Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626137353a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626137353a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          WTZmUkrbRvCnq1WV0/b4J3wKCnYUZUlJ7NyI7AuLwZg=
Subject key identifier:   5D:48:35:12:A0:79:D4:40:E4:C5:84:A5:77:18:D6:BB:5C:AD:77:C8
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       69DEA0EC6DC80E5F6B5D358BB8351649FE05014D
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626137353a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:32 +0000
ROA not before:           Sat 05 Jul 2025 09:27:32 +0000
ROA not after:            Sat 04 Jul 2026 09:32:32 +0000
asID:                     199518
IP address blocks:        2a0a:6040:ba75::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:de:a0:ec:6d:c8:0e:5f:6b:5d:35:8b:b8:35:16:49:fe:05:01:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:32 2025 GMT
            Not After : Jul  4 09:32:32 2026 GMT
        Subject: CN=5D483512A079D440E4C584A57718D6BB5CAD77C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:1e:cf:9e:52:80:f2:6e:bf:0f:d2:60:ce:d4:
                    2a:ba:f8:7a:47:36:f6:77:48:d9:c5:f3:83:dc:ff:
                    5d:0e:d0:51:5b:76:da:9b:94:59:a0:cc:e0:7e:ed:
                    3d:93:ad:07:f8:d5:88:64:63:ba:06:0e:ef:3c:9d:
                    cb:d4:4a:0e:b9:4c:3d:a5:a0:0f:c5:7b:94:2e:86:
                    24:62:b4:d8:a1:72:de:3c:ed:84:18:dc:ea:3e:1a:
                    19:46:46:d4:ee:fb:d0:b4:6b:a2:9b:1b:81:8d:4c:
                    11:e2:78:83:92:94:88:64:9e:01:54:81:f0:b8:71:
                    f5:bc:ff:f8:6f:84:cd:7b:70:86:34:b8:74:4c:d2:
                    44:6e:c3:4c:62:d1:e8:54:08:df:03:2f:56:e9:91:
                    c6:c1:02:11:a9:e4:3a:ce:e3:14:ad:38:ea:40:af:
                    63:62:e3:af:44:81:82:18:54:4d:c7:e6:6b:61:50:
                    1d:aa:b7:7d:32:02:57:06:f3:47:1f:3c:35:df:d9:
                    29:26:7d:22:f4:4b:12:85:48:83:80:c3:01:bf:06:
                    15:d2:13:e6:4f:bc:44:04:61:13:f9:d0:b8:a9:a0:
                    c8:3a:d9:71:ab:a6:65:0c:9f:fe:8e:c2:b6:2e:bb:
                    6a:a6:bf:74:f0:a1:2b:65:3c:ac:c1:a2:f4:8f:db:
                    5c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:48:35:12:A0:79:D4:40:E4:C5:84:A5:77:18:D6:BB:5C:AD:77:C8
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626137353a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:ba75::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:3a:9e:e3:1f:ee:50:c8:b5:eb:a7:29:c4:c8:23:60:92:ca:
         35:d4:8e:97:f0:9a:63:fb:43:51:b8:c7:35:9a:1c:e7:23:a9:
         0f:11:37:aa:e1:75:09:37:2d:b1:ad:4e:b7:47:01:9e:3b:5c:
         83:d1:eb:fb:6d:18:bf:13:ea:b6:af:cb:9c:c8:e9:a3:cc:82:
         52:d2:0c:1a:e0:f2:7f:86:54:05:10:64:f2:b8:01:b3:21:11:
         c8:49:a7:20:2b:3e:cb:79:d7:2d:6b:15:ec:91:5d:ce:40:49:
         a4:44:1a:5a:6f:48:89:f4:0a:30:d4:87:68:73:b5:a7:b1:9b:
         4e:ce:99:ff:93:33:2a:3e:2c:55:66:d8:3a:75:86:a4:1c:5b:
         08:f1:89:8d:85:c9:ca:46:83:fe:2b:d3:68:76:d8:16:80:93:
         54:e4:7b:88:e8:c6:00:10:20:09:67:0e:6a:d9:20:51:47:fd:
         fe:29:14:8e:ef:91:4a:65:89:eb:4c:93:1d:da:ad:85:0b:71:
         d0:6f:b2:dc:86:a5:e6:46:c9:10:a5:90:2d:70:9b:f4:d7:ec:
         e9:77:9f:81:45:54:df:0f:e3:df:e9:25:89:65:93:11:3c:90:
         67:e3:ff:30:ca:9b:29:5a:94:d8:38:92:88:ed:23:dc:a3:70:
         47:d4:fb:2f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUad6g7G3IDl9rXTWLuDUWSf4FAU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzJaFw0yNjA3MDQwOTMyMzJaMDMxMTAvBgNV
BAMTKDVENDgzNTEyQTA3OUQ0NDBFNEM1ODRBNTc3MThENkJCNUNBRDc3QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiHs+eUoDybr8P0mDO1Cq6+HpH
NvZ3SNnF84Pc/10O0FFbdtqblFmgzOB+7T2TrQf41YhkY7oGDu88ncvUSg65TD2l
oA/Fe5QuhiRitNihct487YQY3Oo+GhlGRtTu+9C0a6KbG4GNTBHieIOSlIhkngFU
gfC4cfW8//hvhM17cIY0uHRM0kRuw0xi0ehUCN8DL1bpkcbBAhGp5DrO4xStOOpA
r2Ni469EgYIYVE3H5mthUB2qt30yAlcG80cfPDXf2SkmfSL0SxKFSIOAwwG/BhXS
E+ZPvEQEYRP50LipoMg62XGrpmUMn/6OwrYuu2qmv3TwoStlPKzBovSP21yJAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUXUg1EqB51EDkxYSldxjWu1ytd8gwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTM3MzUzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAunUwDQYJKoZI
hvcNAQELBQADggEBAIc6nuMf7lDIteunKcTII2CSyjXUjpfwmmP7Q1G4xzWaHOcj
qQ8RN6rhdQk3LbGtTrdHAZ47XIPR6/ttGL8T6ravy5zI6aPMglLSDBrg8n+GVAUQ
ZPK4AbMhEchJpyArPst51y1rFeyRXc5ASaREGlpvSIn0CjDUh2hztaexm07Omf+T
Myo+LFVm2Dp1hqQcWwjxiY2FycpGg/4r02h22BaAk1Tke4joxgAQIAlnDmrZIFFH
/f4pFI7vkUplietMkx3arYULcdBvstyGpeZGyRClkC1wm/TX7Ol3n4FFVN8P49/p
JYllkxE8kGfj/zDKmylalNg4kojtI9yjcEfU+y8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:06 2025 by rpki-client