Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa
File:                     AS52210.roa (raw, json)
Hash identifier:          90kDNDqkOUik2OkjMWsNiOYlfYi1i265474z2aMsVtw=
Subject key identifier:   ED:67:48:4B:1A:CA:84:8F:95:77:A9:A4:D8:6B:53:24:D9:DB:1C:E2
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       6756A2E1422EE303341541C8D2000E3EEE288EA2
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa
Signing time:             Tue 27 Dec 2022 14:57:09 +0000
ROA not before:           Tue 27 Dec 2022 14:52:09 +0000
ROA not after:            Tue 26 Dec 2023 14:57:09 +0000
asID:                     52210
IP address blocks:        2a0a:6040:c500::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Jul 2023 12:09:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:56:a2:e1:42:2e:e3:03:34:15:41:c8:d2:00:0e:3e:ee:28:8e:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Dec 27 14:52:09 2022 GMT
            Not After : Dec 26 14:57:09 2023 GMT
        Subject: CN=ED67484B1ACA848F9577A9A4D86B5324D9DB1CE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5b:f2:2a:37:1b:08:da:5f:d9:39:23:ff:95:
                    10:02:aa:a8:d5:22:e2:09:b2:5a:f1:a0:44:4b:df:
                    5e:1d:35:5b:81:ed:bb:5e:af:4e:ab:33:e9:87:71:
                    2a:13:06:dc:eb:6f:c9:79:a6:19:2d:b5:62:00:11:
                    64:8f:bb:db:8e:d1:e4:ac:41:e7:31:f2:be:06:f2:
                    41:0d:73:73:51:e4:43:bb:d1:68:2c:bb:f6:a7:14:
                    1c:3d:a6:0c:bf:c8:dd:0d:16:27:ab:c0:58:c4:b4:
                    dd:25:2b:31:40:73:cb:e2:2a:c5:38:28:e4:82:49:
                    46:2d:58:20:61:45:87:b2:a9:35:e3:2d:bb:32:47:
                    fd:16:dd:32:93:8b:38:3b:1d:e7:ac:9b:08:b9:b2:
                    d1:ec:d5:78:88:e1:93:51:57:86:ca:40:bf:39:7c:
                    43:a0:2c:44:57:f8:05:40:d6:97:bf:8e:a3:e4:6d:
                    50:cc:db:0f:20:a9:14:82:aa:f9:75:fb:77:e1:7c:
                    56:ad:41:cd:22:90:d8:34:eb:01:f3:2d:19:9f:0c:
                    7f:07:fd:09:e2:16:8c:55:ef:c2:e4:d5:e1:39:4b:
                    ab:d7:d4:8d:96:b9:6c:fc:cd:01:64:39:53:40:de:
                    b1:dd:86:46:02:e2:5d:28:35:29:78:97:6b:5c:db:
                    0f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:67:48:4B:1A:CA:84:8F:95:77:A9:A4:D8:6B:53:24:D9:DB:1C:E2
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:c500::/40

    Signature Algorithm: sha256WithRSAEncryption
         18:c4:88:6f:34:bc:9f:32:8e:b7:57:9d:f2:ca:69:11:21:9c:
         cc:79:34:3e:99:00:dd:ce:29:3a:74:f5:94:f2:71:0f:c4:68:
         ee:b3:65:e3:fc:a1:90:e9:80:e6:1a:e5:62:c8:16:06:80:a9:
         0d:c0:d4:c7:17:33:4d:51:00:e9:db:ca:b2:82:cb:b0:c4:89:
         bf:c1:d5:9b:f7:4d:34:0f:e0:6b:57:31:92:ec:be:22:79:c0:
         33:d9:b3:6a:c9:7b:06:b2:f7:81:75:bd:41:6b:90:a6:58:3c:
         a4:e8:a6:d4:99:ee:39:ba:dd:45:a4:10:e7:6c:0e:80:a4:17:
         24:77:55:c0:a7:87:9f:9b:d8:8a:fc:bc:fa:3b:a1:9a:05:5b:
         7c:6a:68:b5:87:19:db:c7:7b:56:be:af:5e:8d:e4:d4:58:71:
         19:cc:47:42:b2:dd:3f:a1:53:36:01:16:ac:4c:b1:89:3c:64:
         6a:88:c6:7c:95:1f:cb:75:59:1c:b0:89:01:9f:8a:ba:86:91:
         49:7a:9a:06:71:16:20:c7:68:16:04:d5:8e:4e:92:99:64:89:
         ed:6d:78:f6:d2:15:64:41:42:f4:82:fd:20:95:bd:55:fa:dd:
         61:b4:5b:6e:fe:61:2c:61:17:88:75:a5:68:0f:35:ba:e8:68:
         b4:00:3d:13
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUZ1ai4UIu4wM0FUHI0gAOPu4ojqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMjEyMjcxNDUyMDlaFw0yMzEyMjYxNDU3MDlaMDMxMTAvBgNV
BAMTKEVENjc0ODRCMUFDQTg0OEY5NTc3QTlBNEQ4NkI1MzI0RDlEQjFDRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8W/IqNxsI2l/ZOSP/lRACqqjV
IuIJslrxoERL314dNVuB7bter06rM+mHcSoTBtzrb8l5phkttWIAEWSPu9uO0eSs
Qecx8r4G8kENc3NR5EO70Wgsu/anFBw9pgy/yN0NFierwFjEtN0lKzFAc8viKsU4
KOSCSUYtWCBhRYeyqTXjLbsyR/0W3TKTizg7Heesmwi5stHs1XiI4ZNRV4bKQL85
fEOgLERX+AVA1pe/jqPkbVDM2w8gqRSCqvl1+3fhfFatQc0ikNg06wHzLRmfDH8H
/QniFoxV78Lk1eE5S6vX1I2WuWz8zQFkOVNA3rHdhkYC4l0oNSl4l2tc2w8vAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQU7WdISxrKhI+Vd6mk2GtTJNnbHOIwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwdwYIKwYBBQUHAQEEazBpMGcGCCsGAQUFBzAChltyc3luYzov
L3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yLzBFMzU3RERB
MDRCODEwNzYyNjEyNEY1MkNGQzI0MzlCNzZEODVBRjkuY2VyMFkGCCsGAQUFBwEL
BE0wSzBJBggrBgEFBQcwC4Y9cnN5bmM6Ly9jbG91ZGllLXJlcG8ucnBraS5hcHAv
cmVwby9DTE9VRElFLVJQS0kvMC9BUzUyMjEwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQMUwDQYJ
KoZIhvcNAQELBQADggEBABjEiG80vJ8yjrdXnfLKaREhnMx5ND6ZAN3OKTp09ZTy
cQ/EaO6zZeP8oZDpgOYa5WLIFgaAqQ3A1McXM01RAOnbyrKCy7DEib/B1Zv3TTQP
4GtXMZLsviJ5wDPZs2rJeway94F1vUFrkKZYPKToptSZ7jm63UWkEOdsDoCkFyR3
VcCnh5+b2Ir8vPo7oZoFW3xqaLWHGdvHe1a+r16N5NRYcRnMR0Ky3T+hUzYBFqxM
sYk8ZGqIxnyVH8t1WRywiQGfirqGkUl6mgZxFiDHaBYE1Y5Okplkie1tePbSFWRB
QvSC/SCVvVX63WG0W27+YSxhF4h1pWgPNbroaLQAPRM=
-----END CERTIFICATE-----