Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131653a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626131653a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          yfbaeT34FbMIGlyj0tQySNH5shIHOUf5oJ7SB3fvio4=
Subject key identifier:   8E:F8:B4:D3:FA:92:0B:CC:36:6B:CC:A0:B6:3A:70:46:9E:B9:BB:05
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       5499ED88547C346E59578809353DAFBFE1BC8416
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131653a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:32 +0000
ROA not before:           Sat 05 Jul 2025 09:27:32 +0000
ROA not after:            Sat 04 Jul 2026 09:32:32 +0000
asID:                     199518
IP address blocks:        2a0a:6040:ba1e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:99:ed:88:54:7c:34:6e:59:57:88:09:35:3d:af:bf:e1:bc:84:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:32 2025 GMT
            Not After : Jul  4 09:32:32 2026 GMT
        Subject: CN=8EF8B4D3FA920BCC366BCCA0B63A70469EB9BB05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f4:be:4b:3e:92:5d:4b:1e:24:eb:cc:85:d6:
                    d0:f5:d5:53:f7:8b:74:a2:a3:62:18:84:b0:0d:02:
                    4a:ab:00:88:16:cb:a6:ed:21:91:8a:c9:7a:07:4f:
                    93:3b:e5:08:c1:2e:43:89:ff:f3:b0:3c:78:4e:93:
                    74:53:3b:6b:30:3e:36:32:e1:cf:9e:5c:4b:56:18:
                    2e:4c:e5:d0:1d:2f:df:60:2a:b7:f3:e7:d8:5d:4e:
                    82:63:0b:26:8e:0f:7e:45:3c:45:6a:24:b7:2d:d5:
                    e1:70:53:83:a8:6d:54:fa:42:10:dc:d6:7b:89:5e:
                    04:d7:95:88:8e:af:9e:8d:73:35:ea:00:78:44:b8:
                    2f:19:7d:cb:9b:98:ce:9a:6c:d1:3f:91:7b:02:8a:
                    55:39:23:e6:c1:3d:78:a2:80:ee:59:3c:43:67:a2:
                    f1:ee:66:52:60:ec:04:a6:3c:01:85:39:35:0c:63:
                    81:87:ba:1e:0b:e4:7b:38:12:8d:fe:68:9b:f0:57:
                    fd:06:0c:c0:9e:7c:ef:07:8f:71:6b:9f:70:3c:02:
                    45:89:75:98:c7:e3:60:df:01:52:f5:c9:02:bc:23:
                    08:13:99:96:f7:79:eb:48:62:fa:e2:6c:1c:6a:66:
                    91:b8:58:31:81:70:73:39:0c:84:2b:d6:08:c3:06:
                    70:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:F8:B4:D3:FA:92:0B:CC:36:6B:CC:A0:B6:3A:70:46:9E:B9:BB:05
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626131653a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:ba1e::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:bc:1c:f3:b9:5c:9a:5a:06:07:a5:59:56:72:be:61:6e:2f:
         82:dd:f5:a7:71:72:65:ca:e4:e1:9c:ce:30:08:d3:f2:c6:28:
         96:8a:c9:2d:8d:48:38:19:73:ab:cc:72:b4:e1:21:f6:ce:64:
         2a:8a:b4:20:a3:1e:ba:a9:2b:e5:3c:97:bd:55:73:54:d4:a6:
         4a:a0:82:ff:ec:a5:dc:e9:fe:8c:c0:db:4b:4d:d8:90:65:5c:
         1b:ba:73:0b:83:8f:a6:58:cf:7c:32:a2:e3:3f:b5:92:3e:54:
         75:95:86:fc:6b:7c:7f:a4:02:a6:cd:97:98:63:22:1a:d5:f3:
         50:fd:79:44:5c:bf:86:e6:cd:d0:1b:2e:d2:d0:0c:7a:65:d2:
         a5:ac:94:10:48:64:72:fb:71:09:c3:f5:28:63:a3:df:b3:5c:
         08:51:b4:a4:a3:4e:0c:d0:c0:35:51:59:d8:31:40:fc:c7:17:
         4f:a8:1f:76:1d:0b:fa:12:69:6c:70:28:91:f8:7f:43:19:a6:
         0f:13:8b:84:e2:f4:28:67:ef:b2:41:88:0e:49:39:6e:00:32:
         7d:7b:5e:64:40:37:c7:b4:c2:49:d6:e5:70:4c:98:28:fd:31:
         29:db:09:62:81:93:a6:0d:f3:69:75:7a:62:63:ab:6f:d5:44:
         0b:69:e2:c6
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUVJntiFR8NG5ZV4gJNT2vv+G8hBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzJaFw0yNjA3MDQwOTMyMzJaMDMxMTAvBgNV
BAMTKDhFRjhCNEQzRkE5MjBCQ0MzNjZCQ0NBMEI2M0E3MDQ2OUVCOUJCMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ9L5LPpJdSx4k68yF1tD11VP3
i3Sio2IYhLANAkqrAIgWy6btIZGKyXoHT5M75QjBLkOJ//OwPHhOk3RTO2swPjYy
4c+eXEtWGC5M5dAdL99gKrfz59hdToJjCyaOD35FPEVqJLct1eFwU4OobVT6QhDc
1nuJXgTXlYiOr56NczXqAHhEuC8ZfcubmM6abNE/kXsCilU5I+bBPXiigO5ZPENn
ovHuZlJg7ASmPAGFOTUMY4GHuh4L5Hs4Eo3+aJvwV/0GDMCefO8Hj3Frn3A8AkWJ
dZjH42DfAVL1yQK8IwgTmZb3eetIYvribBxqZpG4WDGBcHM5DIQr1gjDBnADAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUjvi00/qSC8w2a8ygtjpwRp65uwUwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTMxNjUzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAuh4wDQYJKoZI
hvcNAQELBQADggEBAG28HPO5XJpaBgelWVZyvmFuL4Ld9adxcmXK5OGczjAI0/LG
KJaKyS2NSDgZc6vMcrThIfbOZCqKtCCjHrqpK+U8l71Vc1TUpkqggv/spdzp/ozA
20tN2JBlXBu6cwuDj6ZYz3wyouM/tZI+VHWVhvxrfH+kAqbNl5hjIhrV81D9eURc
v4bmzdAbLtLQDHpl0qWslBBIZHL7cQnD9Shjo9+zXAhRtKSjTgzQwDVRWdgxQPzH
F0+oH3YdC/oSaWxwKJH4f0MZpg8Ti4Ti9Chn77JBiA5JOW4AMn17XmRAN8e0wknW
5XBMmCj9MSnbCWKBk6YN82l1emJjq2/VRAtp4sY=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:52:47 2025 by rpki-client