Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa
File:                     lwc2HQXHe7ADJYmytCF-uzOCPO0.roa (download)
Hash identifier:          EX+COr7a+ZBo5MnFfFhYsHiKTo+vhNnt50b8yDH9+Ao=
Subject key identifier:   97:07:36:1D:05:C7:7B:B0:03:25:89:B2:B4:21:7E:BB:33:82:3C:ED
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       01823EB321E923E2E1BA68E202FEB5DFB7A4
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 92.51.40.0/23 maxlen: 24
    2: 92.51.42.0/23 maxlen: 24
    3: 92.51.34.0/23 maxlen: 24
    4: 92.51.32.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3e:b3:21:e9:23:e2:e1:ba:68:e2:02:fe:b5:df:b7:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: Jul 27 08:08:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9707361d05c77bb0032589b2b4217ebb33823ced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:13:06:45:dc:0d:35:90:84:2b:c3:38:09:8c:
                    7d:b4:2a:f1:7a:fd:11:3f:30:e7:aa:7b:78:8a:18:
                    53:f5:d1:2c:b0:8e:74:3c:28:e4:13:21:7c:ed:fd:
                    9d:d9:dc:fa:21:af:5a:f9:19:ef:84:2d:1d:67:32:
                    76:cd:8f:9d:83:7d:19:f6:04:8c:a9:a0:57:a8:2a:
                    ce:0b:81:55:d1:bb:b9:a2:38:30:b0:2b:64:c4:cb:
                    da:47:66:0f:63:df:7d:a9:af:4f:d1:60:04:0f:ad:
                    51:67:15:34:d1:ca:52:ad:b1:59:0c:f4:8f:af:b3:
                    eb:af:0f:84:80:e8:da:84:43:a5:70:6a:81:46:45:
                    9c:c8:1f:b8:e9:44:7a:45:16:fc:09:5d:71:ea:54:
                    95:7f:d8:d1:49:b8:df:ec:86:55:64:70:65:13:09:
                    16:bc:f7:94:55:af:40:d9:59:79:f3:0a:d1:ff:87:
                    a7:71:23:b8:4f:dc:0c:f2:c4:2e:e2:2a:f8:48:78:
                    c4:90:a8:5a:13:8c:4e:35:f0:54:bc:eb:75:02:df:
                    ce:95:5a:25:25:7e:5b:af:f6:ac:54:7d:5a:81:ed:
                    96:6b:14:a6:da:b4:06:4f:6d:08:e4:74:7c:0f:1b:
                    95:bf:28:54:c3:ad:a0:88:68:27:b8:f8:53:9a:be:
                    9d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                97:07:36:1D:05:C7:7B:B0:03:25:89:B2:B4:21:7E:BB:33:82:3C:ED
            X509v3 Authority Key Identifier: 
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.51.32.0/22
                  92.51.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:3f:62:39:1d:13:de:cc:b3:f4:9b:05:33:0c:9b:4d:d3:05:
         6b:d8:b1:c5:1f:e0:0c:84:fb:27:d0:94:e3:54:c0:ef:a8:91:
         6e:d3:5d:b1:f3:da:ed:06:4c:bf:f0:b8:8d:fd:88:fc:de:8d:
         14:42:5d:dd:7e:7a:de:a2:d8:1a:1c:28:18:32:e1:3e:9b:32:
         7e:00:85:01:61:57:7b:4f:9c:b3:b2:e7:25:98:a2:99:15:9e:
         eb:1e:9f:ac:0c:ca:01:50:97:3d:e7:37:76:cc:a6:e4:e8:ca:
         21:33:aa:9f:cb:b7:82:51:23:ec:a3:f0:f4:53:09:a9:d9:f2:
         26:e6:b5:66:86:59:5c:08:c0:c1:4d:a1:30:ca:f8:24:25:92:
         ac:54:d8:ef:a1:c9:46:5a:c5:0a:5d:9b:73:18:27:ba:67:0f:
         bb:6a:a2:ff:b3:71:6e:e5:03:8e:f2:77:ea:7a:22:2d:33:23:
         bd:de:26:b5:6e:5b:ae:93:cd:17:e1:45:21:c0:b4:2b:71:b2:
         10:00:64:00:d4:fa:21:d4:55:15:0b:8a:5e:42:d3:d0:e3:24:
         14:2b:65:2c:e1:5b:fb:7d:5b:8c:aa:b1:db:32:ac:4a:6e:aa:
         97:69:74:54:74:33:87:e7:39:86:08:7a:d0:4d:96:b8:ac:cf:
         a4:76:ee:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI+syHpI+LhumjiAv6137ekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjIwNzI3MDgwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA3MzYxZDA1Yzc3YmIwMDMyNTg5YjJiNDIxN2ViYjMzODIzY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhMGRdwNNZCEK8M4CYx9tCrxev0R
PzDnqnt4ihhT9dEssI50PCjkEyF87f2d2dz6Ia9a+RnvhC0dZzJ2zY+dg30Z9gSM
qaBXqCrOC4FV0bu5ojgwsCtkxMvaR2YPY999qa9P0WAED61RZxU00cpSrbFZDPSP
r7Prrw+EgOjahEOlcGqBRkWcyB+46UR6RRb8CV1x6lSVf9jRSbjf7IZVZHBlEwkW
vPeUVa9A2Vl58wrR/4encSO4T9wM8sQu4ir4SHjEkKhaE4xONfBUvOt1At/OlVol
JX5br/asVH1age2WaxSm2rQGT20I5HR8DxuVvyhUw62giGgnuPhTmr6dtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJcHNh0Fx3uwAyWJsrQhfrszgjztMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvbHdjMkhRWEhlN0FESllteXRDRi11ek9DUE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQAuP2I5HRPezLP0mwUzDJtN0wVr2LHFH+AM
hPsn0JTjVMDvqJFu012x89rtBky/8LiN/Yj83o0UQl3dfnreotgaHCgYMuE+mzJ+
AIUBYVd7T5yzsuclmKKZFZ7rHp+sDMoBUJc95zd2zKbk6MohM6qfy7eCUSPso/D0
Uwmp2fIm5rVmhllcCMDBTaEwyvgkJZKsVNjvoclGWsUKXZtzGCe6Zw+7aqL/s3Fu
5QOO8nfqeiItMyO93ia1bluuk80X4UUhwLQrcbIQAGQA1Poh1FUVC4peQtPQ4yQU
K2Us4Vv7fVuMqrHbMqxKbqqXaXRUdDOH5zmGCHrQTZa4rM+kdu6n
-----END CERTIFICATE-----
Generated at Thu Dec 8 18:48:58 2022 by rpki-client.