Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626135653a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626135653a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          6S/HZN+hofz7bGbwqskKxqv7EIALWOyIB31Jd/CmpLk=
Subject key identifier:   50:D1:CF:29:7B:20:51:19:B3:D1:15:C4:D1:FB:99:CF:DF:F7:BD:C2
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       5F1070405716012C7178570321FBF1605F3CABC7
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626135653a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:33 +0000
ROA not before:           Sat 05 Jul 2025 09:27:33 +0000
ROA not after:            Sat 04 Jul 2026 09:32:33 +0000
asID:                     199518
IP address blocks:        2a0a:6040:ba5e::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:10:70:40:57:16:01:2c:71:78:57:03:21:fb:f1:60:5f:3c:ab:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:33 2025 GMT
            Not After : Jul  4 09:32:33 2026 GMT
        Subject: CN=50D1CF297B205119B3D115C4D1FB99CFDFF7BDC2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7e:0c:4e:2c:02:e3:94:a2:98:ce:19:ab:e8:
                    5d:57:ce:f7:89:52:bc:8b:5b:cc:48:ac:b3:b2:2a:
                    b7:6c:c3:30:a4:58:04:52:ab:0b:a0:05:e8:5a:8b:
                    91:02:93:aa:95:a7:53:de:15:85:65:13:ad:c5:70:
                    7b:32:6d:1a:f1:b6:82:18:87:e4:d6:12:02:1c:b5:
                    54:24:6b:75:76:29:1d:cb:ab:d4:5f:8d:e0:01:e0:
                    97:f9:b8:e8:ed:f2:3c:83:df:90:8e:2c:96:93:c9:
                    11:f7:91:32:f3:69:10:64:97:9d:f6:96:a4:50:e4:
                    82:c6:06:28:79:f3:75:a9:4a:24:11:28:0a:24:e0:
                    e4:10:cf:06:f2:42:98:bf:9f:d0:66:e6:bc:89:87:
                    72:17:73:9a:b2:4b:dc:63:18:7a:6f:61:69:72:08:
                    71:ba:05:5f:c0:4b:1c:cb:bd:77:d2:b6:b0:02:03:
                    d9:37:53:84:d8:89:f5:b6:5b:69:3f:a5:05:b3:00:
                    69:b1:84:a8:75:e9:b6:c8:03:14:95:d5:0c:29:be:
                    a4:99:bd:fb:49:01:ae:e1:45:88:b3:7c:39:dc:e4:
                    e9:ce:f7:25:d4:71:b4:5c:29:c7:3b:1b:bd:55:72:
                    fb:65:08:b3:71:a1:df:b2:28:f6:4d:6a:96:cf:1a:
                    6d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D1:CF:29:7B:20:51:19:B3:D1:15:C4:D1:FB:99:CF:DF:F7:BD:C2
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626135653a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:ba5e::/48

    Signature Algorithm: sha256WithRSAEncryption
         7e:52:71:8f:a3:54:7a:72:0c:47:56:0d:68:0d:0e:ed:8c:73:
         14:e5:a9:85:f6:49:28:55:eb:4f:ed:01:84:c5:d8:f5:d8:9e:
         88:57:bf:08:60:63:df:b7:f2:4d:7d:86:aa:66:40:a0:2d:2e:
         22:e9:0d:19:2e:d0:b1:6e:23:c1:41:a9:1d:aa:14:1a:4d:8e:
         09:47:94:52:12:1e:1d:4b:31:f2:c7:0d:6c:31:aa:c7:f6:d8:
         f2:44:01:48:49:4a:1e:33:97:37:54:ba:bc:31:ef:4c:ad:8c:
         0a:e0:70:92:da:04:9d:a4:d4:ab:e8:9c:77:22:fe:4d:24:87:
         53:74:ec:52:40:ef:56:36:8a:60:cd:70:1f:1a:bf:e2:3d:53:
         cc:77:90:29:6f:9c:42:45:dd:08:c4:9c:27:16:3b:98:4a:1d:
         c5:72:ac:63:c6:6d:96:64:de:22:5b:99:ed:7c:87:ff:68:e0:
         c8:9e:89:58:a6:ff:8f:cc:18:37:dc:b3:6a:d2:1c:7a:1b:d4:
         74:93:3a:47:6e:b1:ef:c2:72:0e:14:0e:32:07:3b:de:c8:1c:
         e0:d2:bd:b2:8f:e6:b6:e1:90:46:b5:2b:03:ec:c4:8b:e9:6b:
         aa:b2:40:2e:96:1f:91:43:91:12:78:25:57:47:90:e4:38:74:
         af:38:0b:43
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUXxBwQFcWASxxeFcDIfvxYF88q8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzNaFw0yNjA3MDQwOTMyMzNaMDMxMTAvBgNV
BAMTKDUwRDFDRjI5N0IyMDUxMTlCM0QxMTVDNEQxRkI5OUNGREZGN0JEQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdfgxOLALjlKKYzhmr6F1XzveJ
UryLW8xIrLOyKrdswzCkWARSqwugBehai5ECk6qVp1PeFYVlE63FcHsybRrxtoIY
h+TWEgIctVQka3V2KR3Lq9RfjeAB4Jf5uOjt8jyD35COLJaTyRH3kTLzaRBkl532
lqRQ5ILGBih583WpSiQRKAok4OQQzwbyQpi/n9Bm5ryJh3IXc5qyS9xjGHpvYWly
CHG6BV/ASxzLvXfStrACA9k3U4TYifW2W2k/pQWzAGmxhKh16bbIAxSV1QwpvqSZ
vftJAa7hRYizfDnc5OnO9yXUcbRcKcc7G71VcvtlCLNxod+yKPZNapbPGm3XAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUUNHPKXsgURmz0RXE0fuZz9/3vcIwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTM1NjUzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAul4wDQYJKoZI
hvcNAQELBQADggEBAH5ScY+jVHpyDEdWDWgNDu2McxTlqYX2SShV60/tAYTF2PXY
nohXvwhgY9+38k19hqpmQKAtLiLpDRku0LFuI8FBqR2qFBpNjglHlFISHh1LMfLH
DWwxqsf22PJEAUhJSh4zlzdUurwx70ytjArgcJLaBJ2k1KvonHci/k0kh1N07FJA
71Y2imDNcB8av+I9U8x3kClvnEJF3QjEnCcWO5hKHcVyrGPGbZZk3iJbme18h/9o
4MieiVim/4/MGDfcs2rSHHob1HSTOkduse/Ccg4UDjIHO97IHODSvbKP5rbhkEa1
KwPsxIvpa6qyQC6WH5FDkRJ4JVdHkOQ4dK84C0M=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:51:05 2025 by rpki-client