Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa
File:                     XRupuv4HjRMnUV4Rak3skdkVyKQ.roa (download)
Hash identifier:          R8otnJ8iyq+NggGef7Jjz4siqMrUEWq4fwVSNQ1RXiA=
Subject key identifier:   5D:1B:A9:BA:FE:07:8D:13:27:51:5E:11:6A:4D:EC:91:D9:15:C8:A4
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       0181F72D4D028EB89D4EB624469E5CA3A8A7
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 194.28.156.0/24 maxlen: 25
    2: 194.28.158.0/24 maxlen: 25
    3: 194.104.4.0/24 maxlen: 25
    4: 212.69.132.0/24 maxlen: 24
    5: 194.104.5.0/24 maxlen: 25
    6: 194.104.6.0/24 maxlen: 25
    7: 212.69.133.0/24 maxlen: 24
    8: 212.69.134.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:f7:2d:4d:02:8e:b8:9d:4e:b6:24:46:9e:5c:a3:a8:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jul 13 10:49:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d1ba9bafe078d1327515e116a4dec91d915c8a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c8:6a:31:52:44:c5:be:6d:62:3e:35:30:0e:
                    ac:80:cf:93:67:ea:26:8d:a9:36:41:4a:ed:0a:0a:
                    f3:49:c2:21:1f:11:df:bc:dd:a3:11:ac:59:65:1b:
                    90:91:db:9d:e3:00:0d:fa:67:0c:e5:7c:43:4f:57:
                    bf:31:9f:d8:50:6f:10:c4:1b:2a:85:4f:02:03:d6:
                    68:64:c7:f6:b8:5c:f5:cb:da:38:e8:cb:77:97:31:
                    ec:bd:48:5d:88:87:b7:d1:3d:d0:62:05:24:c0:7f:
                    0f:0a:05:84:50:7f:98:36:7b:45:15:f7:ce:bc:6a:
                    b5:b0:7b:4f:34:c8:ad:2a:fe:55:41:ce:0c:7e:a4:
                    60:01:58:b6:31:04:7a:9d:23:4b:96:db:08:3b:a3:
                    b5:57:1e:b3:e9:39:7a:23:66:66:2e:5b:4f:fd:66:
                    0a:e0:e5:1b:1c:a8:5d:a1:a1:01:20:62:c9:26:87:
                    7f:1a:3f:80:23:43:9d:6e:ff:c8:fb:57:1b:32:b7:
                    40:c9:74:41:7b:8e:29:5d:bd:29:30:c1:6a:a7:eb:
                    8e:94:89:ae:21:7b:81:9d:00:20:13:6e:b1:9d:39:
                    1a:cc:5b:e9:42:a5:7a:63:39:39:a8:1b:ef:4d:71:
                    7e:68:39:5a:b9:7b:ae:26:32:54:c1:b3:7d:eb:43:
                    12:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5D:1B:A9:BA:FE:07:8D:13:27:51:5E:11:6A:4D:EC:91:D9:15:C8:A4
            X509v3 Authority Key Identifier: 
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.156.0/24
                  194.28.158.0/24
                  194.104.4.0-194.104.6.255
                  212.69.132.0-212.69.134.255

    Signature Algorithm: sha256WithRSAEncryption
         49:78:47:25:d7:e2:3f:c4:25:bd:6a:33:74:22:a4:f6:d4:f6:
         63:07:9f:fd:29:61:13:a3:01:33:e1:34:8e:47:9f:57:52:f4:
         0f:a2:3e:b8:f7:d4:c0:29:96:80:c2:d8:5a:91:e8:b4:71:a2:
         80:81:42:3e:aa:87:06:01:00:07:5b:d6:83:f1:d5:db:af:9b:
         16:13:62:92:00:c1:4d:38:96:0a:1f:d7:9b:da:d4:da:73:aa:
         3f:37:48:22:c3:45:66:a6:97:bb:6c:46:e0:9b:23:bc:0a:c8:
         49:fc:72:ce:f6:8c:36:f4:1c:17:00:3a:11:f4:14:68:c0:f3:
         5c:63:92:07:cf:0c:18:14:65:a8:3d:90:d2:f4:fd:52:b5:9e:
         36:90:54:80:e8:57:4f:1f:b6:74:c9:6c:bb:56:2c:7d:fe:e0:
         1a:53:ba:3e:11:c2:8b:c5:d6:d0:45:15:0b:cd:6e:57:45:43:
         0c:67:07:4b:b5:69:e3:f8:72:3b:38:c5:e2:85:6d:52:e4:de:
         8a:19:55:41:06:7d:d8:cc:55:0c:c2:ce:d1:43:14:7d:41:2d:
         6b:f5:de:d8:80:4b:b2:26:3a:f5:34:1b:13:4a:cd:4c:cf:52:
         f7:73:43:57:39:00:fd:c3:a9:3e:c2:bb:1c:30:be:d0:cd:cd:
         ff:c6:51:ca
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYH3LU0CjridTrYkRp5co6inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjIwNzEzMTA0OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFiYTliYWZlMDc4ZDEzMjc1MTVlMTE2YTRkZWM5MWQ5MTVjOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwshqMVJExb5tYj41MA6sgM+TZ+om
jak2QUrtCgrzScIhHxHfvN2jEaxZZRuQkdud4wAN+mcM5XxDT1e/MZ/YUG8QxBsq
hU8CA9ZoZMf2uFz1y9o46Mt3lzHsvUhdiIe30T3QYgUkwH8PCgWEUH+YNntFFffO
vGq1sHtPNMitKv5VQc4MfqRgAVi2MQR6nSNLltsIO6O1Vx6z6Tl6I2ZmLltP/WYK
4OUbHKhdoaEBIGLJJod/Gj+AI0Odbv/I+1cbMrdAyXRBe44pXb0pMMFqp+uOlImu
IXuBnQAgE26xnTkazFvpQqV6Yzk5qBvvTXF+aDlauXuuJjJUwbN960MSkQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF0bqbr+B40TJ1FeEWpN7JHZFcikMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvWFJ1cHV2NEhqUk1uVVY0UmFrM3NrZGtWeUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEASXhHJdfiP8QlvWozdCKk9tT2Ywef/SlhE6MBM+E0jkefV1L0D6I+uPfUwCmW
gMLYWpHotHGigIFCPqqHBgEAB1vWg/HV26+bFhNikgDBTTiWCh/Xm9rU2nOqPzdI
IsNFZqaXu2xG4JsjvArISfxyzvaMNvQcFwA6EfQUaMDzXGOSB88MGBRlqD2Q0vT9
UrWeNpBUgOhXTx+2dMlsu1Ysff7gGlO6PhHCi8XW0EUVC81uV0VDDGcHS7Vp4/hy
OzjF4oVtUuTeihlVQQZ92MxVDMLO0UMUfUEta/Xe2IBLsiY69TQbE0rNTM9S93ND
VzkA/cOpPsK7HDC+0M3N/8ZRyg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 18:48:55 2022 by rpki-client.