Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/_TP9L1alV0qL-GE_zOg_A80IKDg.roa
File:                     _TP9L1alV0qL-GE_zOg_A80IKDg.roa (download)
Hash identifier:          +CJJCPFVIIillHwNC6Llh8WebK75JYILem5aUhah6vs=
Subject key identifier:   FD:33:FD:2F:56:A5:57:4A:8B:F8:61:3F:CC:E8:3F:03:CD:08:28:38
Certificate issuer:       /CN=b4b4068b321f40232356de541bd68bd444906ba5
Certificate serial:       013E1D25
Authority key identifier: B4:B4:06:8B:32:1F:40:23:23:56:DE:54:1B:D6:8B:D4:44:90:6B:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tLQGizIfQCMjVt5UG9aL1ESQa6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/_TP9L1alV0qL-GE_zOg_A80IKDg.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 194.62.104.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20847909 (0x13e1d25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4b4068b321f40232356de541bd68bd444906ba5
        Validity
            Not Before: Jan  1 11:04:39 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fd33fd2f56a5574a8bf8613fcce83f03cd082838
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e1:9c:40:34:63:17:ca:9d:01:c0:69:4a:52:
                    f1:46:9e:22:2b:26:79:84:c1:43:ec:ae:46:0b:dc:
                    d0:e9:bc:e0:5d:07:37:e6:97:df:cc:e6:94:81:f4:
                    d1:46:18:a7:ce:39:69:c5:c7:7e:2a:05:f4:ca:f1:
                    60:3c:eb:5d:4a:64:51:58:9a:de:ea:a2:23:6c:4c:
                    fe:b9:e6:3e:4d:01:5b:9a:c9:90:bc:f9:1d:5a:eb:
                    c5:ad:ff:d1:59:83:5d:48:0c:79:9b:20:35:8b:76:
                    e8:85:c4:74:1c:13:f4:ad:af:75:a9:4c:15:b9:41:
                    3c:80:fd:25:f3:fa:b8:0d:ff:91:18:09:82:c3:ed:
                    1f:eb:30:61:6d:54:1a:ed:ec:64:2c:7f:bb:bc:e5:
                    ef:8d:e9:9d:04:c7:90:87:ea:54:f1:a9:1e:79:59:
                    0d:a6:ab:f5:f4:6c:04:81:9c:ad:0c:7f:ac:00:39:
                    27:1c:ef:bf:3d:b4:1f:4d:9e:48:45:c8:62:ee:a2:
                    58:ed:3e:aa:7c:c0:c6:2a:c0:fb:e8:7d:60:e9:e2:
                    69:25:88:c1:a0:1c:93:ac:6f:a0:1f:23:1f:44:1a:
                    70:cc:fd:14:17:e1:47:1e:be:4e:13:fc:33:b3:eb:
                    bd:4b:01:d0:57:f8:0e:72:72:c8:48:af:e8:fa:da:
                    c1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FD:33:FD:2F:56:A5:57:4A:8B:F8:61:3F:CC:E8:3F:03:CD:08:28:38
            X509v3 Authority Key Identifier: 
                keyid:B4:B4:06:8B:32:1F:40:23:23:56:DE:54:1B:D6:8B:D4:44:90:6B:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tLQGizIfQCMjVt5UG9aL1ESQa6U.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/_TP9L1alV0qL-GE_zOg_A80IKDg.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/tLQGizIfQCMjVt5UG9aL1ESQa6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.62.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:ff:f3:84:ab:4e:8b:32:54:ed:84:70:a9:59:42:13:35:47:
         86:42:ae:d1:a8:c7:68:cb:ec:d9:88:09:16:b1:17:7f:2b:b8:
         c2:ee:16:82:ad:10:11:23:c7:44:2e:5f:b4:ed:7f:b8:5e:d8:
         a7:15:3b:6f:81:11:02:5f:c4:ca:3d:35:98:29:95:5c:97:8a:
         28:ea:5c:37:4c:5f:41:b6:39:c8:c4:23:2b:f5:3c:e7:db:88:
         61:0c:18:30:30:12:09:f6:fc:49:05:3f:33:ff:45:ee:4a:c9:
         00:db:ee:58:18:2c:4e:74:ba:b2:2a:d4:f4:76:9e:fe:97:e2:
         af:73:05:61:46:3d:22:d5:07:0a:40:68:bb:cd:1e:21:59:99:
         c5:1f:ef:7a:ba:46:b6:8a:85:af:a4:3d:49:26:cf:08:5b:e6:
         e0:3d:7d:8f:52:43:ab:18:a7:aa:05:1a:91:c8:ce:a9:df:39:
         ea:0d:06:45:5b:14:f8:38:6b:27:57:8a:01:0b:2b:e4:87:6b:
         19:1b:d8:4b:5e:01:25:e3:1c:90:48:3d:ce:49:e2:f1:70:c9:
         33:5b:58:04:81:c5:e6:be:35:29:af:01:ba:0e:0b:bd:8b:ac:
         c5:ae:a1:a7:f6:1c:13:53:be:86:6f:6d:a7:09:84:e0:31:0c:
         af:28:dc:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAT4dJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGI0MDY4YjMyMWY0MDIzMjM1NmRlNTQxYmQ2OGJkNDQ0OTA2YmE1MB4XDTIyMDEw
MTExMDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQzM2ZkMmY1NmE1
NTc0YThiZjg2MTNmY2NlODNmMDNjZDA4MjgzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrhnEA0YxfKnQHAaUpS8UaeIismeYTBQ+yuRgvc0Om84F0H
N+aX38zmlIH00UYYp845acXHfioF9MrxYDzrXUpkUVia3uqiI2xM/rnmPk0BW5rJ
kLz5HVrrxa3/0VmDXUgMeZsgNYt26IXEdBwT9K2vdalMFblBPID9JfP6uA3/kRgJ
gsPtH+swYW1UGu3sZCx/u7zl743pnQTHkIfqVPGpHnlZDaar9fRsBIGcrQx/rAA5
Jxzvvz20H02eSEXIYu6iWO0+qnzAxirA++h9YOniaSWIwaAck6xvoB8jH0QacMz9
FBfhRx6+ThP8M7PrvUsB0Ff4DnJyyEiv6PrawccCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT9M/0vVqVXSov4YT/M6D8DzQgoODAfBgNVHSMEGDAWgBS0tAaLMh9AIyNW
3lQb1ovURJBrpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RMUUdpeklmUUNNalZ0NVVHOWFMMUVTUWE2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvOGUxMGNhLTBmYjUtNGI2MS04YWU2LTU0YjY2OTI1OGViMi8x
L19UUDlMMWFsVjBxTC1HRV96T2dfQTgwSUtEZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
OGUxMGNhLTBmYjUtNGI2MS04YWU2LTU0YjY2OTI1OGViMi8xL3RMUUdpeklmUUNN
alZ0NVVHOWFMMUVTUWE2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI+aDANBgkqhkiG9w0BAQsFAAOC
AQEAKf/zhKtOizJU7YRwqVlCEzVHhkKu0ajHaMvs2YgJFrEXfyu4wu4Wgq0QESPH
RC5ftO1/uF7YpxU7b4ERAl/Eyj01mCmVXJeKKOpcN0xfQbY5yMQjK/U859uIYQwY
MDASCfb8SQU/M/9F7krJANvuWBgsTnS6sirU9Hae/pfir3MFYUY9ItUHCkBou80e
IVmZxR/verpGtoqFr6Q9SSbPCFvm4D19j1JDqxinqgUakcjOqd856g0GRVsU+Dhr
J1eKAQsr5IdrGRvYS14BJeMckEg9zkni8XDJM1tYBIHF5r41Ka8Bug4LvYusxa6h
p/YcE1O+hm9tpwmE4DEMryjcJA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 09:59:30 2022 by rpki-client.