Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/

$ rpki-client -vvf s65l9IgE_U6bbMZz_tjUDWHZBb8.roa
File:                     s65l9IgE_U6bbMZz_tjUDWHZBb8.roa (download)
Hash identifier:          J3zPcbwmDws+BzM9q2zO8ch3PbRTGwkb21ZN/k3hjWQ=
Subject key identifier:   B3:AE:65:F4:88:04:FD:4E:9B:6C:C6:73:FE:D8:D4:0D:61:D9:05:BF
Certificate issuer:       /CN=05655ac2275e6b8a0286022037c7f8594af58b84
Certificate serial:       A3447A
Authority key identifier: 05:65:5A:C2:27:5E:6B:8A:02:86:02:20:37:C7:F8:59:4A:F5:8B:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWVawidea4oChgIgN8f4WUr1i4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/s65l9IgE_U6bbMZz_tjUDWHZBb8.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.97.200.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10699898 (0xa3447a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05655ac2275e6b8a0286022037c7f8594af58b84
        Validity
            Not Before: Jan  1 00:55:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b3ae65f48804fd4e9b6cc673fed8d40d61d905bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:71:46:8b:f1:ac:be:77:80:ca:fd:4f:ae:0a:
                    14:bf:2b:fd:c6:f4:ff:6d:a7:f6:d4:a8:6e:4a:b2:
                    5c:2f:3c:02:88:04:db:d3:dd:ef:59:d6:5d:83:dd:
                    c5:c5:cb:90:49:a5:f4:a8:34:e2:6e:c5:52:df:8e:
                    eb:7e:34:c4:0c:ba:02:e2:73:aa:63:c3:13:7d:84:
                    fe:74:32:52:28:62:8a:14:69:c4:f6:3c:f6:fc:65:
                    29:72:00:46:6e:8e:a2:39:93:3e:77:37:ff:ca:67:
                    fd:ff:af:16:1e:5f:29:52:b6:c2:55:78:04:1a:7a:
                    83:a5:02:99:67:f5:d1:ae:9c:9e:35:d9:24:e3:bc:
                    29:d9:e0:9c:ff:fb:7a:78:d5:21:95:0c:36:18:38:
                    ab:34:5b:dd:b4:5c:5e:87:25:69:e6:6a:f4:41:ae:
                    b6:92:d5:a0:0d:e1:cd:e7:86:2e:c5:9c:d0:69:6e:
                    17:2e:57:01:54:fb:ef:84:c1:c7:e2:89:fc:f1:ce:
                    35:a9:4b:df:4e:d9:ca:0d:7f:86:6d:ad:45:47:84:
                    b0:88:eb:5d:f1:23:30:0f:3b:d0:42:9a:0e:82:2c:
                    96:8d:8c:e7:ab:b2:e6:8c:07:12:f5:c0:1c:e8:76:
                    dd:53:b8:99:10:31:1f:3f:55:51:96:3c:df:6e:bf:
                    da:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B3:AE:65:F4:88:04:FD:4E:9B:6C:C6:73:FE:D8:D4:0D:61:D9:05:BF
            X509v3 Authority Key Identifier: 
                keyid:05:65:5A:C2:27:5E:6B:8A:02:86:02:20:37:C7:F8:59:4A:F5:8B:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWVawidea4oChgIgN8f4WUr1i4Q.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/s65l9IgE_U6bbMZz_tjUDWHZBb8.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/BWVawidea4oChgIgN8f4WUr1i4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:f8:fd:85:af:27:24:59:93:68:fb:4a:31:1b:d1:e7:57:6d:
         df:4a:a1:ec:b6:df:31:69:95:97:4b:94:7e:21:94:15:c6:74:
         cf:89:23:c0:b6:db:43:11:d0:93:0a:b9:9c:d3:7f:f6:68:9a:
         07:52:2f:e9:3e:af:e6:88:ba:8a:bf:30:9e:7b:5f:dd:5a:54:
         0a:69:25:1f:d9:4a:cf:f1:f9:07:d7:bd:94:df:20:6d:61:2a:
         f0:d2:33:16:16:d3:0a:f5:3b:82:89:b5:dd:93:ae:45:72:41:
         32:d0:92:0b:1d:be:c8:af:de:12:cc:f2:ed:bd:32:c2:c9:59:
         7d:f6:2a:83:31:66:e8:ac:24:0b:68:2d:a8:3a:52:d3:79:62:
         2e:ba:03:42:b7:ea:b1:98:c7:c5:3c:f0:d6:e4:d4:97:1d:48:
         66:64:d9:0d:71:89:62:f7:0a:ec:7a:a4:fe:ce:7f:93:3d:ef:
         13:74:21:2e:d9:fc:ef:b7:9b:f5:38:e4:67:9f:af:21:6b:c5:
         63:e1:f3:7c:db:06:7a:90:e2:7f:1e:61:3a:51:5e:a0:13:53:
         af:05:48:ff:3e:c8:da:d7:68:9c:9b:99:3b:73:ff:4a:e9:fd:
         38:75:3e:b4:94:be:a4:94:a5:36:a6:54:c0:61:0a:2e:d4:46:
         e0:36:de:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKNEejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTY1NWFjMjI3NWU2YjhhMDI4NjAyMjAzN2M3Zjg1OTRhZjU4Yjg0MB4XDTIyMDEw
MTAwNTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNhZTY1ZjQ4ODA0
ZmQ0ZTliNmNjNjczZmVkOGQ0MGQ2MWQ5MDViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJxRovxrL53gMr9T64KFL8r/cb0/22n9tSobkqyXC88AogE
29Pd71nWXYPdxcXLkEml9Kg04m7FUt+O6340xAy6AuJzqmPDE32E/nQyUihiihRp
xPY89vxlKXIARm6OojmTPnc3/8pn/f+vFh5fKVK2wlV4BBp6g6UCmWf10a6cnjXZ
JOO8KdngnP/7enjVIZUMNhg4qzRb3bRcXoclaeZq9EGutpLVoA3hzeeGLsWc0Glu
Fy5XAVT774TBx+KJ/PHONalL307Zyg1/hm2tRUeEsIjrXfEjMA870EKaDoIslo2M
56uy5owHEvXAHOh23VO4mRAxHz9VUZY8326/2u8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzrmX0iAT9TptsxnP+2NQNYdkFvzAfBgNVHSMEGDAWgBQFZVrCJ15rigKG
AiA3x/hZSvWLhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JXVmF3aWRlYTRvQ2hnSWdOOGY0V1VyMWk0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZjAxNDMyLTY3MTgtNGNiOC1hY2I0LTYwYWJjNDUyNzdjNS8x
L3M2NWw5SWdFX1U2YmJNWnpfdGpVRFdIWkJiOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZjAxNDMyLTY3MTgtNGNiOC1hY2I0LTYwYWJjNDUyNzdjNS8xL0JXVmF3aWRlYTRv
Q2hnSWdOOGY0V1VyMWk0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBhyDANBgkqhkiG9w0BAQsFAAOC
AQEAbPj9ha8nJFmTaPtKMRvR51dt30qh7LbfMWmVl0uUfiGUFcZ0z4kjwLbbQxHQ
kwq5nNN/9miaB1Iv6T6v5oi6ir8wnntf3VpUCmklH9lKz/H5B9e9lN8gbWEq8NIz
FhbTCvU7gom13ZOuRXJBMtCSCx2+yK/eEszy7b0ywslZffYqgzFm6KwkC2gtqDpS
03liLroDQrfqsZjHxTzw1uTUlx1IZmTZDXGJYvcK7Hqk/s5/kz3vE3QhLtn877eb
9TjkZ5+vIWvFY+HzfNsGepDifx5hOlFeoBNTrwVI/z7I2tdonJuZO3P/Sun9OHU+
tJS+pJSlNqZUwGEKLtRG4DbeBg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 14:12:42 2022 by rpki-client.