Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/smpCMHhB3gYFTadY7Wa06Daoh7Y.roa
File:                     smpCMHhB3gYFTadY7Wa06Daoh7Y.roa (download)
Hash identifier:          R7WPvBFjK255sS6t8xRrGpzZAWsSFsTEtfOfV1Mzy3M=
Subject key identifier:   B2:6A:42:30:78:41:DE:06:05:4D:A7:58:ED:66:B4:E8:36:A8:87:B6
Certificate issuer:       /CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Certificate serial:       D213FC
Authority key identifier: DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/smpCMHhB3gYFTadY7Wa06Daoh7Y.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2a12:fc0:10::/44 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13767676 (0xd213fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
        Validity
            Not Before: Jun  4 10:41:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b26a42307841de06054da758ed66b4e836a887b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9d:ca:60:e8:76:e8:6f:75:4d:11:44:29:e2:
                    d2:e3:b6:10:0a:db:5f:b9:6e:2b:31:0a:5b:e6:be:
                    c9:0b:62:24:13:b9:ca:96:21:51:65:01:a1:5f:e4:
                    92:ea:b6:2b:68:41:2b:4a:be:61:31:71:3a:90:c9:
                    fe:d5:dd:c9:fe:9c:38:e0:17:e2:5c:f4:5f:f2:9f:
                    6d:2d:ff:2f:e6:57:69:c6:59:99:8e:8f:27:b0:49:
                    a0:73:fc:2e:b1:d8:da:e1:0e:b6:41:6e:39:95:c7:
                    30:b9:61:ee:8f:1a:7f:c4:0c:21:97:4f:78:14:c9:
                    bc:55:ed:14:ca:ec:cb:3a:be:28:22:07:2f:1c:59:
                    b1:5a:e3:a1:a3:b3:44:2e:97:18:8f:99:77:d1:31:
                    7b:7e:a8:59:85:04:d4:46:15:4e:f2:34:56:89:91:
                    8b:b1:e9:4d:b5:67:ec:a2:67:81:a7:0c:b9:b1:c1:
                    a9:9a:2c:1c:5a:71:99:6c:dd:67:f3:f9:5a:80:ce:
                    0c:c4:8e:25:b7:a4:2e:01:10:b8:ca:0d:a0:42:0d:
                    ad:86:16:39:ff:5a:72:e3:9f:af:36:45:18:8a:36:
                    55:d4:93:c4:36:16:82:d6:40:1b:61:67:be:81:78:
                    3a:46:c1:82:50:be:8b:80:a3:8a:fe:1d:34:ed:a2:
                    0b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B2:6A:42:30:78:41:DE:06:05:4D:A7:58:ED:66:B4:E8:36:A8:87:B6
            X509v3 Authority Key Identifier: 
                keyid:DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/smpCMHhB3gYFTadY7Wa06Daoh7Y.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/2sMmMqqRVCU8bc0jMemtaSC2vcw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:fc0:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         cf:5d:e2:03:1e:e7:7f:13:a6:70:0e:4e:e4:68:5d:96:be:6f:
         c6:d6:ca:b4:5e:d5:d8:3d:ee:5e:d1:cb:72:e7:e2:a4:10:56:
         92:76:b3:8a:47:83:55:8f:9f:e2:a1:20:cc:d7:79:e0:e7:73:
         86:8e:26:6b:26:cd:74:8c:e1:1f:e3:a0:37:fa:4f:72:07:e3:
         c7:c5:79:0c:1a:e8:1b:45:41:cc:e9:dc:67:5a:54:e5:5f:a3:
         e4:a8:9c:3a:a5:b8:71:fe:ef:01:78:d3:f6:59:99:1b:11:4c:
         61:44:29:35:c0:28:77:13:59:d7:21:bb:69:f7:b7:eb:9c:4a:
         e2:fb:d0:46:21:8b:94:c1:eb:ed:e3:9b:79:f6:45:cf:b5:81:
         c8:79:42:c7:b2:15:8e:5a:21:0e:dc:a1:bb:fb:cd:b8:91:66:
         17:fd:65:30:1b:1c:11:d7:45:3c:1c:5f:9e:eb:1e:72:bb:6d:
         f6:16:f5:d9:b6:e5:44:2a:54:dd:f0:af:56:33:41:98:0e:a6:
         db:3e:5f:bf:f7:45:69:ce:ae:b7:6f:81:81:aa:b0:aa:df:9b:
         5c:e0:a8:bd:44:fd:41:2d:2e:be:57:c7:38:03:82:1d:d7:6a:
         3e:0a:10:c8:11:1f:9f:fa:60:f0:58:57:b6:48:1b:b9:06:3d:
         a1:a7:4d:36
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEANIT/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWMzMjYzMmFhOTE1NDI1M2M2ZGNkMjMzMWU5YWQ2OTIwYjZiZGNjMB4XDTIyMDYw
NDEwNDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI2YTQyMzA3ODQx
ZGUwNjA1NGRhNzU4ZWQ2NmI0ZTgzNmE4ODdiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqdymDoduhvdU0RRCni0uO2EArbX7luKzEKW+a+yQtiJBO5
ypYhUWUBoV/kkuq2K2hBK0q+YTFxOpDJ/tXdyf6cOOAX4lz0X/KfbS3/L+ZXacZZ
mY6PJ7BJoHP8LrHY2uEOtkFuOZXHMLlh7o8af8QMIZdPeBTJvFXtFMrsyzq+KCIH
LxxZsVrjoaOzRC6XGI+Zd9Exe36oWYUE1EYVTvI0VomRi7HpTbVn7KJngacMubHB
qZosHFpxmWzdZ/P5WoDODMSOJbekLgEQuMoNoEINrYYWOf9acuOfrzZFGIo2VdST
xDYWgtZAG2FnvoF4OkbBglC+i4Cjiv4dNO2iC5ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSyakIweEHeBgVNp1jtZrToNqiHtjAfBgNVHSMEGDAWgBTawyYyqpFUJTxt
zSMx6a1pILa9zDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJzTW1NcXFSVkNVOGJjMGpNZW10YVNDMnZjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNDk0MjRhLWFhNWYtNGI5Zi1hNjI3LTI0NjU0ZTk0MWMxMi8x
L3NtcENNSGhCM2dZRlRhZFk3V2EwNkRhb2g3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NDk0MjRhLWFhNWYtNGI5Zi1hNjI3LTI0NjU0ZTk0MWMxMi8xLzJzTW1NcXFSVkNV
OGJjMGpNZW10YVNDMnZjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoSD8AAEDANBgkqhkiG9w0BAQsF
AAOCAQEAz13iAx7nfxOmcA5O5Ghdlr5vxtbKtF7V2D3uXtHLcufipBBWknazikeD
VY+f4qEgzNd54Odzho4maybNdIzhH+OgN/pPcgfjx8V5DBroG0VBzOncZ1pU5V+j
5KicOqW4cf7vAXjT9lmZGxFMYUQpNcAodxNZ1yG7afe365xK4vvQRiGLlMHr7eOb
efZFz7WByHlCx7IVjlohDtyhu/vNuJFmF/1lMBscEddFPBxfnusecrtt9hb12bbl
RCpU3fCvVjNBmA6m2z5fv/dFac6ut2+Bgaqwqt+bXOCovUT9QS0uvlfHOAOCHddq
PgoQyBEfn/pg8FhXtkgbuQY9oadNNg==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:22:42 2022 by rpki-client.