Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa
File:                     lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa (download)
Hash identifier:          E1h7fEZoHtLN0C9xQbo2jejC5+6SxY9ZBjm3mhKs7kA=
Subject key identifier:   94:25:42:58:F9:8B:46:CF:0C:C7:35:0E:60:BE:0C:C1:34:7F:83:D1
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       178A7BFA
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a09:e1c1:f000::/44 maxlen: 44

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 394951674 (0x178a7bfa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Jan  1 13:03:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=94254258f98b46cf0cc7350e60be0cc1347f83d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1d:b0:3e:8c:ee:10:2c:37:86:99:08:41:c6:
                    04:84:65:3d:95:62:03:78:a3:7a:af:0c:03:91:94:
                    38:f8:a9:22:be:1d:07:d0:f9:a3:91:19:d3:47:9b:
                    fd:76:19:da:3e:8e:5e:54:9b:89:d2:74:95:78:19:
                    74:da:ba:69:d8:57:06:4e:65:85:c1:c9:2a:67:d3:
                    c4:71:88:aa:39:cb:86:9e:7f:d4:3a:a6:78:d7:d5:
                    b9:95:01:c5:15:93:5e:3a:17:34:70:45:60:7b:55:
                    e1:24:65:8d:0e:3c:ae:32:f7:84:f1:3b:b2:44:82:
                    a0:b5:85:f3:a9:76:98:ee:2d:33:f7:7d:98:d5:16:
                    73:cb:12:9c:82:8c:78:77:b3:cc:e8:af:59:66:e3:
                    7b:9a:3a:ae:8c:61:6f:81:89:74:ab:0a:36:9e:86:
                    d5:26:a6:59:6e:08:05:2d:5f:8a:1b:cd:52:58:e2:
                    b6:52:ce:f3:53:e8:df:b8:17:79:32:e2:b4:2e:5b:
                    d8:7c:3c:c2:79:fa:c0:81:33:7a:0d:a7:4a:63:2e:
                    0b:6d:b4:bd:ab:e4:da:3a:28:8d:bb:61:e2:19:99:
                    84:90:3f:03:63:b5:91:bb:ed:93:97:d2:30:39:4c:
                    86:ac:ae:7e:cd:88:66:6a:6f:3c:34:06:9f:e1:6e:
                    b6:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                94:25:42:58:F9:8B:46:CF:0C:C7:35:0E:60:BE:0C:C1:34:7F:83:D1
            X509v3 Authority Key Identifier: 
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lCVCWPmLRs8MxzUOYL4MwTR_g9E.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:e1c1:f000::/44

    Signature Algorithm: sha256WithRSAEncryption
         1d:40:bb:37:59:fe:6c:4f:cd:d1:dd:38:d2:4c:3a:30:fd:23:
         20:c3:25:07:c1:a6:83:5a:54:6b:31:72:e2:0f:03:4a:64:82:
         dc:27:2d:1d:76:5b:2d:49:bf:6e:c6:61:81:bc:db:0e:73:7e:
         cb:50:69:c0:13:07:b6:ee:fe:47:40:97:88:8b:a9:7b:c8:cd:
         4b:a5:85:69:51:ad:9c:4c:14:9d:7b:47:08:19:93:c9:dd:41:
         f6:d5:6b:76:80:91:d3:63:5d:bc:97:eb:96:20:52:b8:c4:b0:
         1d:b6:42:ce:68:f1:c6:d0:45:f8:21:31:58:d1:a6:2c:b4:bb:
         84:74:a1:2d:7c:4e:63:cd:d2:b4:8b:62:23:d2:88:55:be:2b:
         44:bf:37:54:38:df:88:92:17:9c:10:9b:af:5e:b5:ea:9d:bc:
         f9:ad:ac:ce:61:cd:75:48:b8:b5:a9:64:10:f0:33:f1:90:1e:
         28:24:68:c5:84:fe:da:3c:2a:10:d5:4e:c7:29:9f:c9:4a:82:
         33:53:f3:4c:bd:fc:e3:3c:37:5f:11:3c:53:15:92:45:f2:d3:
         e8:c9:70:a9:7d:70:93:55:0a:f0:ab:02:37:3a:65:51:a3:b0:
         30:af:a2:43:0d:e6:92:3d:75:a7:53:bf:60:c0:a8:70:49:d5:
         9d:b2:85:e6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEF4p7+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQyNTQyNThmOThi
NDZjZjBjYzczNTBlNjBiZTBjYzEzNDdmODNkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcdsD6M7hAsN4aZCEHGBIRlPZViA3ijeq8MA5GUOPipIr4d
B9D5o5EZ00eb/XYZ2j6OXlSbidJ0lXgZdNq6adhXBk5lhcHJKmfTxHGIqjnLhp5/
1DqmeNfVuZUBxRWTXjoXNHBFYHtV4SRljQ48rjL3hPE7skSCoLWF86l2mO4tM/d9
mNUWc8sSnIKMeHezzOivWWbje5o6roxhb4GJdKsKNp6G1SamWW4IBS1fihvNUlji
tlLO81Po37gXeTLitC5b2Hw8wnn6wIEzeg2nSmMuC220vavk2joojbth4hmZhJA/
A2O1kbvtk5fSMDlMhqyufs2IZmpvPDQGn+FutuUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSUJUJY+YtGzwzHNQ5gvgzBNH+D0TAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L2xDVkNXUG1MUnM4TXh6VU9ZTDRNd1RSX2c5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJ4cHwADANBgkqhkiG9w0BAQsF
AAOCAQEAHUC7N1n+bE/N0d040kw6MP0jIMMlB8Gmg1pUazFy4g8DSmSC3CctHXZb
LUm/bsZhgbzbDnN+y1BpwBMHtu7+R0CXiIupe8jNS6WFaVGtnEwUnXtHCBmTyd1B
9tVrdoCR02NdvJfrliBSuMSwHbZCzmjxxtBF+CExWNGmLLS7hHShLXxOY83StIti
I9KIVb4rRL83VDjfiJIXnBCbr1616p28+a2szmHNdUi4talkEPAz8ZAeKCRoxYT+
2jwqENVOxymfyUqCM1PzTL384zw3XxE8UxWSRfLT6MlwqX1wk1UK8KsCNzplUaOw
MK+iQw3mkj11p1O/YMCocEnVnbKF5g==
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:02:18 2022 by rpki-client.