Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/XU08YzN-RaAepPCx69aYWSIVuOs.roa
File:                     XU08YzN-RaAepPCx69aYWSIVuOs.roa (download)
Hash identifier:          1ZA/yUqaJ3unN/xsV1n7vhfKCvGv+iBL94VdgP00rwI=
Subject key identifier:   5D:4D:3C:63:33:7E:45:A0:1E:A4:F0:B1:EB:D6:98:59:22:15:B8:EB
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0336B325
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/XU08YzN-RaAepPCx69aYWSIVuOs.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     400039
IP address blocks:
    1: 46.37.106.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53916453 (0x336b325)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Jan  1 09:57:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d4d3c63337e45a01ea4f0b1ebd698592215b8eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:9e:68:cb:76:90:d8:c6:03:50:8e:46:70:0e:
                    1d:a9:b3:06:b6:8e:04:76:52:f2:27:a6:2c:97:75:
                    46:02:58:98:96:a4:30:ee:5c:c8:4c:3e:d0:c7:f2:
                    70:2a:7e:5a:1d:0c:20:d7:bc:b2:a3:b6:a8:1e:87:
                    59:ff:5b:ab:32:87:8b:f2:6b:e0:b2:4c:d7:51:cd:
                    55:29:9a:e0:db:25:38:dd:c4:f4:b7:01:4b:ea:f9:
                    95:20:cb:30:98:75:fa:75:7c:6a:69:5c:2a:85:39:
                    3e:09:42:4d:98:43:3d:05:ef:3f:f9:74:d4:6c:17:
                    3f:f5:31:b1:7b:99:68:36:3b:31:71:12:1b:da:70:
                    c4:2d:39:48:95:6a:61:60:fe:f8:4d:71:c3:4d:90:
                    f3:04:68:5e:bc:f2:11:dd:80:10:76:1b:96:98:86:
                    62:0e:e6:30:53:f1:e9:a5:9a:f5:49:8a:bf:54:1a:
                    38:50:4d:8a:f7:bb:bd:94:56:54:79:76:51:de:05:
                    bf:df:99:f7:bd:8f:67:d5:7a:53:02:10:a6:7b:24:
                    8b:31:e1:45:0c:5f:ac:b5:1f:42:ef:c1:d9:cc:03:
                    06:c1:53:fb:0a:ea:28:cb:27:e2:8a:a7:59:94:28:
                    d3:17:98:22:b5:0a:34:c2:9b:21:c4:41:d5:f9:08:
                    e1:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5D:4D:3C:63:33:7E:45:A0:1E:A4:F0:B1:EB:D6:98:59:22:15:B8:EB
            X509v3 Authority Key Identifier: 
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/XU08YzN-RaAepPCx69aYWSIVuOs.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:e5:8d:d3:b6:3b:0c:e2:f5:49:17:fc:83:b6:73:ba:6f:0e:
         09:35:f9:91:76:2d:e8:d6:dc:e6:16:9d:77:ec:ec:50:e0:1c:
         f5:c9:2b:7e:49:9c:4b:66:2e:6f:19:ce:fe:f4:e2:b7:68:77:
         15:c1:1c:af:27:c1:8c:0c:c0:05:10:6c:2b:65:ff:f8:47:57:
         bf:22:1d:96:32:7c:72:ad:04:32:d4:43:e8:3d:62:55:54:61:
         44:ed:04:3d:58:50:52:80:12:64:d5:c3:c0:e1:2f:76:2d:63:
         b6:c6:2c:ca:24:24:69:c0:e5:92:32:d3:4d:ec:32:4c:9a:01:
         c5:14:8b:d1:da:2a:a8:15:94:eb:7d:10:c4:02:31:a1:6f:26:
         5e:45:8f:d8:cb:e2:33:97:fb:06:08:01:65:27:a3:69:dd:b7:
         f0:1c:a1:dc:5d:f3:9c:5e:9d:51:ad:c8:97:0d:c5:07:e0:d2:
         05:17:aa:16:ff:d0:c8:19:91:36:13:b6:dd:6b:3e:54:0e:dd:
         c1:73:70:fc:d7:e1:ff:2d:53:62:9f:1d:d8:37:08:b9:6a:24:
         00:0f:4e:cf:59:48:05:35:2a:3e:aa:42:a3:0a:68:a0:6f:42:
         00:1e:d8:aa:05:0f:b7:f2:01:f5:55:34:e3:ea:57:0e:7b:3f:
         1d:a5:2c:61
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzazJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NmMDg4NDkxOGE1MDIzOWVmNzA1MThlZTlmYzA0ZjFhYWUxOTI5MB4XDTIyMDEw
MTA5NTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0ZDNjNjMzMzdl
NDVhMDFlYTRmMGIxZWJkNjk4NTkyMjE1YjhlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIueaMt2kNjGA1CORnAOHamzBraOBHZS8iemLJd1RgJYmJak
MO5cyEw+0MfycCp+Wh0MINe8sqO2qB6HWf9bqzKHi/Jr4LJM11HNVSma4NslON3E
9LcBS+r5lSDLMJh1+nV8amlcKoU5PglCTZhDPQXvP/l01GwXP/UxsXuZaDY7MXES
G9pwxC05SJVqYWD++E1xw02Q8wRoXrzyEd2AEHYblpiGYg7mMFPx6aWa9UmKv1Qa
OFBNive7vZRWVHl2Ud4Fv9+Z972PZ9V6UwIQpnskizHhRQxfrLUfQu/B2cwDBsFT
+wrqKMsn4oqnWZQo0xeYIrUKNMKbIcRB1fkI4R8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdTTxjM35FoB6k8LHr1phZIhW46zAfBgNVHSMEGDAWgBTTzwiEkYpQI573
BRjun8BPGq4ZKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4OEloSkdLVUNPZTl3VVk3cF9BVHhxdUdTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvY2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8x
L1hVMDhZek4tUmFBZXBQQ3g2OWFZV1NJVnVPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
Y2RmZjE2LTQ1OGEtNDdjMy04ZGZhLTIzMTU0OTQwOTcyMC8xLzA4OEloSkdLVUNP
ZTl3VVk3cF9BVHhxdUdTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC4lajANBgkqhkiG9w0BAQsFAAOC
AQEAEuWN07Y7DOL1SRf8g7Zzum8OCTX5kXYt6Nbc5hadd+zsUOAc9ckrfkmcS2Yu
bxnO/vTit2h3FcEcryfBjAzABRBsK2X/+EdXvyIdljJ8cq0EMtRD6D1iVVRhRO0E
PVhQUoASZNXDwOEvdi1jtsYsyiQkacDlkjLTTewyTJoBxRSL0doqqBWU630QxAIx
oW8mXkWP2MviM5f7BggBZSejad238Byh3F3znF6dUa3Ilw3FB+DSBReqFv/QyBmR
NhO23Ws+VA7dwXNw/Nfh/y1TYp8d2DcIuWokAA9Oz1lIBTUqPqpCowpooG9CAB7Y
qgUPt/IB9VU04+pXDns/HaUsYQ==
-----END CERTIFICATE-----
Generated at Wed Dec 7 02:39:47 2022 by rpki-client.