Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
File:                     AS834.roa (raw, json)
Hash identifier:          aAVSG96BQI8wqsQo2oq9jeqhpHSVZWgFQuEyeKlJzow=
Subject key identifier:   E3:26:B6:1D:23:6B:09:72:04:C8:4C:DC:56:90:8A:EC:07:49:E6:A2
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       50EC22C57CABB628A5EC8B597CB14597092BD7F8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa
Signing time:             Tue 22 Jul 2025 00:01:28 +0000
ROA not before:           Mon 21 Jul 2025 23:56:28 +0000
ROA not after:            Tue 21 Jul 2026 00:01:28 +0000
asID:                     834
IP address blocks:        82.21.153.0/24 maxlen: 24
                          82.21.187.0/24 maxlen: 24
                          82.22.124.0/22 maxlen: 24
                          82.22.187.0/24 maxlen: 24
                          82.24.83.0/24 maxlen: 24
                          82.25.39.0/24 maxlen: 24
                          82.25.42.0/23 maxlen: 24
                          82.25.44.0/24 maxlen: 24
                          82.25.46.0/23 maxlen: 24
                          82.25.135.0/24 maxlen: 24
                          82.25.142.0/23 maxlen: 24
                          82.25.190.0/24 maxlen: 24
                          82.26.65.0/24 maxlen: 24
                          82.26.150.0/23 maxlen: 24
                          82.26.193.0/24 maxlen: 24
                          82.26.198.0/24 maxlen: 24
                          82.26.202.0/24 maxlen: 24
                          82.27.106.0/24 maxlen: 24
                          82.29.52.0/24 maxlen: 24
                          82.29.95.0/24 maxlen: 24
                          82.29.107.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 13:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:ec:22:c5:7c:ab:b6:28:a5:ec:8b:59:7c:b1:45:97:09:2b:d7:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jul 21 23:56:28 2025 GMT
            Not After : Jul 21 00:01:28 2026 GMT
        Subject: CN=E326B61D236B097204C84CDC56908AEC0749E6A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f1:61:25:76:f6:5c:90:24:8e:9c:70:90:18:
                    58:64:14:80:57:23:19:a1:6f:fe:a7:4a:35:fd:84:
                    a4:6f:f8:63:3a:fa:6d:f2:69:8c:33:50:49:12:68:
                    d2:97:95:04:39:37:68:23:a6:04:af:bd:18:c4:e0:
                    41:50:e0:f7:25:5b:eb:52:34:d2:7b:f6:1a:bc:a9:
                    7b:2f:84:62:0f:81:48:2a:8d:89:00:a9:56:de:3f:
                    bb:e4:31:c9:af:6d:2d:f2:ee:3d:2e:4d:2c:42:50:
                    da:31:68:99:67:71:80:01:15:c9:d1:47:4a:6f:00:
                    88:d0:6b:38:c9:2f:d1:a0:c7:3e:a8:e0:a1:8f:42:
                    e9:65:37:b9:5b:0a:0e:25:76:59:dc:64:d3:dc:9d:
                    7d:2f:d3:55:25:cc:46:b7:24:6d:47:d8:8f:c3:29:
                    a1:9b:6b:c4:24:37:0a:6d:b4:fc:75:f3:ba:af:5b:
                    8c:39:88:0d:3b:76:9a:b3:5c:48:54:c7:ce:7b:39:
                    9a:1f:be:bd:ff:33:4c:93:31:b1:8b:9e:2a:52:33:
                    a3:f1:e1:0e:c3:e1:09:aa:39:06:37:4a:c2:f9:82:
                    57:25:2d:27:2a:1f:27:d5:c6:dc:c0:a1:af:d0:3e:
                    1f:1d:49:15:19:0c:d9:cb:de:f0:55:3a:df:61:8f:
                    60:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:26:B6:1D:23:6B:09:72:04:C8:4C:DC:56:90:8A:EC:07:49:E6:A2
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.153.0/24
                  82.21.187.0/24
                  82.22.124.0/22
                  82.22.187.0/24
                  82.24.83.0/24
                  82.25.39.0/24
                  82.25.42.0-82.25.44.255
                  82.25.46.0/23
                  82.25.135.0/24
                  82.25.142.0/23
                  82.25.190.0/24
                  82.26.65.0/24
                  82.26.150.0/23
                  82.26.193.0/24
                  82.26.198.0/24
                  82.26.202.0/24
                  82.27.106.0/24
                  82.29.52.0/24
                  82.29.95.0/24
                  82.29.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:18:36:be:36:4b:11:fd:01:80:58:b2:c9:84:bc:13:f5:db:
         3f:7e:4c:47:1d:0a:c7:2d:36:38:6d:f9:cc:fe:67:c9:6c:d2:
         80:64:65:bc:87:5b:ac:af:e2:bd:18:c5:d5:16:52:a7:02:26:
         c5:ee:71:58:f0:c4:af:94:e9:3e:a9:77:41:e4:93:7f:9b:ec:
         86:74:e9:83:38:0a:60:d0:c2:dd:64:45:fc:70:4f:f9:13:b8:
         71:62:05:40:1f:4f:2b:de:fa:f2:43:ca:56:86:2b:03:eb:40:
         4a:90:5c:07:01:17:37:1f:35:9b:98:06:64:5b:b9:14:fc:00:
         0c:1f:12:60:d0:db:4d:34:ca:9e:36:61:b0:eb:3f:37:86:64:
         4a:6e:2c:20:ae:4b:ab:02:b7:b5:c2:c4:14:48:b5:9f:4f:03:
         9e:61:f7:11:44:ab:29:39:e2:e7:63:41:1c:ab:f3:67:0e:db:
         44:7e:c0:c0:aa:c2:5c:af:89:02:89:e6:99:aa:c8:ff:44:7e:
         04:0f:10:ac:65:ce:e3:f5:1f:cf:bb:8c:c3:42:3b:c5:cc:77:
         30:cd:e9:06:a6:91:48:17:2d:f8:82:48:15:10:9f:c0:12:41:
         41:9b:d4:b2:e6:21:b2:8a:11:76:a7:9e:d4:44:4d:ab:fa:18:
         d1:4c:99:f2
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUUOwixXyrtiil7ItZfLFFlwkr1/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjEyMzU2MjhaFw0yNjA3MjEwMDAxMjhaMDMxMTAvBgNV
BAMTKEUzMjZCNjFEMjM2QjA5NzIwNEM4NENEQzU2OTA4QUVDMDc0OUU2QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC98WEldvZckCSOnHCQGFhkFIBX
Ixmhb/6nSjX9hKRv+GM6+m3yaYwzUEkSaNKXlQQ5N2gjpgSvvRjE4EFQ4PclW+tS
NNJ79hq8qXsvhGIPgUgqjYkAqVbeP7vkMcmvbS3y7j0uTSxCUNoxaJlncYABFcnR
R0pvAIjQazjJL9Ggxz6o4KGPQullN7lbCg4ldlncZNPcnX0v01UlzEa3JG1H2I/D
KaGba8QkNwpttPx187qvW4w5iA07dpqzXEhUx857OZofvr3/M0yTMbGLnipSM6Px
4Q7D4QmqOQY3SsL5glclLScqHyfVxtzAoa/QPh8dSRUZDNnL3vBVOt9hj2BBAgMB
AAGjggKGMIICgjAdBgNVHQ4EFgQU4ya2HSNrCXIEyEzcVpCK7AdJ5qIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
FZkDBABSFbsDBAJSFnwDBABSFrsDBABSGFMDBABSGScwDAMEAVIZKgMEAFIZLAME
AVIZLgMEAFIZhwMEAVIZjgMEAFIZvgMEAFIaQQMEAVIalgMEAFIawQMEAFIaxgME
AFIaygMEAFIbagMEAFIdNAMEAFIdXwMEAFIdazANBgkqhkiG9w0BAQsFAAOCAQEA
qBg2vjZLEf0BgFiyyYS8E/XbP35MRx0Kxy02OG35zP5nyWzSgGRlvIdbrK/ivRjF
1RZSpwImxe5xWPDEr5TpPql3QeSTf5vshnTpgzgKYNDC3WRF/HBP+RO4cWIFQB9P
K9768kPKVoYrA+tASpBcBwEXNx81m5gGZFu5FPwADB8SYNDbTTTKnjZhsOs/N4Zk
Sm4sIK5LqwK3tcLEFEi1n08DnmH3EUSrKTni52NBHKvzZw7bRH7AwKrCXK+JAonm
marI/0R+BA8QrGXO4/Ufz7uMw0I7xcx3MM3pBqaRSBct+IJIFRCfwBJBQZvUsuYh
sooRdqee1ERNq/oY0UyZ8g==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:29:44 2025 by rpki-client