Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a336630303a3a2f34302d3438203d3e20323033303639.roa
File:                     326130613a363034303a336630303a3a2f34302d3438203d3e20323033303639.roa (raw, json)
Hash identifier:          rHPewLaTkppiYRuEKYbkMC6q0fSzfeWOiDhEN8UQLrI=
Subject key identifier:   09:D1:9B:69:CE:DC:9D:4A:6E:3A:EF:C4:63:50:AF:EF:F7:D7:6C:56
Certificate issuer:       /CN=6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51
Certificate serial:       6812CFFC15B6582B3F314AAF11AF663DB61748E7
Authority key identifier: 6E:F8:DF:8B:74:C5:D8:BB:67:37:EC:42:CE:03:2A:B4:B0:3E:0C:51
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a336630303a3a2f34302d3438203d3e20323033303639.roa
Signing time:             Sat 05 Jul 2025 08:10:56 +0000
ROA not before:           Sat 05 Jul 2025 08:05:56 +0000
ROA not after:            Sat 04 Jul 2026 08:10:56 +0000
asID:                     203069
IP address blocks:        2a0a:6040:3f00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 07:41:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:12:cf:fc:15:b6:58:2b:3f:31:4a:af:11:af:66:3d:b6:17:48:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51
        Validity
            Not Before: Jul  5 08:05:56 2025 GMT
            Not After : Jul  4 08:10:56 2026 GMT
        Subject: CN=09D19B69CEDC9D4A6E3AEFC46350AFEFF7D76C56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:bc:8a:88:2a:a6:4c:59:af:6f:b8:24:47:b2:
                    af:68:65:62:80:08:c5:8f:30:6b:77:d4:74:c4:c6:
                    2f:98:12:be:6b:8d:a3:fb:3a:af:f8:60:25:f4:13:
                    44:01:18:c8:56:ec:a8:ce:e0:ac:27:72:60:bc:9d:
                    be:8b:8c:a0:a4:7f:f6:aa:24:b4:a3:95:66:f2:2b:
                    cc:1e:38:1b:2e:9f:5d:ab:04:f4:7c:d1:57:45:1a:
                    43:68:2d:90:55:03:1f:f3:2d:09:9c:68:e8:0c:12:
                    d3:79:77:41:7e:9a:19:7b:69:58:73:55:fd:9e:9f:
                    c8:28:54:3d:75:d7:28:b1:34:69:cd:bd:cf:d0:11:
                    b7:8a:26:a4:0a:03:bb:59:d4:ff:56:02:9a:32:59:
                    43:a2:0f:16:15:72:84:71:04:24:b5:1d:e7:7a:5d:
                    bf:ad:ec:4a:66:fc:c7:6a:a6:28:a4:7a:82:26:57:
                    8f:7c:a1:7c:c2:57:7d:3b:38:b1:4b:a3:5f:8c:f8:
                    14:47:e9:36:8c:d7:54:0d:60:a4:16:08:14:a9:95:
                    bb:d1:f9:00:fc:de:d4:06:b9:c5:74:48:5c:2a:b1:
                    ca:e2:59:96:17:50:b4:2a:34:4c:7a:e7:79:31:02:
                    82:7b:33:9d:fa:98:9f:14:f4:c4:c2:60:f7:0c:b6:
                    a1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:D1:9B:69:CE:DC:9D:4A:6E:3A:EF:C4:63:50:AF:EF:F7:D7:6C:56
            X509v3 Authority Key Identifier:
                keyid:6E:F8:DF:8B:74:C5:D8:BB:67:37:EC:42:CE:03:2A:B4:B0:3E:0C:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/6EF8DF8B74C5D8BB6737EC42CE032AB4B03E0C51.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/10/326130613a363034303a336630303a3a2f34302d3438203d3e20323033303639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:3f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:ca:e1:37:fa:13:24:8e:dd:00:7c:ab:7c:7d:46:c7:3a:98:
         57:28:a5:6a:06:30:ca:82:2c:b5:a4:8c:63:09:30:06:89:30:
         c9:4b:73:e4:dc:8f:3f:f9:66:70:11:c2:38:34:f6:60:d4:2b:
         80:08:69:f5:5d:4c:78:fc:a0:36:b5:78:e0:41:c4:52:8a:72:
         4d:26:c3:be:26:a8:40:a7:16:08:14:4c:d7:f1:b0:fc:42:68:
         de:dd:97:14:bc:eb:cd:47:34:6f:48:7d:64:3d:42:a3:91:68:
         dd:0c:fc:5d:49:a3:95:54:98:15:a9:20:c8:f5:15:36:64:65:
         04:0c:6f:4f:f6:75:9e:05:bd:a9:84:2c:3c:11:1b:11:f3:d0:
         14:13:b8:80:cb:61:f9:64:87:ce:2b:5d:9c:33:39:ef:23:31:
         ba:2a:d8:ac:b9:49:72:70:72:73:c0:2d:8a:ed:57:57:46:19:
         1d:e9:cd:fb:1a:69:a8:1b:67:1c:a5:b7:6b:75:75:76:18:de:
         34:35:a4:e9:6c:26:c1:65:56:83:10:be:e9:f1:26:e0:86:dc:
         65:db:96:42:bc:89:88:99:4d:73:9c:48:14:23:98:b6:dc:c5:
         55:2a:36:39:4a:96:d4:0e:92:6c:57:b8:bf:23:76:5b:52:b5:
         2c:ba:8f:3e
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUaBLP/BW2WCs/MUqvEa9mPbYXSOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkVGOERGOEI3NEM1RDhCQjY3MzdFQzQyQ0UwMzJBQjRC
MDNFMEM1MTAeFw0yNTA3MDUwODA1NTZaFw0yNjA3MDQwODEwNTZaMDMxMTAvBgNV
BAMTKDA5RDE5QjY5Q0VEQzlENEE2RTNBRUZDNDYzNTBBRkVGRjdENzZDNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChvIqIKqZMWa9vuCRHsq9oZWKA
CMWPMGt31HTExi+YEr5rjaP7Oq/4YCX0E0QBGMhW7KjO4KwncmC8nb6LjKCkf/aq
JLSjlWbyK8weOBsun12rBPR80VdFGkNoLZBVAx/zLQmcaOgMEtN5d0F+mhl7aVhz
Vf2en8goVD111yixNGnNvc/QEbeKJqQKA7tZ1P9WApoyWUOiDxYVcoRxBCS1Hed6
Xb+t7Epm/MdqpiikeoImV498oXzCV307OLFLo1+M+BRH6TaM11QNYKQWCBSplbvR
+QD83tQGucV0SFwqscriWZYXULQqNEx653kxAoJ7M536mJ8U9MTCYPcMtqGtAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQUCdGbac7cnUpuOu/EY1Cv7/fXbFYwHwYDVR0j
BBgwFoAUbvjfi3TF2LtnN+xCzgMqtLA+DFEwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzFiZjhlOTc3LTcyNzgtNDZjZi1hYmQxLTk5Y2QxZmQy
YmU0ZS8xMC82RUY4REY4Qjc0QzVEOEJCNjczN0VDNDJDRTAzMkFCNEIwM0UwQzUx
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvNkVGOERGOEI3NEM1
RDhCQjY3MzdFQzQyQ0UwMzJBQjRCMDNFMEM1MS5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzEwLzMyNjEzMDYxM2EzNjMwMzQzMDNhMzM2NjMwMzAzYTNhMmYzNDMwMmQz
NDM4MjAzZDNlMjAzMjMwMzMzMDM2Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCmBAPzANBgkqhkiG
9w0BAQsFAAOCAQEAFcrhN/oTJI7dAHyrfH1GxzqYVyilagYwyoIstaSMYwkwBokw
yUtz5NyPP/lmcBHCODT2YNQrgAhp9V1MePygNrV44EHEUopyTSbDviaoQKcWCBRM
1/Gw/EJo3t2XFLzrzUc0b0h9ZD1Co5Fo3Qz8XUmjlVSYFakgyPUVNmRlBAxvT/Z1
ngW9qYQsPBEbEfPQFBO4gMth+WSHzitdnDM57yMxuirYrLlJcnByc8Atiu1XV0YZ
HenN+xppqBtnHKW3a3V1dhjeNDWk6WwmwWVWgxC+6fEm4IbcZduWQryJiJlNc5xI
FCOYttzFVSo2OUqW1A6SbFe4vyN2W1K1LLqPPg==
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:08:19 2025 by rpki-client