Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa
File:                     2wfzFDBZ9-54h_tHliu5U0sN-1k.roa (download)
Hash identifier:          a+LB5Ma4YuE9ApsLhIec/eYyGZtGWgMDXUlFQqWZSLE=
Subject key identifier:   DB:07:F3:14:30:59:F7:EE:78:87:FB:47:96:2B:B9:53:4B:0D:FB:59
Certificate issuer:       /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial:       05F4ED70
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 185.231.108.0/24 maxlen: 24
    2: 185.231.109.0/24 maxlen: 24
    3: 2a0f:aac0:3::/48 maxlen: 48
    4: 2a0f:aac0:4::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99937648 (0x5f4ed70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
        Validity
            Not Before: Jan 30 06:38:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=db07f3143059f7ee7887fb47962bb9534b0dfb59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:46:0e:c0:31:1b:c2:ec:9e:bf:a6:7f:f8:51:
                    f5:dc:35:39:ce:02:66:15:25:12:8a:25:3f:92:95:
                    aa:80:cd:19:81:0a:2d:cf:65:8c:51:23:2c:d7:77:
                    d4:61:a6:1b:ef:a1:27:78:15:3f:8a:09:44:1c:b9:
                    e9:22:7e:28:f5:cd:ed:0e:6c:d4:2e:29:ac:10:77:
                    82:ed:d2:e5:7d:14:f0:22:ad:de:67:12:c7:39:56:
                    d8:f6:19:7d:4b:12:6d:3d:72:2f:83:f3:c0:bb:c1:
                    22:42:e0:a7:69:12:75:71:4f:e8:12:41:45:11:84:
                    11:75:5e:98:04:d2:b7:65:b1:2a:5f:61:72:d7:c0:
                    3c:7f:9e:df:e6:c1:7c:70:1e:80:02:c6:d4:e9:c3:
                    79:0c:12:9f:b8:4d:5a:83:9d:99:2c:64:10:c9:6b:
                    76:21:5a:48:59:33:0e:e7:f1:46:7a:e2:84:4f:48:
                    4a:4d:95:88:45:85:ac:dc:d1:57:f9:57:e8:d4:9c:
                    41:06:63:44:d1:c0:a3:3d:ac:fb:12:de:62:eb:1e:
                    82:a7:40:31:84:33:9f:93:05:b5:a9:28:fb:28:1d:
                    3e:0b:bf:5a:ac:c3:0f:ae:bc:58:df:9c:aa:f9:25:
                    c1:4b:6c:08:d3:e1:28:3c:23:6f:aa:d7:06:bb:1c:
                    77:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DB:07:F3:14:30:59:F7:EE:78:87:FB:47:96:2B:B9:53:4B:0D:FB:59
            X509v3 Authority Key Identifier: 
                keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.231.108.0/23
                IPv6:
                  2a0f:aac0:3::-2a0f:aac0:4:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         5f:f9:d6:5d:ea:2f:c5:56:12:eb:eb:68:2b:bc:3f:9c:80:0b:
         98:5c:5c:56:6b:65:a1:cb:e2:b0:5e:7e:b8:26:d8:e9:a8:0d:
         b0:aa:ce:c5:d0:ee:0f:ee:18:53:33:1f:c8:67:92:40:3d:28:
         18:f1:11:f6:8a:27:75:18:f0:21:50:9b:0c:1e:9e:a6:64:b6:
         fc:a7:41:73:08:31:93:15:bd:c1:b0:13:a1:37:b6:ed:45:41:
         53:ce:d3:0a:09:39:cd:31:17:ed:1c:7d:30:de:9d:39:d7:d6:
         10:67:be:b5:11:24:f4:52:c5:7e:75:b5:ce:57:16:5a:a4:94:
         a5:95:dc:ee:06:01:d6:cd:61:ab:56:be:3f:2c:64:2d:8f:60:
         03:35:3d:b8:db:98:06:a0:68:f0:b6:bc:48:eb:a1:4f:90:ff:
         3b:08:ab:4c:b8:f9:3c:0c:0b:88:37:b5:a4:e0:cd:aa:49:79:
         b0:a3:1f:a6:bc:9b:6e:39:39:6b:71:a1:58:bf:cb:24:fa:54:
         59:57:ff:37:8e:37:60:82:f1:de:6d:98:75:59:fe:af:26:96:
         da:71:65:9e:d9:99:fc:d3:fc:6a:05:3c:97:f0:4f:e4:18:5b:
         f4:11:7d:f1:7a:19:6e:6d:fc:f4:8c:1c:4b:56:f2:82:05:a8:
         d1:4f:94:17
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBfTtcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGEyMDg1YzdkZTNiNTk4MjE2Yjg5ZmIwZjJiMWQ5MzBkZTY2YzE5MB4XDTIyMDEz
MDA2MzgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIwN2YzMTQzMDU5
ZjdlZTc4ODdmYjQ3OTYyYmI5NTM0YjBkZmI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdGDsAxG8Lsnr+mf/hR9dw1Oc4CZhUlEoolP5KVqoDNGYEK
Lc9ljFEjLNd31GGmG++hJ3gVP4oJRBy56SJ+KPXN7Q5s1C4prBB3gu3S5X0U8CKt
3mcSxzlW2PYZfUsSbT1yL4PzwLvBIkLgp2kSdXFP6BJBRRGEEXVemATSt2WxKl9h
ctfAPH+e3+bBfHAegALG1OnDeQwSn7hNWoOdmSxkEMlrdiFaSFkzDufxRnrihE9I
Sk2ViEWFrNzRV/lX6NScQQZjRNHAoz2s+xLeYusegqdAMYQzn5MFtako+ygdPgu/
WqzDD668WN+cqvklwUtsCNPhKDwjb6rXBrscd8ECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTbB/MUMFn37niH+0eWK7lTSw37WTAfBgNVHSMEGDAWgBS0oghcfeO1mCFr
ifsPKx2TDeZsGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLSUlYSDNqdFpnaGE0bjdEeXNka3czbWJCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8x
LzJ3ZnpGREJaOS01NGhfdEhsaXU1VTBzTi0xay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8xL3RLSUlYSDNqdFpn
aGE0bjdEeXNka3czbWJCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAbnnbDAaBAIAAjAUMBIDBwAqD6rA
AAMDBwAqD6rAAAQwDQYJKoZIhvcNAQELBQADggEBAF/51l3qL8VWEuvraCu8P5yA
C5hcXFZrZaHL4rBefrgm2OmoDbCqzsXQ7g/uGFMzH8hnkkA9KBjxEfaKJ3UY8CFQ
mwwenqZktvynQXMIMZMVvcGwE6E3tu1FQVPO0woJOc0xF+0cfTDenTnX1hBnvrUR
JPRSxX51tc5XFlqklKWV3O4GAdbNYatWvj8sZC2PYAM1PbjbmAagaPC2vEjroU+Q
/zsIq0y4+TwMC4g3taTgzapJebCjH6a8m245OWtxoVi/yyT6VFlX/zeON2CC8d5t
mHVZ/q8mltpxZZ7ZmfzT/GoFPJfwT+QYW/QRffF6GW5t/PSMHEtW8oIFqNFPlBc=
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:41:01 2022 by rpki-client.