Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa
File:                     AS207466.roa (raw, json)
Hash identifier:          h1GOkgkdzlN36oZmvpGnTsgc+iv9ce4tBAHyUU4jGPk=
Subject key identifier:   09:23:A7:DA:73:56:BD:63:29:CF:CC:A4:24:1F:B5:48:68:73:FD:20
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       0AE7C02CECC128B45DB60C6D88D69BC2080B4CA1
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa
Signing time:             Sun 05 Nov 2023 04:07:19 +0000
ROA not before:           Sun 05 Nov 2023 04:02:19 +0000
ROA not after:            Sun 03 Nov 2024 04:07:19 +0000
asID:                     207466
IP address blocks:        2a0a:6040:d900::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Sep 2024 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:e7:c0:2c:ec:c1:28:b4:5d:b6:0c:6d:88:d6:9b:c2:08:0b:4c:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Nov  5 04:02:19 2023 GMT
            Not After : Nov  3 04:07:19 2024 GMT
        Subject: CN=0923A7DA7356BD6329CFCCA4241FB5486873FD20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3d:48:7a:e7:bc:c4:1d:0a:f5:19:71:b5:c1:
                    fd:da:69:44:f9:2c:12:ae:40:79:e4:24:a9:ed:66:
                    fc:cb:12:e3:5f:91:94:12:3f:ee:9d:04:53:81:08:
                    f4:32:79:45:79:d9:d4:e9:8f:85:ae:88:72:64:9c:
                    da:c7:f0:d3:0d:c6:91:1d:f5:03:39:0b:7d:5c:90:
                    65:ea:ed:8a:4e:b3:f5:fb:4c:88:dd:d3:02:5e:f1:
                    d6:b5:38:74:37:4c:f4:36:19:e2:67:8a:45:f5:7a:
                    ac:53:9d:82:9d:44:dc:9d:36:cd:a9:89:ee:a8:59:
                    79:1e:d4:14:1e:60:c9:c7:df:09:a6:9a:dd:de:7d:
                    1b:18:8b:bd:b2:94:0c:2f:09:da:02:c0:f1:32:3e:
                    a0:a2:b8:57:3d:46:eb:90:98:63:09:93:8e:27:7b:
                    92:c4:30:c3:92:7f:26:f7:01:5b:71:b3:a5:72:22:
                    9e:64:50:73:e0:76:0c:c7:27:41:b7:1f:1b:bc:b7:
                    32:03:02:26:b7:a4:c5:7a:bf:e4:ea:ae:03:f4:ff:
                    ea:4d:82:b7:3c:31:93:38:26:24:4e:21:cf:8f:ac:
                    d8:33:6f:b0:92:42:a2:95:9d:af:79:ce:ac:35:4a:
                    7e:82:ee:74:10:d2:31:c9:30:35:82:da:b3:6f:02:
                    16:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:23:A7:DA:73:56:BD:63:29:CF:CC:A4:24:1F:B5:48:68:73:FD:20
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:d900::/40

    Signature Algorithm: sha256WithRSAEncryption
         be:d3:15:62:f0:e3:33:9f:e2:96:eb:de:41:97:a0:c1:e3:b3:
         ce:47:10:00:e9:2f:1a:c5:28:df:66:09:5e:df:f5:9d:f8:d5:
         ea:b8:cf:58:cb:be:7f:cd:10:5a:0e:a7:ca:55:80:44:dc:74:
         82:9f:ff:d4:90:8a:fb:0f:81:a5:6d:33:be:f4:b9:1f:34:a2:
         21:29:93:04:e3:4c:ee:a4:be:74:64:23:2c:b7:8f:20:e6:4d:
         2c:94:6c:e8:7d:1a:bb:c4:e2:46:d5:a4:86:11:66:bc:94:3c:
         0a:cd:97:06:48:c9:10:d4:45:de:63:96:06:29:61:90:43:35:
         b7:9d:1e:5a:a9:b0:00:0b:25:89:89:a8:6b:ad:f6:d6:5c:09:
         c0:96:08:a8:c4:9d:e7:5f:14:4b:c3:b4:8f:15:ab:77:24:73:
         ac:a8:58:33:8f:6a:fb:6c:29:21:3e:2f:36:33:57:73:11:d1:
         68:a6:51:81:86:29:ed:ac:c9:67:e4:a9:6a:e6:22:d0:63:e5:
         3f:cb:97:97:6f:ab:9e:50:b7:84:45:26:3e:ac:f6:a3:3f:c5:
         98:45:4b:79:55:1f:52:4b:ed:0c:11:88:d6:f8:1d:ad:98:1f:
         2d:79:3f:20:44:60:a8:b2:75:db:95:d3:8f:c8:6e:42:21:b6:
         1d:cc:a2:76
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUCufALOzBKLRdtgxtiNabwggLTKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTlaFw0yNDExMDMwNDA3MTlaMDMxMTAvBgNV
BAMTKDA5MjNBN0RBNzM1NkJENjMyOUNGQ0NBNDI0MUZCNTQ4Njg3M0ZEMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRPUh657zEHQr1GXG1wf3aaUT5
LBKuQHnkJKntZvzLEuNfkZQSP+6dBFOBCPQyeUV52dTpj4WuiHJknNrH8NMNxpEd
9QM5C31ckGXq7YpOs/X7TIjd0wJe8da1OHQ3TPQ2GeJnikX1eqxTnYKdRNydNs2p
ie6oWXke1BQeYMnH3wmmmt3efRsYi72ylAwvCdoCwPEyPqCiuFc9RuuQmGMJk44n
e5LEMMOSfyb3AVtxs6VyIp5kUHPgdgzHJ0G3Hxu8tzIDAia3pMV6v+TqrgP0/+pN
grc8MZM4JiROIc+PrNgzb7CSQqKVna95zqw1Sn6C7nQQ0jHJMDWC2rNvAhYjAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUCSOn2nNWvWMpz8ykJB+1SGhz/SAwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTMjA3NDY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQNkwDQYJKoZIhvcNAQELBQADggEBAL7T
FWLw4zOf4pbr3kGXoMHjs85HEADpLxrFKN9mCV7f9Z341eq4z1jLvn/NEFoOp8pV
gETcdIKf/9SQivsPgaVtM770uR80oiEpkwTjTO6kvnRkIyy3jyDmTSyUbOh9GrvE
4kbVpIYRZryUPArNlwZIyRDURd5jlgYpYZBDNbedHlqpsAALJYmJqGut9tZcCcCW
CKjEnedfFEvDtI8Vq3ckc6yoWDOPavtsKSE+LzYzV3MR0WimUYGGKe2syWfkqWrm
ItBj5T/Ll5dvq55Qt4RFJj6s9qM/xZhFS3lVH1JL7QwRiNb4Ha2YHy15PyBEYKiy
dduV04/IbkIhth3MonY=
-----END CERTIFICATE-----
Generated at Sat Sep 14 14:27:41 2024 by rpki-client on console-fra.rpki-client.org