Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200455.roa
File:                     AS200455.roa (raw, json)
Hash identifier:          8bvgGJdrdopgEjHD4mQ9HXeOlUGyc5w6qn543KSBOrw=
Subject key identifier:   D8:23:CC:8F:43:AD:A1:41:B0:41:EE:29:17:92:3A:57:75:08:DC:5D
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       5FE83C561DC3A9C3744DE302586D09A3E38DE441
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200455.roa
Signing time:             Sun 21 Sep 2025 13:44:01 +0000
ROA not before:           Sun 21 Sep 2025 13:39:01 +0000
ROA not after:            Sun 20 Sep 2026 13:44:01 +0000
asID:                     200455
IP address blocks:        2a13:9500:e5::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:e8:3c:56:1d:c3:a9:c3:74:4d:e3:02:58:6d:09:a3:e3:8d:e4:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Sep 21 13:39:01 2025 GMT
            Not After : Sep 20 13:44:01 2026 GMT
        Subject: CN=D823CC8F43ADA141B041EE2917923A577508DC5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:80:cb:3b:fe:00:bf:fd:d8:6b:7f:c6:53:87:
                    0d:fb:54:e4:b2:80:81:78:ce:96:11:6a:91:2a:6d:
                    f8:f0:a1:7d:41:19:62:36:10:ff:36:b9:b5:b2:de:
                    5e:3a:93:52:03:b2:8a:17:84:a1:26:9b:03:3c:c5:
                    d1:8d:80:c8:5e:02:db:b8:ad:fa:c4:95:1a:d3:37:
                    3c:c6:b5:2a:6b:7e:3e:8c:b4:1e:05:3f:45:6e:ba:
                    ef:9c:0c:9a:25:35:8a:b6:91:eb:0f:8d:7c:ae:c2:
                    77:04:03:12:85:1a:b5:da:e3:02:c9:19:13:fe:17:
                    d1:e2:e3:5e:5f:55:86:a8:c0:cc:77:bd:b6:48:12:
                    4d:b8:9c:98:b2:ac:c5:be:b7:a5:97:eb:82:68:fd:
                    3e:22:00:32:e4:06:02:44:38:03:fb:31:78:34:7e:
                    27:50:3e:1d:23:96:1e:31:cb:4d:ad:17:98:74:ee:
                    bd:80:7d:b4:e5:dd:8f:ef:46:6e:92:a4:b4:fd:aa:
                    4b:19:9d:c0:0a:4e:ee:6e:ea:39:14:c3:03:24:66:
                    e1:31:33:94:d8:99:18:91:dd:06:72:0d:03:76:42:
                    6a:07:a6:c8:c9:09:80:fd:da:6f:9a:39:8c:1a:92:
                    c7:42:b8:f7:fd:ca:f2:d0:0d:86:14:f9:20:00:d0:
                    b7:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:23:CC:8F:43:AD:A1:41:B0:41:EE:29:17:92:3A:57:75:08:DC:5D
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS200455.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:e5::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:67:a9:cb:ca:19:f6:01:77:d0:69:5a:26:c9:58:c4:38:47:
         06:63:5b:14:90:09:da:67:8d:45:26:a5:58:13:b7:24:da:11:
         00:0a:7e:0c:42:eb:32:a9:63:5c:ca:65:de:cc:e3:d9:e3:34:
         a5:59:dd:50:cb:c3:2d:da:13:d6:d6:39:5a:cc:e7:2b:79:8f:
         88:ed:06:81:0e:3c:65:54:78:07:96:8b:f4:76:eb:0f:12:ae:
         3a:71:97:60:23:06:50:a2:bc:d2:15:22:76:82:23:a5:ea:76:
         71:e5:97:c4:1c:09:d4:49:4f:2e:3a:91:d8:16:cb:3f:5a:22:
         3a:74:36:d8:6b:a3:72:77:0d:f7:91:c6:34:ff:fd:50:40:d8:
         17:9b:cb:eb:b2:aa:ff:35:42:30:f9:50:58:95:80:e0:24:79:
         d9:c0:05:0e:e4:20:bb:6f:d6:ff:fc:4f:88:01:90:16:c0:4a:
         e0:ef:45:e7:28:79:19:59:ce:eb:b8:e7:02:d8:f2:35:4e:9d:
         9b:cb:62:9d:a4:38:2b:f7:f6:a2:f4:c2:a6:36:33:ad:d5:29:
         53:1c:8a:7d:f0:38:d1:64:16:fe:04:59:bc:36:e8:4e:e3:fa:
         86:14:08:f9:49:0f:02:28:75:1f:be:81:7d:fd:8e:2a:36:08:
         74:a3:af:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUX+g8Vh3DqcN0TeMCWG0Jo+ON5EEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MjExMzM5MDFaFw0yNjA5MjAxMzQ0MDFaMDMxMTAvBgNV
BAMTKEQ4MjNDQzhGNDNBREExNDFCMDQxRUUyOTE3OTIzQTU3NzUwOERDNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2gMs7/gC//dhrf8ZThw37VOSy
gIF4zpYRapEqbfjwoX1BGWI2EP82ubWy3l46k1IDsooXhKEmmwM8xdGNgMheAtu4
rfrElRrTNzzGtSprfj6MtB4FP0Vuuu+cDJolNYq2kesPjXyuwncEAxKFGrXa4wLJ
GRP+F9Hi415fVYaowMx3vbZIEk24nJiyrMW+t6WX64Jo/T4iADLkBgJEOAP7MXg0
fidQPh0jlh4xy02tF5h07r2AfbTl3Y/vRm6SpLT9qksZncAKTu5u6jkUwwMkZuEx
M5TYmRiR3QZyDQN2QmoHpsjJCYD92m+aOYwaksdCuPf9yvLQDYYU+SAA0LdtAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU2CPMj0OtoUGwQe4pF5I6V3UI3F0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAwNDU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AADlMA0GCSqGSIb3DQEBCwUAA4IBAQABZ6nLyhn2AXfQaVomyVjEOEcGY1sUkAna
Z41FJqVYE7ck2hEACn4MQusyqWNcymXezOPZ4zSlWd1Qy8Mt2hPW1jlazOcreY+I
7QaBDjxlVHgHlov0dusPEq46cZdgIwZQorzSFSJ2giOl6nZx5ZfEHAnUSU8uOpHY
Fss/WiI6dDbYa6Nydw33kcY0//1QQNgXm8vrsqr/NUIw+VBYlYDgJHnZwAUO5CC7
b9b//E+IAZAWwErg70XnKHkZWc7ruOcC2PI1Tp2by2KdpDgr9/ai9MKmNjOt1SlT
HIp98DjRZBb+BFm8NuhO4/qGFAj5SQ8CKHUfvoF9/Y4qNgh0o69j
-----END CERTIFICATE-----