Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS197817.roa
File:                     AS197817.roa (raw, json)
Hash identifier:          W/ipavEvjJBAtZIwA081DaVXw+ZtOL+/t8KL+vwYtMs=
Subject key identifier:   A7:E6:DA:73:41:CC:42:F0:0C:EA:60:1C:66:A3:E8:65:28:76:8A:1C
Certificate issuer:       /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Certificate serial:       0882188799107A7DE7B9847D3691D7C8DB55FD53
Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS197817.roa
Signing time:             Fri 04 Jul 2025 06:53:17 +0000
ROA not before:           Fri 04 Jul 2025 06:48:17 +0000
ROA not after:            Fri 03 Jul 2026 06:53:17 +0000
asID:                     197817
IP address blocks:        2a05:dfc1:6900::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 01:40:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:82:18:87:99:10:7a:7d:e7:b9:84:7d:36:91:d7:c8:db:55:fd:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
        Validity
            Not Before: Jul  4 06:48:17 2025 GMT
            Not After : Jul  3 06:53:17 2026 GMT
        Subject: CN=A7E6DA7341CC42F00CEA601C66A3E86528768A1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f3:d0:0f:37:56:4c:1a:90:82:31:39:f0:2c:
                    67:37:4f:7e:15:1f:4a:a8:06:c0:a6:65:56:b8:98:
                    40:52:8b:bb:32:c5:c4:d7:79:7b:fc:97:d2:b3:ac:
                    1c:dc:02:e2:e2:ad:13:95:1f:32:a0:6a:d3:1d:0d:
                    6b:5e:5a:2c:8b:98:aa:12:93:56:c8:4c:d7:96:46:
                    60:ad:76:70:5f:1b:e8:ac:67:92:56:9e:96:f8:c0:
                    aa:3f:34:4c:9c:f1:48:c1:6d:4c:fa:df:da:96:7b:
                    eb:08:93:53:b5:4a:4e:6a:b2:36:98:35:66:2d:79:
                    b1:72:92:60:5d:6b:80:9c:10:c1:97:56:c1:88:f9:
                    48:bc:6e:49:77:c2:54:e8:5c:e7:ab:10:2b:d2:9d:
                    30:1c:fa:ff:0a:e4:b5:c6:8b:ac:15:11:38:c2:92:
                    00:7d:29:0d:4e:5c:c5:2d:1d:33:0a:7d:53:ac:2b:
                    fb:87:7f:e7:ed:2a:5c:4b:42:c5:c5:5b:9f:6c:90:
                    45:a2:e5:26:da:29:0e:6c:5b:bc:97:0f:92:05:a1:
                    1a:54:d0:64:7e:ac:7e:a5:51:16:33:fc:6c:99:78:
                    90:94:bb:4b:79:d6:de:ba:d7:d3:b8:9c:11:fa:46:
                    dd:75:18:f6:09:c4:3a:7d:d2:7c:41:c2:f5:1b:cc:
                    d4:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:E6:DA:73:41:CC:42:F0:0C:EA:60:1C:66:A3:E8:65:28:76:8A:1C
            X509v3 Authority Key Identifier:
                keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS197817.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:6900::/40

    Signature Algorithm: sha256WithRSAEncryption
         ac:e0:39:82:f8:eb:7f:46:84:81:00:4c:27:e9:16:9e:78:77:
         6f:33:99:8a:af:33:ae:19:6a:e6:f7:d6:a0:f2:79:0b:75:c1:
         bb:e7:e6:95:7f:7d:4b:4d:d1:02:a2:33:eb:66:c0:73:de:3b:
         8a:20:76:29:26:f7:55:97:6b:5f:75:80:6a:21:fe:3f:8e:7d:
         98:05:92:f0:96:c4:85:de:26:01:b3:71:7e:5d:fb:1f:16:de:
         70:be:4f:f0:1c:1c:75:e0:93:d5:0e:e4:88:e3:45:9a:b3:b5:
         c5:ff:16:5a:d9:a0:55:f8:4f:90:56:ea:ba:10:d1:7d:62:63:
         09:46:40:f3:b2:a1:d7:d0:a8:b5:40:64:b4:b6:2a:97:fe:4c:
         ed:fe:99:f3:d8:17:46:11:60:5d:82:74:86:36:e0:42:dc:6e:
         e0:c8:6e:9c:f1:c6:17:bd:30:a1:d2:ed:e3:39:3f:f4:69:dc:
         59:2b:4e:79:1e:30:5c:fd:21:50:34:77:d0:9e:be:32:7d:eb:
         25:e1:d1:f7:f1:90:b5:3f:4d:b5:b0:e3:07:ae:01:ca:89:22:
         14:29:13:c4:c4:8f:07:03:b1:16:6c:3c:08:a9:5b:ca:fa:f3:
         8b:8a:55:42:f9:72:aa:3b:e2:a7:90:a6:b5:fe:a2:99:62:6f:
         fc:f5:97:f1
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUCIIYh5kQen3nuYR9NpHXyNtV/VMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQjAeFw0yNTA3MDQwNjQ4MTdaFw0yNjA3MDMwNjUzMTdaMDMxMTAvBgNV
BAMTKEE3RTZEQTczNDFDQzQyRjAwQ0VBNjAxQzY2QTNFODY1Mjg3NjhBMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC589APN1ZMGpCCMTnwLGc3T34V
H0qoBsCmZVa4mEBSi7syxcTXeXv8l9KzrBzcAuLirROVHzKgatMdDWteWiyLmKoS
k1bITNeWRmCtdnBfG+isZ5JWnpb4wKo/NEyc8UjBbUz639qWe+sIk1O1Sk5qsjaY
NWYtebFykmBda4CcEMGXVsGI+Ui8bkl3wlToXOerECvSnTAc+v8K5LXGi6wVETjC
kgB9KQ1OXMUtHTMKfVOsK/uHf+ftKlxLQsXFW59skEWi5SbaKQ5sW7yXD5IFoRpU
0GR+rH6lURYz/GyZeJCUu0t51t6619O4nBH6Rt11GPYJxDp90nxBwvUbzNQfAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUp+bac0HMQvAM6mAcZqPoZSh2ihwwHwYDVR0j
BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3
RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80
L0FTMTk3ODE3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwWkwDQYJKoZIhvcNAQELBQADggEBAKzg
OYL4639GhIEATCfpFp54d28zmYqvM64Zaub31qDyeQt1wbvn5pV/fUtN0QKiM+tm
wHPeO4ogdikm91WXa191gGoh/j+OfZgFkvCWxIXeJgGzcX5d+x8W3nC+T/AcHHXg
k9UO5IjjRZqztcX/FlrZoFX4T5BW6roQ0X1iYwlGQPOyodfQqLVAZLS2Kpf+TO3+
mfPYF0YRYF2CdIY24ELcbuDIbpzxxhe9MKHS7eM5P/Rp3FkrTnkeMFz9IVA0d9Ce
vjJ96yXh0ffxkLU/TbWw4weuAcqJIhQpE8TEjwcDsRZsPAipW8r684uKVUL5cqo7
4qeQprX+oplib/z1l/E=
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:57:47 2025 by rpki-client