Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198155.roa
File:                     AS198155.roa (raw, json)
Hash identifier:          ys+EYRcbciRw3XkjgQiAUf8bRlE3thnnKicxJLR4QSQ=
Subject key identifier:   6E:01:F4:BC:9C:D4:FA:E0:63:4B:E3:85:2C:41:9A:7C:06:03:B4:11
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4FE5144729F87AFFC66A26852EABCD41B28A4B8A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198155.roa
Signing time:             Mon 18 May 2026 10:18:48 +0000
ROA not before:           Mon 18 May 2026 10:13:48 +0000
ROA not after:            Mon 17 May 2027 10:18:48 +0000
asID:                     198155
IP address blocks:        2a13:9500:17b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:e5:14:47:29:f8:7a:ff:c6:6a:26:85:2e:ab:cd:41:b2:8a:4b:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 18 10:13:48 2026 GMT
            Not After : May 17 10:18:48 2027 GMT
        Subject: CN=6E01F4BC9CD4FAE0634BE3852C419A7C0603B411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:25:a0:29:58:33:dc:2b:be:ab:75:1b:d6:a8:
                    80:bf:fb:28:8e:d0:a4:d8:67:a1:4c:85:ff:c2:ff:
                    9d:f6:2b:ec:a7:2a:fd:f0:da:fa:37:2b:94:73:2e:
                    68:1d:6e:96:69:8a:8e:38:13:2f:64:de:08:d2:2b:
                    db:af:e1:d3:4d:cd:26:fa:87:97:fc:d4:2c:b7:7f:
                    2a:3e:c9:6d:0c:45:79:1e:f8:85:03:ab:0f:de:44:
                    d8:27:64:b9:e5:6b:07:08:64:59:09:ec:a6:04:bf:
                    7e:fb:bf:fc:9c:0d:a8:84:46:74:21:b2:a5:3e:21:
                    fe:53:64:77:5e:89:5d:fa:28:a3:10:5c:60:f2:ed:
                    f2:f3:41:71:5d:e1:ce:55:cb:97:ef:4f:8c:3b:6f:
                    8e:64:11:a4:a2:19:02:3b:53:d5:c5:d1:49:37:10:
                    1b:d0:45:7c:bc:a8:79:6b:10:65:a4:08:12:dd:a2:
                    19:4d:a3:06:ec:20:d5:37:01:93:d0:07:ff:1c:e7:
                    4b:dd:e3:a3:b5:17:84:ea:98:02:7f:bb:27:e1:f6:
                    1d:8a:87:90:8c:7f:2d:18:30:9d:89:47:0b:1c:c5:
                    97:89:ac:ab:f1:e1:38:6a:c2:b0:67:42:8f:93:09:
                    db:57:55:2a:fd:76:32:1d:44:1f:9e:4e:5f:70:d9:
                    36:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:01:F4:BC:9C:D4:FA:E0:63:4B:E3:85:2C:41:9A:7C:06:03:B4:11
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS198155.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:17b::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:70:83:fb:ee:8a:ee:e5:ff:ab:e0:94:84:06:af:f8:d1:52:
         fc:e9:c1:1e:e2:da:06:3f:f6:55:ae:4c:96:c8:fb:07:e7:ab:
         a9:34:16:da:36:b2:01:ff:e5:1e:6f:11:ac:b1:59:ce:bc:11:
         2d:f3:11:fd:52:16:89:1e:2b:f3:81:c7:ef:1e:36:6c:66:82:
         e8:ab:b7:cc:4b:49:ee:7d:b6:35:71:98:b8:72:20:37:ad:db:
         3a:44:14:04:9b:06:4f:52:09:7d:6e:df:e3:50:34:38:7b:9b:
         98:83:09:0c:62:90:46:d0:ad:8a:80:2f:cd:e2:ad:94:3f:d1:
         39:46:08:c3:2e:cd:ea:bd:3f:5f:ab:d4:ff:1b:10:52:a7:24:
         32:79:3c:1f:18:a3:3c:fd:52:47:d3:96:ed:dd:73:50:29:12:
         87:61:ca:5a:fc:18:a0:d9:94:1c:3d:f8:e4:19:e6:76:08:be:
         ce:c2:af:67:f9:fd:eb:f8:43:9a:c8:ee:17:77:de:a2:f5:5d:
         f4:4f:8a:58:51:4b:d4:4f:7a:e8:33:5d:38:64:30:0b:61:66:
         62:1b:27:06:31:cd:9d:79:8b:a3:cf:f0:d7:b5:ba:8d:bf:7a:
         f0:7a:e8:66:fd:4e:7f:3f:02:f4:1b:f5:7f:a7:aa:e5:da:d5:
         f1:ca:4e:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUT+UURyn4ev/GaiaFLqvNQbKKS4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTgxMDEzNDhaFw0yNzA1MTcxMDE4NDhaMDMxMTAvBgNV
BAMTKDZFMDFGNEJDOUNENEZBRTA2MzRCRTM4NTJDNDE5QTdDMDYwM0I0MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgJaApWDPcK76rdRvWqIC/+yiO
0KTYZ6FMhf/C/532K+ynKv3w2vo3K5RzLmgdbpZpio44Ey9k3gjSK9uv4dNNzSb6
h5f81Cy3fyo+yW0MRXke+IUDqw/eRNgnZLnlawcIZFkJ7KYEv377v/ycDaiERnQh
sqU+If5TZHdeiV36KKMQXGDy7fLzQXFd4c5Vy5fvT4w7b45kEaSiGQI7U9XF0Uk3
EBvQRXy8qHlrEGWkCBLdohlNowbsINU3AZPQB/8c50vd46O1F4TqmAJ/uyfh9h2K
h5CMfy0YMJ2JRwscxZeJrKvx4ThqwrBnQo+TCdtXVSr9djIdRB+eTl9w2TazAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbgH0vJzU+uBjS+OFLEGafAYDtBEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk4MTU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAF7MA0GCSqGSIb3DQEBCwUAA4IBAQCHcIP77oru5f+r4JSEBq/40VL86cEe4toG
P/ZVrkyWyPsH56upNBbaNrIB/+UebxGssVnOvBEt8xH9UhaJHivzgcfvHjZsZoLo
q7fMS0nufbY1cZi4ciA3rds6RBQEmwZPUgl9bt/jUDQ4e5uYgwkMYpBG0K2KgC/N
4q2UP9E5RgjDLs3qvT9fq9T/GxBSpyQyeTwfGKM8/VJH05bt3XNQKRKHYcpa/Big
2ZQcPfjkGeZ2CL7Owq9n+f3r+EOayO4Xd96i9V30T4pYUUvUT3roM104ZDALYWZi
GycGMc2deYujz/DXtbqNv3rweuhm/U5/PwL0G/V/p6rl2tXxyk5T
-----END CERTIFICATE-----