Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1d2230-cdd3-4275-8e72-d96777cbf2d6/1/Di3jgYZEJ3dBL1lUETW41PgiF5M.roa
File:                     Di3jgYZEJ3dBL1lUETW41PgiF5M.roa (download)
Hash identifier:          YD/1JMxDRInlWvVREzjF6c+WVvxxhRgOKIDCIRXqvZk=
Subject key identifier:   0E:2D:E3:81:86:44:27:77:41:2F:59:54:11:35:B8:D4:F8:22:17:93
Certificate issuer:       /CN=45385a50a633aa1da715ba08a09cd2f4400fc784
Certificate serial:       01083DC9
Authority key identifier: 45:38:5A:50:A6:33:AA:1D:A7:15:BA:08:A0:9C:D2:F4:40:0F:C7:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RThaUKYzqh2nFboIoJzS9EAPx4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/1d2230-cdd3-4275-8e72-d96777cbf2d6/1/Di3jgYZEJ3dBL1lUETW41PgiF5M.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 84.246.83.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17317321 (0x1083dc9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45385a50a633aa1da715ba08a09cd2f4400fc784
        Validity
            Not Before: Jan  1 08:02:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0e2de38186442777412f59541135b8d4f8221793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:41:5b:d4:07:cf:3b:c0:b7:52:b6:fb:2e:fb:
                    80:18:52:28:63:0e:31:d2:b6:2f:bc:2b:64:3b:85:
                    94:d1:c1:c4:76:ef:08:be:b4:2a:9d:5f:74:ef:cf:
                    b0:3c:31:78:57:d7:38:7f:2e:b5:45:b0:76:f3:b3:
                    13:4c:87:cf:df:39:ac:ec:ae:f0:83:fb:02:11:d9:
                    16:7c:2c:37:41:eb:ed:52:62:f6:fb:a1:56:74:96:
                    86:dc:26:43:6c:f9:15:91:2a:f5:de:21:23:88:c0:
                    4c:c1:59:aa:3b:95:34:46:bf:ce:ad:f0:f6:3a:08:
                    c7:8e:f9:f7:ac:7c:b1:f8:a2:90:a4:e2:c6:e6:0f:
                    16:05:67:2d:7e:e1:7c:fa:fb:ff:48:6e:dd:8b:cf:
                    d5:e2:fe:70:eb:27:ff:9b:4b:c5:ba:f2:f0:bd:b4:
                    80:7a:6c:27:6c:6c:7f:ea:ff:1b:57:7b:48:5e:09:
                    6c:c1:65:1d:93:ce:91:d2:54:2a:05:08:b7:58:28:
                    9c:72:19:c3:46:40:3f:a3:35:29:cd:0b:82:e2:d9:
                    5f:f0:f3:1f:2c:b3:30:75:07:a7:25:5f:be:98:8e:
                    f1:9b:77:a7:55:92:4b:3e:bf:a0:f0:b5:ac:21:40:
                    7e:72:db:e0:02:cf:1c:e4:2d:e9:e6:a2:d6:fa:05:
                    dc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                0E:2D:E3:81:86:44:27:77:41:2F:59:54:11:35:B8:D4:F8:22:17:93
            X509v3 Authority Key Identifier: 
                keyid:45:38:5A:50:A6:33:AA:1D:A7:15:BA:08:A0:9C:D2:F4:40:0F:C7:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RThaUKYzqh2nFboIoJzS9EAPx4Q.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d2230-cdd3-4275-8e72-d96777cbf2d6/1/Di3jgYZEJ3dBL1lUETW41PgiF5M.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d2230-cdd3-4275-8e72-d96777cbf2d6/1/RThaUKYzqh2nFboIoJzS9EAPx4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.246.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:dc:d9:3f:a0:92:74:d3:28:69:32:97:de:94:36:4f:30:c2:
         eb:f5:cd:31:9f:f8:50:2d:9a:8e:e7:67:24:56:42:35:7c:e8:
         e2:5f:ff:67:5c:76:ea:81:8a:bd:f7:3d:69:cf:51:bc:87:84:
         50:8e:32:48:a0:2b:4c:4f:9e:7b:bc:31:58:6b:9b:31:cf:f2:
         59:d9:e3:1c:84:65:96:45:47:43:43:80:c4:86:3f:37:a8:b8:
         56:25:0f:d3:f8:32:ee:1d:c0:e3:68:78:90:f5:9d:7c:f3:80:
         fa:5f:a9:ad:76:6f:06:81:7c:35:c3:34:31:92:f1:8f:1c:06:
         41:e8:f8:0e:18:b7:ef:4e:98:df:1f:b9:83:d1:23:27:37:be:
         81:72:90:e3:a3:c6:d8:24:56:8c:1b:3e:71:9a:c0:d6:47:b1:
         09:df:66:64:e7:02:b2:21:55:c1:98:cf:cb:51:2a:a4:45:e7:
         d2:d3:b3:1d:17:a4:22:e3:1c:06:a5:90:4e:36:34:a2:da:83:
         f9:46:26:b0:f9:75:0e:58:17:0c:3f:47:ec:99:32:b5:f5:b8:
         57:24:0b:d8:de:80:33:b1:52:3b:6b:63:37:ed:56:cc:61:8d:
         e1:fb:04:52:2c:3b:47:81:d1:54:e2:3e:f1:e6:31:92:e8:ae:
         35:52:7c:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQg9yTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTM4NWE1MGE2MzNhYTFkYTcxNWJhMDhhMDljZDJmNDQwMGZjNzg0MB4XDTIyMDEw
MTA4MDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGUyZGUzODE4NjQ0
Mjc3NzQxMmY1OTU0MTEzNWI4ZDRmODIyMTc5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpBW9QHzzvAt1K2+y77gBhSKGMOMdK2L7wrZDuFlNHBxHbv
CL60Kp1fdO/PsDwxeFfXOH8utUWwdvOzE0yHz985rOyu8IP7AhHZFnwsN0Hr7VJi
9vuhVnSWhtwmQ2z5FZEq9d4hI4jATMFZqjuVNEa/zq3w9joIx47596x8sfiikKTi
xuYPFgVnLX7hfPr7/0hu3YvP1eL+cOsn/5tLxbry8L20gHpsJ2xsf+r/G1d7SF4J
bMFlHZPOkdJUKgUIt1gonHIZw0ZAP6M1Kc0LguLZX/DzHyyzMHUHpyVfvpiO8Zt3
p1WSSz6/oPC1rCFAfnLb4ALPHOQt6eai1voF3BcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQOLeOBhkQnd0EvWVQRNbjU+CIXkzAfBgNVHSMEGDAWgBRFOFpQpjOqHacV
ugignNL0QA/HhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JUaGFVS1l6cWgybkZib0lvSnpTOUVBUHg0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvMWQyMjMwLWNkZDMtNDI3NS04ZTcyLWQ5Njc3N2NiZjJkNi8x
L0RpM2pnWVpFSjNkQkwxbFVFVFc0MVBnaUY1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
MWQyMjMwLWNkZDMtNDI3NS04ZTcyLWQ5Njc3N2NiZjJkNi8xL1JUaGFVS1l6cWgy
bkZib0lvSnpTOUVBUHg0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFT2UzANBgkqhkiG9w0BAQsFAAOC
AQEAT9zZP6CSdNMoaTKX3pQ2TzDC6/XNMZ/4UC2ajudnJFZCNXzo4l//Z1x26oGK
vfc9ac9RvIeEUI4ySKArTE+ee7wxWGubMc/yWdnjHIRllkVHQ0OAxIY/N6i4ViUP
0/gy7h3A42h4kPWdfPOA+l+prXZvBoF8NcM0MZLxjxwGQej4Dhi3706Y3x+5g9Ej
Jze+gXKQ46PG2CRWjBs+cZrA1kexCd9mZOcCsiFVwZjPy1EqpEXn0tOzHRekIuMc
BqWQTjY0otqD+UYmsPl1DlgXDD9H7JkytfW4VyQL2N6AM7FSO2tjN+1WzGGN4fsE
Uiw7R4HRVOI+8eYxkuiuNVJ80A==
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:29:13 2022 by rpki-client.