Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131643a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626131643a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          T/jZB6hJnvckE1oQM04wQ4G6elO8ybOC5fa2RX6LRvo=
Subject key identifier:   65:ED:9F:3F:44:C4:F4:A0:0E:9C:06:30:87:77:3B:7B:9E:32:5B:72
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       4A1FC2C47AD51435CC2648C6C6781C909F440023
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131643a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:33 +0000
ROA not before:           Sat 05 Jul 2025 09:27:33 +0000
ROA not after:            Sat 04 Jul 2026 09:32:33 +0000
asID:                     199518
IP address blocks:        2a0a:6040:ba1d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:1f:c2:c4:7a:d5:14:35:cc:26:48:c6:c6:78:1c:90:9f:44:00:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:33 2025 GMT
            Not After : Jul  4 09:32:33 2026 GMT
        Subject: CN=65ED9F3F44C4F4A00E9C063087773B7B9E325B72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6e:86:60:23:4f:69:6d:c1:66:86:c9:96:06:
                    7d:f5:10:04:06:30:65:55:fd:32:38:b5:af:5c:da:
                    9b:3b:4a:b6:5e:0b:5e:2d:cb:70:eb:da:7f:3a:f2:
                    8e:87:39:59:6b:4f:43:de:24:f0:b1:e7:de:63:d2:
                    ee:48:ba:e9:ac:0e:5d:8e:ed:50:5c:23:da:09:9d:
                    a4:1a:47:58:03:13:af:2d:2c:ea:15:4d:d6:34:8f:
                    cd:38:4f:ed:90:60:0d:5d:89:62:45:1c:bb:41:18:
                    db:87:e8:02:be:87:d8:9f:6c:7a:52:60:72:03:7c:
                    45:73:10:31:b5:6a:aa:89:09:b9:37:fc:3d:e1:c7:
                    02:2c:25:71:43:10:a3:7b:d4:d4:1e:60:36:87:e8:
                    16:95:36:54:b7:4f:0f:38:51:81:cf:8d:e8:a6:47:
                    b1:37:5e:d2:45:d6:51:53:40:c1:5c:e5:db:03:52:
                    a0:b5:17:7e:ee:6e:6d:20:a0:24:17:de:70:37:e3:
                    39:ea:13:f9:bd:be:95:e2:a3:ea:7e:b4:9c:91:d5:
                    02:19:5f:a7:cf:c6:bd:35:23:9a:8b:cd:43:2a:5a:
                    bd:af:0f:72:e9:3b:a2:3d:99:ae:ef:6f:3a:29:d0:
                    b2:a9:26:f2:cb:08:10:c6:18:ac:dd:bc:74:1b:f0:
                    eb:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:ED:9F:3F:44:C4:F4:A0:0E:9C:06:30:87:77:3B:7B:9E:32:5B:72
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131643a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:ba1d::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:14:fd:11:eb:55:b4:4b:10:d1:c1:a3:0c:a6:82:7c:6f:67:
         5c:f0:5a:b8:5f:d7:c9:ce:4a:8f:05:af:c6:a4:0f:03:a9:c4:
         d4:54:30:d9:16:ab:46:6b:52:5d:56:09:68:4a:e3:b7:30:6d:
         d7:73:db:aa:ff:80:96:80:b2:ca:0f:da:c9:12:d2:e6:77:c1:
         da:f5:ea:23:2c:ac:2a:2c:b7:14:b9:a6:7b:98:22:80:f7:f7:
         88:97:9e:81:3f:5f:ae:f5:90:a5:a9:08:b4:fa:d2:7c:7c:d7:
         a4:3a:71:a4:ae:32:4b:43:11:ae:ee:0b:46:03:f0:cd:b6:72:
         ba:49:f0:c5:26:40:9d:3f:71:c3:5d:b6:b2:73:6d:a6:3b:9d:
         e5:b1:fd:76:bf:08:70:1c:58:b6:34:5c:47:ea:4b:89:09:c6:
         9d:95:2a:f7:da:4c:08:00:d4:2b:f3:1d:46:7b:62:ea:6c:48:
         78:48:47:1c:3b:ec:54:22:27:2d:3f:83:a2:58:b6:a0:bc:be:
         42:3b:da:88:1a:be:69:3b:78:4c:f3:78:e2:10:82:56:89:d4:
         be:ee:57:06:17:ae:ad:3a:35:53:a9:db:94:0c:81:d4:26:0d:
         f5:64:57:ef:e5:9f:6c:af:61:a5:53:ae:ac:d1:e0:64:7d:0b:
         5b:a0:b2:73
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUSh/CxHrVFDXMJkjGxngckJ9EACMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzNaFw0yNjA3MDQwOTMyMzNaMDMxMTAvBgNV
BAMTKDY1RUQ5RjNGNDRDNEY0QTAwRTlDMDYzMDg3NzczQjdCOUUzMjVCNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWboZgI09pbcFmhsmWBn31EAQG
MGVV/TI4ta9c2ps7SrZeC14ty3Dr2n868o6HOVlrT0PeJPCx595j0u5IuumsDl2O
7VBcI9oJnaQaR1gDE68tLOoVTdY0j804T+2QYA1diWJFHLtBGNuH6AK+h9ifbHpS
YHIDfEVzEDG1aqqJCbk3/D3hxwIsJXFDEKN71NQeYDaH6BaVNlS3Tw84UYHPjeim
R7E3XtJF1lFTQMFc5dsDUqC1F37ubm0goCQX3nA34znqE/m9vpXio+p+tJyR1QIZ
X6fPxr01I5qLzUMqWr2vD3LpO6I9ma7vbzop0LKpJvLLCBDGGKzdvHQb8OtHAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUZe2fP0TE9KAOnAYwh3c7e54yW3IwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTMxNjQzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAuh0wDQYJKoZI
hvcNAQELBQADggEBACIU/RHrVbRLENHBowymgnxvZ1zwWrhf18nOSo8Fr8akDwOp
xNRUMNkWq0ZrUl1WCWhK47cwbddz26r/gJaAssoP2skS0uZ3wdr16iMsrCostxS5
pnuYIoD394iXnoE/X671kKWpCLT60nx816Q6caSuMktDEa7uC0YD8M22crpJ8MUm
QJ0/ccNdtrJzbaY7neWx/Xa/CHAcWLY0XEfqS4kJxp2VKvfaTAgA1CvzHUZ7Yups
SHhIRxw77FQiJy0/g6JYtqC8vkI72ogavmk7eEzzeOIQglaJ1L7uVwYXrq06NVOp
25QMgdQmDfVkV+/ln2yvYaVTrqzR4GR9C1ugsnM=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:52:07 2025 by rpki-client