Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa
File:                     s1pT7wWvnpx8ggvaZOMpQex7lK0.roa (download)
Hash identifier:          3vAV/UCPJ+HCYlYx0ODcK5Klv4C/A/9e3kIrNKA5gyI=
Subject key identifier:   B3:5A:53:EF:05:AF:9E:9C:7C:82:0B:DA:64:E3:29:41:EC:7B:94:AD
Certificate issuer:       /CN=f69ff1c62b1afcf52ffdbd500dd47e1a68f13fc7
Certificate serial:       02FC621C
Authority key identifier: F6:9F:F1:C6:2B:1A:FC:F5:2F:FD:BD:50:0D:D4:7E:1A:68:F1:3F:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9p_xxisa_PUv_b1QDdR-GmjxP8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 193.3.38.0/24 maxlen: 24
    2: 2a10:8e00::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50094620 (0x2fc621c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f69ff1c62b1afcf52ffdbd500dd47e1a68f13fc7
        Validity
            Not Before: Jan  1 14:02:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b35a53ef05af9e9c7c820bda64e32941ec7b94ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:3a:05:f2:3e:77:2f:38:e0:f0:17:e0:53:d8:
                    fe:6d:ec:9a:44:a2:2c:30:1a:68:7a:ef:28:56:23:
                    f7:00:eb:a7:b3:d0:14:96:55:c0:7a:49:3d:1f:18:
                    80:7e:dc:25:f1:80:32:ef:91:d0:fa:89:8f:49:9e:
                    2d:2d:58:35:bd:d9:d9:64:e0:0c:b1:ce:21:4a:46:
                    b4:8b:98:79:4a:2e:32:03:b2:44:45:62:14:7d:46:
                    58:4d:a4:cf:33:d7:2a:91:fc:7a:ef:0a:8a:73:65:
                    93:f8:a8:94:e7:20:16:ee:89:f1:8d:43:a2:09:1e:
                    06:ee:30:d3:14:75:09:d7:66:22:3d:d3:c1:d3:c6:
                    5b:3f:b4:6f:29:80:ac:c1:e4:cf:70:10:6a:50:97:
                    e4:62:90:5c:a2:09:4d:6e:e8:fb:80:99:24:26:4a:
                    bd:19:2e:96:91:9c:d7:32:7a:82:81:16:61:d1:3b:
                    73:e9:1a:4f:bb:4c:16:56:75:84:0f:04:13:54:58:
                    2d:3f:67:d6:e9:94:78:d7:66:7f:9d:ee:52:42:ed:
                    25:73:ec:44:43:99:8b:9e:6d:85:ea:82:ab:20:97:
                    f7:b9:91:91:3b:41:b5:36:56:d1:18:27:f4:dc:6e:
                    8b:1e:fb:d0:2f:ad:da:30:e1:dd:c9:c6:7c:0a:f9:
                    c7:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B3:5A:53:EF:05:AF:9E:9C:7C:82:0B:DA:64:E3:29:41:EC:7B:94:AD
            X509v3 Authority Key Identifier: 
                keyid:F6:9F:F1:C6:2B:1A:FC:F5:2F:FD:BD:50:0D:D4:7E:1A:68:F1:3F:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p_xxisa_PUv_b1QDdR-GmjxP8c.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/s1pT7wWvnpx8ggvaZOMpQex7lK0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c05b70-d65a-46ed-a8ee-e2173ee37f91/1/9p_xxisa_PUv_b1QDdR-GmjxP8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.38.0/24
                IPv6:
                  2a10:8e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         ba:c5:0a:a5:14:bc:44:c9:7b:6c:55:f3:96:29:f3:de:36:0c:
         52:d1:b8:ad:f6:b6:a8:99:76:76:0c:6a:d8:d1:b4:6f:73:dd:
         42:c7:2d:44:28:2a:8d:34:e0:66:35:12:74:5f:60:e3:74:0a:
         f7:10:b2:1a:5e:fa:4d:ad:59:1e:10:84:57:02:4d:d0:51:c0:
         75:f7:03:d6:9a:c6:08:ac:16:46:12:b4:be:75:3d:f8:7a:c0:
         42:70:7a:87:35:f8:16:8d:b7:b8:3a:e8:56:e1:d9:35:54:9c:
         63:08:6e:a0:34:cb:1d:90:89:42:bf:73:6f:3d:58:54:3a:a2:
         06:49:3a:bc:17:6b:19:94:13:06:56:0f:81:8b:74:da:ca:a3:
         16:50:2b:17:2f:b6:c5:f9:aa:91:12:51:de:74:0b:a4:82:25:
         a7:14:ce:9d:74:8d:85:dd:34:a0:4e:32:b2:2b:26:90:9d:52:
         b9:5f:f1:76:59:b6:b6:3f:91:b7:ef:d5:db:96:4d:88:1a:6e:
         ef:0c:4d:8c:b5:7c:36:f9:64:07:4a:8b:76:35:4c:11:b3:dd:
         9a:30:d8:d6:33:e0:e0:58:7d:eb:81:23:5a:6c:d3:1f:98:21:
         ea:db:8c:c5:02:4d:fd:68:53:34:fa:55:6d:05:19:d8:21:c8:
         4a:49:73:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAvxiHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjlmZjFjNjJiMWFmY2Y1MmZmZGJkNTAwZGQ0N2UxYTY4ZjEzZmM3MB4XDTIyMDEw
MTE0MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM1YTUzZWYwNWFm
OWU5YzdjODIwYmRhNjRlMzI5NDFlYzdiOTRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOU6BfI+dy844PAX4FPY/m3smkSiLDAaaHrvKFYj9wDrp7PQ
FJZVwHpJPR8YgH7cJfGAMu+R0PqJj0meLS1YNb3Z2WTgDLHOIUpGtIuYeUouMgOy
REViFH1GWE2kzzPXKpH8eu8KinNlk/iolOcgFu6J8Y1DogkeBu4w0xR1CddmIj3T
wdPGWz+0bymArMHkz3AQalCX5GKQXKIJTW7o+4CZJCZKvRkulpGc1zJ6goEWYdE7
c+kaT7tMFlZ1hA8EE1RYLT9n1umUeNdmf53uUkLtJXPsREOZi55theqCqyCX97mR
kTtBtTZW0Rgn9Nxuix770C+t2jDh3cnGfAr5x/cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSzWlPvBa+enHyCC9pk4ylB7HuUrTAfBgNVHSMEGDAWgBT2n/HGKxr89S/9
vVAN1H4aaPE/xzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlwX3h4aXNhX1BVdl9iMVFEZFItR21qeFA4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvYzA1YjcwLWQ2NWEtNDZlZC1hOGVlLWUyMTczZWUzN2Y5MS8x
L3MxcFQ3d1d2bnB4OGdndmFaT01wUWV4N2xLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
YzA1YjcwLWQ2NWEtNDZlZC1hOGVlLWUyMTczZWUzN2Y5MS8xLzlwX3h4aXNhX1BV
dl9iMVFEZFItR21qeFA4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMEDJjANBAIAAjAHAwUAKhCOADAN
BgkqhkiG9w0BAQsFAAOCAQEAusUKpRS8RMl7bFXzlinz3jYMUtG4rfa2qJl2dgxq
2NG0b3PdQsctRCgqjTTgZjUSdF9g43QK9xCyGl76Ta1ZHhCEVwJN0FHAdfcD1prG
CKwWRhK0vnU9+HrAQnB6hzX4Fo23uDroVuHZNVScYwhuoDTLHZCJQr9zbz1YVDqi
Bkk6vBdrGZQTBlYPgYt02sqjFlArFy+2xfmqkRJR3nQLpIIlpxTOnXSNhd00oE4y
sismkJ1SuV/xdlm2tj+Rt+/V25ZNiBpu7wxNjLV8NvlkB0qLdjVMEbPdmjDY1jPg
4Fh964EjWmzTH5gh6tuMxQJN/WhTNPpVbQUZ2CHISklzwg==
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:40:14 2022 by rpki-client.