Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18229.roa
File:                     AS18229.roa (raw, json)
Hash identifier:          J710o0ZQVTjXf8W7UcUH1JeaKK+VN26LM2gyy7umaak=
Subject key identifier:   36:2D:0D:B5:98:C9:A9:86:58:D4:A5:F1:C4:08:ED:5E:4E:1E:43:D7
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       2B34BB90CA51293722E673EDD5E28FFF1C16A0C4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18229.roa
Signing time:             Wed 27 May 2026 17:11:10 +0000
ROA not before:           Wed 27 May 2026 17:06:10 +0000
ROA not after:            Wed 26 May 2027 17:11:10 +0000
asID:                     18229
IP address blocks:        2a13:9500:181::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:34:bb:90:ca:51:29:37:22:e6:73:ed:d5:e2:8f:ff:1c:16:a0:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 27 17:06:10 2026 GMT
            Not After : May 26 17:11:10 2027 GMT
        Subject: CN=362D0DB598C9A98658D4A5F1C408ED5E4E1E43D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:81:47:85:6f:98:83:bf:b3:1b:99:23:fc:be:
                    de:2b:ac:17:db:a3:02:45:86:3a:8d:2c:29:fc:72:
                    9c:90:24:dd:d3:49:96:ed:94:b4:f2:87:71:c4:db:
                    07:50:3f:5e:10:a4:49:c0:93:bb:d8:3f:aa:ff:70:
                    10:40:13:5e:37:49:12:ba:6f:95:80:88:7f:ee:2c:
                    75:26:4a:6f:76:66:a8:82:aa:01:6a:2a:cb:31:8e:
                    40:33:50:7e:00:b1:9a:b3:4e:9a:29:0e:0d:12:b4:
                    cc:1c:da:20:bc:87:ec:e0:14:23:e2:12:50:40:e1:
                    ae:6a:9f:88:45:d9:90:a3:db:3b:74:9e:00:cf:4e:
                    67:ee:7b:b7:b6:20:71:b1:7c:4b:90:4a:2b:50:8c:
                    21:ff:08:6d:89:c7:1a:23:7c:8a:e0:57:fe:8d:32:
                    d4:51:20:82:4d:66:a3:c1:96:16:50:7d:0f:af:cc:
                    67:37:5d:ee:85:82:cc:24:20:e6:0d:ab:8c:1e:5f:
                    a0:a3:2c:74:f3:5d:38:38:66:f8:37:ad:03:ca:ca:
                    ab:c2:fe:94:8b:e9:d5:ce:57:d0:64:f0:89:40:69:
                    8c:25:57:8a:7c:65:41:82:fe:4e:72:73:93:c3:d3:
                    7b:d3:6b:ed:98:bb:e3:2d:12:2f:d5:70:27:34:71:
                    85:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:2D:0D:B5:98:C9:A9:86:58:D4:A5:F1:C4:08:ED:5E:4E:1E:43:D7
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18229.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:181::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:99:6b:51:f6:6e:66:94:ef:b8:ff:fc:e1:aa:1b:2c:1b:50:
         83:11:4f:e4:2c:19:b4:d6:6b:b0:49:08:d0:7b:e0:06:07:82:
         1a:1c:a8:9e:c6:f8:db:40:36:a3:a4:fb:02:1b:3e:79:52:03:
         ff:22:dc:34:86:7f:20:3d:75:e9:c0:d4:12:61:0c:00:63:1f:
         9b:10:b0:62:e8:0b:a5:e3:7b:3e:9a:62:bd:6d:bc:e3:ba:a7:
         63:f6:34:78:aa:74:68:00:cb:bc:bd:9a:51:71:44:d5:c1:55:
         0d:eb:72:35:2b:4f:71:3a:3b:54:76:0a:58:8c:e8:36:e5:d3:
         fe:18:90:04:2e:57:65:7d:d7:35:1f:ef:3d:0d:77:ea:7f:6b:
         fc:ae:7c:1c:4b:34:b6:72:2c:8d:a0:b7:c2:1e:20:b4:ed:5a:
         64:a7:d4:fe:62:93:75:57:16:1a:e9:01:a7:12:df:7e:e2:d4:
         7e:7a:a8:f5:91:5f:66:12:7a:2f:af:41:94:61:2f:ac:ee:11:
         a5:a0:a8:54:f8:c5:d3:48:43:57:b1:79:0c:eb:66:2f:50:93:
         91:6d:61:ed:5c:06:d7:77:ad:44:03:b2:e8:a3:9a:17:fb:c3:
         83:a6:c1:13:5f:31:a1:e8:a5:10:48:69:7d:f4:72:62:e1:f2:
         8f:3d:e1:ed
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUKzS7kMpRKTci5nPt1eKP/xwWoMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjcxNzA2MTBaFw0yNzA1MjYxNzExMTBaMDMxMTAvBgNV
BAMTKDM2MkQwREI1OThDOUE5ODY1OEQ0QTVGMUM0MDhFRDVFNEUxRTQzRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0gUeFb5iDv7MbmSP8vt4rrBfb
owJFhjqNLCn8cpyQJN3TSZbtlLTyh3HE2wdQP14QpEnAk7vYP6r/cBBAE143SRK6
b5WAiH/uLHUmSm92ZqiCqgFqKssxjkAzUH4AsZqzTpopDg0StMwc2iC8h+zgFCPi
ElBA4a5qn4hF2ZCj2zt0ngDPTmfue7e2IHGxfEuQSitQjCH/CG2JxxojfIrgV/6N
MtRRIIJNZqPBlhZQfQ+vzGc3Xe6FgswkIOYNq4weX6CjLHTzXTg4Zvg3rQPKyqvC
/pSL6dXOV9Bk8IlAaYwlV4p8ZUGC/k5yc5PD03vTa+2Yu+MtEi/VcCc0cYUbAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUNi0NtZjJqYZY1KXxxAjtXk4eQ9cwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTgyMjkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE5UA
AYEwDQYJKoZIhvcNAQELBQADggEBAAqZa1H2bmaU77j//OGqGywbUIMRT+QsGbTW
a7BJCNB74AYHghocqJ7G+NtANqOk+wIbPnlSA/8i3DSGfyA9denA1BJhDABjH5sQ
sGLoC6Xjez6aYr1tvOO6p2P2NHiqdGgAy7y9mlFxRNXBVQ3rcjUrT3E6O1R2CliM
6Dbl0/4YkAQuV2V91zUf7z0Nd+p/a/yufBxLNLZyLI2gt8IeILTtWmSn1P5ik3VX
FhrpAacS337i1H56qPWRX2YSei+vQZRhL6zuEaWgqFT4xdNIQ1exeQzrZi9Qk5Ft
Ye1cBtd3rUQDsuijmhf7w4OmwRNfMaHopRBIaX30cmLh8o894e0=
-----END CERTIFICATE-----