Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa
File:                     8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa (download)
Hash identifier:          a3dAEI5e5c0mEh/sfpM2egRnAfEjLKoZ6ErzhlXJ28I=
Subject key identifier:   F0:61:85:08:A8:45:55:F8:67:07:C1:5D:25:67:33:DA:68:41:FF:B8
Certificate issuer:       /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial:       085354A3
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2001:678:a90::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139678883 (0x85354a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
        Validity
            Not Before: Jan  1 16:06:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0618508a84555f86707c15d256733da6841ffb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:87:57:64:ee:65:c5:2c:83:c4:8b:f8:b6:05:
                    e9:21:69:a2:66:37:94:c4:34:e6:5e:31:29:58:03:
                    53:a4:5f:27:c8:77:d8:04:ec:f2:22:dc:93:99:41:
                    90:7a:2e:47:03:f8:a3:20:6e:2f:80:2a:f2:db:fd:
                    aa:37:99:be:39:56:34:00:e2:43:d4:3a:17:13:2e:
                    09:57:27:10:1d:22:d3:d1:ef:4a:5f:89:1a:0a:e5:
                    c4:c2:10:fd:60:31:47:3f:0e:34:14:2d:a6:59:bd:
                    db:ad:05:5d:c6:fb:f9:ef:1a:12:35:e2:40:36:02:
                    59:9b:79:63:93:62:d4:98:f4:3d:a4:b5:48:c2:64:
                    5b:8c:11:7d:61:21:d5:64:b8:96:b2:d9:bd:36:8d:
                    70:af:fc:7a:80:25:12:de:44:12:e6:c6:38:7f:9d:
                    43:d4:09:eb:52:a3:1c:7d:5f:9e:8e:ad:28:e4:bc:
                    39:9b:cd:09:df:c8:e9:75:04:35:19:54:4e:69:0e:
                    a7:dd:1c:ba:d1:6f:8f:b3:1f:e8:7d:07:1c:b2:96:
                    fc:8e:95:b9:00:70:0f:bb:c6:fa:4b:a1:ce:4e:b5:
                    f9:ff:a9:e6:2b:fe:a3:f4:50:d6:c5:80:fc:35:33:
                    3b:82:fd:4d:3e:7b:86:f4:0e:ef:29:df:30:1a:e2:
                    2e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F0:61:85:08:A8:45:55:F8:67:07:C1:5D:25:67:33:DA:68:41:FF:B8
            X509v3 Authority Key Identifier: 
                keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/8GGFCKhFVfhnB8FdJWcz2mhB_7g.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:678:a90::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:c4:32:52:d4:28:27:91:af:40:20:63:48:4a:73:45:94:51:
         ae:cf:44:84:ee:bc:84:9f:13:9e:60:0a:50:b4:2b:ab:39:df:
         84:82:86:28:93:09:98:a8:38:5c:48:36:a8:a4:ed:29:6d:8c:
         1e:40:82:83:f0:0c:9f:81:c7:5c:06:94:b7:fe:e5:82:02:11:
         a6:53:b3:79:83:10:10:6a:bf:1d:e9:ea:99:40:2c:0a:0d:d2:
         1f:cf:f4:ff:83:60:ec:ec:d4:6f:54:b9:51:34:38:8a:c1:c1:
         93:e9:48:e4:c2:22:84:10:24:30:00:67:6b:cf:2b:57:11:a4:
         6a:18:4f:1e:2c:9a:80:8d:68:2a:de:79:4a:3a:9d:59:25:e9:
         85:06:a3:cd:dc:74:26:50:b2:e5:46:4e:dc:c7:cc:08:ca:02:
         6f:30:22:e5:f4:64:f4:04:67:65:3f:72:b6:52:80:3a:3d:95:
         52:78:2d:16:74:a5:f2:a3:de:80:dd:b7:eb:59:a9:67:67:cf:
         ad:7b:af:5e:b6:1b:7b:04:cd:82:13:44:f5:44:d0:7b:92:61:
         3e:de:ec:57:78:01:62:af:74:b0:5a:8d:07:6e:88:ba:5b:0f:
         bc:4f:70:64:58:ae:d8:b5:14:76:81:96:a5:3f:68:cc:4b:d5:
         13:4b:85:a3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECFNUozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGY0ZWU4ODU4NGQ2ZGZkOWUzYWE5YmMyMDFjNTBmNDRlMzUzZDljMB4XDTIyMDEw
MTE2MDY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA2MTg1MDhhODQ1
NTVmODY3MDdjMTVkMjU2NzMzZGE2ODQxZmZiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSHV2TuZcUsg8SL+LYF6SFpomY3lMQ05l4xKVgDU6RfJ8h3
2ATs8iLck5lBkHouRwP4oyBuL4Aq8tv9qjeZvjlWNADiQ9Q6FxMuCVcnEB0i09Hv
Sl+JGgrlxMIQ/WAxRz8ONBQtplm9260FXcb7+e8aEjXiQDYCWZt5Y5Ni1Jj0PaS1
SMJkW4wRfWEh1WS4lrLZvTaNcK/8eoAlEt5EEubGOH+dQ9QJ61KjHH1fno6tKOS8
OZvNCd/I6XUENRlUTmkOp90cutFvj7Mf6H0HHLKW/I6VuQBwD7vG+kuhzk61+f+p
5iv+o/RQ1sWA/DUzO4L9TT57hvQO7ynfMBriLh0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTwYYUIqEVV+GcHwV0lZzPaaEH/uDAfBgNVHSMEGDAWgBQY9O6IWE1t/Z46
qbwgHFD0TjU9nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dQVHVpRmhOYmYyZU9xbThJQnhROUU0MVBady5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOWY4ZmJlLWIyZTgtNDcyZC05ZWJjLTBiOTg4NTg2M2ViZi8x
LzhHR0ZDS2hGVmZobkI4RmRKV2N6Mm1oQl83Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OWY4ZmJlLWIyZTgtNDcyZC05ZWJjLTBiOTg4NTg2M2ViZi8xL0dQVHVpRmhOYmYy
ZU9xbThJQnhROUU0MVBady5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngKkDANBgkqhkiG9w0BAQsF
AAOCAQEAFMQyUtQoJ5GvQCBjSEpzRZRRrs9EhO68hJ8TnmAKULQrqznfhIKGKJMJ
mKg4XEg2qKTtKW2MHkCCg/AMn4HHXAaUt/7lggIRplOzeYMQEGq/HenqmUAsCg3S
H8/0/4Ng7OzUb1S5UTQ4isHBk+lI5MIihBAkMABna88rVxGkahhPHiyagI1oKt55
SjqdWSXphQajzdx0JlCy5UZO3MfMCMoCbzAi5fRk9ARnZT9ytlKAOj2VUngtFnSl
8qPegN2361mpZ2fPrXuvXrYbewTNghNE9UTQe5JhPt7sV3gBYq90sFqNB26IulsP
vE9wZFiu2LUUdoGWpT9ozEvVE0uFow==
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:01:18 2022 by rpki-client.