Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200177.roa
File:                     AS200177.roa (raw, json)
Hash identifier:          Lf+81dPL7qZ8sqmFoRsgMG098d+uswyRGMetpgPdJ7Q=
Subject key identifier:   FB:BE:34:9D:26:55:3A:D4:C2:00:1E:F3:FD:B2:94:69:0F:2E:F7:E2
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4A1CFC0D07E33414AEB6C04A8F48F39303CA9B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200177.roa
Signing time:             Sat 30 May 2026 10:40:06 +0000
ROA not before:           Sat 30 May 2026 10:35:06 +0000
ROA not after:            Sat 29 May 2027 10:40:06 +0000
asID:                     200177
IP address blocks:        178.83.180.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:1c:fc:0d:07:e3:34:14:ae:b6:c0:4a:8f:48:f3:93:03:ca:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 30 10:35:06 2026 GMT
            Not After : May 29 10:40:06 2027 GMT
        Subject: CN=FBBE349D26553AD4C2001EF3FDB294690F2EF7E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:9e:fa:43:c8:7a:29:d6:85:12:5e:bb:30:8a:
                    ba:e9:62:5f:4d:17:3c:ef:47:41:74:03:31:fb:ab:
                    ab:27:78:2d:a2:ae:c3:d4:39:66:6b:fe:e4:3f:83:
                    3f:4f:a1:62:31:67:fd:0d:48:3a:95:c5:1c:fd:82:
                    bf:7d:72:0c:7f:c8:73:59:66:60:7c:9b:65:b4:26:
                    68:9e:6a:f9:a7:31:fb:39:df:ea:35:96:74:53:af:
                    0b:62:66:78:a8:ee:b1:b6:35:55:fb:fa:f6:78:92:
                    28:51:bd:4e:93:38:88:31:81:d7:4d:72:7b:1e:d7:
                    0a:35:b3:5d:c0:46:b1:83:96:da:0d:77:08:ac:c1:
                    5f:46:a9:b4:72:a3:f2:2c:8c:ae:f6:65:5c:11:ef:
                    07:7a:ab:8e:c1:e3:a8:85:ba:ed:ad:59:44:2b:51:
                    ed:23:9e:aa:17:b8:20:24:55:fe:de:77:04:f5:c9:
                    da:bf:5d:55:ee:cf:f0:33:0f:90:40:bb:a3:cf:22:
                    36:9b:0e:10:cb:4e:fd:44:2d:2c:2c:40:64:ef:17:
                    10:ee:75:44:a6:91:62:4b:75:c9:c8:05:b9:79:72:
                    1d:ff:22:15:48:de:51:d4:52:38:65:c0:9d:24:fc:
                    ca:4d:8b:1e:98:68:54:0e:a0:c5:38:14:35:e0:4d:
                    a0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:BE:34:9D:26:55:3A:D4:C2:00:1E:F3:FD:B2:94:69:0F:2E:F7:E2
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200177.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.83.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:53:c6:50:3f:50:ae:55:1a:2b:a6:25:30:6b:34:36:eb:4c:
         c4:ba:29:e7:60:e3:74:cd:48:12:c0:40:3f:32:72:17:98:8b:
         d1:74:ff:eb:71:a9:87:58:6c:ae:ce:07:67:e7:78:b0:1b:e8:
         ba:12:32:83:12:df:80:7b:af:7f:78:69:cc:1b:a7:7e:52:39:
         21:bc:e6:a6:ec:cd:ad:65:c6:e0:fd:78:97:04:c0:7f:84:95:
         9e:1a:e1:c3:d9:34:92:13:2e:0d:b2:d7:ff:b2:9b:4f:92:cc:
         ec:31:78:55:0c:9b:5c:cb:c0:4b:8f:56:54:1a:0d:9a:39:b4:
         0b:a1:f7:6f:50:e1:c3:7b:f9:65:86:43:79:21:2c:76:c8:6a:
         0e:fe:74:de:94:30:99:e3:48:64:2e:fd:bd:e1:9d:b7:45:50:
         c9:e9:f8:5e:ab:4e:08:a1:bc:43:35:36:a6:f6:fb:80:58:ee:
         bc:93:7f:76:0e:ae:21:27:45:00:69:e3:dd:fb:77:8e:48:bd:
         00:2b:d7:7e:bf:ba:ef:2e:cb:02:49:8f:d4:46:44:e7:af:f7:
         15:9e:e9:de:6b:7f:e9:73:30:76:50:3c:43:ed:08:5c:c3:86:
         94:08:c7:12:08:f1:57:a9:87:db:9a:d9:60:73:35:f7:19:66:
         97:20:33:69
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgITShz8DQfjNBSutsBKj0jzkwPKmzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygyMThjYzZlMjQxMDVkZTZjNWM5MDAzZDY1MjQzODkzY2Iz
Y2ZkZDAxMB4XDTI2MDUzMDEwMzUwNloXDTI3MDUyOTEwNDAwNlowMzExMC8GA1UE
AxMoRkJCRTM0OUQyNjU1M0FENEMyMDAxRUYzRkRCMjk0NjkwRjJFRjdFMjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL+e+kPIeinWhRJeuzCKuuliX00X
PO9HQXQDMfurqyd4LaKuw9Q5Zmv+5D+DP0+hYjFn/Q1IOpXFHP2Cv31yDH/Ic1lm
YHybZbQmaJ5q+acx+znf6jWWdFOvC2JmeKjusbY1Vfv69niSKFG9TpM4iDGB101y
ex7XCjWzXcBGsYOW2g13CKzBX0aptHKj8iyMrvZlXBHvB3qrjsHjqIW67a1ZRCtR
7SOeqhe4ICRV/t53BPXJ2r9dVe7P8DMPkEC7o88iNpsOEMtO/UQtLCxAZO8XEO51
RKaRYkt1ycgFuXlyHf8iFUjeUdRSOGXAnST8yk2LHphoVA6gxTgUNeBNoLsCAwEA
AaOCAgowggIGMB0GA1UdDgQWBBT7vjSdJlU61MIAHvP9spRpDy734jAfBgNVHSME
GDAWgBQhjMbiQQXebFyQA9ZSQ4k8s8/dATAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS83MThhMWI0Zi1iNjRjLTQwMmMtYmUxNS1kZDgyYTQxYTFh
ZjYvMC8yMThDQzZFMjQxMDVERTZDNUM5MDAzRDY1MjQzODkzQ0IzQ0ZERDAxLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvSVl6RzRrRUYzbXhja0FQV1VrT0pQTFBQ
M1FFLmNlcjB7BggrBgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnN5
bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00
MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvQVMyMDAxNzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGyU7Qw
DQYJKoZIhvcNAQELBQADggEBAE1TxlA/UK5VGiumJTBrNDbrTMS6Kedg43TNSBLA
QD8ycheYi9F0/+txqYdYbK7OB2fneLAb6LoSMoMS34B7r394acwbp35SOSG85qbs
za1lxuD9eJcEwH+ElZ4a4cPZNJITLg2y1/+ym0+SzOwxeFUMm1zLwEuPVlQaDZo5
tAuh929Q4cN7+WWGQ3khLHbIag7+dN6UMJnjSGQu/b3hnbdFUMnp+F6rTgihvEM1
Nqb2+4BY7ryTf3YOriEnRQBp4937d45IvQAr136/uu8uywJJj9RGROev9xWe6d5r
f+lzMHZQPEPtCFzDhpQIxxII8Veph9ua2WBzNfcZZpcgM2k=
-----END CERTIFICATE-----