Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/e5/434d6f-daef-46f2-a920-08c784aa6ebe/1/

$ rpki-client -vvf fBj-WzhjNzogpy0PZN6TRpQ1PXs.roa
File:                     fBj-WzhjNzogpy0PZN6TRpQ1PXs.roa (download)
Hash identifier:          2qq48y6mrN9P+2Wpv3BOTRIhjhaQHl7DxvusaFOax08=
Subject key identifier:   7C:18:FE:5B:38:63:37:3A:20:A7:2D:0F:64:DE:93:46:94:35:3D:7B
Certificate issuer:       /CN=f1969c845a752b92213710fc712eea8111d27b04
Certificate serial:       012B1550
Authority key identifier: F1:96:9C:84:5A:75:2B:92:21:37:10:FC:71:2E:EA:81:11:D2:7B:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8ZachFp1K5IhNxD8cS7qgRHSewQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/434d6f-daef-46f2-a920-08c784aa6ebe/1/fBj-WzhjNzogpy0PZN6TRpQ1PXs.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.151.145.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19600720 (0x12b1550)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1969c845a752b92213710fc712eea8111d27b04
        Validity
            Not Before: Jan  1 11:59:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7c18fe5b3863373a20a72d0f64de934694353d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0f:3e:7b:ae:6b:e0:5e:c3:86:0f:dc:fa:dd:
                    72:f3:99:78:10:f9:22:02:a7:a4:43:b1:ba:16:8a:
                    0f:cb:8c:5b:a5:0c:fe:ed:6e:04:33:22:0c:c6:74:
                    50:48:e0:12:fb:b0:1a:e3:2c:92:b5:b5:00:f4:ce:
                    74:fa:02:f3:5b:f9:69:33:ec:6c:25:2f:6b:26:94:
                    b9:53:8e:b0:cd:7f:2c:df:38:fc:9c:4b:c6:3f:38:
                    ef:53:f6:bf:3c:32:ca:7c:20:c7:65:a7:57:e9:70:
                    6c:6e:92:00:8e:dc:3b:d1:2d:e2:78:a5:33:56:37:
                    2b:0f:0e:4a:d1:94:e2:b2:0d:25:93:05:79:1f:ad:
                    34:6e:08:7e:c2:af:81:ab:65:b5:00:a7:00:9c:71:
                    cd:99:45:47:1b:52:3d:10:65:33:0e:f4:b6:e8:4d:
                    5b:b9:e3:a6:34:8a:d6:fb:d8:fb:ad:6c:c5:52:1a:
                    f2:f3:3f:8c:fb:4a:dc:b2:93:a9:57:8c:15:84:6c:
                    10:e0:95:64:5d:8f:66:47:1e:9d:fd:55:eb:b6:2b:
                    40:78:0c:25:8c:ba:fa:ae:a9:e7:96:7e:a4:8d:ff:
                    18:5c:de:48:6b:43:85:8b:ea:a5:9f:32:f4:7b:86:
                    be:df:2b:a6:41:0b:76:92:4c:24:a0:b5:a7:1e:53:
                    4c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7C:18:FE:5B:38:63:37:3A:20:A7:2D:0F:64:DE:93:46:94:35:3D:7B
            X509v3 Authority Key Identifier: 
                keyid:F1:96:9C:84:5A:75:2B:92:21:37:10:FC:71:2E:EA:81:11:D2:7B:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZachFp1K5IhNxD8cS7qgRHSewQ.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/434d6f-daef-46f2-a920-08c784aa6ebe/1/fBj-WzhjNzogpy0PZN6TRpQ1PXs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/434d6f-daef-46f2-a920-08c784aa6ebe/1/8ZachFp1K5IhNxD8cS7qgRHSewQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:26:e5:4d:d2:03:8c:58:7a:bf:b2:8a:6f:c6:7c:0e:a6:4c:
         08:7e:ee:8e:3f:41:00:89:da:3a:f0:d7:76:5d:5d:f2:8c:ec:
         9b:68:f8:73:b8:87:2f:5e:56:47:ed:da:41:39:00:6a:c9:9f:
         30:30:26:b8:6f:23:f2:f8:04:a2:fc:57:a3:4b:2f:bb:69:70:
         58:1d:58:c8:59:b2:c2:cf:f2:df:29:67:de:51:83:34:e9:b3:
         74:87:ac:38:d0:1b:93:34:3d:ea:92:43:f8:e9:c4:ec:c8:41:
         53:13:83:e7:c4:71:49:9d:81:62:58:0b:d0:3b:ca:87:14:7f:
         8e:8e:c6:26:77:c3:dc:93:4e:fd:94:a0:2f:c2:b7:f0:0d:7c:
         c2:ad:be:b3:03:c5:74:bc:df:4c:10:ff:1f:2b:f5:e3:23:3a:
         3f:20:62:27:9f:b6:e2:36:99:84:ec:5b:f6:57:70:1e:85:79:
         c0:d0:ec:5c:8e:0f:0c:3a:a8:97:c5:03:8c:7f:0a:99:36:6e:
         69:e8:7d:36:85:8b:db:a4:5c:06:30:e6:ea:81:f8:de:02:d9:
         80:b8:f4:7a:dd:20:35:ee:f2:52:08:2f:9f:56:3a:06:8e:fd:
         b9:36:cf:22:bb:8c:8a:b0:39:d8:a3:ec:d1:fb:60:63:42:05:
         2d:7d:4e:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEASsVUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTk2OWM4NDVhNzUyYjkyMjEzNzEwZmM3MTJlZWE4MTExZDI3YjA0MB4XDTIyMDEw
MTExNTk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2MxOGZlNWIzODYz
MzczYTIwYTcyZDBmNjRkZTkzNDY5NDM1M2Q3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkPPnuua+Bew4YP3PrdcvOZeBD5IgKnpEOxuhaKD8uMW6UM
/u1uBDMiDMZ0UEjgEvuwGuMskrW1APTOdPoC81v5aTPsbCUvayaUuVOOsM1/LN84
/JxLxj8471P2vzwyynwgx2WnV+lwbG6SAI7cO9Et4nilM1Y3Kw8OStGU4rINJZMF
eR+tNG4IfsKvgatltQCnAJxxzZlFRxtSPRBlMw70tuhNW7njpjSK1vvY+61sxVIa
8vM/jPtK3LKTqVeMFYRsEOCVZF2PZkcenf1V67YrQHgMJYy6+q6p55Z+pI3/GFze
SGtDhYvqpZ8y9HuGvt8rpkELdpJMJKC1px5TTJ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8GP5bOGM3OiCnLQ9k3pNGlDU9ezAfBgNVHSMEGDAWgBTxlpyEWnUrkiE3
EPxxLuqBEdJ7BDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhaYWNoRnAxSzVJaE54RDhjUzdxZ1JIU2V3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNDM0ZDZmLWRhZWYtNDZmMi1hOTIwLTA4Yzc4NGFhNmViZS8x
L2ZCai1XemhqTnpvZ3B5MFBaTjZUUnBRMVBYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NDM0ZDZmLWRhZWYtNDZmMi1hOTIwLTA4Yzc4NGFhNmViZS8xLzhaYWNoRnAxSzVJ
aE54RDhjUzdxZ1JIU2V3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmXkTANBgkqhkiG9w0BAQsFAAOC
AQEAbyblTdIDjFh6v7KKb8Z8DqZMCH7ujj9BAInaOvDXdl1d8ozsm2j4c7iHL15W
R+3aQTkAasmfMDAmuG8j8vgEovxXo0svu2lwWB1YyFmyws/y3yln3lGDNOmzdIes
ONAbkzQ96pJD+OnE7MhBUxOD58RxSZ2BYlgL0DvKhxR/jo7GJnfD3JNO/ZSgL8K3
8A18wq2+swPFdLzfTBD/Hyv14yM6PyBiJ5+24jaZhOxb9ldwHoV5wNDsXI4PDDqo
l8UDjH8KmTZuaeh9NoWL26RcBjDm6oH43gLZgLj0et0gNe7yUggvn1Y6Bo79uTbP
IruMirA52KPs0ftgY0IFLX1OXw==
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:54:06 2022 by rpki-client.