Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203843.roa
File:                     AS203843.roa (raw, json)
Hash identifier:          7tAKnC6RpxE4Ehgr6/Yd0CuNVWD/CRtklBiO8pRbViI=
Subject key identifier:   83:03:A1:54:37:6A:65:0E:C4:C8:A0:4C:95:CD:36:25:EF:8D:96:46
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       0F4D6F78746D55540FCA26C481830386AD0FF9DF
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203843.roa
Signing time:             Sun 05 Nov 2023 04:07:03 +0000
ROA not before:           Sun 05 Nov 2023 04:02:03 +0000
ROA not after:            Sun 03 Nov 2024 04:07:03 +0000
asID:                     203843
IP address blocks:        2a0a:6040:a100::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 14:25:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:4d:6f:78:74:6d:55:54:0f:ca:26:c4:81:83:03:86:ad:0f:f9:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Nov  5 04:02:03 2023 GMT
            Not After : Nov  3 04:07:03 2024 GMT
        Subject: CN=8303A154376A650EC4C8A04C95CD3625EF8D9646
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1a:43:f2:1b:92:7c:88:85:0d:28:93:8c:56:
                    4b:47:4c:82:52:9f:bf:38:16:a1:b0:62:c9:79:e2:
                    7c:24:3a:3f:da:d2:3d:3f:d8:be:66:5e:67:27:d8:
                    0f:8b:64:a8:82:d1:0d:65:8a:29:7e:56:3a:5f:fd:
                    3b:c1:ba:9c:3d:5f:b0:3d:47:10:5b:cb:e5:f8:8b:
                    d3:33:be:a5:d8:23:ad:bd:81:66:ef:c5:98:0f:88:
                    66:53:e3:ea:7a:11:2c:92:42:c5:cd:65:c9:c4:84:
                    9f:0c:c8:8f:c5:ee:57:2a:42:84:6f:37:55:74:02:
                    cf:b2:d7:2c:7d:39:b9:0a:c5:bd:86:42:61:cc:3b:
                    11:e3:73:5c:93:78:80:e3:95:b7:71:df:9e:e4:81:
                    59:2f:58:e8:ce:be:37:b4:06:34:a1:5c:70:d7:77:
                    72:73:23:ac:f2:e9:84:66:ec:cb:60:ba:e3:26:17:
                    fe:f4:a0:af:d7:d7:fe:f7:e5:c2:51:80:c9:32:ff:
                    58:0e:ba:0e:b0:4e:bb:56:b4:a8:c6:25:45:b3:06:
                    63:09:d1:74:6c:f8:e2:3d:3f:a4:65:26:c6:90:09:
                    b4:71:c4:94:2b:67:5f:a3:83:17:38:1b:b1:e2:d4:
                    0a:99:3a:3f:5b:03:60:26:77:6d:a5:ba:c2:8c:89:
                    0b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:03:A1:54:37:6A:65:0E:C4:C8:A0:4C:95:CD:36:25:EF:8D:96:46
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS203843.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:a100::/40

    Signature Algorithm: sha256WithRSAEncryption
         9b:ad:67:ab:52:4e:e2:ae:82:a8:7d:39:17:bf:a6:65:81:cb:
         1a:98:2b:86:f6:cc:61:d2:1d:e5:54:bd:21:e1:f5:74:08:3a:
         b3:de:d4:de:97:45:0d:8e:8f:04:2a:a0:d1:6e:a1:3a:c0:c8:
         2a:84:c9:b6:de:19:31:dc:8e:09:98:50:aa:4d:d9:a8:e3:f4:
         77:23:6f:58:12:bc:53:77:20:7b:24:8b:77:b5:5a:2f:67:7b:
         8a:0d:b2:34:0f:30:c7:31:69:62:e4:16:56:c6:a7:0e:32:a0:
         86:c6:59:cf:28:a1:28:d3:06:0b:ac:a9:5b:5a:77:06:8f:56:
         49:b7:9b:0b:25:32:f0:7c:7d:4c:e1:0e:90:6b:c1:65:2a:ac:
         c9:76:d3:71:8c:86:30:15:b6:6b:2f:7b:87:2c:55:b3:7f:32:
         c2:2c:86:78:f9:a5:14:eb:55:97:9c:31:f0:be:2b:55:f8:0c:
         e7:f9:60:5d:31:da:fe:54:1f:9a:90:0e:0c:d1:ba:09:0b:f3:
         28:f0:a1:d5:63:2f:69:ac:cc:7c:04:fb:1b:c3:b3:8f:20:8f:
         2c:20:93:5a:c3:4a:8e:0a:3c:61:92:48:4c:e3:ff:9f:33:44:
         90:42:d2:3f:f8:27:97:43:ce:56:31:a8:4f:ce:e2:eb:28:ff:
         36:f5:53:c3
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUD01veHRtVVQPyibEgYMDhq0P+d8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMzExMDUwNDAyMDNaFw0yNDExMDMwNDA3MDNaMDMxMTAvBgNV
BAMTKDgzMDNBMTU0Mzc2QTY1MEVDNEM4QTA0Qzk1Q0QzNjI1RUY4RDk2NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGkPyG5J8iIUNKJOMVktHTIJS
n784FqGwYsl54nwkOj/a0j0/2L5mXmcn2A+LZKiC0Q1liil+Vjpf/TvBupw9X7A9
RxBby+X4i9MzvqXYI629gWbvxZgPiGZT4+p6ESySQsXNZcnEhJ8MyI/F7lcqQoRv
N1V0As+y1yx9ObkKxb2GQmHMOxHjc1yTeIDjlbdx357kgVkvWOjOvje0BjShXHDX
d3JzI6zy6YRm7MtguuMmF/70oK/X1/735cJRgMky/1gOug6wTrtWtKjGJUWzBmMJ
0XRs+OI9P6RlJsaQCbRxxJQrZ1+jgxc4G7Hi1AqZOj9bA2Amd22lusKMiQuBAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUgwOhVDdqZQ7EyKBMlc02Je+NlkYwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTMjAzODQzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQKEwDQYJKoZIhvcNAQELBQADggEBAJut
Z6tSTuKugqh9ORe/pmWByxqYK4b2zGHSHeVUvSHh9XQIOrPe1N6XRQ2OjwQqoNFu
oTrAyCqEybbeGTHcjgmYUKpN2ajj9Hcjb1gSvFN3IHski3e1Wi9ne4oNsjQPMMcx
aWLkFlbGpw4yoIbGWc8ooSjTBgusqVtadwaPVkm3mwslMvB8fUzhDpBrwWUqrMl2
03GMhjAVtmsve4csVbN/MsIshnj5pRTrVZecMfC+K1X4DOf5YF0x2v5UH5qQDgzR
ugkL8yjwodVjL2mszHwE+xvDs48gjywgk1rDSo4KPGGSSEzj/58zRJBC0j/4J5dD
zlYxqE/O4uso/zb1U8M=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:31:58 2024 by rpki-client on console-fra.rpki-client.org