Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626166663a3a2f34382d3438203d3e20313939353138.roa
File:                     326130613a363034303a626166663a3a2f34382d3438203d3e20313939353138.roa (raw, json)
Hash identifier:          5zkOtfMFRCYhmVW7LBhzu0cT34wr5G4zsYBbwLKUwUQ=
Subject key identifier:   C4:E4:53:D0:09:64:2B:AB:38:2E:CC:0E:B7:62:CC:08:CD:D2:A7:A5
Certificate issuer:       /CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
Certificate serial:       5B15F334D3DD051730677EA637F207A85CBE378F
Authority key identifier: 0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626166663a3a2f34382d3438203d3e20313939353138.roa
Signing time:             Sat 05 Jul 2025 09:32:32 +0000
ROA not before:           Sat 05 Jul 2025 09:27:32 +0000
ROA not after:            Sat 04 Jul 2026 09:32:32 +0000
asID:                     199518
IP address blocks:        2a0a:6040:baff::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 04:12:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:15:f3:34:d3:dd:05:17:30:67:7e:a6:37:f2:07:a8:5c:be:37:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0F728B914670434DCF5633E81E2B8721DF75CEB8
        Validity
            Not Before: Jul  5 09:27:32 2025 GMT
            Not After : Jul  4 09:32:32 2026 GMT
        Subject: CN=C4E453D009642BAB382ECC0EB762CC08CDD2A7A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:c4:54:60:23:54:b5:a6:86:d4:1c:83:2f:01:
                    f6:f4:42:10:2f:64:83:aa:3c:09:7f:3c:62:81:7a:
                    f8:a3:e5:88:dc:6f:49:7b:b8:f9:b1:21:21:31:81:
                    b1:a9:8b:9b:9b:cb:5a:44:b3:55:b4:d4:b9:6e:60:
                    0c:f6:98:25:15:34:fe:4b:5b:3e:7f:1c:db:6f:ad:
                    07:e6:4d:0c:7f:de:48:8b:d9:0e:09:5a:83:6d:32:
                    5e:bc:32:7b:be:0f:c5:cc:7c:fa:95:ec:6b:ae:aa:
                    a9:96:36:96:8e:17:66:c0:d5:45:ed:a6:96:ee:38:
                    b2:c0:ba:e4:bd:65:e0:17:61:6f:5a:de:bb:20:90:
                    a5:d4:8a:dc:27:75:a5:4e:c6:00:0c:70:82:80:1c:
                    06:25:53:df:3d:7d:88:71:bf:fe:f7:17:f3:3b:87:
                    0f:d6:56:ec:c1:66:b9:b1:73:fe:06:30:72:e1:06:
                    98:34:c3:e1:5f:d5:b2:d5:d5:88:f2:31:ce:15:96:
                    e4:e4:52:27:e3:0c:5c:19:3b:97:96:7f:9f:a9:37:
                    be:ef:d8:69:db:64:b1:88:e9:c3:59:8a:6d:0c:ff:
                    59:cb:42:0e:33:23:6a:d9:03:a0:61:d1:d5:f2:f4:
                    f5:3f:a4:26:c5:06:ad:74:fa:bb:ee:6f:0a:ef:ad:
                    8a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:E4:53:D0:09:64:2B:AB:38:2E:CC:0E:B7:62:CC:08:CD:D2:A7:A5
            X509v3 Authority Key Identifier:
                keyid:0F:72:8B:91:46:70:43:4D:CF:56:33:E8:1E:2B:87:21:DF:75:CE:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/0F728B914670434DCF5633E81E2B8721DF75CEB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/0F728B914670434DCF5633E81E2B8721DF75CEB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/de7d55f7-ee60-4005-bad7-b42818cf50e8/11/326130613a363034303a626166663a3a2f34382d3438203d3e20313939353138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:baff::/48

    Signature Algorithm: sha256WithRSAEncryption
         5e:ba:18:bd:f2:13:16:f0:21:02:20:04:9e:59:ce:ec:cc:ae:
         f9:09:9c:12:40:63:74:e7:ce:7d:57:bd:e4:30:4a:18:af:32:
         31:e2:40:20:14:99:c3:15:aa:78:b5:5f:fc:e7:1a:2e:5c:67:
         a3:64:8c:b7:e2:75:40:50:4d:1b:93:35:2f:ea:51:99:2e:cb:
         8e:6d:2f:4f:03:ec:a5:4b:c2:e7:64:38:66:dd:d0:4d:57:b8:
         7b:4e:50:ff:6b:96:f9:b8:63:87:cd:6f:50:89:07:94:47:54:
         9a:d8:32:9f:d1:ef:48:5c:1b:7b:13:f6:e9:31:df:b7:46:8f:
         be:23:71:6b:9b:e5:cc:d4:38:dc:43:d7:0e:3a:1c:be:fa:49:
         e3:4a:6c:e6:ed:fb:f0:4d:26:0d:40:d5:3c:a7:4b:57:76:24:
         1d:61:45:86:da:8d:d3:ab:c3:a6:83:27:bc:d4:d7:8b:b8:6c:
         97:5e:6f:14:8b:7d:b3:9b:3b:9e:50:fb:9a:f4:56:62:76:db:
         5a:31:1b:4e:c7:53:77:7a:bf:67:39:bc:b4:5c:e1:d0:af:52:
         50:fc:78:aa:92:de:35:c2:f1:ea:00:de:cb:29:95:6b:a2:86:
         c1:ba:09:06:0f:92:46:48:f6:11:0f:f8:6c:4a:b1:e3:c3:86:
         dd:ba:66:45
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgIUWxXzNNPdBRcwZ36mN/IHqFy+N48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEY3MjhCOTE0NjcwNDM0RENGNTYzM0U4MUUyQjg3MjFE
Rjc1Q0VCODAeFw0yNTA3MDUwOTI3MzJaFw0yNjA3MDQwOTMyMzJaMDMxMTAvBgNV
BAMTKEM0RTQ1M0QwMDk2NDJCQUIzODJFQ0MwRUI3NjJDQzA4Q0REMkE3QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYxFRgI1S1pobUHIMvAfb0QhAv
ZIOqPAl/PGKBevij5Yjcb0l7uPmxISExgbGpi5uby1pEs1W01LluYAz2mCUVNP5L
Wz5/HNtvrQfmTQx/3kiL2Q4JWoNtMl68Mnu+D8XMfPqV7GuuqqmWNpaOF2bA1UXt
ppbuOLLAuuS9ZeAXYW9a3rsgkKXUitwndaVOxgAMcIKAHAYlU989fYhxv/73F/M7
hw/WVuzBZrmxc/4GMHLhBpg0w+Ff1bLV1YjyMc4VluTkUifjDFwZO5eWf5+pN77v
2GnbZLGI6cNZim0M/1nLQg4zI2rZA6Bh0dXy9PU/pCbFBq10+rvubwrvrYprAgMB
AAGjggJjMIICXzAdBgNVHQ4EFgQUxORT0AlkK6s4LswOt2LMCM3Sp6UwHwYDVR0j
BBgwFoAUD3KLkUZwQ03PVjPoHiuHId91zrgwDgYDVR0PAQH/BAQDAgeAMIGXBgNV
HR8EgY8wgYwwgYmggYaggYOGgYByc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2RlN2Q1NWY3LWVlNjAtNDAwNS1iYWQ3LWI0MjgxOGNm
NTBlOC8xMS8wRjcyOEI5MTQ2NzA0MzREQ0Y1NjMzRTgxRTJCODcyMURGNzVDRUI4
LmNybDB6BggrBgEFBQcBAQRuMGwwagYIKwYBBQUHMAKGXnJzeW5jOi8vY2xvdWRp
ZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQvMEY3MjhCOTE0Njcw
NDM0RENGNTYzM0U4MUUyQjg3MjFERjc1Q0VCOC5jZXIwgbgGCCsGAQUFBwELBIGr
MIGoMIGlBggrBgEFBQcwC4aBmHJzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGU3ZDU1ZjctZWU2MC00MDA1LWJhZDctYjQyODE4Y2Y1
MGU4LzExLzMyNjEzMDYxM2EzNjMwMzQzMDNhNjI2MTY2NjYzYTNhMmYzNDM4MmQz
NDM4MjAzZDNlMjAzMTM5MzkzNTMxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqCmBAuv8wDQYJKoZI
hvcNAQELBQADggEBAF66GL3yExbwIQIgBJ5ZzuzMrvkJnBJAY3Tnzn1XveQwShiv
MjHiQCAUmcMVqni1X/znGi5cZ6NkjLfidUBQTRuTNS/qUZkuy45tL08D7KVLwudk
OGbd0E1XuHtOUP9rlvm4Y4fNb1CJB5RHVJrYMp/R70hcG3sT9ukx37dGj74jcWub
5czUONxD1w46HL76SeNKbObt+/BNJg1A1TynS1d2JB1hRYbajdOrw6aDJ7zU14u4
bJdebxSLfbObO55Q+5r0VmJ221oxG07HU3d6v2c5vLRc4dCvUlD8eKqS3jXC8eoA
3ssplWuihsG6CQYPkkZI9hEP+GxKsePDht26ZkU=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:50:20 2025 by rpki-client