Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/EMfAem5dOYeWqNg4SQ4kZxG_Fms.roa
File:                     EMfAem5dOYeWqNg4SQ4kZxG_Fms.roa (download)
Hash identifier:          AdZ5/HtUEbze7YU5DrE6qHXHIcpPh6qvX4qTIRTA4XQ=
Subject key identifier:   10:C7:C0:7A:6E:5D:39:87:96:A8:D8:38:49:0E:24:67:11:BF:16:6B
Certificate issuer:       /CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
Certificate serial:       06FDE3AF
Authority key identifier: 2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/EMfAem5dOYeWqNg4SQ4kZxG_Fms.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     207934
IP address blocks:
    1: 185.156.96.0/22 maxlen: 24
    2: 2a03:300::/29 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117302191 (0x6fde3af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1
        Validity
            Not Before: Jan  1 11:54:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=10c7c07a6e5d398796a8d838490e246711bf166b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f2:a4:62:25:56:16:37:1e:2e:88:72:b1:a7:
                    ca:61:15:79:1f:c0:49:c8:18:54:d9:27:dd:bb:fd:
                    32:bf:80:d7:99:9b:7d:c6:56:fa:31:bb:29:2c:89:
                    e8:ac:84:38:02:0b:6f:77:b1:b7:e0:81:13:1e:87:
                    70:08:dc:e8:24:26:33:d2:19:c1:f7:3f:cd:a9:88:
                    98:fc:3a:cc:29:f9:f5:35:63:31:49:89:1f:44:aa:
                    c6:d0:f6:bd:f9:1b:ef:77:da:9d:a2:94:87:b8:da:
                    5a:1c:75:f8:68:60:47:e5:a3:e2:f9:c7:9e:8c:e1:
                    15:b0:64:30:1a:7f:57:6c:4d:28:43:65:e6:01:a8:
                    f4:09:16:a7:88:33:c4:00:e2:ce:41:64:76:2c:1d:
                    6c:9f:37:65:78:d6:33:72:15:4a:1d:69:38:19:0e:
                    88:1a:e5:cf:45:67:5b:9d:f7:28:b5:f7:4e:da:aa:
                    3f:b9:89:63:da:11:5d:c1:41:b0:92:34:16:8a:3a:
                    b4:87:6b:6a:98:6a:94:6b:1f:a5:1f:85:77:57:22:
                    b9:93:20:97:21:9e:b2:3d:88:7f:30:82:01:d4:2b:
                    63:b3:d1:7a:ea:10:e6:e5:df:d8:4b:05:4b:7d:cb:
                    66:8f:e9:40:45:1c:2a:a9:c7:51:44:e9:15:d9:36:
                    29:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                10:C7:C0:7A:6E:5D:39:87:96:A8:D8:38:49:0E:24:67:11:BF:16:6B
            X509v3 Authority Key Identifier: 
                keyid:2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/EMfAem5dOYeWqNg4SQ4kZxG_Fms.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.156.96.0/22
                IPv6:
                  2a03:300::/29

    Signature Algorithm: sha256WithRSAEncryption
         0d:e4:9e:83:e1:b5:ed:74:63:a3:0b:07:37:7b:09:b4:b9:cd:
         ea:c2:22:17:c7:69:23:d7:67:8e:68:b7:f5:cd:7f:1c:30:7d:
         6d:73:77:98:61:38:21:59:5e:22:49:58:31:ec:d4:85:f5:90:
         a4:6b:c5:af:d9:d8:72:84:a5:ae:8e:f9:b1:c7:19:21:07:91:
         e4:ac:81:84:ac:8b:28:ab:e4:9b:3d:79:fb:54:e1:3f:e3:17:
         e5:62:08:f3:97:15:e2:0c:41:74:33:c8:2b:10:68:b1:c4:0f:
         1e:a3:43:e4:75:db:12:73:3a:f0:93:06:2b:50:53:b5:b2:50:
         34:83:c6:88:75:ff:a3:2a:ba:ee:19:71:25:6a:8e:82:b4:6a:
         37:f6:9e:99:30:26:5c:f1:ef:cc:77:f9:13:14:56:0c:30:99:
         48:9c:73:0b:f1:18:c1:0d:c9:4a:8b:c7:8c:d9:75:5a:8d:b5:
         2d:e6:8c:aa:60:91:98:8d:47:5b:43:8a:84:b8:09:a9:19:4f:
         30:34:8f:56:7d:7c:a0:4e:51:9f:c0:0b:9c:51:29:96:ad:39:
         3d:cb:43:d9:42:51:a0:a2:bc:6b:2e:26:60:02:56:e6:18:7c:
         8a:c7:a2:dc:de:c4:c5:34:3b:ee:64:71:6d:a5:9e:0d:d4:98:
         2a:f0:42:8e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBv3jrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YTFlNjVmODA4M2M4NTliY2QwZDJjNTJhMWUwNjFlYjUxMzFmNWYxMB4XDTIyMDEw
MTExNTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTBjN2MwN2E2ZTVk
Mzk4Nzk2YThkODM4NDkwZTI0NjcxMWJmMTY2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrypGIlVhY3Hi6IcrGnymEVeR/AScgYVNkn3bv9Mr+A15mb
fcZW+jG7KSyJ6KyEOAILb3ext+CBEx6HcAjc6CQmM9IZwfc/zamImPw6zCn59TVj
MUmJH0SqxtD2vfkb73fanaKUh7jaWhx1+GhgR+Wj4vnHnozhFbBkMBp/V2xNKENl
5gGo9AkWp4gzxADizkFkdiwdbJ83ZXjWM3IVSh1pOBkOiBrlz0VnW533KLX3Ttqq
P7mJY9oRXcFBsJI0Foo6tIdraphqlGsfpR+Fd1ciuZMglyGesj2IfzCCAdQrY7PR
euoQ5uXf2EsFS33LZo/pQEUcKqnHUUTpFdk2KW0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQQx8B6bl05h5ao2DhJDiRnEb8WazAfBgNVHSMEGDAWgBQqHmX4CDyFm80N
LFKh4GHrUTH18TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0toNWwtQWc4aFp2TkRTeFNvZUJoNjFFeDlmRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvZDA5N2JmLWIwZjUtNDNlMS04NmEyLWNmYjhkYTU0OTA2Ny8x
L0VNZkFlbTVkT1llV3FOZzRTUTRrWnhHX0Ztcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
ZDA5N2JmLWIwZjUtNDNlMS04NmEyLWNmYjhkYTU0OTA2Ny8xL0toNWwtQWc4aFp2
TkRTeFNvZUJoNjFFeDlmRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmcYDANBAIAAjAHAwUDKgMDADAN
BgkqhkiG9w0BAQsFAAOCAQEADeSeg+G17XRjowsHN3sJtLnN6sIiF8dpI9dnjmi3
9c1/HDB9bXN3mGE4IVleIklYMezUhfWQpGvFr9nYcoSlro75sccZIQeR5KyBhKyL
KKvkmz15+1ThP+MX5WII85cV4gxBdDPIKxBoscQPHqND5HXbEnM68JMGK1BTtbJQ
NIPGiHX/oyq67hlxJWqOgrRqN/aemTAmXPHvzHf5ExRWDDCZSJxzC/EYwQ3JSovH
jNl1Wo21LeaMqmCRmI1HW0OKhLgJqRlPMDSPVn18oE5Rn8ALnFEplq05PctD2UJR
oKK8ay4mYAJW5hh8isei3N7ExTQ77mRxbaWeDdSYKvBCjg==
-----END CERTIFICATE-----
Generated at Thu Dec 8 05:34:00 2022 by rpki-client.