Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18381.roa
File:                     AS18381.roa (raw, json)
Hash identifier:          XU9CasYYxREVX1TaNRt0prGbb8ExTKJtCe7PYc++Tis=
Subject key identifier:   51:61:38:35:C2:7E:A2:40:CC:7D:20:64:AA:D4:93:9E:90:A4:21:29
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       39CAA0485086069D506120EFD6772BD69B1B1BB3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18381.roa
Signing time:             Tue 23 Jun 2026 12:06:30 +0000
ROA not before:           Tue 23 Jun 2026 12:01:30 +0000
ROA not after:            Tue 22 Jun 2027 12:06:30 +0000
asID:                     18381
IP address blocks:        82.23.184.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 25 Jun 2026 07:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:ca:a0:48:50:86:06:9d:50:61:20:ef:d6:77:2b:d6:9b:1b:1b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 23 12:01:30 2026 GMT
            Not After : Jun 22 12:06:30 2027 GMT
        Subject: CN=51613835C27EA240CC7D2064AAD4939E90A42129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:db:a4:e6:06:da:da:61:5c:a0:76:73:cf:e6:
                    9c:0a:1f:80:58:18:98:ec:71:c6:52:67:30:59:2d:
                    be:53:f3:04:ed:d9:97:a6:c0:4e:1a:af:11:a5:46:
                    b7:d3:29:ef:7f:e3:bc:02:61:18:bd:3c:72:31:a3:
                    04:68:38:33:56:40:f3:8e:4d:18:98:96:76:f9:49:
                    31:89:aa:59:2a:af:75:fb:c7:37:cb:2a:43:71:8f:
                    b1:38:36:48:5c:6f:b6:84:a2:55:6b:02:65:5b:c1:
                    7e:28:c8:12:b8:96:ea:23:80:d2:2b:b4:96:61:8c:
                    6c:dd:57:40:f6:d7:d2:cb:63:89:a8:a0:da:1b:46:
                    b2:77:17:63:59:09:c1:15:1f:6e:24:63:67:5d:7f:
                    14:36:cd:43:a3:fb:09:86:0f:91:88:e8:de:7f:cf:
                    90:fe:1c:9d:51:47:ce:44:90:68:25:cc:4a:e8:6d:
                    1c:da:35:77:d8:e8:e4:5f:c5:45:75:23:b6:bb:07:
                    46:7f:25:ca:51:a9:0a:00:58:39:c4:06:24:b1:9c:
                    c5:c7:4b:22:37:87:a9:1f:88:b5:6f:a0:b2:98:b9:
                    ac:0c:78:6c:15:45:84:8b:2d:84:5a:2a:6c:ac:1e:
                    8f:1d:50:eb:bf:1d:15:0a:cb:af:07:ef:af:df:06:
                    f2:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:61:38:35:C2:7E:A2:40:CC:7D:20:64:AA:D4:93:9E:90:A4:21:29
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS18381.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.23.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:c5:6a:cd:a4:f3:62:04:82:51:53:a0:20:b3:1f:bb:d1:f0:
         87:d0:a3:f7:69:18:cc:36:bb:b3:d6:49:6f:bb:53:b3:6c:5f:
         f5:dc:d7:3c:8f:0e:4f:55:f8:ca:53:99:d8:7c:74:34:c5:73:
         97:50:23:61:be:45:d6:66:d6:7c:cc:6f:00:1c:ae:08:14:4c:
         04:db:1f:bf:d6:6f:a6:4f:b6:c0:64:29:3e:22:f9:87:3d:52:
         37:0e:01:67:3f:76:d9:b4:ba:da:bf:0d:8b:15:d6:6a:68:bc:
         29:4e:06:5c:98:70:40:c9:34:f9:0a:c7:3e:1c:10:2f:07:b6:
         f3:f8:d0:5b:36:ba:91:ec:d9:0c:8a:fb:26:c7:c6:ee:d8:22:
         b0:b4:50:5a:19:c5:a2:3a:18:21:41:01:82:f4:4b:52:77:8c:
         4e:81:3f:67:af:40:f0:85:69:64:1f:75:44:e4:27:a9:74:8f:
         08:fa:33:f3:db:41:cf:62:d7:d9:8b:53:e4:b0:1d:2a:21:2f:
         74:2b:74:d9:19:dd:c4:2a:43:f3:d3:5e:9d:5e:c8:85:73:d5:
         af:55:c3:35:1d:b1:8e:83:74:2f:ae:ca:74:43:37:d5:72:b4:
         f5:5d:b9:94:d9:06:ee:bb:37:7f:ca:01:f1:2e:5c:89:99:d1:
         e7:f8:28:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUOcqgSFCGBp1QYSDv1ncr1psbG7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjMxMjAxMzBaFw0yNzA2MjIxMjA2MzBaMDMxMTAvBgNV
BAMTKDUxNjEzODM1QzI3RUEyNDBDQzdEMjA2NEFBRDQ5MzlFOTBBNDIxMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD26TmBtraYVygdnPP5pwKH4BY
GJjsccZSZzBZLb5T8wTt2ZemwE4arxGlRrfTKe9/47wCYRi9PHIxowRoODNWQPOO
TRiYlnb5STGJqlkqr3X7xzfLKkNxj7E4Nkhcb7aEolVrAmVbwX4oyBK4luojgNIr
tJZhjGzdV0D219LLY4mooNobRrJ3F2NZCcEVH24kY2ddfxQ2zUOj+wmGD5GI6N5/
z5D+HJ1RR85EkGglzErobRzaNXfY6ORfxUV1I7a7B0Z/JcpRqQoAWDnEBiSxnMXH
SyI3h6kfiLVvoLKYuawMeGwVRYSLLYRaKmysHo8dUOu/HRUKy68H76/fBvKNAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUUWE4NcJ+okDMfSBkqtSTnpCkISkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTgzODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSF7gw
DQYJKoZIhvcNAQELBQADggEBAHXFas2k82IEglFToCCzH7vR8IfQo/dpGMw2u7PW
SW+7U7NsX/Xc1zyPDk9V+MpTmdh8dDTFc5dQI2G+RdZm1nzMbwAcrggUTATbH7/W
b6ZPtsBkKT4i+Yc9UjcOAWc/dtm0utq/DYsV1mpovClOBlyYcEDJNPkKxz4cEC8H
tvP40Fs2upHs2QyK+ybHxu7YIrC0UFoZxaI6GCFBAYL0S1J3jE6BP2evQPCFaWQf
dUTkJ6l0jwj6M/PbQc9i19mLU+SwHSohL3QrdNkZ3cQqQ/PTXp1eyIVz1a9VwzUd
sY6DdC+uynRDN9VytPVduZTZBu67N3/KAfEuXImZ0ef4KIQ=
-----END CERTIFICATE-----