Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203466.roa
File:                     AS203466.roa (raw, json)
Hash identifier:          A93eGCYOLQYIELfoP7WABeRr7GrYfcXG7EyTSlhoDfc=
Subject key identifier:   19:59:D5:87:CB:29:80:58:49:8D:0A:E0:AA:81:99:CF:1C:AE:D1:5E
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       480613093406F606681A3D23DD3D6DE3C5BC77E7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203466.roa
Signing time:             Fri 29 May 2026 12:35:22 +0000
ROA not before:           Fri 29 May 2026 12:30:22 +0000
ROA not after:            Fri 28 May 2027 12:35:22 +0000
asID:                     203466
IP address blocks:        82.47.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:06:13:09:34:06:f6:06:68:1a:3d:23:dd:3d:6d:e3:c5:bc:77:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 29 12:30:22 2026 GMT
            Not After : May 28 12:35:22 2027 GMT
        Subject: CN=1959D587CB298058498D0AE0AA8199CF1CAED15E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4a:3f:fe:49:5c:96:83:d3:0e:31:c6:e6:66:
                    66:a4:89:41:93:07:5a:53:bd:82:20:ba:6c:bc:84:
                    bb:8a:e0:96:2d:f5:8b:1b:7b:24:99:ac:de:4a:28:
                    81:cb:0d:fb:60:a0:67:b5:f2:0b:9a:28:d4:85:fe:
                    e2:31:d1:c7:51:3b:a8:59:3e:bf:4b:ec:e0:a3:d4:
                    bb:26:a2:68:5a:3e:45:b9:cf:46:a8:f9:92:8c:84:
                    45:c3:82:c2:25:6a:d9:38:17:8c:63:69:6a:b3:96:
                    72:cb:c8:27:53:c2:b6:23:44:26:de:78:b3:64:f0:
                    50:ab:c6:26:da:d7:87:f2:b2:2a:f3:c6:93:d8:be:
                    25:06:26:a7:8a:fc:76:31:cf:5b:6f:27:d2:1c:7e:
                    2e:c3:a3:c5:8a:d9:db:30:04:5e:05:c2:59:75:18:
                    e0:5e:50:d1:81:86:63:73:93:e9:7e:71:d8:d3:c3:
                    57:0a:32:48:14:5e:8f:3f:64:2c:9c:8e:b2:36:7e:
                    b8:91:a3:56:41:0d:d9:b0:5d:a3:02:ac:38:4a:d8:
                    74:a4:25:5e:c2:33:c1:f6:dd:0d:12:e6:70:39:83:
                    e8:ab:a3:72:74:9a:39:4f:f6:38:b2:74:32:82:30:
                    3b:11:1d:0c:b8:eb:02:84:97:74:b4:c2:9a:f9:c8:
                    bb:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:59:D5:87:CB:29:80:58:49:8D:0A:E0:AA:81:99:CF:1C:AE:D1:5E
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS203466.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.47.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:8c:81:37:dd:1a:bd:bf:c4:07:03:6b:36:f1:de:44:56:e8:
         40:fa:4f:ab:84:64:f0:04:ab:22:ef:8c:a0:16:4a:db:63:09:
         99:bc:a1:d5:1f:85:74:ae:f1:3b:db:03:44:f5:92:3b:e6:b8:
         09:d2:7f:b9:1e:99:19:89:74:50:00:fc:c0:b6:a3:52:e3:f5:
         84:16:4f:15:9b:e5:b2:a8:89:77:bc:ef:60:18:24:02:ff:ab:
         1d:ca:c7:6d:b6:0d:df:25:35:e2:60:60:ba:90:52:53:b3:82:
         95:58:46:40:e9:7d:c4:5a:59:cb:20:1f:2a:9f:a9:26:97:bb:
         22:72:61:a6:68:c8:c4:ed:dd:79:74:8b:c8:72:62:10:dd:ac:
         ff:b3:68:80:5e:f7:9c:c5:e0:d2:ea:4a:50:9e:3d:63:e3:ba:
         03:85:9d:f0:81:08:ad:88:ff:31:b1:ed:35:7c:c9:34:8f:5c:
         61:04:ca:77:7c:f1:13:14:0d:61:6c:58:a2:f0:fc:f9:95:54:
         fe:70:3c:10:7a:ee:de:f2:9d:b6:68:c4:3c:56:5a:83:6d:64:
         e9:2f:7a:21:e5:7d:f2:ae:1c:04:5a:03:eb:54:29:df:2c:3f:
         c2:06:98:c7:b0:55:14:05:62:e5:0d:f7:2b:b6:fa:a1:bf:c7:
         8a:02:9d:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSAYTCTQG9gZoGj0j3T1t48W8d+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjkxMjMwMjJaFw0yNzA1MjgxMjM1MjJaMDMxMTAvBgNV
BAMTKDE5NTlENTg3Q0IyOTgwNTg0OThEMEFFMEFBODE5OUNGMUNBRUQxNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiSj/+SVyWg9MOMcbmZmakiUGT
B1pTvYIgumy8hLuK4JYt9YsbeySZrN5KKIHLDftgoGe18guaKNSF/uIx0cdRO6hZ
Pr9L7OCj1LsmomhaPkW5z0ao+ZKMhEXDgsIlatk4F4xjaWqzlnLLyCdTwrYjRCbe
eLNk8FCrxiba14fysirzxpPYviUGJqeK/HYxz1tvJ9Icfi7Do8WK2dswBF4Fwll1
GOBeUNGBhmNzk+l+cdjTw1cKMkgUXo8/ZCycjrI2friRo1ZBDdmwXaMCrDhK2HSk
JV7CM8H23Q0S5nA5g+iro3J0mjlP9jiydDKCMDsRHQy46wKEl3S0wpr5yLtZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUGVnVh8spgFhJjQrgqoGZzxyu0V4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAzNDY2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUi9i
MA0GCSqGSIb3DQEBCwUAA4IBAQBpjIE33Rq9v8QHA2s28d5EVuhA+k+rhGTwBKsi
74ygFkrbYwmZvKHVH4V0rvE72wNE9ZI75rgJ0n+5HpkZiXRQAPzAtqNS4/WEFk8V
m+WyqIl3vO9gGCQC/6sdysdttg3fJTXiYGC6kFJTs4KVWEZA6X3EWlnLIB8qn6km
l7sicmGmaMjE7d15dIvIcmIQ3az/s2iAXvecxeDS6kpQnj1j47oDhZ3wgQitiP8x
se01fMk0j1xhBMp3fPETFA1hbFii8Pz5lVT+cDwQeu7e8p22aMQ8VlqDbWTpL3oh
5X3yrhwEWgPrVCnfLD/CBpjHsFUUBWLlDfcrtvqhv8eKAp2O
-----END CERTIFICATE-----