Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626161313a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626161313a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          t9hcvqhwXlPB3lKs0hXk2UPtuWy2Mwkk+JEAH74z3hU=
Subject key identifier:   88:9D:C5:33:A3:DE:D4:26:E5:4B:2D:2F:DB:CD:64:20:BF:BF:44:6E
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       7BA5303ED1DB21B99B34B1CCE835C31BAD954EA7
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626161313a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:32 +0000
ROA not before:           Sat 05 Jul 2025 09:27:32 +0000
ROA not after:            Sat 04 Jul 2026 09:32:32 +0000
asID:                     199518
IP address blocks:        2a0a:6040:baa1::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:a5:30:3e:d1:db:21:b9:9b:34:b1:cc:e8:35:c3:1b:ad:95:4e:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:32 2025 GMT
            Not After : Jul  4 09:32:32 2026 GMT
        Subject: CN=889DC533A3DED426E54B2D2FDBCD6420BFBF446E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:09:1c:97:1c:b4:9e:71:ed:44:4f:6d:19:11:
                    20:98:e8:37:63:46:52:d0:5c:f3:67:e1:9e:e8:58:
                    e1:80:99:26:78:08:ed:9a:54:35:a4:1d:06:78:30:
                    a9:88:ee:0b:38:23:3e:59:c3:55:3d:b2:31:e2:b5:
                    6c:6c:4b:fe:97:c8:3a:00:fd:51:9b:5d:c8:5d:d8:
                    47:eb:72:8f:ac:39:26:86:91:49:92:6a:9b:fd:b2:
                    da:93:55:e6:6c:ae:a0:b0:8b:74:82:2c:7d:d5:ee:
                    06:80:dc:f1:9a:46:69:e2:f5:b0:20:e3:5b:1c:30:
                    06:40:c1:d9:33:1a:d2:d8:60:df:79:a9:c9:dd:e4:
                    43:99:92:36:55:56:f8:24:86:77:99:69:f5:53:d7:
                    de:4c:f1:c3:c5:f7:40:1c:e3:59:e3:3d:41:ee:b9:
                    d0:8e:60:72:92:34:58:72:9d:3d:28:5d:c0:0d:53:
                    55:18:a3:31:c8:e2:4e:f4:4b:09:6b:27:24:c0:c6:
                    f5:ed:50:93:80:b7:2e:4f:da:0e:d5:ab:fe:22:cf:
                    7b:9b:54:db:7f:5a:82:28:59:c4:47:3f:7e:92:34:
                    c5:7a:9e:f7:2a:d0:e5:72:2b:b6:df:15:44:59:13:
                    0b:ea:5e:5a:a9:bd:31:c0:ce:3c:eb:e2:9c:bb:40:
                    5d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:9D:C5:33:A3:DE:D4:26:E5:4B:2D:2F:DB:CD:64:20:BF:BF:44:6E
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626161313a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:baa1::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:a4:ee:17:63:ae:c4:63:5b:a3:ec:a7:90:ca:95:47:7c:1e:
         ac:5b:87:20:91:ba:81:83:13:10:0c:25:49:53:81:bf:9a:38:
         f5:3d:f5:aa:4f:55:28:24:fb:9d:2e:cc:2d:f2:3f:80:d7:f4:
         52:48:0a:0f:ee:f2:59:bf:20:27:d3:a5:de:39:36:23:7b:59:
         1f:cd:c7:00:3e:2d:32:90:dd:66:2d:1e:27:be:a9:98:63:af:
         c5:32:f6:d5:4c:ba:ce:55:de:87:53:fc:ab:c5:0e:a2:a6:86:
         97:77:f3:3e:0c:03:e4:62:03:1e:e2:06:83:65:3f:f6:9a:ea:
         45:15:32:32:fe:e0:86:a8:ba:81:87:af:9f:05:70:b0:06:69:
         a8:57:7d:5a:29:12:1e:36:dd:ee:58:a7:18:37:05:44:f8:69:
         78:b0:4c:51:26:c6:40:5b:ca:6d:75:d5:c5:76:c4:41:b3:a0:
         3b:9b:4c:e8:a1:97:a9:d2:1f:ec:36:e9:57:45:a8:98:53:f7:
         cf:e7:59:b4:69:fa:83:e4:c8:98:83:10:ed:ba:4f:3c:02:43:
         9f:08:29:0d:f8:3a:df:ef:d2:69:bf:46:97:0b:b9:ec:47:09:
         c6:b0:1c:73:36:4e:79:af:8d:3a:5a:d4:7c:3f:30:77:d0:41:
         89:87:e1:9f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUe6UwPtHbIbmbNLHM6DXDG62VTqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzJaFw0yNjA3MDQwOTMyMzJaMDMxMTAvBgNV
BAMTKDg4OURDNTMzQTNERUQ0MjZFNTRCMkQyRkRCQ0Q2NDIwQkZCRjQ0NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmCRyXHLSece1ET20ZESCY6Ddj
RlLQXPNn4Z7oWOGAmSZ4CO2aVDWkHQZ4MKmI7gs4Iz5Zw1U9sjHitWxsS/6XyDoA
/VGbXchd2Efrco+sOSaGkUmSapv9stqTVeZsrqCwi3SCLH3V7gaA3PGaRmni9bAg
41scMAZAwdkzGtLYYN95qcnd5EOZkjZVVvgkhneZafVT195M8cPF90Ac41njPUHu
udCOYHKSNFhynT0oXcANU1UYozHI4k70SwlrJyTAxvXtUJOAty5P2g7Vq/4iz3ub
VNt/WoIoWcRHP36SNMV6nvcq0OVyK7bfFURZEwvqXlqpvTHAzjzr4py7QF2FAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUiJ3FM6Pe1CblSy0v281kIL+/RG4wHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTYxMzEzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAuqEwDQYJKoZI
hvcNAQELBQADggEBAEmk7hdjrsRjW6Psp5DKlUd8HqxbhyCRuoGDExAMJUlTgb+a
OPU99apPVSgk+50uzC3yP4DX9FJICg/u8lm/ICfTpd45NiN7WR/NxwA+LTKQ3WYt
Hie+qZhjr8Uy9tVMus5V3odT/KvFDqKmhpd38z4MA+RiAx7iBoNlP/aa6kUVMjL+
4IaouoGHr58FcLAGaahXfVopEh423e5Ypxg3BUT4aXiwTFEmxkBbym111cV2xEGz
oDubTOihl6nSH+w26VdFqJhT98/nWbRp+oPkyJiDEO26TzwCQ58IKQ34Ot/v0mm/
RpcLuexHCcawHHM2TnmvjTpa1Hw/MHfQQYmH4Z8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:52:19 2025 by rpki-client