Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa
File:                     AS207466.roa (raw, json)
Hash identifier:          VA+5sSfRlHQnudVFDzLXdYUopEZXeLRUnYP5snTCv8Q=
Subject key identifier:   B1:0A:58:DE:5E:7B:73:95:6D:C0:79:50:79:45:B1:BE:04:BC:31:E6
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       5594C18DF3FF29D029970958E156AD1CA3D31BFA
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa
Signing time:             Tue 27 Dec 2022 14:56:47 +0000
ROA not before:           Tue 27 Dec 2022 14:51:47 +0000
ROA not after:            Tue 26 Dec 2023 14:56:47 +0000
asID:                     207466
IP address blocks:        2a0a:6040:d900::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Jul 2023 12:09:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:94:c1:8d:f3:ff:29:d0:29:97:09:58:e1:56:ad:1c:a3:d3:1b:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Dec 27 14:51:47 2022 GMT
            Not After : Dec 26 14:56:47 2023 GMT
        Subject: CN=B10A58DE5E7B73956DC079507945B1BE04BC31E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:7a:a4:6e:1c:0a:8e:f4:f2:cb:a7:00:4c:d5:
                    5a:7c:36:69:52:87:dd:53:6e:9d:f6:2e:bf:a6:90:
                    4b:a4:af:d6:08:e4:9c:e2:c2:5d:7a:97:18:6e:f7:
                    11:0e:bd:e7:26:9e:f8:39:80:18:c6:28:c7:08:de:
                    4a:09:cd:e8:5c:6a:4a:b6:ca:05:cd:cd:71:a7:08:
                    ef:11:9c:86:de:29:e9:42:3c:92:33:db:f5:e6:68:
                    ed:28:ed:62:29:7f:44:f5:8f:ca:fe:3c:c0:52:92:
                    0f:e2:da:75:55:02:18:9d:53:13:b7:ea:c6:b0:e3:
                    18:10:94:cd:93:29:b9:a1:c6:c5:1e:d8:4c:e5:ee:
                    3c:bd:1b:0d:05:2a:cc:d2:44:91:48:dd:5d:4d:39:
                    5a:e7:8b:95:8d:63:a6:f2:73:ef:b2:5c:e3:95:02:
                    3b:8a:c8:0a:fd:70:3f:c7:59:ae:d5:2f:a2:39:54:
                    b4:e2:fd:91:1d:cf:05:41:4b:b8:9c:ea:e6:30:3a:
                    b2:90:09:fc:53:3c:93:d6:75:cc:38:3c:43:65:cd:
                    1e:ec:f9:5f:8a:5a:11:76:12:ff:59:8f:15:cc:a8:
                    23:d9:2d:45:04:b0:57:ce:d0:82:ec:cd:3f:bc:bb:
                    84:89:ae:2e:00:8d:4f:84:c3:97:45:b6:cc:80:c6:
                    f0:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:0A:58:DE:5E:7B:73:95:6D:C0:79:50:79:45:B1:BE:04:BC:31:E6
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS207466.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:d900::/40

    Signature Algorithm: sha256WithRSAEncryption
         65:20:e3:9e:bc:7d:f9:da:9c:cc:6d:0e:ed:a6:fb:69:e9:a3:
         58:01:89:2c:93:9d:21:55:83:29:62:ae:fd:84:e0:25:aa:82:
         4d:de:ef:f5:91:e1:2b:b6:b9:cb:c5:50:67:51:c6:50:34:f2:
         a9:46:c2:e9:56:8f:fe:68:a5:eb:ca:b2:17:ef:0f:e4:6f:28:
         da:ab:2e:82:00:0e:3f:98:c1:52:de:00:bd:8d:c3:63:19:93:
         73:b8:a1:0a:c6:79:3d:1c:84:10:4b:5b:e5:b5:f4:f0:c8:4d:
         fa:58:a9:f3:e0:2a:36:00:53:6d:f5:97:3b:27:cb:35:60:f3:
         a8:9b:51:34:2c:8b:24:d2:13:64:74:a1:92:2a:1c:e5:07:60:
         3b:e7:3a:0c:d0:91:7f:a0:f1:8c:37:a2:14:17:a8:37:a6:c4:
         5c:35:b5:15:76:bc:8b:d4:8c:96:26:90:99:cc:db:2f:a1:88:
         fe:d2:3a:94:67:26:01:cf:5b:66:6c:f5:3e:7e:ef:f0:ff:c5:
         3d:7b:9a:70:66:cc:56:57:b7:16:52:c3:b3:15:af:92:d8:c7:
         80:45:a5:35:d6:87:16:46:33:51:ea:55:1c:df:12:64:c0:10:
         14:37:05:6c:95:3e:34:63:fe:f3:16:ce:2b:cf:41:2d:25:d9:
         b3:ba:6a:ab
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIUVZTBjfP/KdAplwlY4VatHKPTG/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMjEyMjcxNDUxNDdaFw0yMzEyMjYxNDU2NDdaMDMxMTAvBgNV
BAMTKEIxMEE1OERFNUU3QjczOTU2REMwNzk1MDc5NDVCMUJFMDRCQzMxRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXeqRuHAqO9PLLpwBM1Vp8NmlS
h91Tbp32Lr+mkEukr9YI5Jziwl16lxhu9xEOvecmnvg5gBjGKMcI3koJzehcakq2
ygXNzXGnCO8RnIbeKelCPJIz2/XmaO0o7WIpf0T1j8r+PMBSkg/i2nVVAhidUxO3
6saw4xgQlM2TKbmhxsUe2Ezl7jy9Gw0FKszSRJFI3V1NOVrni5WNY6byc++yXOOV
AjuKyAr9cD/HWa7VL6I5VLTi/ZEdzwVBS7ic6uYwOrKQCfxTPJPWdcw4PENlzR7s
+V+KWhF2Ev9ZjxXMqCPZLUUEsFfO0ILszT+8u4SJri4AjU+Ew5dFtsyAxvD3AgMB
AAGjggHXMIIB0zAdBgNVHQ4EFgQUsQpY3l57c5VtwHlQeUWxvgS8MeYwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwdwYIKwYBBQUHAQEEazBpMGcGCCsGAQUFBzAChltyc3luYzov
L3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yLzBFMzU3RERB
MDRCODEwNzYyNjEyNEY1MkNGQzI0MzlCNzZEODVBRjkuY2VyMFoGCCsGAQUFBwEL
BE4wTDBKBggrBgEFBQcwC4Y+cnN5bmM6Ly9jbG91ZGllLXJlcG8ucnBraS5hcHAv
cmVwby9DTE9VRElFLVJQS0kvMC9BUzIwNzQ2Ni5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoKYEDZMA0G
CSqGSIb3DQEBCwUAA4IBAQBlIOOevH352pzMbQ7tpvtp6aNYAYksk50hVYMpYq79
hOAlqoJN3u/1keErtrnLxVBnUcZQNPKpRsLpVo/+aKXryrIX7w/kbyjaqy6CAA4/
mMFS3gC9jcNjGZNzuKEKxnk9HIQQS1vltfTwyE36WKnz4Co2AFNt9Zc7J8s1YPOo
m1E0LIsk0hNkdKGSKhzlB2A75zoM0JF/oPGMN6IUF6g3psRcNbUVdryL1IyWJpCZ
zNsvoYj+0jqUZyYBz1tmbPU+fu/w/8U9e5pwZsxWV7cWUsOzFa+S2MeARaU11ocW
RjNR6lUc3xJkwBAUNwVslT40Y/7zFs4rz0EtJdmzumqr
-----END CERTIFICATE-----