Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/3l5sX6Kc_DxJF4OYhmr8cR4_n1Q.roa
File:                     3l5sX6Kc_DxJF4OYhmr8cR4_n1Q.roa (download)
Hash identifier:          MOBpRTsKGFZR0/3SnBYbUVRGT7k2Lj8mduZbGhg9+bs=
Subject key identifier:   DE:5E:6C:5F:A2:9C:FC:3C:49:17:83:98:86:6A:FC:71:1E:3F:9F:54
Certificate issuer:       /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial:       0185E8B9E07B14B4D7467F677DAD5AEABB85
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/3l5sX6Kc_DxJF4OYhmr8cR4_n1Q.roa
ROA valid until:          Mon 01 Jul 2024 00:00:00 +0000
asID:                     35831
IP address blocks:
    1: 89.167.228.0/24 maxlen: 24
    2: 89.167.181.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e8:b9:e0:7b:14:b4:d7:46:7f:67:7d:ad:5a:ea:bb:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
        Validity
            Not Before: Jan 25 11:39:33 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de5e6c5fa29cfc3c49178398866afc711e3f9f54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d7:c9:0e:bf:62:f4:2b:89:8d:59:c2:16:7e:
                    7f:bc:2b:d0:b4:e0:05:44:15:6f:9e:99:ca:d1:21:
                    88:75:10:b8:32:c6:46:41:f9:9d:72:2e:5e:3f:f0:
                    17:29:13:04:c6:5c:e2:8e:5a:26:82:61:9e:aa:ca:
                    1e:e1:5e:3c:97:9c:35:96:5b:c6:7c:2f:8f:89:57:
                    d2:fc:a1:06:6b:0d:45:5e:3e:d4:c1:22:fb:a7:66:
                    04:5d:4e:54:06:58:a6:8b:48:a5:b5:0c:a4:5e:dc:
                    c3:53:08:f4:7f:81:fc:ea:a4:a3:40:d7:23:33:7d:
                    a3:ba:8a:8d:84:4a:22:97:9b:42:f4:a5:af:13:37:
                    66:d5:94:c0:ee:c2:78:89:39:51:da:ba:34:58:89:
                    c7:ec:6e:cc:a4:51:ea:37:6f:d9:bb:46:21:6f:e6:
                    49:fe:7c:b9:73:61:5c:dc:b9:39:fc:37:72:c7:8e:
                    a6:b1:9a:05:ed:b5:61:f9:f0:54:9d:17:bb:12:0d:
                    89:78:6f:cc:44:85:33:21:05:bc:ce:1f:44:71:6b:
                    27:26:97:25:77:76:36:50:ed:b6:ae:9d:4d:7f:b3:
                    34:23:eb:b9:38:df:60:7f:00:a4:e1:c4:61:e2:8e:
                    e9:f3:2b:c2:15:2c:8c:3d:aa:71:e6:14:62:d0:4f:
                    8a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DE:5E:6C:5F:A2:9C:FC:3C:49:17:83:98:86:6A:FC:71:1E:3F:9F:54
            X509v3 Authority Key Identifier: 
                keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/3l5sX6Kc_DxJF4OYhmr8cR4_n1Q.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.167.181.0/24
                  89.167.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:8c:f8:98:11:c4:16:11:48:1a:91:93:4e:01:7b:0c:45:91:
         c0:8a:d0:56:02:56:dd:cb:ce:c5:c3:08:8c:da:36:93:56:29:
         d3:74:36:ee:39:d4:1d:83:d8:fc:e8:e1:f2:90:ba:63:84:fc:
         db:45:90:15:3e:9b:62:78:87:0e:b1:c1:2b:9b:68:5d:b3:f8:
         80:3b:85:70:e8:63:8f:97:9d:f0:c0:27:c9:cf:4e:52:65:23:
         99:23:d5:b3:e3:5a:20:6f:14:33:34:7e:81:bd:34:e1:2a:e3:
         c0:97:f2:28:82:66:e1:75:9c:af:e1:ed:40:ab:fd:22:01:c2:
         78:a5:f6:48:49:5a:6a:7c:e7:fa:58:c3:34:d1:12:e3:e8:4b:
         c5:8d:b2:79:4d:ef:11:de:a8:13:8a:43:75:63:e1:f2:68:46:
         b1:4a:43:8b:f0:c0:45:24:e8:36:97:81:d3:c0:79:8d:84:32:
         93:4e:40:62:66:fa:c2:56:29:b0:c0:f0:9d:9f:a2:2d:9c:de:
         d3:00:60:f0:af:65:53:a9:31:1d:10:a5:c6:a6:ba:87:8d:c7:
         cf:ef:48:59:98:4e:b6:99:b8:84:42:21:fe:54:9a:95:4f:6e:
         fe:1a:79:42:c8:f6:cc:80:99:70:b7:f0:97:63:24:3f:31:48:
         4d:60:88:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXoueB7FLTXRn9nfa1a6ruFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjMwMTI1MTEzOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTVlNmM1ZmEyOWNmYzNjNDkxNzgzOTg4NjZhZmM3MTFlM2Y5ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidfJDr9i9CuJjVnCFn5/vCvQtOAF
RBVvnpnK0SGIdRC4MsZGQfmdci5eP/AXKRMExlzijlomgmGeqsoe4V48l5w1llvG
fC+PiVfS/KEGaw1FXj7UwSL7p2YEXU5UBlimi0iltQykXtzDUwj0f4H86qSjQNcj
M32juoqNhEoil5tC9KWvEzdm1ZTA7sJ4iTlR2ro0WInH7G7MpFHqN2/Zu0Yhb+ZJ
/ny5c2Fc3Lk5/Ddyx46msZoF7bVh+fBUnRe7Eg2JeG/MRIUzIQW8zh9EcWsnJpcl
d3Y2UO22rp1Nf7M0I+u5ON9gfwCk4cRh4o7p8yvCFSyMPapx5hRi0E+KbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN5ebF+inPw8SReDmIZq/HEeP59UMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvM2w1c1g2S2NfRHhKRjRPWWhtcjhjUjRfbjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWae1AwQA
WafkMA0GCSqGSIb3DQEBCwUAA4IBAQBdjPiYEcQWEUgakZNOAXsMRZHAitBWAlbd
y87FwwiM2jaTVinTdDbuOdQdg9j86OHykLpjhPzbRZAVPptieIcOscErm2hds/iA
O4Vw6GOPl53wwCfJz05SZSOZI9Wz41ogbxQzNH6BvTThKuPAl/IogmbhdZyv4e1A
q/0iAcJ4pfZISVpqfOf6WMM00RLj6EvFjbJ5Te8R3qgTikN1Y+HyaEaxSkOL8MBF
JOg2l4HTwHmNhDKTTkBiZvrCVimwwPCdn6ItnN7TAGDwr2VTqTEdEKXGprqHjcfP
70hZmE62mbiEQiH+VJqVT27+GnlCyPbMgJlwt/CXYyQ/MUhNYIhB
-----END CERTIFICATE-----
Generated at Wed Jan 25 12:48:54 2023 by rpki-client.