Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/XKKWOHpC93Ofkqd_7q8FC_JuUa4.roa
File:                     XKKWOHpC93Ofkqd_7q8FC_JuUa4.roa (download)
Hash identifier:          kjKeR6pBv5DLre4R6ZOMWFUf94K7DvMfrXbPSQmVes0=
Subject key identifier:   5C:A2:96:38:7A:42:F7:73:9F:92:A7:7F:EE:AF:05:0B:F2:6E:51:AE
Certificate issuer:       /CN=f694668ba76cf550c4139c17300160077dcea059
Certificate serial:       EBA58E
Authority key identifier: F6:94:66:8B:A7:6C:F5:50:C4:13:9C:17:30:01:60:07:7D:CE:A0:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9pRmi6ds9VDEE5wXMAFgB33OoFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/XKKWOHpC93Ofkqd_7q8FC_JuUa4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 89.35.39.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15443342 (0xeba58e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f694668ba76cf550c4139c17300160077dcea059
        Validity
            Not Before: Jan  1 06:59:55 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5ca296387a42f7739f92a77feeaf050bf26e51ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b1:c5:16:fa:fe:11:fc:c7:7e:0b:f0:e7:6a:
                    5e:4c:42:49:aa:5c:aa:2f:12:0b:1c:62:5e:d4:3a:
                    04:c8:08:aa:92:2a:15:2b:b5:fa:4d:f8:c8:5a:81:
                    96:ed:3a:d3:5d:22:a6:f1:ff:0c:23:8b:90:d7:e2:
                    d2:ae:9e:36:95:19:96:29:58:7f:c7:62:e8:51:5f:
                    eb:ae:5c:94:75:51:eb:d5:5b:b4:4c:5e:0d:67:1a:
                    1e:4b:75:2e:3e:ea:51:95:2f:47:55:41:00:a7:a4:
                    d5:d4:6a:42:8a:98:60:bc:fe:fe:02:f2:4b:4a:5b:
                    a2:ec:6d:12:09:aa:8e:d5:4a:d6:f3:71:75:64:16:
                    5c:3e:8f:0c:95:ec:81:eb:be:bc:c8:b1:af:70:b0:
                    1a:3a:9f:75:2a:b0:82:68:36:17:15:4b:37:05:5c:
                    71:78:d3:8a:aa:0b:cb:93:3d:6d:9a:8e:18:75:8e:
                    45:72:e8:a8:66:78:a5:1e:b8:87:64:98:a0:7e:50:
                    63:69:f0:43:a9:84:ce:a8:10:75:56:ca:e8:aa:ac:
                    8a:6a:4b:5d:c2:5b:fa:84:b8:db:36:6c:24:30:0a:
                    4c:d4:5b:fb:5d:1b:25:6c:8f:3c:ef:a1:62:42:11:
                    b1:18:9b:79:4e:8d:f2:34:2d:5c:c3:77:9f:5e:83:
                    e1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5C:A2:96:38:7A:42:F7:73:9F:92:A7:7F:EE:AF:05:0B:F2:6E:51:AE
            X509v3 Authority Key Identifier: 
                keyid:F6:94:66:8B:A7:6C:F5:50:C4:13:9C:17:30:01:60:07:7D:CE:A0:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9pRmi6ds9VDEE5wXMAFgB33OoFk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/XKKWOHpC93Ofkqd_7q8FC_JuUa4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/6e0316-f4b9-4f89-a8a1-7e50913ac01d/1/9pRmi6ds9VDEE5wXMAFgB33OoFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.39.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:b4:af:5b:be:8e:71:c8:9e:07:3e:bb:84:49:7a:64:1d:b0:
         b1:9a:b2:e1:cb:d5:4a:cc:5a:c1:76:b0:fd:22:82:08:29:2d:
         1f:12:e7:8d:04:e1:ac:a5:e1:96:6f:b3:9a:f5:60:3b:fd:34:
         55:95:66:36:d4:4a:4b:dd:2e:40:35:cc:0e:16:72:00:e9:15:
         77:51:83:0a:f4:71:e5:8a:96:a8:33:6b:db:1c:3c:67:8f:dc:
         04:12:ce:31:d6:6d:05:ae:d7:22:5a:db:ee:e8:96:02:e8:1d:
         39:4a:27:19:88:26:cc:1e:8d:a8:d8:1e:d8:2f:a9:4e:4b:7e:
         33:0d:e3:2d:0e:a6:bf:b6:5c:f6:10:c2:db:88:f1:3f:44:fd:
         ba:f0:fd:47:48:65:60:3d:26:fb:e9:2f:1e:b1:53:3b:b7:c5:
         2b:ae:97:16:4a:a1:3e:1d:d6:fa:cc:ed:20:23:cf:54:38:e9:
         a1:5a:27:8f:f2:26:a9:85:56:36:dd:b5:34:4b:11:70:47:0d:
         f4:5b:9d:51:97:73:cb:82:82:b8:5b:cb:45:4b:69:4d:a4:5f:
         82:07:e1:ab:d7:5a:0d:5d:1c:af:2e:e3:75:e2:e4:00:40:5d:
         9f:2d:7f:e5:86:6b:08:e3:77:e4:6d:56:8e:1b:ea:95:d6:56:
         25:81:74:9b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOuljjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Njk0NjY4YmE3NmNmNTUwYzQxMzljMTczMDAxNjAwNzdkY2VhMDU5MB4XDTIyMDEw
MTA2NTk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNhMjk2Mzg3YTQy
Zjc3MzlmOTJhNzdmZWVhZjA1MGJmMjZlNTFhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqxxRb6/hH8x34L8OdqXkxCSapcqi8SCxxiXtQ6BMgIqpIq
FSu1+k34yFqBlu06010ipvH/DCOLkNfi0q6eNpUZlilYf8di6FFf665clHVR69Vb
tExeDWcaHkt1Lj7qUZUvR1VBAKek1dRqQoqYYLz+/gLyS0pbouxtEgmqjtVK1vNx
dWQWXD6PDJXsgeu+vMixr3CwGjqfdSqwgmg2FxVLNwVccXjTiqoLy5M9bZqOGHWO
RXLoqGZ4pR64h2SYoH5QY2nwQ6mEzqgQdVbK6KqsimpLXcJb+oS42zZsJDAKTNRb
+10bJWyPPO+hYkIRsRibeU6N8jQtXMN3n16D4csCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcopY4ekL3c5+Sp3/urwUL8m5RrjAfBgNVHSMEGDAWgBT2lGaLp2z1UMQT
nBcwAWAHfc6gWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlwUm1pNmRzOVZERUU1d1hNQUZnQjMzT29Gay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvNmUwMzE2LWY0YjktNGY4OS1hOGExLTdlNTA5MTNhYzAxZC8x
L1hLS1dPSHBDOTNPZmtxZF83cThGQ19KdVVhNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
NmUwMzE2LWY0YjktNGY4OS1hOGExLTdlNTA5MTNhYzAxZC8xLzlwUm1pNmRzOVZE
RUU1d1hNQUZnQjMzT29Gay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkjJzANBgkqhkiG9w0BAQsFAAOC
AQEAY7SvW76OccieBz67hEl6ZB2wsZqy4cvVSsxawXaw/SKCCCktHxLnjQThrKXh
lm+zmvVgO/00VZVmNtRKS90uQDXMDhZyAOkVd1GDCvRx5YqWqDNr2xw8Z4/cBBLO
MdZtBa7XIlrb7uiWAugdOUonGYgmzB6NqNge2C+pTkt+Mw3jLQ6mv7Zc9hDC24jx
P0T9uvD9R0hlYD0m++kvHrFTO7fFK66XFkqhPh3W+sztICPPVDjpoVonj/ImqYVW
Nt21NEsRcEcN9FudUZdzy4KCuFvLRUtpTaRfggfhq9daDV0cry7jdeLkAEBdny1/
5YZrCON35G1WjhvqldZWJYF0mw==
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:01:48 2022 by rpki-client.