Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/be/e40697-7a48-42db-8b66-1bdb07875d12/1/

$ rpki-client -vvf kxQ611QW5l5bdjpamYCMJOZu-d4.roa
File:                     kxQ611QW5l5bdjpamYCMJOZu-d4.roa (download)
Hash identifier:          S/lZ5V1+ggjA8g7GtgFnmvhA9ajhExPXgHxFMeq6LXc=
Subject key identifier:   93:14:3A:D7:54:16:E6:5E:5B:76:3A:5A:99:80:8C:24:E6:6E:F9:DE
Certificate issuer:       /CN=9ff736a181e954a7701aa328056f2c48c366aee7
Certificate serial:       977DE6
Authority key identifier: 9F:F7:36:A1:81:E9:54:A7:70:1A:A3:28:05:6F:2C:48:C3:66:AE:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n_c2oYHpVKdwGqMoBW8sSMNmruc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/e40697-7a48-42db-8b66-1bdb07875d12/1/kxQ611QW5l5bdjpamYCMJOZu-d4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.126.119.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9928166 (0x977de6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ff736a181e954a7701aa328056f2c48c366aee7
        Validity
            Not Before: Jan  1 00:56:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=93143ad75416e65e5b763a5a99808c24e66ef9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:78:6a:af:13:90:0a:25:1b:75:21:4c:d1:95:
                    f8:e9:a1:b0:79:fc:38:d6:39:26:05:09:ed:a2:5f:
                    2c:7b:3c:d9:84:97:ac:5e:b3:f3:f8:c2:79:00:fc:
                    f1:93:7a:0f:dd:4e:31:75:3d:d7:67:0a:58:f1:6b:
                    42:35:74:46:ed:45:2b:c9:7e:25:2d:10:7c:eb:cb:
                    62:c9:e6:94:23:da:41:6d:f6:5c:94:6f:0e:34:c7:
                    95:0c:0c:0b:d8:9f:e2:ee:04:1a:ff:45:43:d5:a5:
                    f2:37:9c:d7:58:d1:fa:78:2f:18:e0:93:81:82:50:
                    a1:2a:cd:94:17:ef:ae:63:68:12:8a:4e:ec:20:b6:
                    e1:e6:d9:d3:c5:45:f7:15:dc:db:a2:29:65:fc:82:
                    87:8d:4f:12:f9:c4:1d:04:74:aa:90:00:cb:b5:6c:
                    be:37:dc:61:44:19:40:1a:fb:78:ef:c9:09:7c:76:
                    1b:d5:8d:29:ad:c0:2c:a1:42:35:1c:f9:2c:17:25:
                    97:6c:14:fa:7b:c8:a1:97:13:23:ae:ac:cd:29:4b:
                    ee:b0:51:eb:4d:1b:3b:0f:24:54:3f:a1:a1:6a:0b:
                    21:39:0e:16:0f:40:b1:cd:e6:f9:bf:c6:9b:ba:51:
                    90:7f:29:b9:4b:a8:66:82:42:8b:dd:d5:7d:b4:8c:
                    1a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                93:14:3A:D7:54:16:E6:5E:5B:76:3A:5A:99:80:8C:24:E6:6E:F9:DE
            X509v3 Authority Key Identifier: 
                keyid:9F:F7:36:A1:81:E9:54:A7:70:1A:A3:28:05:6F:2C:48:C3:66:AE:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_c2oYHpVKdwGqMoBW8sSMNmruc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e40697-7a48-42db-8b66-1bdb07875d12/1/kxQ611QW5l5bdjpamYCMJOZu-d4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e40697-7a48-42db-8b66-1bdb07875d12/1/n_c2oYHpVKdwGqMoBW8sSMNmruc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.126.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:00:54:60:6a:41:f6:72:bf:0e:53:03:0a:16:1a:00:f7:ae:
         f8:c3:c6:da:7c:d5:84:e7:ee:bd:0f:ff:8a:df:79:7a:c0:b9:
         cd:53:65:cd:37:18:eb:7f:8d:a9:ee:e4:3b:34:64:7d:3d:4d:
         94:28:47:61:11:14:64:5b:58:ca:5c:d7:e9:dc:5c:3e:2d:60:
         a1:08:d9:24:a3:1d:af:bf:4c:5e:3f:27:be:29:f5:48:98:62:
         6d:da:c2:6d:49:39:48:cb:38:ed:35:b6:86:da:11:cc:9f:b8:
         8b:3e:52:29:3d:0b:13:b2:3d:a2:7a:ba:4e:7e:89:8e:75:28:
         6a:e7:6f:49:9f:65:e8:5d:2f:94:22:22:f5:fb:d2:26:90:4b:
         b6:7c:96:5e:6d:c2:db:01:fc:ec:33:2a:11:f6:5d:25:3f:82:
         e0:34:2d:d5:1b:24:3e:d8:de:96:2b:29:54:46:0b:c7:f6:46:
         8b:c3:ce:35:97:dd:3d:62:e5:d7:62:18:54:0c:be:19:70:73:
         cb:e9:68:a4:65:9b:0f:0a:80:3f:b5:79:9f:05:d8:15:42:a3:
         72:7a:dc:36:cc:61:05:73:8f:54:64:1f:b8:31:34:ba:1f:f3:
         66:4d:4c:1c:83:1f:34:53:31:cb:83:ba:fa:76:00:eb:77:a1:
         d7:5d:0c:02
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJd95jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZmY3MzZhMTgxZTk1NGE3NzAxYWEzMjgwNTZmMmM0OGMzNjZhZWU3MB4XDTIyMDEw
MTAwNTYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMxNDNhZDc1NDE2
ZTY1ZTViNzYzYTVhOTk4MDhjMjRlNjZlZjlkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL94aq8TkAolG3UhTNGV+OmhsHn8ONY5JgUJ7aJfLHs82YSX
rF6z8/jCeQD88ZN6D91OMXU912cKWPFrQjV0Ru1FK8l+JS0QfOvLYsnmlCPaQW32
XJRvDjTHlQwMC9if4u4EGv9FQ9Wl8jec11jR+ngvGOCTgYJQoSrNlBfvrmNoEopO
7CC24ebZ08VF9xXc26IpZfyCh41PEvnEHQR0qpAAy7VsvjfcYUQZQBr7eO/JCXx2
G9WNKa3ALKFCNRz5LBcll2wU+nvIoZcTI66szSlL7rBR600bOw8kVD+hoWoLITkO
Fg9Asc3m+b/Gm7pRkH8puUuoZoJCi93VfbSMGsUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTFDrXVBbmXlt2OlqZgIwk5m753jAfBgNVHSMEGDAWgBSf9zahgelUp3Aa
oygFbyxIw2au5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25fYzJvWUhwVktkd0dxTW9CVzhzU01ObXJ1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTQwNjk3LTdhNDgtNDJkYi04YjY2LTFiZGIwNzg3NWQxMi8x
L2t4UTYxMVFXNWw1YmRqcGFtWUNNSk9adS1kNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTQwNjk3LTdhNDgtNDJkYi04YjY2LTFiZGIwNzg3NWQxMi8xL25fYzJvWUhwVktk
d0dxTW9CVzhzU01ObXJ1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB+dzANBgkqhkiG9w0BAQsFAAOC
AQEAVgBUYGpB9nK/DlMDChYaAPeu+MPG2nzVhOfuvQ//it95esC5zVNlzTcY63+N
qe7kOzRkfT1NlChHYREUZFtYylzX6dxcPi1goQjZJKMdr79MXj8nvin1SJhibdrC
bUk5SMs47TW2htoRzJ+4iz5SKT0LE7I9onq6Tn6JjnUoaudvSZ9l6F0vlCIi9fvS
JpBLtnyWXm3C2wH87DMqEfZdJT+C4DQt1RskPtjelispVEYLx/ZGi8PONZfdPWLl
12IYVAy+GXBzy+lopGWbDwqAP7V5nwXYFUKjcnrcNsxhBXOPVGQfuDE0uh/zZk1M
HIMfNFMxy4O6+nYA63eh110MAg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:02:42 2022 by rpki-client.