Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa
File:                     uSE2HMK8jqru0cgglI1AEGPAH7c.roa (download)
Hash identifier:          3XmwUb0sGSuWYieUQKVrSBGsspM1CDjIpNU1zZrSBRk=
Subject key identifier:   B9:21:36:1C:C2:BC:8E:AA:EE:D1:C8:20:94:8D:40:10:63:C0:1F:B7
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       0182C4A35901159C927486023E09F7E084DA
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 109.160.32.0/22 maxlen: 22
    2: 109.160.40.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:c4:a3:59:01:15:9c:92:74:86:02:3e:09:f7:e0:84:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Aug 22 08:20:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b921361cc2bc8eaaeed1c820948d401063c01fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:38:a9:e5:f5:44:05:fd:91:d2:0e:9b:c8:b1:
                    4c:19:09:71:99:47:81:f9:b4:0f:ce:35:ed:a9:35:
                    f9:68:ea:7c:48:63:27:e8:0e:f3:18:60:e6:a1:a0:
                    ca:ea:ea:3f:80:46:fc:c2:12:84:2f:5a:20:ad:18:
                    56:3c:65:42:53:e7:79:65:46:7e:8e:c8:4a:dd:5e:
                    f6:48:a7:3e:bd:fe:2a:33:b5:5d:7c:c6:4f:16:ad:
                    db:37:fd:7a:c1:7f:51:a7:21:69:4c:e8:49:8e:13:
                    14:2f:91:59:08:d1:b4:a0:f9:82:37:0a:f9:39:6f:
                    1b:f4:52:f4:1a:db:3f:10:3c:a4:94:42:18:9b:37:
                    f6:41:79:65:d2:04:e7:1c:5f:a4:93:9f:bf:e8:82:
                    6a:59:5a:33:33:6a:d0:bf:77:5a:c9:15:55:ad:34:
                    43:72:5d:c3:8e:88:c6:54:75:42:62:5c:1e:e5:ec:
                    9e:8b:0b:60:2e:ce:75:c3:11:d4:f9:77:82:7a:ab:
                    41:5c:76:72:ba:d8:b9:fe:e2:25:17:70:21:b2:a7:
                    18:79:fd:97:36:7a:15:b3:cf:2d:ae:c2:9d:65:73:
                    16:14:b2:86:6c:55:a4:e3:ee:bc:d3:88:c9:ab:2c:
                    33:1a:eb:24:d5:2e:6b:d5:dc:d1:36:bc:8b:3e:59:
                    ca:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B9:21:36:1C:C2:BC:8E:AA:EE:D1:C8:20:94:8D:40:10:63:C0:1F:B7
            X509v3 Authority Key Identifier: 
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.32.0/22
                  109.160.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:dc:d4:e6:ab:c8:d0:45:98:f5:71:ca:40:80:ae:d9:83:b4:
         64:c6:13:e9:86:c9:67:e0:a0:6d:93:c1:ba:e3:8c:e5:ef:78:
         3d:d5:6e:dc:ef:8e:6c:64:5a:bc:b4:29:0e:22:0c:35:e3:0d:
         ff:c0:06:e1:ae:24:66:23:78:96:07:75:b9:68:5b:35:16:b4:
         ce:9d:df:21:d6:45:56:bd:d2:1b:56:d4:05:b6:dc:84:23:38:
         b8:87:92:8f:0a:9c:02:a4:00:de:96:52:1d:c2:ac:8a:b1:ac:
         65:14:34:d9:82:38:1b:c1:b4:81:04:87:77:e4:cb:fe:11:6a:
         e3:5d:7d:84:c4:8a:1c:3d:2b:a1:50:36:2d:e9:5b:19:7b:8a:
         e7:dd:8a:8b:92:2e:f7:b2:7e:87:58:f7:be:57:70:63:1e:ae:
         fc:8b:24:1c:dc:2f:8d:89:fe:37:c7:15:98:d3:51:36:7b:bf:
         dd:cb:6d:e7:09:99:8c:fc:24:20:b3:d4:4d:be:fa:29:dd:3e:
         d7:c0:04:9a:de:31:b0:d2:c8:b1:d4:b4:2f:58:1c:0c:bb:ca:
         96:02:6c:ee:eb:07:76:11:7a:06:f6:82:dd:01:e5:55:16:6c:
         23:59:63:c2:71:09:e1:21:2b:9f:67:f0:3c:e2:17:7a:46:4e:
         e7:fd:a6:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLEo1kBFZySdIYCPgn34ITaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODIyMDgyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIxMzYxY2MyYmM4ZWFhZWVkMWM4MjA5NDhkNDAxMDYzYzAxZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDip5fVEBf2R0g6byLFMGQlxmUeB
+bQPzjXtqTX5aOp8SGMn6A7zGGDmoaDK6uo/gEb8whKEL1ogrRhWPGVCU+d5ZUZ+
jshK3V72SKc+vf4qM7VdfMZPFq3bN/16wX9RpyFpTOhJjhMUL5FZCNG0oPmCNwr5
OW8b9FL0Gts/EDyklEIYmzf2QXll0gTnHF+kk5+/6IJqWVozM2rQv3dayRVVrTRD
cl3DjojGVHVCYlwe5eyeiwtgLs51wxHU+XeCeqtBXHZyuti5/uIlF3AhsqcYef2X
NnoVs88trsKdZXMWFLKGbFWk4+6804jJqywzGusk1S5r1dzRNryLPlnKnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLkhNhzCvI6q7tHIIJSNQBBjwB+3MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvdVNFMkhNSzhqcXJ1MGNnZ2xJMUFFR1BBSDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaAgAwQA
baAoMA0GCSqGSIb3DQEBCwUAA4IBAQBU3NTmq8jQRZj1ccpAgK7Zg7RkxhPphsln
4KBtk8G644zl73g91W7c745sZFq8tCkOIgw14w3/wAbhriRmI3iWB3W5aFs1FrTO
nd8h1kVWvdIbVtQFttyEIzi4h5KPCpwCpADellIdwqyKsaxlFDTZgjgbwbSBBId3
5Mv+EWrjXX2ExIocPSuhUDYt6VsZe4rn3YqLki73sn6HWPe+V3BjHq78iyQc3C+N
if43xxWY01E2e7/dy23nCZmM/CQgs9RNvvop3T7XwASa3jGw0six1LQvWBwMu8qW
Amzu6wd2EXoG9oLdAeVVFmwjWWPCcQnhISufZ/A84hd6Rk7n/aab
-----END CERTIFICATE-----
Generated at Thu Dec 8 08:43:42 2022 by rpki-client.