Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e43f47-4307-45e1-ac7a-5907735d391c/1/NRiy-UeokDNMx8mVrnriXrNd5zo.roa
File:                     NRiy-UeokDNMx8mVrnriXrNd5zo.roa (download)
Hash identifier:          i67tlp4eCLWOibgYtAbxTQRoaKmnk5sGKB45Ib1RDKE=
Subject key identifier:   35:18:B2:F9:47:A8:90:33:4C:C7:C9:95:AE:7A:E2:5E:B3:5D:E7:3A
Certificate issuer:       /CN=13a5bdd2d61eba8efc9ca9cc632d802ae1f3d2c1
Certificate serial:       E85187
Authority key identifier: 13:A5:BD:D2:D6:1E:BA:8E:FC:9C:A9:CC:63:2D:80:2A:E1:F3:D2:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E6W90tYeuo78nKnMYy2AKuHz0sE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/e43f47-4307-45e1-ac7a-5907735d391c/1/NRiy-UeokDNMx8mVrnriXrNd5zo.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 193.163.95.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15225223 (0xe85187)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13a5bdd2d61eba8efc9ca9cc632d802ae1f3d2c1
        Validity
            Not Before: Jan  1 09:03:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3518b2f947a890334cc7c995ae7ae25eb35de73a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2a:b1:d5:5f:c1:b3:54:07:1a:11:50:fd:8b:
                    e9:33:c1:17:cd:50:0f:98:0b:69:ef:aa:11:53:ac:
                    4e:27:af:a0:90:d1:6a:5c:73:ea:2f:96:2f:67:a3:
                    63:71:8f:fa:36:78:dd:ed:2b:3c:99:b4:4b:a1:cf:
                    e1:db:62:37:0a:92:b1:c6:9f:aa:6e:d0:c1:0e:d0:
                    45:68:2b:c9:69:b1:f6:68:ac:e5:64:9a:e4:4b:ac:
                    d2:69:f6:18:82:c9:60:ae:61:f2:48:53:30:9b:bc:
                    a2:e8:ae:46:91:1a:6c:3d:16:58:ed:67:e1:51:1e:
                    6d:2a:e8:f8:ac:c5:f6:8f:ed:25:b4:d1:96:b8:46:
                    7c:70:7c:04:7c:a7:9b:de:97:52:e1:54:95:bb:fb:
                    9e:d2:f4:bb:f2:79:50:3f:f1:6a:07:89:59:1b:29:
                    e7:dc:39:8c:92:23:91:b1:b4:ab:ff:3b:84:4c:c8:
                    28:d3:66:79:63:c4:93:29:54:82:0c:63:63:1a:60:
                    a6:ae:f6:9c:00:26:17:a5:da:fe:8e:c1:21:d8:e9:
                    8e:6c:dc:e1:15:34:b2:45:4a:68:a6:53:df:42:6b:
                    b4:1b:96:fe:05:0b:db:de:05:23:4f:c4:5b:5d:99:
                    d4:b9:c8:4d:c9:95:50:1e:b1:5c:2c:06:57:97:c4:
                    2c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                35:18:B2:F9:47:A8:90:33:4C:C7:C9:95:AE:7A:E2:5E:B3:5D:E7:3A
            X509v3 Authority Key Identifier: 
                keyid:13:A5:BD:D2:D6:1E:BA:8E:FC:9C:A9:CC:63:2D:80:2A:E1:F3:D2:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6W90tYeuo78nKnMYy2AKuHz0sE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e43f47-4307-45e1-ac7a-5907735d391c/1/NRiy-UeokDNMx8mVrnriXrNd5zo.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e43f47-4307-45e1-ac7a-5907735d391c/1/E6W90tYeuo78nKnMYy2AKuHz0sE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:83:ae:6e:18:0e:8e:c2:44:77:4f:f3:a5:f9:92:2b:ad:76:
         20:5e:4d:7c:bc:d0:da:ef:76:ef:ca:e5:54:00:6b:f4:6f:14:
         ca:80:e6:8e:8b:72:d9:78:77:de:a5:c7:dc:a0:8c:6e:e0:a2:
         c0:11:b0:ee:7e:1d:3e:64:1f:6c:01:d4:91:8f:36:3e:60:39:
         5d:f2:af:59:42:00:43:95:46:43:ae:0a:30:6d:69:d3:5d:a3:
         15:6c:42:01:aa:e5:10:82:64:3a:94:c0:90:e8:4f:28:28:5f:
         57:85:de:1f:0c:6a:e9:bb:d2:cd:20:c7:db:fd:26:84:2a:c9:
         a0:4a:0b:c6:a3:7c:9c:c8:cf:f9:13:81:0b:29:f5:b4:5e:16:
         a9:18:8a:bb:d8:3c:d7:03:62:14:ef:db:77:ee:56:8f:5d:9d:
         8d:36:2b:96:de:cd:f9:ae:5b:f5:77:68:8a:a9:ed:53:86:18:
         ef:e6:6f:29:75:64:ff:09:bc:68:1e:5c:32:62:91:9a:1e:24:
         95:e0:a4:da:19:5f:e2:1f:6d:1b:0c:b8:11:ce:97:31:5f:d3:
         cb:7c:f3:e8:af:a2:6d:a4:f9:b0:23:16:90:24:e1:8b:a8:c6:
         8c:4f:9d:d4:9f:d7:ef:3f:61:ff:cf:68:80:70:a9:d0:6d:e1:
         5d:07:41:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOhRhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2E1YmRkMmQ2MWViYThlZmM5Y2E5Y2M2MzJkODAyYWUxZjNkMmMxMB4XDTIyMDEw
MTA5MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUxOGIyZjk0N2E4
OTAzMzRjYzdjOTk1YWU3YWUyNWViMzVkZTczYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkqsdVfwbNUBxoRUP2L6TPBF81QD5gLae+qEVOsTievoJDR
alxz6i+WL2ejY3GP+jZ43e0rPJm0S6HP4dtiNwqSscafqm7QwQ7QRWgryWmx9mis
5WSa5Eus0mn2GILJYK5h8khTMJu8ouiuRpEabD0WWO1n4VEebSro+KzF9o/tJbTR
lrhGfHB8BHynm96XUuFUlbv7ntL0u/J5UD/xageJWRsp59w5jJIjkbG0q/87hEzI
KNNmeWPEkylUggxjYxpgpq72nAAmF6Xa/o7BIdjpjmzc4RU0skVKaKZT30JrtBuW
/gUL294FI0/EW12Z1LnITcmVUB6xXCwGV5fELCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1GLL5R6iQM0zHyZWueuJes13nOjAfBgNVHSMEGDAWgBQTpb3S1h66jvyc
qcxjLYAq4fPSwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U2VzkwdFlldW83OG5Lbk1ZeTJBS3VIejBzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZTQzZjQ3LTQzMDctNDVlMS1hYzdhLTU5MDc3MzVkMzkxYy8x
L05SaXktVWVva0ROTXg4bVZybnJpWHJOZDV6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZTQzZjQ3LTQzMDctNDVlMS1hYzdhLTU5MDc3MzVkMzkxYy8xL0U2VzkwdFlldW83
OG5Lbk1ZeTJBS3VIejBzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGjXzANBgkqhkiG9w0BAQsFAAOC
AQEAG4OubhgOjsJEd0/zpfmSK612IF5NfLzQ2u9278rlVABr9G8UyoDmjoty2Xh3
3qXH3KCMbuCiwBGw7n4dPmQfbAHUkY82PmA5XfKvWUIAQ5VGQ64KMG1p012jFWxC
AarlEIJkOpTAkOhPKChfV4XeHwxq6bvSzSDH2/0mhCrJoEoLxqN8nMjP+ROBCyn1
tF4WqRiKu9g81wNiFO/bd+5Wj12djTYrlt7N+a5b9XdoiqntU4YY7+ZvKXVk/wm8
aB5cMmKRmh4kleCk2hlf4h9tGwy4Ec6XMV/Ty3zz6K+ibaT5sCMWkCThi6jGjE+d
1J/X7z9h/89ogHCp0G3hXQdBBw==
-----END CERTIFICATE-----
Generated at Thu Dec 8 10:36:53 2022 by rpki-client.