Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa
File:                     AS52210.roa (raw, json)
Hash identifier:          j1jqAjasVpBgr3edSKVL2nQQJN1HNF3JrYb6zrXSvOQ=
Subject key identifier:   8E:2F:2A:79:31:10:DF:78:91:71:C0:B4:91:08:52:65:F0:E9:04:EC
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       3CBF83F94BE29AE1F5E047CD4FC26AFF2412B9C9
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa
Signing time:             Sun 05 Nov 2023 04:07:16 +0000
ROA not before:           Sun 05 Nov 2023 04:02:16 +0000
ROA not after:            Sun 03 Nov 2024 04:07:16 +0000
asID:                     52210
IP address blocks:        2a0a:6040:c500::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 14:25:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:bf:83:f9:4b:e2:9a:e1:f5:e0:47:cd:4f:c2:6a:ff:24:12:b9:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Nov  5 04:02:16 2023 GMT
            Not After : Nov  3 04:07:16 2024 GMT
        Subject: CN=8E2F2A793110DF789171C0B491085265F0E904EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:57:01:db:8c:c5:d6:84:1e:4e:60:7f:10:8c:
                    39:4c:ae:a8:79:46:bc:17:8d:76:e7:87:ca:7e:2c:
                    e7:23:c0:75:7b:2a:a5:32:23:f5:29:1e:e6:4d:93:
                    52:13:df:c0:f1:6b:c4:c6:e5:ba:09:5e:17:ef:a6:
                    fd:df:10:62:75:28:31:91:59:5b:a4:2e:47:70:c4:
                    e6:c5:64:14:fb:a7:c0:8d:b4:02:d5:2f:63:73:69:
                    7a:d6:66:75:33:ec:73:6a:0f:0a:cb:13:dd:8c:a5:
                    d6:25:d6:3a:43:7d:23:76:51:57:47:8e:31:17:24:
                    80:40:b1:04:2d:ca:0f:36:f3:88:4f:e0:31:66:d1:
                    be:8d:bb:f5:7b:12:ac:ef:4f:df:6d:62:58:b5:0a:
                    4f:d8:2f:82:af:5d:40:d9:4b:a3:6f:46:2a:51:c6:
                    ea:e3:0d:40:d4:ea:4d:a1:16:78:32:36:8c:64:84:
                    72:d6:c0:5f:f7:9b:73:be:2d:e9:62:8a:1c:21:67:
                    d1:13:e4:7a:dd:86:98:f6:fd:da:b7:7a:47:d2:a7:
                    f7:9d:61:80:4e:61:c4:19:50:64:f1:37:62:3b:71:
                    bd:a4:3f:69:1c:7e:0c:ff:de:3a:d4:a0:61:4e:10:
                    68:46:4e:df:8b:68:d7:6b:0d:63:4e:9b:6f:0c:16:
                    25:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:2F:2A:79:31:10:DF:78:91:71:C0:B4:91:08:52:65:F0:E9:04:EC
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS52210.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:c500::/40

    Signature Algorithm: sha256WithRSAEncryption
         2f:56:02:0c:fb:1e:7a:63:33:1e:b7:73:c4:5b:6f:87:d0:14:
         4f:e7:9c:c6:30:67:0f:cf:42:21:b4:90:34:ed:1d:ae:ba:e0:
         21:1f:6d:51:c2:35:52:09:16:01:c9:cc:e0:b8:3e:d9:52:05:
         9f:6b:f5:12:8e:56:f2:99:74:64:73:0c:d8:40:90:ce:6d:f1:
         79:45:e7:47:f9:08:0d:8c:5e:43:ce:36:77:38:ca:0f:07:ba:
         16:3d:2a:33:a1:d7:dd:57:c6:1f:c9:bc:c2:1c:d1:1f:a3:31:
         4f:1c:cc:16:eb:99:ef:d7:04:0b:c5:c9:2b:a2:5d:ca:1d:7e:
         21:75:a0:d2:67:5f:da:2e:eb:53:64:33:a6:a4:29:12:d8:a5:
         af:ca:3f:f5:1e:0f:cc:d4:0a:de:41:a4:62:d6:0d:e7:34:92:
         4b:81:69:98:42:43:3f:f3:8c:d9:58:32:89:47:ce:dc:ea:2f:
         cb:d9:0f:d4:f6:cb:7c:75:92:dd:74:7a:37:c0:e2:f5:50:c4:
         fe:15:99:7c:ca:04:7a:ca:35:49:35:97:2f:9d:cd:5e:e5:3c:
         6f:d4:b4:f4:fa:e8:e6:fb:b8:a4:73:7f:59:50:80:63:e8:44:
         39:b7:a3:15:f5:af:65:21:cc:6f:e0:90:60:86:d6:16:f4:a7:
         d7:f3:f8:88
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUPL+D+UvimuH14EfNT8Jq/yQSuckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yMzExMDUwNDAyMTZaFw0yNDExMDMwNDA3MTZaMDMxMTAvBgNV
BAMTKDhFMkYyQTc5MzExMERGNzg5MTcxQzBCNDkxMDg1MjY1RjBFOTA0RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyVwHbjMXWhB5OYH8QjDlMrqh5
RrwXjXbnh8p+LOcjwHV7KqUyI/UpHuZNk1IT38Dxa8TG5boJXhfvpv3fEGJ1KDGR
WVukLkdwxObFZBT7p8CNtALVL2NzaXrWZnUz7HNqDwrLE92MpdYl1jpDfSN2UVdH
jjEXJIBAsQQtyg8284hP4DFm0b6Nu/V7EqzvT99tYli1Ck/YL4KvXUDZS6NvRipR
xurjDUDU6k2hFngyNoxkhHLWwF/3m3O+LeliihwhZ9ET5Hrdhpj2/dq3ekfSp/ed
YYBOYcQZUGTxN2I7cb2kP2kcfgz/3jrUoGFOEGhGTt+LaNdrDWNOm28MFiW9AgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUji8qeTEQ33iRccC0kQhSZfDpBOwwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwWQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTNTIyMTAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqCmBAxTANBgkqhkiG9w0BAQsFAAOCAQEAL1YC
DPseemMzHrdzxFtvh9AUT+ecxjBnD89CIbSQNO0drrrgIR9tUcI1UgkWAcnM4Lg+
2VIFn2v1Eo5W8pl0ZHMM2ECQzm3xeUXnR/kIDYxeQ842dzjKDwe6Fj0qM6HX3VfG
H8m8whzRH6MxTxzMFuuZ79cEC8XJK6Jdyh1+IXWg0mdf2i7rU2QzpqQpEtilr8o/
9R4PzNQK3kGkYtYN5zSSS4FpmEJDP/OM2VgyiUfO3Oovy9kP1PbLfHWS3XR6N8Di
9VDE/hWZfMoEeso1STWXL53NXuU8b9S09Pro5vu4pHN/WVCAY+hEObejFfWvZSHM
b+CQYIbWFvSn1/P4iA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:31:59 2024 by rpki-client on console-fra.rpki-client.org