Route Origin Authorization

$ cd rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/

$ rpki-client -vvf ft0o12L0nPTYW7w8daSjFSYmM78.roa
File:                     ft0o12L0nPTYW7w8daSjFSYmM78.roa (download)
Hash identifier:          ljXdA9S3YQfPaxXlcgsPNM7G33LCYT7eis5DIbKJzBw=
Subject key identifier:   7E:DD:28:D7:62:F4:9C:F4:D8:5B:BC:3C:75:A4:A3:15:26:26:33:BF
Certificate issuer:       /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial:       0182C20359AC64EB4DB46011A66B18EF3398
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ft0o12L0nPTYW7w8daSjFSYmM78.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 185.92.44.0/24 maxlen: 24
    2: 46.37.119.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c2:03:59:ac:64:eb:4d:b4:60:11:a6:6b:18:ef:33:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
        Validity
            Not Before: Aug 21 20:06:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7edd28d762f49cf4d85bbc3c75a4a315262633bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:04:07:22:fe:58:2e:5c:8f:17:ae:fe:48:c2:
                    68:05:bf:18:33:12:16:a5:5b:00:89:c6:bd:4a:ea:
                    15:58:95:e3:e9:61:78:33:76:23:d0:2d:1e:69:4c:
                    bf:35:0b:85:a8:8d:a6:3d:d3:4c:69:c5:37:0d:6e:
                    b1:1c:72:78:31:b3:dc:18:9b:50:6d:8f:1d:6c:a2:
                    92:08:78:1e:c7:db:5d:88:d0:9f:8a:46:a8:46:fb:
                    a9:c3:0f:1a:ec:73:cc:b6:0a:0c:90:58:72:d4:0e:
                    65:86:28:16:df:cc:e8:a7:9d:33:5d:08:4c:55:3d:
                    dc:4a:6a:48:72:d6:66:19:5a:04:6a:de:a8:9f:75:
                    c0:32:b7:6c:ef:c0:66:d4:6c:41:b9:ee:7d:cc:38:
                    8c:34:3d:b6:c7:19:ca:ec:cc:5a:54:1d:5c:9e:85:
                    2b:30:97:f9:c6:12:c4:69:c0:53:5e:88:46:a9:4d:
                    7a:1d:f6:c3:45:01:cd:25:52:7a:4d:fd:45:38:c7:
                    7f:52:c2:cf:4d:00:fb:74:f8:30:90:2a:6b:2a:2c:
                    5a:85:19:36:28:48:07:1f:80:9a:59:53:f8:b3:2a:
                    9a:06:1b:fa:1f:54:b2:09:66:3d:01:9b:e7:c7:79:
                    75:09:c5:3d:bb:dc:4c:76:7f:6c:91:21:1b:cd:dd:
                    2a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7E:DD:28:D7:62:F4:9C:F4:D8:5B:BC:3C:75:A4:A3:15:26:26:33:BF
            X509v3 Authority Key Identifier: 
                keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/ft0o12L0nPTYW7w8daSjFSYmM78.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.37.119.0/24
                  185.92.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:7e:3b:a6:b0:93:1d:56:e1:46:77:4c:89:00:e0:70:a9:b8:
         25:0b:78:77:e9:76:b5:73:0f:35:ec:f7:a4:2b:30:0f:93:3d:
         4c:d5:9c:b2:d8:aa:42:cb:4a:b5:50:a3:d4:cc:8c:0e:7b:1f:
         a2:56:e6:c2:88:dd:53:3c:d1:6d:18:4f:03:fd:de:f5:5d:92:
         15:0a:da:e2:64:24:f4:da:07:60:f0:68:48:94:0b:c3:ea:ae:
         39:e6:0a:4a:f6:82:d9:3c:cd:72:15:be:69:2e:65:92:82:ac:
         e3:24:9f:b7:c7:86:95:73:f9:79:23:85:c8:d7:ae:7e:9b:df:
         d9:a4:85:ed:39:10:7c:f4:71:22:05:fb:97:aa:62:81:21:db:
         25:52:eb:e1:c6:36:f5:8b:4c:7c:8d:38:27:8c:62:5e:11:d1:
         92:bf:e9:af:0f:29:c6:36:b8:d3:c4:11:09:3b:de:21:81:fe:
         0a:eb:b8:fa:6f:d2:38:a2:ad:79:2e:c1:61:6d:6b:ad:1b:5b:
         d3:bc:bf:07:ab:f1:2a:64:38:c4:f7:f7:8b:01:22:37:7a:9a:
         c3:9d:1e:56:27:e4:c2:22:27:75:9f:19:35:80:c2:f9:24:c7:
         b7:11:d5:f1:2d:84:af:16:31:fa:ad:74:a2:9c:f0:b5:22:dd:
         7e:d1:b3:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLCA1msZOtNtGARpmsY7zOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjIwODIxMjAwNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRkMjhkNzYyZjQ5Y2Y0ZDg1YmJjM2M3NWE0YTMxNTI2MjYzM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogQHIv5YLlyPF67+SMJoBb8YMxIW
pVsAica9SuoVWJXj6WF4M3Yj0C0eaUy/NQuFqI2mPdNMacU3DW6xHHJ4MbPcGJtQ
bY8dbKKSCHgex9tdiNCfikaoRvupww8a7HPMtgoMkFhy1A5lhigW38zop50zXQhM
VT3cSmpIctZmGVoEat6on3XAMrds78Bm1GxBue59zDiMND22xxnK7MxaVB1cnoUr
MJf5xhLEacBTXohGqU16HfbDRQHNJVJ6Tf1FOMd/UsLPTQD7dPgwkCprKixahRk2
KEgHH4CaWVP4syqaBhv6H1SyCWY9AZvnx3l1CcU9u9xMdn9skSEbzd0qGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH7dKNdi9Jz02Fu8PHWkoxUmJjO/MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvZnQwbzEyTDBuUFRZVzd3OGRhU2pGU1ltTTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiV3AwQA
uVwsMA0GCSqGSIb3DQEBCwUAA4IBAQBOfjumsJMdVuFGd0yJAOBwqbglC3h36Xa1
cw817PekKzAPkz1M1Zyy2KpCy0q1UKPUzIwOex+iVubCiN1TPNFtGE8D/d71XZIV
CtriZCT02gdg8GhIlAvD6q455gpK9oLZPM1yFb5pLmWSgqzjJJ+3x4aVc/l5I4XI
165+m9/ZpIXtORB89HEiBfuXqmKBIdslUuvhxjb1i0x8jTgnjGJeEdGSv+mvDynG
NrjTxBEJO94hgf4K67j6b9I4oq15LsFhbWutG1vTvL8Hq/EqZDjE9/eLASI3eprD
nR5WJ+TCIid1nxk1gML5JMe3EdXxLYSvFjH6rXSinPC1It1+0bPT
-----END CERTIFICATE-----
Generated at Fri Dec 2 11:54:11 2022 by rpki-client.