Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS63150.roa
File:                     AS63150.roa (raw, json)
Hash identifier:          mowYjAvFQ8QhqRFxo9H+kzKjLBvgSQeF0IlnEIgosUc=
Subject key identifier:   56:84:08:26:67:68:88:94:D5:77:B0:E5:B1:8B:5C:43:B6:4B:A3:DC
Certificate issuer:       /CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
Certificate serial:       43D46F6C93AE1DA8F12B2AC14EA5E6F8B1C9BC
Authority key identifier: 8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS63150.roa
Signing time:             Fri 04 Jul 2025 06:53:24 +0000
ROA not before:           Fri 04 Jul 2025 06:48:24 +0000
ROA not after:            Fri 03 Jul 2026 06:53:24 +0000
asID:                     63150
IP address blocks:        2a06:9f81:4000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:d4:6f:6c:93:ae:1d:a8:f1:2b:2a:c1:4e:a5:e6:f8:b1:c9:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B
        Validity
            Not Before: Jul  4 06:48:24 2025 GMT
            Not After : Jul  3 06:53:24 2026 GMT
        Subject: CN=5684082667688894D577B0E5B18B5C43B64BA3DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:65:28:28:98:b5:a7:03:eb:1b:1d:5d:e4:e0:
                    7f:e6:ae:11:a0:31:d4:92:cd:f7:ea:36:71:ae:34:
                    4e:92:69:f7:56:4b:53:ea:84:c6:3b:8a:a1:36:92:
                    0e:2f:14:e8:4e:75:ff:28:4e:a4:26:aa:7b:63:f9:
                    20:71:38:ee:12:79:e3:95:b6:3d:78:54:6f:1b:aa:
                    36:d0:a7:56:af:67:69:d2:64:21:a6:92:8a:f0:17:
                    b2:97:a1:3d:26:0b:56:c9:c1:af:c5:39:f0:0f:8c:
                    38:7e:1a:9d:8f:83:7b:64:b1:ba:2a:3a:09:54:e6:
                    22:6f:b4:d9:72:84:7d:eb:ee:59:ad:74:fd:9b:de:
                    3d:e0:0b:de:7a:d2:66:d9:f2:18:8a:c5:30:a7:91:
                    4e:e6:a9:1a:83:74:6f:0b:a1:cc:32:ac:53:05:68:
                    54:03:c7:59:3e:ed:1d:8e:64:b6:57:6a:d2:02:0d:
                    dc:1f:e4:b0:b2:8a:2f:c8:e1:42:e6:fe:b2:92:9f:
                    90:8a:5a:c5:02:ec:33:98:64:34:62:02:b4:2f:19:
                    dc:3a:47:78:32:d1:94:59:ce:dd:8c:db:33:b5:b8:
                    f9:47:75:45:a9:04:12:36:90:c3:ad:35:c4:db:0d:
                    ed:78:00:44:cc:7b:b4:5d:0c:47:c3:ea:fc:59:42:
                    bc:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:84:08:26:67:68:88:94:D5:77:B0:E5:B1:8B:5C:43:B6:4B:A3:DC
            X509v3 Authority Key Identifier:
                keyid:8F:C3:CF:B5:DF:3E:8F:72:1C:08:B8:B5:FE:7F:61:D6:7B:0B:E1:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8FC3CFB5DF3E8F721C08B8B5FE7F61D67B0BE13B.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/4/AS63150.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f81:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a9:99:ed:dd:18:73:a3:3a:81:75:b5:52:a6:3f:af:87:c5:7e:
         7e:71:e7:36:28:61:36:07:99:45:bc:65:85:68:69:d1:0c:eb:
         20:da:74:c0:42:5d:95:93:3c:c2:5e:bc:c9:76:61:a2:4e:e7:
         3b:49:da:21:17:d4:29:35:d4:b0:47:9f:bd:30:31:1b:87:34:
         2c:94:51:2d:05:97:73:1c:76:d7:62:3b:e9:26:26:37:ed:b6:
         2d:f1:fd:be:43:09:56:30:d2:2b:e3:b2:c6:15:d5:6d:58:5c:
         73:8c:27:46:a9:4c:7d:66:51:93:94:04:3a:32:84:0e:04:05:
         f8:04:f8:c1:09:52:e5:61:d9:19:ff:46:56:10:96:d1:0d:3f:
         88:ae:3d:35:c3:ac:50:c0:10:5d:c5:0f:94:b9:08:69:78:6f:
         a4:21:8e:ba:66:15:75:62:2a:82:fe:50:b7:e5:73:5f:48:68:
         80:c4:04:0c:74:c0:ba:8c:3b:24:f2:4a:9e:89:6f:a6:b2:e6:
         7f:6b:ca:60:54:0f:7d:48:fa:ac:40:79:47:63:30:a8:a7:0a:
         74:6c:a2:c9:d2:ac:b0:67:1a:a2:19:85:f3:f1:c7:0f:b1:bd:
         29:86:91:f6:61:48:ea:69:cf:fc:7b:3e:31:fd:34:c2:c8:1c:
         2c:3c:ad:5e
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgITQ9RvbJOuHajxKyrBTqXm+LHJvDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg4RkMzQ0ZCNURGM0U4RjcyMUMwOEI4QjVGRTdGNjFENjdC
MEJFMTNCMB4XDTI1MDcwNDA2NDgyNFoXDTI2MDcwMzA2NTMyNFowMzExMC8GA1UE
AxMoNTY4NDA4MjY2NzY4ODg5NEQ1NzdCMEU1QjE4QjVDNDNCNjRCQTNEQzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPVlKCiYtacD6xsdXeTgf+auEaAx
1JLN9+o2ca40TpJp91ZLU+qExjuKoTaSDi8U6E51/yhOpCaqe2P5IHE47hJ545W2
PXhUbxuqNtCnVq9nadJkIaaSivAXspehPSYLVsnBr8U58A+MOH4anY+De2Sxuio6
CVTmIm+02XKEfevuWa10/ZvePeAL3nrSZtnyGIrFMKeRTuapGoN0bwuhzDKsUwVo
VAPHWT7tHY5ktldq0gIN3B/ksLKKL8jhQub+spKfkIpaxQLsM5hkNGICtC8Z3DpH
eDLRlFnO3YzbM7W4+Ud1RakEEjaQw601xNsN7XgARMx7tF0MR8Pq/FlCvOECAwEA
AaOCAfMwggHvMB0GA1UdDgQWBBRWhAgmZ2iIlNV3sOWxi1xDtkuj3DAfBgNVHSME
GDAWgBSPw8+13z6PchwIuLX+f2HWewvhOzAOBgNVHQ8BAf8EBAMCB4AwbwYDVR0f
BGgwZjBkoGKgYIZecnN5bmM6Ly9jbG91ZGllLXJlcG8ucnBraS5hcHAvcmVwby9D
TE9VRElFLVJQS0kvNC84RkMzQ0ZCNURGM0U4RjcyMUMwOEI4QjVGRTdGNjFENjdC
MEJFMTNCLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3lu
YzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4NTBkMDYz
ZTAxODU3NTVjOTFiZTNmOWQvNy84RkMzQ0ZCNURGM0U4RjcyMUMwOEI4QjVGRTdG
NjFENjdCMEJFMTNCLmNlcjBZBggrBgEFBQcBCwRNMEswSQYIKwYBBQUHMAuGPXJz
eW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8vQ0xPVURJRS1SUEtJLzQv
QVM2MzE1MC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoGn4FAMA0GCSqGSIb3DQEBCwUAA4IBAQCpme3d
GHOjOoF1tVKmP6+HxX5+cec2KGE2B5lFvGWFaGnRDOsg2nTAQl2VkzzCXrzJdmGi
Tuc7SdohF9QpNdSwR5+9MDEbhzQslFEtBZdzHHbXYjvpJiY37bYt8f2+QwlWMNIr
47LGFdVtWFxzjCdGqUx9ZlGTlAQ6MoQOBAX4BPjBCVLlYdkZ/0ZWEJbRDT+Irj01
w6xQwBBdxQ+UuQhpeG+kIY66ZhV1YiqC/lC35XNfSGiAxAQMdMC6jDsk8kqeiW+m
suZ/a8pgVA99SPqsQHlHYzCopwp0bKLJ0qywZxqiGYXz8ccPsb0phpH2YUjqac/8
ez4x/TTCyBwsPK1e
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:57:49 2025 by rpki-client