Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa
File:                     AS213482.roa (raw, json)
Hash identifier:          XeU1NDAKP8mVyWp3FwsDauo0c3jkNhA7aI9bzh6fuIs=
Subject key identifier:   54:CE:AE:92:CE:BE:49:F3:92:14:8B:71:8C:4D:FC:6F:70:E5:F2:F0
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       71FBC2659DEBB7C68C0B5D44DF23CF3D073C563D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa
Signing time:             Thu 04 Sep 2025 00:00:20 +0000
ROA not before:           Wed 03 Sep 2025 23:55:20 +0000
ROA not after:            Thu 03 Sep 2026 00:00:20 +0000
asID:                     213482
IP address blocks:        82.22.119.0/24 maxlen: 24
                          82.23.170.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:fb:c2:65:9d:eb:b7:c6:8c:0b:5d:44:df:23:cf:3d:07:3c:56:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Sep  3 23:55:20 2025 GMT
            Not After : Sep  3 00:00:20 2026 GMT
        Subject: CN=54CEAE92CEBE49F392148B718C4DFC6F70E5F2F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:08:de:a7:c7:19:49:ed:a7:02:ec:bb:b9:b1:
                    22:70:10:a0:bb:ff:a9:1f:19:5b:07:c4:d0:10:c1:
                    7f:06:3b:ab:da:20:3f:34:17:c3:a1:1a:49:de:32:
                    3e:28:7d:c8:40:cc:5f:8d:31:8f:45:15:97:fd:33:
                    c9:18:24:11:08:3e:d2:8f:2f:51:7c:7f:98:51:ed:
                    4b:74:18:bb:61:c3:83:d9:a2:2a:c8:a6:24:2f:4d:
                    e5:05:13:40:0c:ed:dc:7d:dc:be:8a:f9:7a:7e:42:
                    e7:06:bd:ef:70:44:e8:3b:92:e0:a0:b2:2d:cb:b3:
                    fc:5d:34:09:d3:c1:92:83:68:ce:1e:51:dc:26:5c:
                    90:a4:b3:ab:19:81:b6:00:ec:c8:fa:0f:b3:d3:28:
                    4a:7a:e0:24:0a:95:c2:9e:0b:aa:cd:29:f7:81:93:
                    b2:e8:09:02:7e:0a:bc:00:4a:dd:92:ae:4e:c1:01:
                    44:d8:60:44:ad:21:17:fc:a4:6a:b3:53:59:74:50:
                    66:e6:6d:96:ac:7b:b0:82:4d:ee:d0:b3:f2:33:42:
                    a7:44:2c:2c:a1:ae:e8:eb:a3:7d:34:06:d2:70:bd:
                    99:26:69:f7:19:7a:a1:fd:4c:cc:27:76:60:ce:ff:
                    10:57:07:bd:a5:7e:85:2e:0c:45:0d:34:e1:04:67:
                    f3:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:CE:AE:92:CE:BE:49:F3:92:14:8B:71:8C:4D:FC:6F:70:E5:F2:F0
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS213482.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.22.119.0/24
                  82.23.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:5e:ce:10:0b:d6:a8:ef:df:31:1e:fe:7f:48:4d:bb:c9:cc:
         5d:bb:a5:9a:15:4a:65:57:fd:45:4b:a7:c4:ad:0d:37:f6:4b:
         c9:f6:e0:3b:5f:37:36:e9:a7:ac:0d:c0:2a:14:5a:13:78:8e:
         b9:e2:6b:8d:e3:23:2d:a9:71:10:f2:a4:40:09:3e:53:70:eb:
         43:05:aa:96:cc:fe:90:93:fc:94:94:05:97:d7:33:d8:9a:6e:
         a3:94:06:61:ef:a5:24:78:3c:eb:38:95:35:46:7d:2a:ee:44:
         5a:1f:82:fd:18:52:5b:f5:5b:07:e6:f1:f9:55:ab:3c:1e:4d:
         59:3c:8e:ec:1d:05:28:59:36:16:a9:3f:8c:92:40:70:5e:19:
         43:1d:31:84:04:60:00:1a:39:ed:d8:af:4e:47:0d:b7:81:51:
         be:8d:2c:4f:90:4f:fa:76:cf:e4:ef:76:6f:95:15:90:a2:b1:
         54:c9:80:50:63:28:89:00:eb:fa:b0:1c:21:9e:48:77:6f:d6:
         e7:d2:0a:ac:30:d7:1a:99:9b:de:1e:b4:85:cb:ba:2c:2d:2d:
         1a:33:0c:b0:ef:3e:15:a8:62:35:85:5a:5a:43:e5:53:9b:ea:
         a0:47:b9:33:21:a5:7e:17:79:f7:f1:f4:67:6f:4f:5d:73:4b:
         0f:96:a0:29
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUcfvCZZ3rt8aMC11E3yPPPQc8Vj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA5MDMyMzU1MjBaFw0yNjA5MDMwMDAwMjBaMDMxMTAvBgNV
BAMTKDU0Q0VBRTkyQ0VCRTQ5RjM5MjE0OEI3MThDNERGQzZGNzBFNUYyRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXCN6nxxlJ7acC7Lu5sSJwEKC7
/6kfGVsHxNAQwX8GO6vaID80F8OhGkneMj4ofchAzF+NMY9FFZf9M8kYJBEIPtKP
L1F8f5hR7Ut0GLthw4PZoirIpiQvTeUFE0AM7dx93L6K+Xp+QucGve9wROg7kuCg
si3Ls/xdNAnTwZKDaM4eUdwmXJCks6sZgbYA7Mj6D7PTKEp64CQKlcKeC6rNKfeB
k7LoCQJ+CrwASt2Srk7BAUTYYEStIRf8pGqzU1l0UGbmbZase7CCTe7Qs/IzQqdE
LCyhrujro300BtJwvZkmafcZeqH9TMwndmDO/xBXB72lfoUuDEUNNOEEZ/NHAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUVM6uks6+SfOSFItxjE38b3Dl8vAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEzNDgyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhZ3
AwQAUheqMA0GCSqGSIb3DQEBCwUAA4IBAQAuXs4QC9ao798xHv5/SE27ycxdu6Wa
FUplV/1FS6fErQ039kvJ9uA7Xzc26aesDcAqFFoTeI654muN4yMtqXEQ8qRACT5T
cOtDBaqWzP6Qk/yUlAWX1zPYmm6jlAZh76UkeDzrOJU1Rn0q7kRaH4L9GFJb9VsH
5vH5Vas8Hk1ZPI7sHQUoWTYWqT+MkkBwXhlDHTGEBGAAGjnt2K9ORw23gVG+jSxP
kE/6ds/k73ZvlRWQorFUyYBQYyiJAOv6sBwhnkh3b9bn0gqsMNcamZveHrSFy7os
LS0aMwyw7z4VqGI1hVpaQ+VTm+qgR7kzIaV+F3n38fRnb09dc0sPlqAp
-----END CERTIFICATE-----