Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS211443.roa
File:                     AS211443.roa (raw, json)
Hash identifier:          yB3VW3Wcb/A0Xl5xfYGVUkQPL7E1xtuyz83pIXGdMno=
Subject key identifier:   3B:CD:FD:60:05:06:2D:06:03:1A:79:53:82:19:C5:DF:BE:F4:AF:18
Certificate issuer:       /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Certificate serial:       57868F3A72847F58A28617846FECD0AD9B62148F
Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS211443.roa
Signing time:             Fri 04 Jul 2025 06:53:02 +0000
ROA not before:           Fri 04 Jul 2025 06:48:02 +0000
ROA not after:            Fri 03 Jul 2026 06:53:02 +0000
asID:                     211443
IP address blocks:        2a0a:6040:e200::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 01:40:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:86:8f:3a:72:84:7f:58:a2:86:17:84:6f:ec:d0:ad:9b:62:14:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
        Validity
            Not Before: Jul  4 06:48:02 2025 GMT
            Not After : Jul  3 06:53:02 2026 GMT
        Subject: CN=3BCDFD6005062D06031A79538219C5DFBEF4AF18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9a:f5:1f:0e:a4:ba:35:41:bd:d2:4a:a9:29:
                    8b:26:36:2c:65:36:22:92:b1:1e:03:67:a2:76:fe:
                    34:c2:ef:a1:06:cd:62:5f:fb:2a:45:13:dc:f7:ee:
                    7f:b6:b8:46:9c:25:7e:c3:94:3a:50:1c:be:4e:5c:
                    62:37:c0:8c:7e:b5:6c:82:65:69:9d:10:c6:2e:c9:
                    6b:6c:15:89:2f:2a:c6:6e:fd:46:63:1d:f1:cc:af:
                    1a:06:ba:03:79:7d:18:cb:f7:90:a8:fe:9c:99:53:
                    7b:bd:00:52:9d:0d:45:3d:5f:e1:dc:a7:0c:79:47:
                    06:02:f9:a9:f4:b4:ad:f4:bb:e4:bc:8b:aa:de:6f:
                    66:a6:dd:06:37:dd:48:a9:15:15:06:4a:40:87:26:
                    cc:6a:f1:df:45:ea:be:95:de:a5:88:20:76:ab:08:
                    48:7a:08:6d:df:f7:09:cc:79:a7:dd:ea:59:96:1e:
                    b5:27:fc:ce:3a:d5:4c:e0:93:56:4a:12:27:bd:4a:
                    a3:76:0e:ea:71:0a:0b:6b:b2:ba:f9:0a:75:80:5a:
                    9b:bf:97:6c:bf:8e:f0:fe:2a:69:07:fd:43:96:d8:
                    e9:7e:a0:21:1f:8a:29:c0:7d:03:eb:5e:41:16:3c:
                    dc:77:43:eb:31:8a:0e:a5:84:ee:e0:27:4b:0d:a1:
                    1e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:CD:FD:60:05:06:2D:06:03:1A:79:53:82:19:C5:DF:BE:F4:AF:18
            X509v3 Authority Key Identifier:
                keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS211443.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:e200::/40

    Signature Algorithm: sha256WithRSAEncryption
         90:33:ce:0d:d7:c7:80:c8:7a:82:e1:2d:9b:20:d0:7e:93:77:
         56:93:9d:6e:36:69:c0:5e:81:4d:51:53:17:9b:58:0a:46:1d:
         5b:db:35:55:a3:79:94:c9:41:46:1d:d5:7e:48:2b:28:ba:88:
         76:aa:c6:08:5d:90:33:2c:9e:8c:90:2c:03:52:29:8b:2f:97:
         96:0a:79:7a:d6:af:20:a2:43:42:1f:a3:9e:1a:a6:d8:4d:43:
         c3:05:ad:3d:ed:b7:11:f5:03:d5:3c:13:68:ba:21:e5:a3:c3:
         44:2a:8f:da:6c:89:d2:cd:6a:95:49:bd:b6:64:bd:ee:20:24:
         df:1f:bf:57:b0:a9:ce:23:56:20:46:e4:dd:3a:23:cb:0c:91:
         51:27:d2:e0:f0:b8:71:03:0c:ef:54:73:79:f5:8d:7e:fd:c4:
         d2:78:c9:a2:ca:6d:d9:43:98:50:c6:e0:77:f2:72:be:e8:ca:
         8e:89:3c:ac:6c:d2:c2:c6:2e:63:65:74:f9:94:c8:6b:2c:cc:
         1e:f1:95:f1:0d:51:6d:90:77:72:44:f5:d2:64:9d:17:30:b0:
         c3:17:e1:92:45:ac:21:6f:00:eb:23:1d:04:3b:2a:57:81:7a:
         84:15:e6:fb:ee:36:cd:45:f2:8b:f4:2b:b3:d6:37:e7:07:3b:
         fb:8b:b6:1f
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUV4aPOnKEf1iihheEb+zQrZtiFI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQjAeFw0yNTA3MDQwNjQ4MDJaFw0yNjA3MDMwNjUzMDJaMDMxMTAvBgNV
BAMTKDNCQ0RGRDYwMDUwNjJEMDYwMzFBNzk1MzgyMTlDNURGQkVGNEFGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJmvUfDqS6NUG90kqpKYsmNixl
NiKSsR4DZ6J2/jTC76EGzWJf+ypFE9z37n+2uEacJX7DlDpQHL5OXGI3wIx+tWyC
ZWmdEMYuyWtsFYkvKsZu/UZjHfHMrxoGugN5fRjL95Co/pyZU3u9AFKdDUU9X+Hc
pwx5RwYC+an0tK30u+S8i6reb2am3QY33UipFRUGSkCHJsxq8d9F6r6V3qWIIHar
CEh6CG3f9wnMeafd6lmWHrUn/M461Uzgk1ZKEie9SqN2DupxCgtrsrr5CnWAWpu/
l2y/jvD+KmkH/UOW2Ol+oCEfiinAfQPrXkEWPNx3Q+sxig6lhO7gJ0sNoR6lAgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUO839YAUGLQYDGnlTghnF3770rxgwHwYDVR0j
BBgwFoAUj8PPtd8+j3IcCLi1/n9h1nsL4TswDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzQvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3RjYxRDY3
QjBCRTEzQi5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzcvOEZDM0NGQjVERjNFOEY3MjFDMDhCOEI1RkU3
RjYxRDY3QjBCRTEzQi5jZXIwWgYIKwYBBQUHAQsETjBMMEoGCCsGAQUFBzALhj5y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS80
L0FTMjExNDQzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpgQOIwDQYJKoZIhvcNAQELBQADggEBAJAz
zg3Xx4DIeoLhLZsg0H6Td1aTnW42acBegU1RUxebWApGHVvbNVWjeZTJQUYd1X5I
Kyi6iHaqxghdkDMsnoyQLANSKYsvl5YKeXrWryCiQ0Ifo54apthNQ8MFrT3ttxH1
A9U8E2i6IeWjw0Qqj9psidLNapVJvbZkve4gJN8fv1ewqc4jViBG5N06I8sMkVEn
0uDwuHEDDO9Uc3n1jX79xNJ4yaLKbdlDmFDG4Hfycr7oyo6JPKxs0sLGLmNldPmU
yGsszB7xlfENUW2Qd3JE9dJknRcwsMMX4ZJFrCFvAOsjHQQ7KleBeoQV5vvuNs1F
8ov0K7PWN+cHO/uLth8=
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:57:42 2025 by rpki-client