Route Origin Authorization

$ rpki-client -vvf rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS147028.roa
File:                     AS147028.roa (raw, json)
Hash identifier:          rE3RVDQARU+77DQkpgwY4azFYOcET2dVJXwxcN2WISM=
Subject key identifier:   50:D2:07:33:48:21:81:62:75:35:0A:15:EB:80:9D:E9:02:17:2A:7A
Certificate issuer:       /CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
Certificate serial:       34C057F78906B38A316217FAC2C4BD0613DD9422
Authority key identifier: 7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
Subject info access:      rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS147028.roa
Signing time:             Tue 19 May 2026 04:03:20 +0000
ROA not before:           Tue 19 May 2026 03:58:20 +0000
ROA not after:            Tue 18 May 2027 04:03:20 +0000
asID:                     147028
IP address blocks:        2a0f:9400:7810::/44 maxlen: 48
                          2a0f:9400:7814::/47 maxlen: 48
                          2a0f:9400:7820::/44 maxlen: 48
                          2a0f:9400:7834::/47 maxlen: 47
                          2a0f:9400:7844::/47 maxlen: 47
Validation:               OK
Signature path:           rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl
                          rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Jun 2026 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:c0:57:f7:89:06:b3:8a:31:62:17:fa:c2:c4:bd:06:13:dd:94:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ea5316dbdac01cd05d0eaa05a89c04da3e7398f
        Validity
            Not Before: May 19 03:58:20 2026 GMT
            Not After : May 18 04:03:20 2027 GMT
        Subject: CN=50D207334821816275350A15EB809DE902172A7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:91:e2:c9:c0:2f:c0:41:0b:34:48:f2:5e:59:
                    3b:f7:84:f9:fe:7f:8c:12:c1:94:64:7b:53:f7:3a:
                    05:62:d7:14:66:10:d8:e1:5e:94:3f:ef:76:e7:79:
                    73:bd:fd:36:4e:03:0e:fc:b3:57:f8:2f:31:7a:7f:
                    ab:b1:f2:31:df:a0:79:e6:36:10:61:7e:23:b2:33:
                    71:0c:ef:8f:1d:03:bd:53:54:fa:91:7a:e9:07:6c:
                    dc:23:69:ea:9f:86:70:d1:d3:76:3b:0a:2b:85:88:
                    30:bb:f6:5e:eb:ef:34:81:e6:37:44:17:51:8c:03:
                    8c:ff:40:4d:12:0f:8d:30:98:e4:a4:f7:d6:f7:91:
                    b0:51:32:85:e4:96:06:7e:73:52:0d:48:f2:19:57:
                    bc:fb:b9:53:22:f1:44:d5:ed:74:b1:be:1a:17:9f:
                    34:ea:54:13:4d:64:e3:d0:50:71:ef:63:c6:a3:3f:
                    2d:26:c5:60:1c:bb:f9:08:ec:c6:64:37:23:ab:8d:
                    7a:75:22:f8:9e:a3:71:05:05:e3:fb:b9:83:40:fb:
                    87:1a:33:2a:71:ed:c7:96:fc:2b:b7:56:3b:65:02:
                    c6:51:8a:29:41:38:a7:a6:23:c2:fd:fa:f0:bc:67:
                    12:56:cd:58:5e:db:ec:2c:a1:ce:78:62:92:58:f1:
                    7f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D2:07:33:48:21:81:62:75:35:0A:15:EB:80:9D:E9:02:17:2A:7A
            X509v3 Authority Key Identifier:
                keyid:7E:A5:31:6D:BD:AC:01:CD:05:D0:EA:A0:5A:89:C0:4D:A3:E7:39:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/7EA5316DBDAC01CD05D0EAA05A89C04DA3E7398F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fqUxbb2sAc0F0OqgWonATaPnOY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.admin.freerangecloud.com/repo/FRC-CA/5/AS147028.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:9400:7810::-2a0f:9400:782f:ffff:ffff:ffff:ffff:ffff
                  2a0f:9400:7834::/47
                  2a0f:9400:7844::/47

    Signature Algorithm: sha256WithRSAEncryption
         7f:91:c9:a1:4c:bf:c5:1d:1d:a0:84:b9:ad:a0:16:5b:8b:63:
         dc:4e:7a:e5:94:2e:e1:96:bc:f1:48:50:2d:16:f4:d4:26:1c:
         7d:d6:c9:c6:3e:e1:86:26:c2:47:ed:f7:c5:5d:8d:9c:1c:22:
         75:d3:ec:b2:40:2c:53:93:52:76:9d:60:f2:c1:8f:fd:8e:ba:
         21:b0:02:d2:4b:6b:92:67:5e:80:64:45:17:61:2e:ae:36:7d:
         f5:d2:cd:a5:0d:71:97:f5:b0:62:8f:a8:d8:01:a5:30:93:e8:
         6f:6f:a1:6e:3b:20:1d:3a:04:e7:98:31:94:29:aa:9c:af:50:
         b6:08:9f:5d:b6:09:13:61:19:bc:1f:b0:62:8b:4e:47:de:80:
         95:3d:6f:ad:ae:ee:a3:5d:6b:58:d3:ac:d1:32:25:e9:62:97:
         f5:7c:33:8a:20:c1:6c:b7:b0:1f:1b:68:7d:30:54:21:e5:cb:
         77:bb:1a:c8:1e:75:bd:51:0c:04:bf:29:42:7f:76:dd:14:a2:
         00:cf:8c:da:02:31:7d:15:4e:32:f6:db:d1:a7:48:e6:40:28:
         1b:3f:e0:23:3f:2c:8f:ce:fb:7f:9d:bc:d5:b6:91:05:74:b2:
         34:cf:b8:de:ba:ab:c4:9e:ad:f2:19:ef:e8:c6:f9:d7:84:6e:
         e7:fa:31:70
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUNMBX94kGs4oxYhf6wsS9BhPdlCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2VhNTMxNmRiZGFjMDFjZDA1ZDBlYWEwNWE4OWMwNGRh
M2U3Mzk4ZjAeFw0yNjA1MTkwMzU4MjBaFw0yNzA1MTgwNDAzMjBaMDMxMTAvBgNV
BAMTKDUwRDIwNzMzNDgyMTgxNjI3NTM1MEExNUVCODA5REU5MDIxNzJBN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAkeLJwC/AQQs0SPJeWTv3hPn+
f4wSwZRke1P3OgVi1xRmENjhXpQ/73bneXO9/TZOAw78s1f4LzF6f6ux8jHfoHnm
NhBhfiOyM3EM748dA71TVPqReukHbNwjaeqfhnDR03Y7CiuFiDC79l7r7zSB5jdE
F1GMA4z/QE0SD40wmOSk99b3kbBRMoXklgZ+c1INSPIZV7z7uVMi8UTV7XSxvhoX
nzTqVBNNZOPQUHHvY8ajPy0mxWAcu/kI7MZkNyOrjXp1Ivieo3EFBeP7uYNA+4ca
Mypx7ceW/Cu3VjtlAsZRiilBOKemI8L9+vC8ZxJWzVhe2+wsoc54YpJY8X9vAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUUNIHM0ghgWJ1NQoV64Cd6QIXKnowHwYDVR0j
BBgwFoAUfqUxbb2sAc0F0OqgWonATaPnOY8wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5j
b20vcmVwby9GUkMtQ0EvNS83RUE1MzE2REJEQUMwMUNEMDVEMEVBQTA1QTg5QzA0
REEzRTczOThGLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZnFVeGJiMnNBYzBG
ME9xZ1dvbkFUYVBuT1k4LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUHMAuG
QHJzeW5jOi8vcnBraS5hZG1pbi5mcmVlcmFuZ2VjbG91ZC5jb20vcmVwby9GUkMt
Q0EvNS9BUzE0NzAyOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/Bggr
BgEFBQcBBwEB/wQwMC4wLAQCAAIwJjASAwcEKg+UAHgQAwcEKg+UAHggAwcBKg+U
AHg0AwcBKg+UAHhEMA0GCSqGSIb3DQEBCwUAA4IBAQB/kcmhTL/FHR2ghLmtoBZb
i2PcTnrllC7hlrzxSFAtFvTUJhx91snGPuGGJsJH7ffFXY2cHCJ10+yyQCxTk1J2
nWDywY/9jrohsALSS2uSZ16AZEUXYS6uNn310s2lDXGX9bBij6jYAaUwk+hvb6Fu
OyAdOgTnmDGUKaqcr1C2CJ9dtgkTYRm8H7Bii05H3oCVPW+tru6jXWtY06zRMiXp
Ypf1fDOKIMFst7AfG2h9MFQh5ct3uxrIHnW9UQwEvylCf3bdFKIAz4zaAjF9FU4y
9tvRp0jmQCgbP+AjPyyPzvt/nbzVtpEFdLI0z7jeuqvEnq3yGe/oxvnXhG7n+jFw
-----END CERTIFICATE-----