Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137264.roa
File:                     AS137264.roa (raw, json)
Hash identifier:          eoyDmEk/+erTdNXLdUPuE3eerprzbDMPmhTAIyK85HQ=
Subject key identifier:   50:92:B6:53:9C:38:24:23:1D:CA:3D:5C:9C:46:A6:08:A5:BC:B2:0E
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       44F5F70BCD387977F19CC50A273706F7B99ADC90
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137264.roa
Signing time:             Tue 19 May 2026 06:35:00 +0000
ROA not before:           Tue 19 May 2026 06:30:00 +0000
ROA not after:            Tue 18 May 2027 06:35:00 +0000
asID:                     137264
IP address blocks:        2a13:9500:17c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:f5:f7:0b:cd:38:79:77:f1:9c:c5:0a:27:37:06:f7:b9:9a:dc:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 19 06:30:00 2026 GMT
            Not After : May 18 06:35:00 2027 GMT
        Subject: CN=5092B6539C3824231DCA3D5C9C46A608A5BCB20E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:96:1e:f2:8d:88:4e:f2:05:13:d6:6c:35:5d:
                    f7:c3:8b:0e:1e:1d:cb:b1:f8:39:2c:96:60:ce:26:
                    3b:67:df:86:99:2d:17:12:e4:5b:00:ca:04:14:a9:
                    9d:09:20:73:ee:10:b0:b3:7c:78:5d:03:ce:5f:be:
                    9e:bd:ba:67:85:54:a9:53:20:df:14:b2:ac:25:d4:
                    ca:7f:c3:a4:cb:7b:f1:1f:d5:84:d0:85:d6:df:e7:
                    0a:d0:19:de:b9:3f:9a:ad:eb:9b:6d:b9:f7:6e:0c:
                    80:ae:25:76:e2:1b:f8:9a:cd:16:fd:dc:4d:0f:0f:
                    f0:05:8c:37:0e:11:41:21:31:1f:49:e9:c6:6d:0d:
                    0a:c3:3e:c9:37:7e:94:ec:c2:ce:b6:e5:e9:9b:5d:
                    2b:7c:f0:ff:34:93:fa:cf:bd:17:2b:27:93:6d:ed:
                    c5:31:50:78:81:78:9e:c3:82:6e:95:fb:4b:a3:1e:
                    8b:f9:eb:2f:61:ae:11:cc:19:7a:b6:2a:b3:ca:aa:
                    75:9e:2c:33:7e:83:b1:d5:98:d9:2e:72:cd:80:bb:
                    69:a4:ed:d2:13:ed:87:f0:f8:63:f1:e5:80:44:ca:
                    eb:66:ef:ec:4f:e7:91:98:21:94:d2:45:79:9e:75:
                    86:93:31:f7:49:b2:8b:30:26:64:5b:c1:c7:9d:6e:
                    73:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:92:B6:53:9C:38:24:23:1D:CA:3D:5C:9C:46:A6:08:A5:BC:B2:0E
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS137264.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:17c::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:43:28:b4:54:2e:9c:7a:e0:6c:5e:dc:90:ea:da:d9:50:8a:
         90:bc:9e:68:b4:47:a2:f7:eb:9c:d0:6e:6b:a2:d7:56:4b:c4:
         5a:c0:51:c2:38:f7:ce:39:fa:2c:db:0a:59:fd:42:4f:db:1c:
         3c:b2:69:57:3a:f2:ef:ad:2c:53:7e:2d:d7:b4:7b:56:5f:cf:
         28:11:4f:01:b1:15:71:40:04:da:13:06:a9:c7:1a:6d:a1:9c:
         0e:9b:86:e1:b2:df:68:db:d3:8e:42:20:69:9b:3a:bd:99:b5:
         c4:7d:9b:26:fe:76:39:e2:1d:17:2d:b9:3b:6e:77:ec:b9:db:
         c4:bd:80:5b:fd:f3:ca:43:46:dd:a5:fa:24:59:c4:17:50:80:
         d5:86:07:e8:0e:71:e7:cc:1f:a9:36:b1:02:78:e2:af:e4:f0:
         75:33:95:9e:e4:62:c5:ee:d3:6d:6b:42:1c:2f:2b:e9:c8:8e:
         25:a9:14:8f:ea:00:f5:a4:05:13:7e:6d:cb:a2:62:9b:fc:47:
         9b:fb:91:97:a3:61:52:8d:79:ac:57:80:a9:bd:26:97:37:41:
         81:f0:18:fb:bb:18:b5:f9:16:83:25:bd:b5:cf:a1:c1:19:e6:
         c2:ae:3f:09:ae:eb:3c:0d:7f:76:ed:7f:cc:38:6c:55:1e:44:
         2d:90:99:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIURPX3C804eXfxnMUKJzcG97ma3JAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTkwNjMwMDBaFw0yNzA1MTgwNjM1MDBaMDMxMTAvBgNV
BAMTKDUwOTJCNjUzOUMzODI0MjMxRENBM0Q1QzlDNDZBNjA4QTVCQ0IyMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSlh7yjYhO8gUT1mw1XffDiw4e
Hcux+DkslmDOJjtn34aZLRcS5FsAygQUqZ0JIHPuELCzfHhdA85fvp69umeFVKlT
IN8Usqwl1Mp/w6TLe/Ef1YTQhdbf5wrQGd65P5qt65ttufduDICuJXbiG/iazRb9
3E0PD/AFjDcOEUEhMR9J6cZtDQrDPsk3fpTsws625embXSt88P80k/rPvRcrJ5Nt
7cUxUHiBeJ7Dgm6V+0ujHov56y9hrhHMGXq2KrPKqnWeLDN+g7HVmNkucs2Au2mk
7dIT7Yfw+GPx5YBEyutm7+xP55GYIZTSRXmedYaTMfdJsoswJmRbwcedbnNZAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUUJK2U5w4JCMdyj1cnEamCKW8sg4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTM3MjY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAF8MA0GCSqGSIb3DQEBCwUAA4IBAQBIQyi0VC6ceuBsXtyQ6trZUIqQvJ5otEei
9+uc0G5rotdWS8RawFHCOPfOOfos2wpZ/UJP2xw8smlXOvLvrSxTfi3XtHtWX88o
EU8BsRVxQATaEwapxxptoZwOm4bhst9o29OOQiBpmzq9mbXEfZsm/nY54h0XLbk7
bnfsudvEvYBb/fPKQ0bdpfokWcQXUIDVhgfoDnHnzB+pNrECeOKv5PB1M5We5GLF
7tNta0IcLyvpyI4lqRSP6gD1pAUTfm3LomKb/Eeb+5GXo2FSjXmsV4CpvSaXN0GB
8Bj7uxi1+RaDJb21z6HBGebCrj8Jrus8DX927X/MOGxVHkQtkJk3
-----END CERTIFICATE-----