Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/

$ rpki-client -vvf n9wa01u6K304zM80OdfeG2n2yPo.roa
File:                     n9wa01u6K304zM80OdfeG2n2yPo.roa (download)
Hash identifier:          Aorc37PO5uegVxr1bbIpIe/YZoCzrhefyfkKOujHkHo=
Subject key identifier:   9F:DC:1A:D3:5B:BA:2B:7D:38:CC:CF:34:39:D7:DE:1B:69:F6:C8:FA
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       D2FC2C
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/n9wa01u6K304zM80OdfeG2n2yPo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.56.147.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13827116 (0xd2fc2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Jan  1 06:02:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9fdc1ad35bba2b7d38cccf3439d7de1b69f6c8fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:dc:bc:f3:02:fc:cc:7d:e7:37:6a:a7:e0:f1:
                    5f:0b:d9:a4:5e:f2:09:42:4a:7a:9d:e3:88:f4:6c:
                    4d:be:22:bb:f0:2b:41:66:9a:b3:20:1b:4c:11:ba:
                    13:34:df:8b:ef:c1:49:f9:7c:55:fa:8a:b1:55:d6:
                    0e:07:d4:7d:6d:cc:15:11:75:98:9e:25:12:cc:96:
                    7b:2c:8e:5c:85:f0:ce:ec:3c:0c:73:22:6d:23:94:
                    1b:50:81:ce:de:8f:ae:99:0a:76:4f:7b:1f:e0:e2:
                    a8:a3:22:10:66:c6:ef:3c:2c:e2:02:c7:7a:64:af:
                    b2:1b:fd:de:5a:d2:51:f7:a2:0a:f5:39:46:80:f9:
                    90:67:02:ea:0f:91:26:dc:03:dc:5a:59:36:89:9a:
                    df:7f:41:3b:ee:26:61:55:bb:62:0a:c1:25:49:3e:
                    5b:d0:f1:f9:c7:e6:6d:c8:99:05:ad:16:63:03:95:
                    e2:f3:9e:48:47:3f:a2:2c:59:b4:d3:24:67:e5:de:
                    4f:1c:fe:95:e7:5b:36:ca:39:8d:44:28:84:7c:2c:
                    e6:92:4f:f5:ff:d7:71:cf:43:7e:d9:2e:d9:63:5b:
                    a6:53:e3:ac:8c:57:db:79:41:f5:47:05:8f:b3:dd:
                    a8:dc:30:1d:8c:e2:00:ce:4d:5e:bb:dc:60:bb:08:
                    2a:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9F:DC:1A:D3:5B:BA:2B:7D:38:CC:CF:34:39:D7:DE:1B:69:F6:C8:FA
            X509v3 Authority Key Identifier: 
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/n9wa01u6K304zM80OdfeG2n2yPo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.56.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:05:63:93:fc:82:6c:3d:8b:5b:fd:96:08:7d:3e:54:4d:29:
         f1:eb:05:30:74:57:02:a5:19:8b:a8:6d:6b:bf:62:e6:da:e6:
         2b:00:71:3b:bd:a5:08:02:ca:fd:29:ce:49:76:3e:5f:ad:f4:
         bf:06:df:45:90:90:66:3d:b7:4b:65:c0:34:f7:f2:5b:9d:6e:
         54:9e:59:48:f4:cd:dd:e9:6e:cd:7e:77:4a:43:e3:f0:45:fd:
         68:00:6e:cf:6f:64:d3:81:20:5d:58:a2:e7:c0:e5:52:9b:6f:
         9a:1a:ac:d5:dc:21:48:26:33:01:9c:87:27:58:66:01:50:37:
         99:ce:79:90:f8:e9:ed:37:36:21:f4:1f:06:fa:ce:a8:67:8b:
         2e:37:4c:6e:55:47:d9:64:d7:8a:22:5a:6a:8d:bc:2c:44:61:
         7e:bd:b2:71:ba:8b:6d:6b:73:0b:40:14:08:dd:90:a7:9d:77:
         6b:0e:b3:04:ec:d2:c9:50:3a:b3:6e:cb:4a:bd:03:44:d6:a7:
         9b:7d:e5:4b:ba:17:7e:d7:bc:54:ff:80:7e:47:c2:07:77:db:
         e3:46:88:34:7b:89:32:77:32:14:1f:04:5e:b3:61:b8:53:da:
         14:4d:e9:0d:f2:e8:d1:96:e9:e7:06:39:4b:26:41:cb:e6:e7:
         a9:4f:6d:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANL8LDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTYwNzZmMjdlMTNkMTgwMGU3N2QxNmU0YjYwYjIzYjZmNThjODIwMB4XDTIyMDEw
MTA2MDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZkYzFhZDM1YmJh
MmI3ZDM4Y2NjZjM0MzlkN2RlMWI2OWY2YzhmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLcvPMC/Mx95zdqp+DxXwvZpF7yCUJKep3jiPRsTb4iu/Ar
QWaasyAbTBG6EzTfi+/BSfl8VfqKsVXWDgfUfW3MFRF1mJ4lEsyWeyyOXIXwzuw8
DHMibSOUG1CBzt6PrpkKdk97H+DiqKMiEGbG7zws4gLHemSvshv93lrSUfeiCvU5
RoD5kGcC6g+RJtwD3FpZNoma339BO+4mYVW7YgrBJUk+W9Dx+cfmbciZBa0WYwOV
4vOeSEc/oixZtNMkZ+XeTxz+ledbNso5jUQohHws5pJP9f/Xcc9Dftku2WNbplPj
rIxX23lB9UcFj7PdqNwwHYziAM5NXrvcYLsIKnUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSf3BrTW7orfTjMzzQ5194bafbI+jAfBgNVHSMEGDAWgBTlYHbyfhPRgA53
0W5LYLI7b1jIIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVXQjI4bjRUMFlBT2Q5RnVTMkN5TzI5WXlDQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvMGFjNDRkLWIzYmUtNDI3Ny04MGY4LTU4Y2Y4OTg4OGUyYS8x
L245d2EwMXU2SzMwNHpNODBPZGZlRzJuMnlQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
MGFjNDRkLWIzYmUtNDI3Ny04MGY4LTU4Y2Y4OTg4OGUyYS8xLzVXQjI4bjRUMFlB
T2Q5RnVTMkN5TzI5WXlDQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME4kzANBgkqhkiG9w0BAQsFAAOC
AQEAVAVjk/yCbD2LW/2WCH0+VE0p8esFMHRXAqUZi6hta79i5trmKwBxO72lCALK
/SnOSXY+X630vwbfRZCQZj23S2XANPfyW51uVJ5ZSPTN3eluzX53SkPj8EX9aABu
z29k04EgXVii58DlUptvmhqs1dwhSCYzAZyHJ1hmAVA3mc55kPjp7Tc2IfQfBvrO
qGeLLjdMblVH2WTXiiJaao28LERhfr2ycbqLbWtzC0AUCN2Qp513aw6zBOzSyVA6
s27LSr0DRNanm33lS7oXfte8VP+AfkfCB3fb40aINHuJMncyFB8EXrNhuFPaFE3p
DfLo0Zbp5wY5SyZBy+bnqU9tww==
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:03:44 2022 by rpki-client.