Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/88e353-3013-4b7d-a8d6-6c6ed71e25da/1/Oh7Jn2BzH_HE_G5FSkdaEsN1sUA.roa
File:                     Oh7Jn2BzH_HE_G5FSkdaEsN1sUA.roa (download)
Hash identifier:          Xu0ISG9WDfk4tEAPgs7Kv7PtEUhDg1rY2+rNyqt5mNY=
Subject key identifier:   3A:1E:C9:9F:60:73:1F:F1:C4:FC:6E:45:4A:47:5A:12:C3:75:B1:40
Certificate issuer:       /CN=b11863e1705accc128f12d16476fa4fe1eb0d7d3
Certificate serial:       F1C8BE
Authority key identifier: B1:18:63:E1:70:5A:CC:C1:28:F1:2D:16:47:6F:A4:FE:1E:B0:D7:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sRhj4XBazMEo8S0WR2-k_h6w19M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/88e353-3013-4b7d-a8d6-6c6ed71e25da/1/Oh7Jn2BzH_HE_G5FSkdaEsN1sUA.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 176.118.34.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15845566 (0xf1c8be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b11863e1705accc128f12d16476fa4fe1eb0d7d3
        Validity
            Not Before: Jan  1 07:59:12 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3a1ec99f60731ff1c4fc6e454a475a12c375b140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:f5:a6:7d:97:27:88:26:80:cb:35:c9:b0:24:
                    26:df:36:02:67:7f:77:cc:e2:1c:6b:bc:32:d1:b9:
                    26:71:4c:4c:63:34:c5:b1:11:36:e4:84:2a:21:72:
                    72:0d:b0:2c:a3:1e:01:ce:18:5b:49:90:08:d1:78:
                    fe:cc:9e:7d:e9:d9:7d:bc:ad:90:b2:d6:60:09:ee:
                    c2:e6:45:31:1a:8d:db:aa:f4:c9:31:c4:e2:f2:b5:
                    fc:7e:0f:01:12:44:09:e7:fc:8d:18:d1:3c:f7:ee:
                    fd:4c:42:41:10:67:be:48:c2:a2:0d:34:61:d4:34:
                    39:90:03:ec:e3:93:b2:ab:0b:ee:63:3c:e6:e4:be:
                    a5:11:a5:d0:9d:87:4f:11:8e:58:83:95:8b:d3:fa:
                    e2:a8:0d:d2:28:a0:a6:43:42:00:ab:90:75:98:7e:
                    57:ed:35:7e:30:2f:b9:b7:25:39:e9:1e:a2:aa:56:
                    b6:39:0b:b3:be:5e:1c:f4:68:97:27:47:d8:f4:47:
                    d7:26:c5:c9:63:4b:1e:bb:79:b3:a2:9e:91:0c:57:
                    37:d9:90:84:b4:95:ae:09:3d:29:e8:23:1f:d6:00:
                    b4:12:f5:b0:c7:2f:f9:62:32:4b:72:b1:69:5e:f7:
                    e0:4f:51:4b:c6:c3:60:4c:a3:84:c2:8a:2a:06:72:
                    9f:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3A:1E:C9:9F:60:73:1F:F1:C4:FC:6E:45:4A:47:5A:12:C3:75:B1:40
            X509v3 Authority Key Identifier: 
                keyid:B1:18:63:E1:70:5A:CC:C1:28:F1:2D:16:47:6F:A4:FE:1E:B0:D7:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sRhj4XBazMEo8S0WR2-k_h6w19M.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/88e353-3013-4b7d-a8d6-6c6ed71e25da/1/Oh7Jn2BzH_HE_G5FSkdaEsN1sUA.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/88e353-3013-4b7d-a8d6-6c6ed71e25da/1/sRhj4XBazMEo8S0WR2-k_h6w19M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:4a:a9:28:83:27:5f:bd:d6:b2:7d:9e:67:8a:2b:74:b1:4f:
         2a:bf:0a:00:09:09:da:35:a7:ef:eb:a6:4f:7b:3f:9e:71:24:
         4d:32:2e:65:e0:7f:ab:e3:39:3a:04:51:18:77:48:a0:25:87:
         d7:77:e2:db:18:1f:32:79:c0:64:6d:85:dd:7c:d1:7f:d9:33:
         24:ce:eb:94:f9:d7:c3:8b:7e:ad:b8:7c:c8:a5:80:4f:2d:4e:
         7d:86:61:19:ef:22:0b:16:b8:b7:72:67:9e:15:b8:bf:00:ec:
         72:74:22:5e:a5:69:45:89:8b:78:e7:d4:0d:7b:8f:94:d7:f4:
         5f:01:79:75:91:3c:8a:64:f4:89:8c:31:43:fc:a5:66:05:5e:
         49:9a:c2:3f:d3:41:0f:c7:c5:dd:a5:1f:a1:8d:a4:28:f9:d5:
         d5:d8:1f:91:2f:de:98:cf:1d:62:6f:27:d5:72:e6:da:45:85:
         72:91:90:d6:7d:71:37:3c:d6:2c:38:4f:46:30:48:93:a6:70:
         d5:c0:88:a7:2f:c9:0b:5a:03:90:79:68:19:72:57:bf:f3:92:
         a6:be:32:5f:b0:c4:85:33:58:78:7c:7f:b6:34:ae:d5:7a:43:
         3b:35:d6:76:f7:16:ee:5b:a7:fe:65:a5:bc:18:a4:43:d8:ae:
         0b:e1:c6:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPHIvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTE4NjNlMTcwNWFjY2MxMjhmMTJkMTY0NzZmYTRmZTFlYjBkN2QzMB4XDTIyMDEw
MTA3NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ExZWM5OWY2MDcz
MWZmMWM0ZmM2ZTQ1NGE0NzVhMTJjMzc1YjE0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOD1pn2XJ4gmgMs1ybAkJt82Amd/d8ziHGu8MtG5JnFMTGM0
xbERNuSEKiFycg2wLKMeAc4YW0mQCNF4/syefenZfbytkLLWYAnuwuZFMRqN26r0
yTHE4vK1/H4PARJECef8jRjRPPfu/UxCQRBnvkjCog00YdQ0OZAD7OOTsqsL7mM8
5uS+pRGl0J2HTxGOWIOVi9P64qgN0iigpkNCAKuQdZh+V+01fjAvubclOekeoqpW
tjkLs75eHPRolydH2PRH1ybFyWNLHrt5s6KekQxXN9mQhLSVrgk9KegjH9YAtBL1
sMcv+WIyS3KxaV734E9RS8bDYEyjhMKKKgZyn8UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6HsmfYHMf8cT8bkVKR1oSw3WxQDAfBgNVHSMEGDAWgBSxGGPhcFrMwSjx
LRZHb6T+HrDX0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NSaGo0WEJhek1FbzhTMFdSMi1rX2g2dzE5TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvODhlMzUzLTMwMTMtNGI3ZC1hOGQ2LTZjNmVkNzFlMjVkYS8x
L09oN0puMkJ6SF9IRV9HNUZTa2RhRXNOMXNVQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ODhlMzUzLTMwMTMtNGI3ZC1hOGQ2LTZjNmVkNzFlMjVkYS8xL3NSaGo0WEJhek1F
bzhTMFdSMi1rX2g2dzE5TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB2IjANBgkqhkiG9w0BAQsFAAOC
AQEAX0qpKIMnX73Wsn2eZ4ordLFPKr8KAAkJ2jWn7+umT3s/nnEkTTIuZeB/q+M5
OgRRGHdIoCWH13fi2xgfMnnAZG2F3XzRf9kzJM7rlPnXw4t+rbh8yKWATy1OfYZh
Ge8iCxa4t3JnnhW4vwDscnQiXqVpRYmLeOfUDXuPlNf0XwF5dZE8imT0iYwxQ/yl
ZgVeSZrCP9NBD8fF3aUfoY2kKPnV1dgfkS/emM8dYm8n1XLm2kWFcpGQ1n1xNzzW
LDhPRjBIk6Zw1cCIpy/JC1oDkHloGXJXv/OSpr4yX7DEhTNYeHx/tjSu1XpDOzXW
dvcW7lun/mWlvBikQ9iuC+HGfQ==
-----END CERTIFICATE-----
Generated at Thu Dec 8 18:07:42 2022 by rpki-client.