Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626130303a3a2f34302d3430203d3e20313939353138.roa
File:                     326130613a363034303a626130303a3a2f34302d3430203d3e20313939353138.roa (raw, json)
Hash identifier:          MtzTkzQ35m22EvkbzZHwIxUncfZ/F5ZBQnc0K5rFcKk=
Subject key identifier:   71:4D:94:F7:34:B0:D0:0F:5B:C2:E9:F8:0C:6D:D7:F6:D2:4E:B8:64
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       06549D471D20A37E8F17118C1703E817088CA4B0
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626130303a3a2f34302d3430203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:34 +0000
ROA not before:           Sat 05 Jul 2025 09:27:34 +0000
ROA not after:            Sat 04 Jul 2026 09:32:34 +0000
asID:                     199518
IP address blocks:        2a0a:6040:ba00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:54:9d:47:1d:20:a3:7e:8f:17:11:8c:17:03:e8:17:08:8c:a4:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:34 2025 GMT
            Not After : Jul  4 09:32:34 2026 GMT
        Subject: CN=714D94F734B0D00F5BC2E9F80C6DD7F6D24EB864
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3e:26:d8:81:46:be:85:93:23:e0:7e:3d:5b:
                    25:55:36:19:c7:62:96:29:60:95:c7:92:83:f8:d1:
                    34:8d:02:b1:3e:fb:da:bd:4f:5f:e0:3b:dc:21:d7:
                    ab:ca:62:8f:df:04:f0:ad:ba:27:96:0f:57:1d:d6:
                    f4:5f:2c:21:c2:cf:65:f1:7a:bf:05:1b:99:f1:04:
                    d3:52:9f:c3:31:2a:a8:88:e6:0d:7c:bb:e3:8f:62:
                    47:29:0c:05:c6:2c:3b:4e:5e:0c:3a:09:fa:79:a1:
                    18:7b:04:c0:f9:4a:0a:d6:32:e1:ae:06:ab:d3:9a:
                    cd:0f:6d:7b:6f:18:b7:58:91:6d:61:46:ae:70:41:
                    68:f5:f4:f2:aa:fd:7f:48:16:6d:55:1a:44:91:1b:
                    0b:b8:bc:f0:98:fd:33:cc:7f:9d:ed:ab:8e:e7:77:
                    80:f2:b4:32:60:19:d0:9d:e9:3f:da:30:ea:0d:f1:
                    64:ce:56:ec:95:d9:48:ac:02:c8:d2:86:7c:95:ce:
                    a0:d2:3c:48:8e:8b:48:3f:34:b9:9d:52:f2:67:c1:
                    dc:54:25:63:0a:9d:d9:6a:8d:ee:a6:b7:0b:6c:e3:
                    e7:a0:f1:6e:d1:aa:21:17:1b:c8:0e:cc:b5:92:83:
                    b8:db:bf:2e:3d:b1:1a:cd:64:70:fe:8e:c0:ee:79:
                    0c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:4D:94:F7:34:B0:D0:0F:5B:C2:E9:F8:0C:6D:D7:F6:D2:4E:B8:64
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626130303a3a2f34302d3430203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:ba00::/40

    Signature Algorithm: sha256WithRSAEncryption
         bf:5b:d9:ea:ae:44:be:e9:08:87:06:9e:d1:be:13:a4:87:7a:
         2b:15:52:9d:62:38:db:f0:7e:4e:36:b9:78:9d:9d:0a:84:a8:
         85:03:6e:83:93:18:57:c4:17:cc:50:c8:1b:fc:82:e1:43:9e:
         e5:bc:2a:ff:7a:69:0b:c1:18:45:2c:42:e8:95:77:12:ee:19:
         04:82:b4:01:b5:12:b6:bb:cd:c6:8e:34:70:8a:5b:dc:83:be:
         82:75:b3:c4:7b:2c:f0:2b:e3:0b:8b:2c:46:3b:8a:b8:06:d3:
         f5:dc:59:cb:71:e7:82:ea:6f:92:f6:75:1f:cf:54:db:3a:6f:
         12:70:31:d1:f2:ee:14:3c:8f:e6:ce:7b:c5:ba:b4:66:d9:9a:
         b9:13:12:4b:70:41:f1:86:d7:88:65:81:1d:94:30:8b:5e:df:
         6c:3b:96:bd:26:17:26:b8:25:42:7a:d6:a0:cb:f4:10:85:7d:
         26:04:61:d3:be:48:be:91:5f:02:a8:e0:46:24:d0:91:b0:ce:
         d7:f9:9e:f6:61:b4:1b:80:a8:74:e8:f5:79:dc:93:76:73:8c:
         02:e4:82:71:82:08:93:72:7f:44:e5:08:a5:c2:19:22:c0:b5:
         49:f7:80:60:b9:10:30:81:0e:27:7f:b7:1a:b5:39:bf:6a:03:
         c4:d1:59:11
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUBlSdRx0go36PFxGMFwPoFwiMpLAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzRaFw0yNjA3MDQwOTMyMzRaMDMxMTAvBgNV
BAMTKDcxNEQ5NEY3MzRCMEQwMEY1QkMyRTlGODBDNkREN0Y2RDI0RUI4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTPibYgUa+hZMj4H49WyVVNhnH
YpYpYJXHkoP40TSNArE++9q9T1/gO9wh16vKYo/fBPCtuieWD1cd1vRfLCHCz2Xx
er8FG5nxBNNSn8MxKqiI5g18u+OPYkcpDAXGLDtOXgw6Cfp5oRh7BMD5SgrWMuGu
BqvTms0PbXtvGLdYkW1hRq5wQWj19PKq/X9IFm1VGkSRGwu4vPCY/TPMf53tq47n
d4DytDJgGdCd6T/aMOoN8WTOVuyV2UisAsjShnyVzqDSPEiOi0g/NLmdUvJnwdxU
JWMKndlqje6mtwts4+eg8W7RqiEXG8gOzLWSg7jbvy49sRrNZHD+jsDueQxHAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQUcU2U9zSw0A9bwun4DG3X9tJOuGQwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTMwMzAzYTNhMmYzNDMwMmQz
NDMwMjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqCmBAujANBgkqhkiG
9w0BAQsFAAOCAQEAv1vZ6q5EvukIhwae0b4TpId6KxVSnWI42/B+Tja5eJ2dCoSo
hQNug5MYV8QXzFDIG/yC4UOe5bwq/3ppC8EYRSxC6JV3Eu4ZBIK0AbUStrvNxo40
cIpb3IO+gnWzxHss8CvjC4ssRjuKuAbT9dxZy3HngupvkvZ1H89U2zpvEnAx0fLu
FDyP5s57xbq0ZtmauRMSS3BB8YbXiGWBHZQwi17fbDuWvSYXJrglQnrWoMv0EIV9
JgRh075IvpFfAqjgRiTQkbDO1/me9mG0G4CodOj1edyTdnOMAuSCcYIIk3J/ROUI
pcIZIsC1SfeAYLkQMIEOJ3+3GrU5v2oDxNFZEQ==
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:52:49 2025 by rpki-client