Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/

$ rpki-client -vvf m-ByV4bAdeRFT1CXIu07JM729Jc.roa
File:                     m-ByV4bAdeRFT1CXIu07JM729Jc.roa (download)
Hash identifier:          a6kAajMf1+Br4Aoi/mqEoSOnjqX+6bG9Ce93bQWXJVE=
Subject key identifier:   9B:E0:72:57:86:C0:75:E4:45:4F:50:97:22:ED:3B:24:CE:F6:F4:97
Certificate issuer:       /CN=c3a8e8648e0ba36a323ab9df6341d668bda6b4d2
Certificate serial:       D8EA59
Authority key identifier: C3:A8:E8:64:8E:0B:A3:6A:32:3A:B9:DF:63:41:D6:68:BD:A6:B4:D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w6joZI4Lo2oyOrnfY0HWaL2mtNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/m-ByV4bAdeRFT1CXIu07JM729Jc.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.34.82.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14215769 (0xd8ea59)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3a8e8648e0ba36a323ab9df6341d668bda6b4d2
        Validity
            Not Before: Jan  1 07:54:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9be0725786c075e4454f509722ed3b24cef6f497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f6:64:2f:43:46:30:f3:cd:ad:b8:81:a9:83:
                    78:0c:47:ff:0d:74:ad:ae:09:e8:92:0e:29:15:fc:
                    b0:00:97:68:f2:37:fa:f2:db:f1:15:c8:5e:31:26:
                    d0:74:53:64:e8:5d:7e:cf:c7:34:11:a8:19:10:84:
                    11:44:42:56:b9:33:9e:e7:c5:c7:5a:cd:ca:ec:fc:
                    be:23:43:23:35:5f:ea:8d:ae:54:13:5f:78:76:05:
                    a8:b5:44:73:72:13:b9:2f:2c:cb:a0:32:f8:36:8e:
                    ee:35:f3:a9:53:2f:1a:67:7b:0a:18:db:65:e3:4b:
                    ad:4f:f8:43:38:15:ee:61:fe:9b:77:ad:f8:d5:53:
                    62:77:00:c2:e2:17:ac:3c:11:d7:5a:99:de:68:91:
                    1d:04:aa:6d:ec:2f:16:7f:d5:91:01:e2:4b:06:f7:
                    d5:47:5e:34:dc:28:b2:20:c7:04:da:57:c5:82:81:
                    c3:21:5a:46:41:ea:1d:a8:7c:95:7e:5b:8d:b0:10:
                    8f:e4:ad:53:0b:36:52:65:da:5e:4f:a1:f1:76:2c:
                    15:e7:50:9e:1d:96:20:44:e4:21:17:7f:25:2b:8c:
                    01:df:0e:37:49:1b:57:38:ce:b5:ab:09:35:98:6d:
                    a0:df:e8:37:12:1f:61:8a:3e:00:1b:7c:ff:f1:4f:
                    36:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9B:E0:72:57:86:C0:75:E4:45:4F:50:97:22:ED:3B:24:CE:F6:F4:97
            X509v3 Authority Key Identifier: 
                keyid:C3:A8:E8:64:8E:0B:A3:6A:32:3A:B9:DF:63:41:D6:68:BD:A6:B4:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6joZI4Lo2oyOrnfY0HWaL2mtNI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/m-ByV4bAdeRFT1CXIu07JM729Jc.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/5a3d20-ecaa-40ea-9db2-d59845fb9b3d/1/w6joZI4Lo2oyOrnfY0HWaL2mtNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.34.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:46:b6:16:a9:a0:b8:47:b2:65:39:65:96:88:d1:91:62:af:
         77:30:89:61:d6:11:8f:f3:59:4d:7e:89:d1:b4:c5:85:43:28:
         63:fb:01:b1:d7:d9:79:3e:8c:b2:66:eb:0d:f1:8e:9b:25:33:
         a7:2a:9f:0e:9f:c5:f8:ec:0d:ff:48:f7:30:37:fd:c9:91:e8:
         17:d6:21:e4:fb:32:8e:6f:30:e7:c1:f5:48:f1:70:36:83:26:
         f8:ff:5e:27:28:0c:1a:25:ce:83:5a:d0:6a:ab:ee:0e:a3:9a:
         75:a7:f8:4f:75:ed:85:0f:75:c6:c1:a1:65:1b:9c:77:b5:4f:
         fd:52:14:66:a2:2e:15:51:d7:f7:f2:a5:48:91:4c:1f:c1:0a:
         05:59:a2:85:cd:a3:cd:07:11:3b:0a:3b:67:fe:ef:7c:82:fe:
         eb:4b:65:0e:b3:62:0d:16:94:ec:29:24:a1:b0:9c:22:49:69:
         48:11:01:22:df:7e:a9:04:89:b9:c2:a5:fd:6a:9e:f9:bf:e3:
         77:f3:b0:a2:92:67:23:cb:4d:90:b9:9c:7c:c4:27:c6:0e:d7:
         2b:a9:6b:ff:84:55:3d:45:19:9e:19:df:eb:0a:e7:57:89:01:
         cf:e7:32:a0:b2:f1:30:8f:c5:82:6b:e8:a0:83:06:11:7d:ec:
         7d:23:21:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANjqWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
M2E4ZTg2NDhlMGJhMzZhMzIzYWI5ZGY2MzQxZDY2OGJkYTZiNGQyMB4XDTIyMDEw
MTA3NTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJlMDcyNTc4NmMw
NzVlNDQ1NGY1MDk3MjJlZDNiMjRjZWY2ZjQ5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMj2ZC9DRjDzza24gamDeAxH/w10ra4J6JIOKRX8sACXaPI3
+vLb8RXIXjEm0HRTZOhdfs/HNBGoGRCEEURCVrkznufFx1rNyuz8viNDIzVf6o2u
VBNfeHYFqLVEc3ITuS8sy6Ay+DaO7jXzqVMvGmd7ChjbZeNLrU/4QzgV7mH+m3et
+NVTYncAwuIXrDwR11qZ3miRHQSqbewvFn/VkQHiSwb31UdeNNwosiDHBNpXxYKB
wyFaRkHqHah8lX5bjbAQj+StUws2UmXaXk+h8XYsFedQnh2WIETkIRd/JSuMAd8O
N0kbVzjOtasJNZhtoN/oNxIfYYo+ABt8//FPNi8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSb4HJXhsB15EVPUJci7Tskzvb0lzAfBgNVHSMEGDAWgBTDqOhkjgujajI6
ud9jQdZovaa00jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c2am9aSTRMbzJveU9ybmZZMEhXYUwybXROSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNWEzZDIwLWVjYWEtNDBlYS05ZGIyLWQ1OTg0NWZiOWIzZC8x
L20tQnlWNGJBZGVSRlQxQ1hJdTA3Sk03MjlKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NWEzZDIwLWVjYWEtNDBlYS05ZGIyLWQ1OTg0NWZiOWIzZC8xL3c2am9aSTRMbzJv
eU9ybmZZMEhXYUwybXROSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEiUjANBgkqhkiG9w0BAQsFAAOC
AQEAXUa2FqmguEeyZTlllojRkWKvdzCJYdYRj/NZTX6J0bTFhUMoY/sBsdfZeT6M
smbrDfGOmyUzpyqfDp/F+OwN/0j3MDf9yZHoF9Yh5Psyjm8w58H1SPFwNoMm+P9e
JygMGiXOg1rQaqvuDqOadaf4T3XthQ91xsGhZRucd7VP/VIUZqIuFVHX9/KlSJFM
H8EKBVmihc2jzQcROwo7Z/7vfIL+60tlDrNiDRaU7CkkobCcIklpSBEBIt9+qQSJ
ucKl/Wqe+b/jd/OwopJnI8tNkLmcfMQnxg7XK6lr/4RVPUUZnhnf6wrnV4kBz+cy
oLLxMI/FgmvooIMGEX3sfSMh8A==
-----END CERTIFICATE-----
Generated at Fri Dec 2 14:11:53 2022 by rpki-client.