Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/7crKEJ7jguZJ1hWya9oM7R7IkQ0.roa
File:                     7crKEJ7jguZJ1hWya9oM7R7IkQ0.roa (download)
Hash identifier:          DFkJVw3m/+dViHY+lhbeZssneUH3UFuUVhFZLa41kV4=
Subject key identifier:   ED:CA:CA:10:9E:E3:82:E6:49:D6:15:B2:6B:DA:0C:ED:1E:C8:91:0D
Certificate issuer:       /CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
Certificate serial:       0150C1D2
Authority key identifier: 3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/7crKEJ7jguZJ1hWya9oM7R7IkQ0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.137.164.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22069714 (0x150c1d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
        Validity
            Not Before: Jan  1 05:05:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=edcaca109ee382e649d615b26bda0ced1ec8910d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dd:98:55:88:8f:64:05:cf:6d:8c:fe:6b:ac:
                    6d:bb:ec:41:17:32:fc:1e:55:a9:0e:5a:9e:ff:81:
                    22:37:71:43:bb:f6:bc:db:ba:9d:0c:fa:68:37:b1:
                    e5:e2:ae:b2:82:53:ee:e0:5e:98:73:9a:d2:6a:7d:
                    1f:7b:03:3c:b1:3c:9c:a1:46:07:26:08:b5:86:05:
                    6b:f4:cb:44:a2:7c:3d:de:1d:00:65:db:35:f4:89:
                    ca:f9:94:df:fb:c2:51:54:0a:01:2d:ab:a7:15:a2:
                    e8:e3:17:fa:7d:a9:a3:d4:87:92:50:17:69:f3:f1:
                    63:53:06:29:cf:2a:bd:b0:7e:76:fb:b8:9b:3d:39:
                    c2:db:d1:28:34:5c:30:e9:28:22:71:d9:8f:a2:f9:
                    20:05:1f:4c:3d:c9:25:07:60:30:a7:41:30:f3:e2:
                    2a:24:97:f8:14:93:82:e8:a2:86:ab:40:42:9b:af:
                    84:94:d6:9d:3f:97:63:87:c9:60:96:86:a0:58:53:
                    3f:3f:fe:c7:22:1b:ea:03:02:7d:96:e1:98:af:15:
                    14:40:4e:e3:48:a9:79:b2:3c:b1:03:13:33:c4:23:
                    6c:33:54:51:67:29:8a:15:1b:82:a1:d4:47:28:08:
                    1e:af:57:98:5a:5b:fd:cb:35:f3:21:d0:e7:7f:29:
                    51:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                ED:CA:CA:10:9E:E3:82:E6:49:D6:15:B2:6B:DA:0C:ED:1E:C8:91:0D
            X509v3 Authority Key Identifier: 
                keyid:3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/7crKEJ7jguZJ1hWya9oM7R7IkQ0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:64:de:e8:ee:8e:de:b7:f2:22:6d:b4:1c:91:81:a8:f2:ef:
         04:fa:e3:16:19:3a:31:d0:e7:7d:93:29:38:3d:0a:66:33:2c:
         da:34:25:33:75:85:35:72:07:44:51:dc:f3:69:f1:9b:29:38:
         22:66:a0:2d:aa:03:bb:5a:c3:8e:0f:7a:17:a9:fe:7b:88:dd:
         12:82:b3:72:05:ef:b9:aa:a7:17:9a:51:07:5c:bc:3d:37:46:
         01:98:23:01:5e:c8:82:2d:d3:d6:73:f3:48:23:d2:c4:f4:df:
         38:40:3a:7a:07:31:10:fc:40:ed:80:96:38:86:25:71:fd:48:
         13:f3:11:c0:9d:3d:bb:c9:21:fd:d9:12:2f:a2:bb:ea:b5:58:
         12:10:75:74:5e:28:51:b4:c9:ee:b0:50:2b:2f:e4:01:14:89:
         52:c9:25:6f:96:38:61:b7:8a:55:99:04:8d:25:75:4a:45:56:
         7f:83:4f:25:f8:ad:05:9b:12:ce:3b:c4:6a:31:5c:5f:2e:40:
         52:b1:00:4f:b5:76:13:f8:d0:e8:83:07:6d:5c:a3:d5:bc:be:
         0a:27:be:b5:6b:f6:c0:48:eb:58:cc:04:58:8f:e0:90:69:cd:
         63:f1:1e:87:f8:ca:ce:5e:1f:45:dc:40:c6:24:0c:5c:f4:90:
         72:73:4b:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVDB0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjNmZmY3MWU1OWYzNTA2M2Y4MDlmYzVlYjNhZjRjNDE5ZjdiZjMzMB4XDTIyMDEw
MTA1MDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRjYWNhMTA5ZWUz
ODJlNjQ5ZDYxNWIyNmJkYTBjZWQxZWM4OTEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7dmFWIj2QFz22M/musbbvsQRcy/B5VqQ5anv+BIjdxQ7v2
vNu6nQz6aDex5eKusoJT7uBemHOa0mp9H3sDPLE8nKFGByYItYYFa/TLRKJ8Pd4d
AGXbNfSJyvmU3/vCUVQKAS2rpxWi6OMX+n2po9SHklAXafPxY1MGKc8qvbB+dvu4
mz05wtvRKDRcMOkoInHZj6L5IAUfTD3JJQdgMKdBMPPiKiSX+BSTguiihqtAQpuv
hJTWnT+XY4fJYJaGoFhTPz/+xyIb6gMCfZbhmK8VFEBO40ipebI8sQMTM8QjbDNU
UWcpihUbgqHURygIHq9XmFpb/cs18yHQ538pUdECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTtysoQnuOC5knWFbJr2gztHsiRDTAfBgNVHSMEGDAWgBQ7P/9x5Z81Bj+A
n8XrOvTEGfe/MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L096X19jZVdmTlFZX2dKX0Y2enIweEJuM3Z6TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvMDJjMGNmLTQ4OWQtNGZkYS05ZTM5LTEwMTMzMjMyZTc1OS8x
LzdjcktFSjdqZ3VaSjFoV3lhOW9NN1I3SWtRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
MDJjMGNmLTQ4OWQtNGZkYS05ZTM5LTEwMTMzMjMyZTc1OS8xL096X19jZVdmTlFZ
X2dKX0Y2enIweEJuM3Z6TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmJpDANBgkqhkiG9w0BAQsFAAOC
AQEAvmTe6O6O3rfyIm20HJGBqPLvBPrjFhk6MdDnfZMpOD0KZjMs2jQlM3WFNXIH
RFHc82nxmyk4ImagLaoDu1rDjg96F6n+e4jdEoKzcgXvuaqnF5pRB1y8PTdGAZgj
AV7Igi3T1nPzSCPSxPTfOEA6egcxEPxA7YCWOIYlcf1IE/MRwJ09u8kh/dkSL6K7
6rVYEhB1dF4oUbTJ7rBQKy/kARSJUsklb5Y4YbeKVZkEjSV1SkVWf4NPJfitBZsS
zjvEajFcXy5AUrEAT7V2E/jQ6IMHbVyj1by+Cie+tWv2wEjrWMwEWI/gkGnNY/Ee
h/jKzl4fRdxAxiQMXPSQcnNL2Q==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:28:26 2022 by rpki-client.