Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/bd4317-b9ef-4b23-80ad-914e4881eea8/1/Z3ZMGUbxH3ZdsnIGP_Qwx63-rT4.roa
File:                     Z3ZMGUbxH3ZdsnIGP_Qwx63-rT4.roa (download)
Hash identifier:          eg7RaLyUcoh9OImUUD20AuyCwRF0dP1eeZ5EmrypcEk=
Subject key identifier:   67:76:4C:19:46:F1:1F:76:5D:B2:72:06:3F:F4:30:C7:AD:FE:AD:3E
Certificate issuer:       /CN=6283b6d1d86102e9edf2abddaa7c9347aac717c7
Certificate serial:       06810EA9
Authority key identifier: 62:83:B6:D1:D8:61:02:E9:ED:F2:AB:DD:AA:7C:93:47:AA:C7:17:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YoO20dhhAunt8qvdqnyTR6rHF8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/bd4317-b9ef-4b23-80ad-914e4881eea8/1/Z3ZMGUbxH3ZdsnIGP_Qwx63-rT4.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a0f:d3c0:ff00::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109121193 (0x6810ea9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6283b6d1d86102e9edf2abddaa7c9347aac717c7
        Validity
            Not Before: Jan  1 14:56:54 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=67764c1946f11f765db272063ff430c7adfead3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6e:de:30:3c:fe:c4:56:ad:7b:39:9e:b2:26:
                    37:83:44:05:73:b2:7f:bf:e8:b3:80:a1:80:04:b6:
                    c4:80:4a:b3:5b:c7:00:73:39:54:b1:b4:5b:92:17:
                    92:d6:30:aa:8e:68:bb:96:7c:04:36:fc:2e:a0:d7:
                    b3:c7:6f:34:3d:3a:e3:7b:d4:07:a5:52:15:6c:50:
                    7c:2d:0d:10:17:02:28:a5:79:bd:52:a0:ee:4f:09:
                    f6:02:4a:a0:9c:d1:25:ed:ad:ca:42:3a:b2:ad:84:
                    56:57:53:a8:33:13:7e:16:d4:03:fd:ed:82:d5:f0:
                    f8:fb:5a:e5:ee:24:fd:1a:32:13:32:6d:74:ac:f4:
                    0f:7f:07:d7:3d:0f:b4:cb:2c:e8:82:08:45:c2:9d:
                    ee:7c:b6:49:b2:89:18:4c:2c:46:31:3c:bf:c8:33:
                    05:64:87:fd:34:63:d4:21:96:1d:2e:6c:57:a6:dc:
                    1d:ac:40:89:58:88:73:27:3d:7f:fb:7d:c4:fb:2e:
                    b6:77:25:11:09:f0:b9:81:c1:e4:a9:fc:3c:3c:6e:
                    2a:b7:46:b2:13:14:a1:c6:7c:2a:8b:11:ab:55:72:
                    66:d7:83:2c:ec:af:25:ff:90:bb:19:a0:ca:26:c3:
                    22:bf:c0:18:a1:d4:5d:a7:a7:93:ca:2f:b3:ca:c1:
                    8f:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                67:76:4C:19:46:F1:1F:76:5D:B2:72:06:3F:F4:30:C7:AD:FE:AD:3E
            X509v3 Authority Key Identifier: 
                keyid:62:83:B6:D1:D8:61:02:E9:ED:F2:AB:DD:AA:7C:93:47:AA:C7:17:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YoO20dhhAunt8qvdqnyTR6rHF8c.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/bd4317-b9ef-4b23-80ad-914e4881eea8/1/Z3ZMGUbxH3ZdsnIGP_Qwx63-rT4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/bd4317-b9ef-4b23-80ad-914e4881eea8/1/YoO20dhhAunt8qvdqnyTR6rHF8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:d3c0:ff00::/48

    Signature Algorithm: sha256WithRSAEncryption
         ab:bf:6c:be:89:11:dd:16:a9:cc:5d:2a:e8:19:b2:e3:4f:da:
         50:63:9e:68:7b:c4:30:15:56:8c:52:5f:ec:38:85:ce:a4:e9:
         b5:9d:74:cb:63:df:e9:f0:b2:a9:32:c2:b2:10:40:dc:0a:7d:
         00:60:0f:f2:7e:9b:84:4b:2e:87:09:88:95:97:01:70:5a:cc:
         06:c9:5b:b2:90:0d:ab:0f:1c:bb:41:07:37:2a:46:6f:36:d5:
         a4:8a:3b:9c:cf:13:de:ed:f3:3b:47:99:27:41:ca:9f:bb:aa:
         ee:2d:ee:57:1b:83:d3:d1:e3:e9:4d:e7:b6:71:50:64:e8:78:
         bf:2f:4a:69:7a:5b:ce:4b:4c:ad:90:46:75:19:02:0b:ea:5d:
         89:ed:f0:df:3b:62:86:26:5a:a0:8d:a7:d3:dd:6b:4e:7f:af:
         fb:74:7f:4a:8c:2d:06:4d:9e:fc:cf:5b:07:d9:bd:16:58:a1:
         29:a5:0b:5d:b5:cf:74:0f:74:87:d1:48:6b:4e:de:c9:ee:6e:
         cc:15:32:88:7f:b2:02:60:0c:3d:9b:45:a4:7a:9a:d1:90:41:
         d2:18:d5:5e:94:dd:e3:a0:c7:a1:eb:ca:85:87:7d:80:00:02:
         e3:16:70:71:3b:62:d4:6f:f1:3e:a4:ab:9a:09:b7:81:ca:fa:
         fe:1e:88:ec
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBoEOqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjgzYjZkMWQ4NjEwMmU5ZWRmMmFiZGRhYTdjOTM0N2FhYzcxN2M3MB4XDTIyMDEw
MTE0NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc3NjRjMTk0NmYx
MWY3NjVkYjI3MjA2M2ZmNDMwYzdhZGZlYWQzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhu3jA8/sRWrXs5nrImN4NEBXOyf7/os4ChgAS2xIBKs1vH
AHM5VLG0W5IXktYwqo5ou5Z8BDb8LqDXs8dvND0643vUB6VSFWxQfC0NEBcCKKV5
vVKg7k8J9gJKoJzRJe2tykI6sq2EVldTqDMTfhbUA/3tgtXw+Pta5e4k/RoyEzJt
dKz0D38H1z0PtMss6IIIRcKd7ny2SbKJGEwsRjE8v8gzBWSH/TRj1CGWHS5sV6bc
HaxAiViIcyc9f/t9xPsutnclEQnwuYHB5Kn8PDxuKrdGshMUocZ8KosRq1VyZteD
LOyvJf+QuxmgyibDIr/AGKHUXaenk8ovs8rBj8MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRndkwZRvEfdl2ycgY/9DDHrf6tPjAfBgNVHSMEGDAWgBRig7bR2GEC6e3y
q92qfJNHqscXxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lvTzIwZGhoQXVudDhxdmRxbnlUUjZySEY4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvYmQ0MzE3LWI5ZWYtNGIyMy04MGFkLTkxNGU0ODgxZWVhOC8x
L1ozWk1HVWJ4SDNaZHNuSUdQX1F3eDYzLXJUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
YmQ0MzE3LWI5ZWYtNGIyMy04MGFkLTkxNGU0ODgxZWVhOC8xL1lvTzIwZGhoQXVu
dDhxdmRxbnlUUjZySEY4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoP08D/ADANBgkqhkiG9w0BAQsF
AAOCAQEAq79svokR3RapzF0q6Bmy40/aUGOeaHvEMBVWjFJf7DiFzqTptZ10y2Pf
6fCyqTLCshBA3Ap9AGAP8n6bhEsuhwmIlZcBcFrMBslbspANqw8cu0EHNypGbzbV
pIo7nM8T3u3zO0eZJ0HKn7uq7i3uVxuD09Hj6U3ntnFQZOh4vy9KaXpbzktMrZBG
dRkCC+pdie3w3ztihiZaoI2n091rTn+v+3R/SowtBk2e/M9bB9m9FlihKaULXbXP
dA90h9FIa07eye5uzBUyiH+yAmAMPZtFpHqa0ZBB0hjVXpTd46DHoevKhYd9gAAC
4xZwcTti1G/xPqSrmgm3gcr6/h6I7A==
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:03:21 2022 by rpki-client.