nkPfEqBx9KxAPE.roa (download)
Hash identifier:          oTFS1J2ogvRgE3mpbAvWwTi9b/d0ng0nSE5AmgD+lxE=
Subject key identifier:   B7:B2:92:C9:68:6D:3D:4B:0C:F2:79:0F:7C:4A:81:C7:D2:B1:00:F1
Certificate issuer:       /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial:       0182F29450A606CBEF7A301035A53D7DFA35
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/t7KSyWhtPUsM8nkPfEqBx9KxAPE.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 178.255.219.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:f2:94:50:a6:06:cb:ef:7a:30:10:35:a5:3d:7d:fa:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
        Validity
            Not Before: Aug 31 06:26:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b7b292c9686d3d4b0cf2790f7c4a81c7d2b100f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a7:ce:7a:26:19:f6:3d:c7:50:6b:de:9b:61:
                    c8:6d:0d:5e:ef:20:24:c6:33:7d:18:38:b0:ad:d8:
                    27:db:16:bb:d9:e8:83:9b:a9:e5:f2:d6:74:31:39:
                    c1:b6:f4:6e:4c:5b:a4:d0:6d:35:23:5b:81:42:41:
                    f4:03:e0:52:ea:f8:05:37:9b:2e:73:b5:62:d6:4a:
                    66:cc:b5:83:45:df:82:b1:6d:9a:16:63:87:9c:cc:
                    8d:d1:56:b6:28:5e:f6:43:0c:4f:ad:7f:ab:06:16:
                    73:f3:23:7c:0c:14:b2:73:d0:2b:e7:44:68:64:1e:
                    ed:2d:30:f5:2e:14:ce:51:de:40:63:3e:4e:48:21:
                    26:00:d0:c3:53:4b:02:27:66:9e:ad:0c:12:9c:00:
                    48:09:06:bf:aa:9a:99:7f:cb:7a:05:9d:01:58:31:
                    81:3d:d5:d2:b7:e0:8d:44:9e:3b:51:5d:7a:10:bc:
                    4c:09:02:62:a4:e8:36:f2:d2:35:84:9d:8c:ff:f6:
                    e7:cf:7b:89:4e:f2:0d:de:bb:ed:ac:c7:ba:02:a3:
                    90:18:68:02:a3:4b:09:b7:ab:ea:f4:bf:fc:23:8b:
                    8e:7a:28:4c:30:f9:2d:24:21:cf:c3:f8:0b:ad:55:
                    d3:48:3f:25:34:55:9d:eb:df:73:05:e3:96:2a:58:
                    b4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B7:B2:92:C9:68:6D:3D:4B:0C:F2:79:0F:7C:4A:81:C7:D2:B1:00:F1
            X509v3 Authority Key Identifier: 
                keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/t7KSyWhtPUsM8nkPfEqBx9KxAPE.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.255.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:a7:5c:91:f8:a7:db:1a:4c:a7:84:2e:10:1e:46:c7:e8:7a:
         c0:17:8b:f5:b3:d5:52:28:ff:19:c4:65:99:d7:1f:39:6b:c2:
         b3:7e:ff:36:65:02:e1:e2:b8:47:0e:00:ce:fb:9d:9b:e3:47:
         a9:e5:65:5b:34:ec:04:db:c2:a7:be:33:da:fc:c1:f2:77:b4:
         dd:0e:25:23:3d:3c:9f:30:a8:6c:b9:8c:fd:4d:3b:37:3d:ee:
         c5:f6:be:eb:f4:25:51:38:62:d0:ff:46:03:34:db:fd:f8:33:
         3f:36:df:03:c3:5e:3e:8a:cc:f2:4e:1a:25:31:86:4f:61:59:
         36:42:b6:1d:c9:8c:50:72:8e:99:20:81:f9:6d:10:47:f0:4c:
         a6:fd:41:26:3b:6a:5c:0e:d4:12:cf:26:d7:08:6b:4b:08:5e:
         13:0f:51:cc:93:e6:d7:de:b2:6f:63:5d:da:76:2c:03:81:a9:
         e1:1d:ac:3a:19:d4:d1:c2:bb:d0:a3:cf:f3:1d:31:22:3a:6e:
         1c:e8:bf:97:01:2e:b4:6d:91:2e:42:be:bb:3f:e8:24:7a:7c:
         b2:08:06:f8:4d:1a:80:1d:13:2d:65:6d:68:5b:2d:44:b3:45:
         ae:8a:93:b2:2a:25:8a:60:84:8f:57:55:a7:c2:7a:50:20:8c:
         22:68:1f:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLylFCmBsvvejAQNaU9ffo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjI4MDVkODc3NmVlZGViN2FhNGNiZTVhZjU2OGNkYjI2
MjlmYzIwHhcNMjIwODMxMDYyNjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IyOTJjOTY4NmQzZDRiMGNmMjc5MGY3YzRhODFjN2QyYjEwMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoafOeiYZ9j3HUGvem2HIbQ1e7yAk
xjN9GDiwrdgn2xa72eiDm6nl8tZ0MTnBtvRuTFuk0G01I1uBQkH0A+BS6vgFN5su
c7Vi1kpmzLWDRd+CsW2aFmOHnMyN0Va2KF72QwxPrX+rBhZz8yN8DBSyc9Ar50Ro
ZB7tLTD1LhTOUd5AYz5OSCEmANDDU0sCJ2aerQwSnABICQa/qpqZf8t6BZ0BWDGB
PdXSt+CNRJ47UV16ELxMCQJipOg28tI1hJ2M//bnz3uJTvIN3rvtrMe6AqOQGGgC
o0sJt6vq9L/8I4uOeihMMPktJCHPw/gLrVXTSD8lNFWd699zBeOWKli0AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeykslobT1LDPJ5D3xKgcfSsQDxMB8GA1UdIwQY
MBaAFPOygF2Hdu7et6pMvlr1aM2yYp/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgt
ODNiYzc5NzI3OGUyLzEvdDdLU3lXaHRQVXNNOG5rUGZFcUJ4OUt4QVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgtODNiYzc5NzI3OGUy
LzEvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv/bMA0G
CSqGSIb3DQEBCwUAA4IBAQAMp1yR+KfbGkynhC4QHkbH6HrAF4v1s9VSKP8ZxGWZ
1x85a8Kzfv82ZQLh4rhHDgDO+52b40ep5WVbNOwE28KnvjPa/MHyd7TdDiUjPTyf
MKhsuYz9TTs3Pe7F9r7r9CVROGLQ/0YDNNv9+DM/Nt8Dw14+iszyTholMYZPYVk2
QrYdyYxQco6ZIIH5bRBH8Eym/UEmO2pcDtQSzybXCGtLCF4TD1HMk+bX3rJvY13a
diwDganhHaw6GdTRwrvQo8/zHTEiOm4c6L+XAS60bZEuQr67P+gkenyyCAb4TRqA
HRMtZW1oWy1Es0WuipOyKiWKYISPV1WnwnpQIIwiaB8q
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:01:24 2022 by rpki-client.