Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a313130303a3a2f34302d3430203d3e20323033303639.roa
File:                     326130613a363034303a313130303a3a2f34302d3430203d3e20323033303639.roa (raw, json)
Hash identifier:          pHFnoNPoWytPyebFL74GP4B+9dNFxdZc97XyE0fhg1o=
Subject key identifier:   96:F7:84:73:C3:87:89:5C:4C:9A:F1:39:E5:FD:6D:32:3E:1C:21:FD
Certificate issuer:       /CN=6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51
Certificate serial:       1AAD41800EB0E876452CE3EC56CD7CA01B696B94
Authority key identifier: 6E:F8:DF:8B:74:C5:D8:BB:67:37:EC:42:CE:03:2A:B4:B0:3E:0C:51
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a313130303a3a2f34302d3430203d3e20323033303639.roa
Signing time:             Sat 05 Jul 2025 08:10:55 +0000
ROA not before:           Sat 05 Jul 2025 08:05:55 +0000
ROA not after:            Sat 04 Jul 2026 08:10:55 +0000
asID:                     203069
IP address blocks:        2a0a:6040:1100::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 17:08:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:ad:41:80:0e:b0:e8:76:45:2c:e3:ec:56:cd:7c:a0:1b:69:6b:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51
        Validity
            Not Before: Jul  5 08:05:55 2025 GMT
            Not After : Jul  4 08:10:55 2026 GMT
        Subject: CN=96F78473C387895C4C9AF139E5FD6D323E1C21FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:54:25:3a:b7:a8:aa:b3:91:e2:64:cb:32:db:
                    e3:ad:c7:4a:97:ef:f2:f2:ba:ad:2d:97:31:e6:ca:
                    ff:f0:0e:d7:48:31:49:66:4a:54:b4:1f:af:8a:8f:
                    93:9f:f7:15:f0:de:27:35:5d:36:f4:42:59:b6:7d:
                    88:5d:92:a5:94:b0:1a:cd:db:ee:9a:8f:d6:b1:f6:
                    25:a7:41:9e:ac:b4:75:86:fc:f5:b0:c2:17:4b:2c:
                    35:4c:89:aa:c9:f8:6b:41:bd:7c:e1:69:bb:b4:5b:
                    f2:90:93:7f:79:87:93:22:94:57:e2:02:02:35:75:
                    f9:18:25:11:89:e8:72:1a:8b:74:f8:89:70:2d:c4:
                    06:ed:5f:48:fb:3a:6c:99:77:cf:7f:a8:b2:c6:bf:
                    a5:aa:b1:44:f0:f1:38:32:e2:8d:42:27:61:41:c7:
                    65:9d:dd:19:8b:a3:16:f0:65:3f:cc:10:73:1f:2a:
                    ac:06:b7:dc:d6:c3:fa:fe:e7:0f:45:0b:bf:06:f9:
                    01:22:c5:35:77:bd:2f:a3:ab:81:a0:e3:ee:e5:39:
                    bb:1d:62:74:94:29:31:ee:9f:fd:01:23:9e:8f:f4:
                    d9:4c:ce:00:04:0e:26:b9:84:22:ff:cb:4e:b1:4f:
                    b3:bc:9b:4f:1d:dd:f9:63:fa:f4:81:ab:e2:37:dd:
                    79:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F7:84:73:C3:87:89:5C:4C:9A:F1:39:E5:FD:6D:32:3E:1C:21:FD
            X509v3 Authority Key Identifier:
                keyid:6E:F8:DF:8B:74:C5:D8:BB:67:37:EC:42:CE:03:2A:B4:B0:3E:0C:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a313130303a3a2f34302d3430203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:1100::/40

    Signature Algorithm: sha256WithRSAEncryption
         27:43:c9:f9:69:bf:29:bd:56:60:c8:02:81:86:79:fa:86:1f:
         c7:b7:15:c3:f9:37:63:13:bc:9c:1b:fd:a1:79:d4:4c:04:3d:
         03:75:e5:dc:0f:7f:06:73:c5:73:4b:29:64:f9:d5:51:92:15:
         35:33:3b:7f:de:8d:6f:d6:dc:91:48:a3:c7:8e:79:f5:a9:67:
         cd:4b:36:0c:62:76:4c:7c:39:b1:9b:35:10:75:e1:c5:9b:7c:
         45:5b:1b:60:90:e0:2d:25:ac:fa:59:a8:29:c3:eb:f3:ed:18:
         19:93:c3:b9:39:a8:f8:6c:f6:e7:38:dc:be:fe:54:9c:72:ce:
         b9:9f:e9:5e:83:78:7f:47:b8:37:28:6d:12:08:10:e9:9f:85:
         62:68:fa:b5:a5:af:a6:c2:ae:c9:40:c6:0b:4d:8c:08:26:6b:
         80:3f:a4:9e:43:d7:93:62:6b:b2:ba:f6:b4:98:9f:b3:5b:7e:
         db:3e:c3:25:64:cd:d5:b8:12:38:00:ff:45:af:d0:ca:25:69:
         09:30:65:9e:1a:ac:73:80:92:66:11:54:23:79:69:08:72:f0:
         88:2e:ea:45:28:51:46:8a:40:e7:4c:e0:aa:d3:84:d1:fa:4d:
         1d:aa:24:9b:96:dc:15:bc:3c:f5:b2:15:b8:6a:ce:62:bf:75:
         c5:0c:6e:56
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUGq1BgA6w6HZFLOPsVs18oBtpa5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkVGOERGOEI3NEM1RDhCQjY3MzdFQzQyQ0UwMzJBQjRC
MDNFMEM1MTAeFw0yNTA3MDUwODA1NTVaFw0yNjA3MDQwODEwNTVaMDMxMTAvBgNV
BAMTKDk2Rjc4NDczQzM4Nzg5NUM0QzlBRjEzOUU1RkQ2RDMyM0UxQzIxRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVVCU6t6iqs5HiZMsy2+Otx0qX
7/Lyuq0tlzHmyv/wDtdIMUlmSlS0H6+Kj5Of9xXw3ic1XTb0Qlm2fYhdkqWUsBrN
2+6aj9ax9iWnQZ6stHWG/PWwwhdLLDVMiarJ+GtBvXzhabu0W/KQk395h5MilFfi
AgI1dfkYJRGJ6HIai3T4iXAtxAbtX0j7OmyZd89/qLLGv6WqsUTw8Tgy4o1CJ2FB
x2Wd3RmLoxbwZT/MEHMfKqwGt9zWw/r+5w9FC78G+QEixTV3vS+jq4Gg4+7lObsd
YnSUKTHun/0BI56P9NlMzgAEDia5hCL/y06xT7O8m08d3flj+vSBq+I33XnRAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQUlveEc8OHiVxMmvE55f1tMj4cIf0wHwYDVR0j
BBgwFoAUbvjfi3TF2LtnN+xCzgMqtLA+DFEwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzFiZjhlOTc3LTcyNzgtNDZjZi1hYmQxLTk5Y2QxZmQy
YmU0ZS8xMC82RUY4REY4Qjc0QzVEOEJCNjczN0VDNDJDRTAzMkFCNEIwM0UwQzUx
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvNkVGOERGOEI3NEM1
RDhCQjY3MzdFQzQyQ0UwMzJBQjRCMDNFMEM1MS5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzEwLzMyNjEzMDYxM2EzNjMwMzQzMDNhMzEzMTMwMzAzYTNhMmYzNDMwMmQz
NDMwMjAzZDNlMjAzMjMwMzMzMDM2Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCmBAETANBgkqhkiG
9w0BAQsFAAOCAQEAJ0PJ+Wm/Kb1WYMgCgYZ5+oYfx7cVw/k3YxO8nBv9oXnUTAQ9
A3Xl3A9/BnPFc0spZPnVUZIVNTM7f96Nb9bckUijx4559alnzUs2DGJ2THw5sZs1
EHXhxZt8RVsbYJDgLSWs+lmoKcPr8+0YGZPDuTmo+Gz25zjcvv5UnHLOuZ/pXoN4
f0e4NyhtEggQ6Z+FYmj6taWvpsKuyUDGC02MCCZrgD+knkPXk2Jrsrr2tJifs1t+
2z7DJWTN1bgSOAD/Ra/QyiVpCTBlnhqsc4CSZhFUI3lpCHLwiC7qRShRRopA50zg
qtOE0fpNHaokm5bcFbw89bIVuGrOYr91xQxuVg==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:20:15 2025 by rpki-client