Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa
File:                     MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa (download)
Hash identifier:          atejQjD4MZHpGvUy1ODLETxYGFdwzxpC36lcHF5cOhk=
Subject key identifier:   32:76:97:20:A7:55:C4:69:BE:70:6A:F6:A0:F4:0D:7F:47:E6:3C:12
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       19F094A5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     212582
IP address blocks:
    1: 185.208.168.0/24 maxlen: 32
    2: 185.188.7.0/24 maxlen: 32
    3: 213.232.106.0/24 maxlen: 32
    4: 185.177.82.0/24 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 435197093 (0x19f094a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Apr 30 22:04:31 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=32769720a755c469be706af6a0f40d7f47e63c12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f3:87:de:f2:ee:7d:75:9c:d3:ba:e1:6f:c2:
                    ef:1d:f1:0f:97:5d:03:85:14:90:e9:e8:97:b0:96:
                    a6:ae:92:f7:84:1f:48:9a:34:7f:2e:61:f3:30:0e:
                    8d:58:81:a2:d3:21:5d:19:03:e0:0c:87:55:6c:7b:
                    c6:d5:c8:4e:7d:02:65:f7:35:a4:3f:26:2b:19:01:
                    67:74:9f:79:00:c2:53:9b:b2:21:4f:d4:0e:fa:f9:
                    e7:7c:68:09:7f:5a:70:06:bc:d4:50:c5:7b:f2:6c:
                    d5:ae:00:66:37:df:ae:23:5f:f7:dc:b7:98:83:f0:
                    68:0f:94:37:2c:3f:cf:ef:68:af:9f:f9:17:36:f9:
                    9a:f0:19:28:56:10:13:8c:7a:a0:19:a6:39:a4:5f:
                    f5:5e:5f:aa:a2:c5:ec:ef:8e:3b:98:a0:42:fb:2d:
                    18:55:30:92:79:47:bb:e8:7e:a9:10:19:46:5e:c0:
                    a8:8c:63:cf:31:0e:51:4a:fa:db:bf:4f:cb:a5:f5:
                    1b:7b:73:a5:5d:1d:e7:94:42:47:42:85:2e:4e:70:
                    15:9f:9f:d9:ed:1f:56:92:43:ac:db:2b:a7:1a:55:
                    d6:9c:1f:cf:34:15:2f:08:16:dd:c8:40:1d:1f:08:
                    82:51:44:fe:8d:45:ea:61:dc:4f:82:ad:ee:98:fa:
                    f5:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                32:76:97:20:A7:55:C4:69:BE:70:6A:F6:A0:F4:0D:7F:47:E6:3C:12
            X509v3 Authority Key Identifier: 
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MnaXIKdVxGm-cGr2oPQNf0fmPBI.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.82.0/24
                  185.188.7.0/24
                  185.208.168.0/24
                  213.232.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:f7:0f:f5:dd:ce:7c:3f:ef:6c:a8:e3:28:7f:ab:48:6b:75:
         6d:3f:2d:33:c1:2e:3e:0c:34:07:6c:1a:af:f3:11:d8:51:01:
         8e:2d:ef:ee:84:bb:a0:f5:87:ea:b5:db:14:8f:02:38:08:00:
         79:0e:98:28:46:d5:fd:89:2e:43:6d:74:f8:5d:94:6a:a5:29:
         bf:d1:9d:b0:79:d8:fc:09:60:6e:96:07:54:5d:f9:31:f5:28:
         e9:73:64:4d:6b:b3:49:50:de:44:ad:04:8e:11:96:de:c3:15:
         69:ff:8c:8d:ea:29:12:e7:30:0a:eb:41:89:c1:3e:14:66:ff:
         ee:df:db:de:63:07:35:53:23:0e:3f:a1:11:e8:45:0b:b4:b7:
         cc:f3:7a:52:3b:0e:89:89:f6:3f:46:31:89:f6:c6:d0:54:9a:
         c0:4c:5c:f7:9d:75:12:99:3e:81:38:b5:21:a2:64:83:f0:da:
         11:05:c2:d6:d2:cd:8e:0b:d5:22:c1:ff:b2:70:f1:b9:dd:96:
         ff:ac:90:65:28:34:66:41:c0:f8:e5:19:bb:d1:7d:66:e1:26:
         23:bd:44:71:f4:64:0f:e5:93:4a:a4:11:5f:bd:cc:57:90:cb:
         97:4a:dc:66:9c:bd:46:88:aa:65:df:3c:28:2a:5d:03:00:98:
         18:f5:e8:2d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGfCUpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQz
MDIyMDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI3Njk3MjBhNzU1
YzQ2OWJlNzA2YWY2YTBmNDBkN2Y0N2U2M2MxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvzh97y7n11nNO64W/C7x3xD5ddA4UUkOnol7CWpq6S94Qf
SJo0fy5h8zAOjViBotMhXRkD4AyHVWx7xtXITn0CZfc1pD8mKxkBZ3SfeQDCU5uy
IU/UDvr553xoCX9acAa81FDFe/Js1a4AZjffriNf99y3mIPwaA+UNyw/z+9or5/5
Fzb5mvAZKFYQE4x6oBmmOaRf9V5fqqLF7O+OO5igQvstGFUwknlHu+h+qRAZRl7A
qIxjzzEOUUr6279Py6X1G3tzpV0d55RCR0KFLk5wFZ+f2e0fVpJDrNsrpxpV1pwf
zzQVLwgW3chAHR8IglFE/o1F6mHcT4Kt7pj69RcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQydpcgp1XEab5wavag9A1/R+Y8EjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L01uYVhJS2RWeEdtLWNHcjJvUFFOZjBmbVBCSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEALmxUgMEALm8BwMEALnQqAMEANXo
ajANBgkqhkiG9w0BAQsFAAOCAQEAH/cP9d3OfD/vbKjjKH+rSGt1bT8tM8EuPgw0
B2war/MR2FEBji3v7oS7oPWH6rXbFI8COAgAeQ6YKEbV/YkuQ210+F2UaqUpv9Gd
sHnY/AlgbpYHVF35MfUo6XNkTWuzSVDeRK0EjhGW3sMVaf+MjeopEucwCutBicE+
FGb/7t/b3mMHNVMjDj+hEehFC7S3zPN6UjsOiYn2P0YxifbG0FSawExc9511Epk+
gTi1IaJkg/DaEQXC1tLNjgvVIsH/snDxud2W/6yQZSg0ZkHA+OUZu9F9ZuEmI71E
cfRkD+WTSqQRX73MV5DLl0rcZpy9RoiqZd88KCpdAwCYGPXoLQ==
-----END CERTIFICATE-----
Generated at Thu Dec 8 05:32:38 2022 by rpki-client.