Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200182.roa
File:                     AS200182.roa (raw, json)
Hash identifier:          Y87qBw3RafvsJdI7hmyEyVgwmwabe+TzRq2e0PoNR0M=
Subject key identifier:   77:35:68:AD:3E:09:5A:B3:AD:17:31:25:91:B7:8D:A9:38:BE:EC:3C
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       1E70164E830C7609B791A1E6FFC59C41215859D8
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200182.roa
Signing time:             Wed 13 May 2026 14:40:32 +0000
ROA not before:           Wed 13 May 2026 14:35:32 +0000
ROA not after:            Wed 12 May 2027 14:40:32 +0000
asID:                     200182
IP address blocks:        2a13:9501::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 May 2026 19:21:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:70:16:4e:83:0c:76:09:b7:91:a1:e6:ff:c5:9c:41:21:58:59:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 13 14:35:32 2026 GMT
            Not After : May 12 14:40:32 2027 GMT
        Subject: CN=773568AD3E095AB3AD17312591B78DA938BEEC3C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:27:89:6d:fc:4f:99:e8:07:71:bb:84:a7:97:
                    f4:8a:99:a2:32:a7:fb:a6:8b:1b:ad:a2:44:8c:f6:
                    e7:ae:34:ab:53:f3:2b:a8:d8:67:73:07:39:28:68:
                    7a:e7:3e:d6:8a:be:9e:da:34:55:c7:dd:e7:18:0c:
                    55:b7:b9:49:8a:4d:25:0f:c9:c2:50:89:fb:30:6f:
                    c3:40:91:0d:53:ff:c5:f6:e4:cf:3a:3c:04:75:8b:
                    bf:a1:8a:60:8c:5a:34:24:38:b8:2a:c4:04:fd:06:
                    6c:18:8e:3c:b6:3e:d1:a1:bd:e9:05:82:9a:c2:38:
                    6e:08:d9:7c:75:f9:54:8a:a7:f4:dd:b3:e1:a6:4f:
                    83:d0:70:e3:14:bf:9e:0b:78:c7:8a:50:41:55:13:
                    9e:d8:79:5f:d8:dd:1d:1b:53:8e:c6:1e:96:fe:a0:
                    60:dd:06:66:5f:7f:d0:6c:b7:d5:98:8e:2c:bc:8c:
                    6c:49:8f:2e:a5:58:40:90:50:44:bd:52:14:22:91:
                    78:42:4d:ed:13:98:e7:55:3b:5a:46:65:c7:b2:3a:
                    56:61:af:03:65:91:66:13:4f:47:72:b2:fc:ea:82:
                    52:09:68:03:71:07:e9:30:52:54:6a:05:78:40:6a:
                    85:a0:c7:9c:a0:03:cf:cd:84:8b:3e:7b:30:38:cc:
                    a3:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:35:68:AD:3E:09:5A:B3:AD:17:31:25:91:B7:8D:A9:38:BE:EC:3C
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200182.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9501::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:57:7d:ea:eb:55:2c:62:de:ec:7c:a9:49:3a:84:b2:38:bf:
         f9:dc:d7:d5:1b:d0:e5:46:64:64:03:fd:7c:75:64:54:8e:9b:
         9c:ae:b8:7f:ba:c7:62:d8:c7:3e:5a:9e:42:04:00:83:94:de:
         79:82:96:ad:37:a5:19:55:5b:fb:e2:6a:eb:77:13:47:67:ff:
         00:e8:a5:c1:d0:f1:53:e2:c8:2e:98:19:90:77:a2:61:31:9e:
         76:63:1e:8c:ce:15:80:1a:78:3b:89:4c:7c:49:46:94:2e:f3:
         4f:e5:4d:65:bc:d7:14:12:d0:39:ba:e8:c5:b3:d1:46:65:4d:
         e5:bf:90:76:22:dd:21:26:fb:0d:73:1c:b4:f9:ca:ab:69:94:
         fa:35:99:e4:54:be:b2:d3:33:3f:77:97:30:fa:4c:f9:3e:a1:
         ad:1b:73:95:3d:15:4a:44:ed:f7:15:b6:b6:e3:a2:5a:13:6c:
         7d:05:cc:7a:2e:a7:12:30:38:83:2e:c2:49:01:ff:12:26:70:
         67:6d:d8:20:2b:7c:79:b1:8c:17:d1:29:4e:2e:94:8d:cb:88:
         3b:7a:97:69:8d:df:66:e2:15:bb:f0:51:06:21:18:d2:c2:18:
         d3:81:dc:39:bf:e6:38:29:c2:ff:a8:76:7a:f0:7d:2e:4a:78:
         ec:9b:60:00
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUHnAWToMMdgm3kaHm/8WcQSFYWdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTMxNDM1MzJaFw0yNzA1MTIxNDQwMzJaMDMxMTAvBgNV
BAMTKDc3MzU2OEFEM0UwOTVBQjNBRDE3MzEyNTkxQjc4REE5MzhCRUVDM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJ4lt/E+Z6Adxu4Snl/SKmaIy
p/umixutokSM9ueuNKtT8yuo2GdzBzkoaHrnPtaKvp7aNFXH3ecYDFW3uUmKTSUP
ycJQifswb8NAkQ1T/8X25M86PAR1i7+himCMWjQkOLgqxAT9BmwYjjy2PtGhvekF
gprCOG4I2Xx1+VSKp/Tds+GmT4PQcOMUv54LeMeKUEFVE57YeV/Y3R0bU47GHpb+
oGDdBmZff9Bst9WYjiy8jGxJjy6lWECQUES9UhQikXhCTe0TmOdVO1pGZceyOlZh
rwNlkWYTT0dysvzqglIJaANxB+kwUlRqBXhAaoWgx5ygA8/NhIs+ezA4zKNhAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUdzVorT4JWrOtFzElkbeNqTi+7DwwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAwMTgyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOV
ATANBgkqhkiG9w0BAQsFAAOCAQEAUFd96utVLGLe7HypSTqEsji/+dzX1RvQ5UZk
ZAP9fHVkVI6bnK64f7rHYtjHPlqeQgQAg5TeeYKWrTelGVVb++Jq63cTR2f/AOil
wdDxU+LILpgZkHeiYTGedmMejM4VgBp4O4lMfElGlC7zT+VNZbzXFBLQObroxbPR
RmVN5b+QdiLdISb7DXMctPnKq2mU+jWZ5FS+stMzP3eXMPpM+T6hrRtzlT0VSkTt
9xW2tuOiWhNsfQXMei6nEjA4gy7CSQH/EiZwZ23YICt8ebGMF9EpTi6UjcuIO3qX
aY3fZuIVu/BRBiEY0sIY04HcOb/mOCnC/6h2evB9Lkp47JtgAA==
-----END CERTIFICATE-----