Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Vtr6QFiFPjNq22DH1JJlIMIsRCU.roa
File:                     Vtr6QFiFPjNq22DH1JJlIMIsRCU.roa (download)
Hash identifier:          XjwTZTO2fVh8RwSzI92HmwIJfKzqwQCzSP/Nz5S1XH4=
Subject key identifier:   56:DA:FA:40:58:85:3E:33:6A:DB:60:C7:D4:92:65:20:C2:2C:44:25
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       09429DA2
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Vtr6QFiFPjNq22DH1JJlIMIsRCU.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     400486
IP address blocks:
    1: 185.161.189.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 155360674 (0x9429da2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Mar  4 18:50:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=56dafa4058853e336adb60c7d4926520c22c4425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:68:b2:28:48:62:72:00:de:36:c0:fa:6c:88:
                    dd:70:c2:fc:6d:6f:03:65:a3:be:d2:be:da:fc:60:
                    b9:3b:f3:45:af:df:28:2e:70:7b:a9:6f:70:b4:83:
                    67:86:20:38:20:3d:b0:f0:62:9a:22:b1:56:af:13:
                    f3:0a:9f:4b:41:3d:5b:0d:01:1e:88:67:bc:00:ca:
                    ff:81:73:6c:ad:4c:34:50:b3:37:f8:c6:db:74:3f:
                    e4:a0:31:75:94:e8:f9:cd:a2:c0:64:27:05:dc:09:
                    56:7b:67:f2:72:7e:18:f7:dd:2d:a1:2d:ff:1e:cb:
                    37:1a:10:dc:f9:b9:84:98:ae:f0:50:37:bb:9b:03:
                    ab:d3:06:72:93:bc:0c:39:a0:98:f2:34:33:29:f6:
                    47:ed:0e:07:4d:69:f2:fb:c7:48:37:61:1b:94:40:
                    ff:c6:27:52:7a:75:2b:c0:76:ac:f4:b4:4b:b1:68:
                    5e:47:f8:45:da:5d:34:86:04:c2:6d:a0:99:ee:7a:
                    15:6c:91:f5:58:41:e5:37:9a:2b:a8:03:92:36:7f:
                    3e:09:aa:9f:1a:0c:3d:94:34:73:b1:f7:7e:16:68:
                    1b:c5:00:50:86:4b:aa:08:7d:60:d7:5c:09:a2:e1:
                    4b:4e:7a:f8:c9:b0:3b:92:a5:c6:38:ba:84:0a:f8:
                    b9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                56:DA:FA:40:58:85:3E:33:6A:DB:60:C7:D4:92:65:20:C2:2C:44:25
            X509v3 Authority Key Identifier: 
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Vtr6QFiFPjNq22DH1JJlIMIsRCU.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:51:50:ce:0e:48:06:af:ed:c0:96:6c:85:c8:f3:a4:57:2e:
         32:8e:90:68:7e:dd:b1:b5:ba:ce:b7:b9:1a:5f:38:09:72:be:
         1b:8a:cf:29:df:fa:37:c8:af:8d:76:e5:56:85:77:97:3f:e0:
         eb:0d:95:1f:1d:a6:d3:70:83:a1:70:33:e5:4d:d0:ab:19:4b:
         19:f4:d3:21:d5:cf:2a:ef:67:ee:38:a9:ec:0f:67:6e:63:0b:
         b2:7a:5b:47:47:2d:f8:e6:74:14:a4:ac:9a:d4:7a:e1:11:79:
         33:e0:91:0c:e5:5c:59:d3:c0:91:19:9a:70:41:e0:9f:ee:d1:
         a2:4f:6d:bb:97:40:20:18:e2:9c:b6:1f:12:06:3f:9f:99:c6:
         30:8b:80:35:3b:f6:d3:b2:ac:28:ff:70:d5:e0:d0:89:e5:87:
         bd:4e:d8:7e:0c:83:f8:92:ef:90:14:b1:6d:bc:c6:a3:ae:a9:
         42:fd:20:6a:07:0b:51:49:28:7c:11:a8:14:4c:14:2e:1f:b8:
         78:f4:dd:44:00:ca:6c:b8:c5:57:ef:54:bd:d9:26:22:85:dd:
         6f:0c:dc:34:e5:0e:e0:cf:e0:97:6f:aa:8a:eb:73:ee:2c:01:
         1c:f8:c1:d8:32:71:56:6d:f3:d5:df:4a:55:5e:2d:04:7a:5d:
         f0:d6:2e:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUKdojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDMw
NDE4NTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZkYWZhNDA1ODg1
M2UzMzZhZGI2MGM3ZDQ5MjY1MjBjMjJjNDQyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIVosihIYnIA3jbA+myI3XDC/G1vA2WjvtK+2vxguTvzRa/f
KC5we6lvcLSDZ4YgOCA9sPBimiKxVq8T8wqfS0E9Ww0BHohnvADK/4FzbK1MNFCz
N/jG23Q/5KAxdZTo+c2iwGQnBdwJVntn8nJ+GPfdLaEt/x7LNxoQ3Pm5hJiu8FA3
u5sDq9MGcpO8DDmgmPI0Myn2R+0OB01p8vvHSDdhG5RA/8YnUnp1K8B2rPS0S7Fo
Xkf4RdpdNIYEwm2gme56FWyR9VhB5TeaK6gDkjZ/PgmqnxoMPZQ0c7H3fhZoG8UA
UIZLqgh9YNdcCaLhS056+MmwO5Klxji6hAr4ubMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRW2vpAWIU+M2rbYMfUkmUgwixEJTAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L1Z0cjZRRmlGUGpOcTIyREgxSkpsSU1Jc1JDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmhvTANBgkqhkiG9w0BAQsFAAOC
AQEAS1FQzg5IBq/twJZshcjzpFcuMo6QaH7dsbW6zre5Gl84CXK+G4rPKd/6N8iv
jXblVoV3lz/g6w2VHx2m03CDoXAz5U3QqxlLGfTTIdXPKu9n7jip7A9nbmMLsnpb
R0ct+OZ0FKSsmtR64RF5M+CRDOVcWdPAkRmacEHgn+7Rok9tu5dAIBjinLYfEgY/
n5nGMIuANTv207KsKP9w1eDQieWHvU7YfgyD+JLvkBSxbbzGo66pQv0gagcLUUko
fBGoFEwULh+4ePTdRADKbLjFV+9UvdkmIoXdbwzcNOUO4M/gl2+qiutz7iwBHPjB
2DJxVm3z1d9KVV4tBHpd8NYuJA==
-----END CERTIFICATE-----
Generated at Wed Dec 7 03:53:19 2022 by rpki-client.