Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cbb5ed-65cc-4979-b0b1-a493fe7f2ae6/1/Tm8zJ9leh018wr7nnMCm36QplM4.roa
File:                     Tm8zJ9leh018wr7nnMCm36QplM4.roa (download)
Hash identifier:          0+0iw3dUdDnsg4kXs6tHqNGP+2X62IhSyL9hIzVy7Lc=
Subject key identifier:   4E:6F:33:27:D9:5E:87:4D:7C:C2:BE:E7:9C:C0:A6:DF:A4:29:94:CE
Certificate issuer:       /CN=b3bea0da56e55fa2eb500f150dc478ed1cb39daf
Certificate serial:       01218A98
Authority key identifier: B3:BE:A0:DA:56:E5:5F:A2:EB:50:0F:15:0D:C4:78:ED:1C:B3:9D:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s76g2lblX6LrUA8VDcR47Ryzna8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/cbb5ed-65cc-4979-b0b1-a493fe7f2ae6/1/Tm8zJ9leh018wr7nnMCm36QplM4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 146.255.189.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18975384 (0x1218a98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3bea0da56e55fa2eb500f150dc478ed1cb39daf
        Validity
            Not Before: Jan  1 10:54:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e6f3327d95e874d7cc2bee79cc0a6dfa42994ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e7:d4:ad:45:96:9a:89:49:92:27:14:79:85:
                    f3:47:7a:73:7c:b7:68:8b:44:77:35:96:26:56:c0:
                    ed:0b:1f:80:10:15:f4:2a:61:20:74:75:38:77:be:
                    c1:00:1f:c2:6d:fd:0a:64:04:67:f9:33:54:d7:ca:
                    14:f5:87:b0:27:93:9d:f1:80:ae:30:28:27:71:59:
                    f4:c8:eb:42:59:9f:f9:12:5d:30:80:8b:d4:9c:16:
                    0d:c1:eb:4c:15:7c:60:b4:ca:e8:b2:f5:11:5b:ba:
                    ba:a3:52:05:26:87:24:07:2a:a3:23:2c:a7:ff:52:
                    1d:7c:db:ae:80:bf:99:65:18:f6:9f:83:09:17:ef:
                    0a:d8:53:d2:c1:19:27:fb:a9:38:92:6e:1a:c1:d0:
                    26:28:75:c0:b2:ed:4a:f4:80:29:b0:85:22:99:0f:
                    ad:84:d7:a8:e4:8c:3c:da:ab:84:ed:88:f0:e4:e1:
                    ce:43:57:c1:30:7b:75:f7:89:c4:ce:4d:ef:4f:a4:
                    b4:20:e8:b4:3b:7c:c5:df:04:cd:90:8f:64:c7:6a:
                    77:e0:d5:ef:07:29:a8:d4:d3:32:69:00:f1:94:4e:
                    69:19:a2:b6:a0:dc:69:9c:ec:9f:8a:12:06:db:09:
                    a6:32:b0:94:71:f5:0a:8f:66:ca:7a:6d:15:b3:14:
                    a0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4E:6F:33:27:D9:5E:87:4D:7C:C2:BE:E7:9C:C0:A6:DF:A4:29:94:CE
            X509v3 Authority Key Identifier: 
                keyid:B3:BE:A0:DA:56:E5:5F:A2:EB:50:0F:15:0D:C4:78:ED:1C:B3:9D:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s76g2lblX6LrUA8VDcR47Ryzna8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cbb5ed-65cc-4979-b0b1-a493fe7f2ae6/1/Tm8zJ9leh018wr7nnMCm36QplM4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cbb5ed-65cc-4979-b0b1-a493fe7f2ae6/1/s76g2lblX6LrUA8VDcR47Ryzna8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.255.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:f8:dc:bd:ef:fc:f2:cd:15:da:d4:32:d5:17:b6:8d:9e:69:
         c6:43:b6:49:14:57:fe:56:ff:9a:50:be:d2:d4:a6:7a:7b:65:
         f3:78:d4:33:5d:aa:d9:f6:a5:cd:0b:ee:93:09:0f:e7:c9:e3:
         ff:ab:ce:42:a9:d4:41:8e:6a:3a:ef:03:f4:eb:37:52:87:01:
         85:e6:41:e3:e5:f1:9f:f8:e5:16:15:41:b0:a1:96:dd:a5:22:
         a5:22:1a:8c:21:9b:c4:0d:be:26:08:95:fb:d0:ac:c2:d8:7f:
         c1:4c:cd:30:4a:40:95:d5:34:74:f9:bb:fd:4e:db:03:9d:ef:
         0d:da:6d:c6:73:7d:02:bc:cb:c9:60:1c:f6:7e:42:dd:17:80:
         e8:e8:0a:e4:d8:28:97:6b:44:6c:11:2c:0d:cc:be:36:08:99:
         d2:7f:9e:08:13:b8:16:bd:f8:e6:16:69:2b:3a:f4:46:35:b0:
         17:62:7e:72:fe:ec:f4:5b:c7:7e:c0:93:9a:9e:24:fa:89:27:
         82:52:58:01:c3:2d:b2:de:7c:8a:09:1d:e3:4f:c8:dc:9d:96:
         63:34:56:9a:f4:7a:93:08:e7:30:7a:43:a2:7c:0e:ff:60:74:
         cf:47:e7:57:29:ff:8e:a6:1c:04:f3:86:eb:7b:cc:b9:d8:18:
         1e:08:36:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASGKmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2JlYTBkYTU2ZTU1ZmEyZWI1MDBmMTUwZGM0NzhlZDFjYjM5ZGFmMB4XDTIyMDEw
MTEwNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGU2ZjMzMjdkOTVl
ODc0ZDdjYzJiZWU3OWNjMGE2ZGZhNDI5OTRjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjn1K1FlpqJSZInFHmF80d6c3y3aItEdzWWJlbA7QsfgBAV
9CphIHR1OHe+wQAfwm39CmQEZ/kzVNfKFPWHsCeTnfGArjAoJ3FZ9MjrQlmf+RJd
MICL1JwWDcHrTBV8YLTK6LL1EVu6uqNSBSaHJAcqoyMsp/9SHXzbroC/mWUY9p+D
CRfvCthT0sEZJ/upOJJuGsHQJih1wLLtSvSAKbCFIpkPrYTXqOSMPNqrhO2I8OTh
zkNXwTB7dfeJxM5N70+ktCDotDt8xd8EzZCPZMdqd+DV7wcpqNTTMmkA8ZROaRmi
tqDcaZzsn4oSBtsJpjKwlHH1Co9mynptFbMUoAsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRObzMn2V6HTXzCvuecwKbfpCmUzjAfBgNVHSMEGDAWgBSzvqDaVuVfoutQ
DxUNxHjtHLOdrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M3NmcybGJsWDZMclVBOFZEY1I0N1J5em5hOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvY2JiNWVkLTY1Y2MtNDk3OS1iMGIxLWE0OTNmZTdmMmFlNi8x
L1RtOHpKOWxlaDAxOHdyN25uTUNtMzZRcGxNNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
Y2JiNWVkLTY1Y2MtNDk3OS1iMGIxLWE0OTNmZTdmMmFlNi8xL3M3NmcybGJsWDZM
clVBOFZEY1I0N1J5em5hOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJL/vTANBgkqhkiG9w0BAQsFAAOC
AQEAhvjcve/88s0V2tQy1Re2jZ5pxkO2SRRX/lb/mlC+0tSmentl83jUM12q2fal
zQvukwkP58nj/6vOQqnUQY5qOu8D9Os3UocBheZB4+Xxn/jlFhVBsKGW3aUipSIa
jCGbxA2+JgiV+9Cswth/wUzNMEpAldU0dPm7/U7bA53vDdptxnN9ArzLyWAc9n5C
3ReA6OgK5Ngol2tEbBEsDcy+NgiZ0n+eCBO4Fr345hZpKzr0RjWwF2J+cv7s9FvH
fsCTmp4k+oknglJYAcMtst58igkd40/I3J2WYzRWmvR6kwjnMHpDonwO/2B0z0fn
Vyn/jqYcBPOG63vMudgYHgg2+A==
-----END CERTIFICATE-----
Generated at Thu Dec 8 18:49:13 2022 by rpki-client.