Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51031.roa
File:                     AS51031.roa (raw, json)
Hash identifier:          2oK8a0GUsjik1S4n9kAqujKIbsfinsxlxe0a5JPVuOI=
Subject key identifier:   3B:90:C2:BB:6F:33:E6:F0:14:D3:16:38:96:67:B4:7E:17:30:9A:B2
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       49D2028968B8D3B44CEC20255DB38E72B54F1F6F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51031.roa
Signing time:             Thu 28 May 2026 10:10:07 +0000
ROA not before:           Thu 28 May 2026 10:05:07 +0000
ROA not after:            Thu 27 May 2027 10:10:07 +0000
asID:                     51031
IP address blocks:        2a13:9500:182::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jun 2026 15:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:d2:02:89:68:b8:d3:b4:4c:ec:20:25:5d:b3:8e:72:b5:4f:1f:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 28 10:05:07 2026 GMT
            Not After : May 27 10:10:07 2027 GMT
        Subject: CN=3B90C2BB6F33E6F014D316389667B47E17309AB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:e0:6a:34:b0:08:19:8f:f8:76:8f:7e:94:07:
                    d4:09:8d:74:a4:04:ab:70:92:1e:a5:45:59:b9:09:
                    70:2e:52:d1:4a:d8:50:0f:60:b7:49:23:d8:43:cf:
                    de:1b:d2:1c:b0:50:fb:65:4d:e3:91:da:8a:50:4d:
                    4b:f3:c8:e1:69:c0:0a:dc:39:8b:6a:02:66:ce:06:
                    38:1d:ca:c3:ca:ef:47:70:e8:15:9d:c3:80:e8:e7:
                    b8:33:00:16:b3:76:83:64:08:73:99:bf:f4:8a:db:
                    93:21:d5:73:32:0b:ea:df:70:ea:75:91:00:76:76:
                    6b:e9:cd:50:2c:23:02:ea:b7:d0:4f:9e:25:f1:7d:
                    72:84:3e:4f:50:07:d2:62:4c:34:9f:fc:90:38:f7:
                    66:bb:24:21:00:2c:87:67:0a:a6:4b:89:80:be:da:
                    6c:e7:e1:1f:1f:ce:5e:c0:71:80:95:88:7f:6e:97:
                    d3:76:a6:52:cb:5d:29:ef:df:c7:47:0d:9f:f6:c6:
                    32:a2:4a:f1:1f:fb:92:af:77:ed:aa:dd:80:ed:34:
                    d7:5b:f4:c4:ec:6d:11:50:dc:13:bb:ce:30:e2:e1:
                    d6:16:3e:03:15:6e:f5:99:99:d9:b6:78:64:c8:0a:
                    c2:68:6e:c7:a8:7e:ff:81:a0:1c:9b:31:f2:f8:31:
                    24:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:90:C2:BB:6F:33:E6:F0:14:D3:16:38:96:67:B4:7E:17:30:9A:B2
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:182::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:b2:58:3c:50:39:45:d0:ea:2e:90:5d:40:98:8f:c0:9a:e8:
         f3:24:19:bb:f4:8c:1d:43:f9:65:f3:ad:a8:36:9d:39:39:c2:
         d6:29:9b:15:5c:8e:5e:4b:d9:59:35:17:ef:00:e8:45:15:76:
         af:fe:f9:9f:b3:7a:e3:e5:0c:c5:a5:16:88:38:ff:d1:58:0e:
         74:97:5b:75:8b:08:fa:97:2c:d8:cc:4c:be:18:1a:f2:67:ae:
         88:8a:1d:29:39:33:3b:e4:fb:27:d7:c3:00:41:a9:35:b9:f2:
         a3:15:44:7a:82:b2:17:35:9f:92:01:fc:9e:83:cf:4b:f2:58:
         a9:58:56:4d:ba:eb:b1:d1:ab:f9:0b:29:3b:d3:4b:86:80:d8:
         9d:70:9c:a1:ea:97:e7:29:4d:d7:a7:34:7d:62:6d:86:a1:0a:
         37:3b:af:b9:17:57:a5:dc:18:43:7c:5d:4f:b9:85:40:f3:05:
         0d:d0:70:b5:41:a3:ba:5f:94:aa:cd:b2:75:ef:2a:8a:f3:2b:
         04:1e:57:c0:af:e3:91:df:6f:90:de:a1:30:e8:9d:65:6e:4e:
         bd:bd:21:22:88:ec:74:51:93:18:6f:06:06:e5:b6:2b:23:7f:
         9d:eb:26:e7:5f:7c:05:72:9a:87:e5:6a:22:e3:d8:0d:44:33:
         a5:76:4c:f8
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUSdICiWi407RM7CAlXbOOcrVPH28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjgxMDA1MDdaFw0yNzA1MjcxMDEwMDdaMDMxMTAvBgNV
BAMTKDNCOTBDMkJCNkYzM0U2RjAxNEQzMTYzODk2NjdCNDdFMTczMDlBQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy4Go0sAgZj/h2j36UB9QJjXSk
BKtwkh6lRVm5CXAuUtFK2FAPYLdJI9hDz94b0hywUPtlTeOR2opQTUvzyOFpwArc
OYtqAmbOBjgdysPK70dw6BWdw4Do57gzABazdoNkCHOZv/SK25Mh1XMyC+rfcOp1
kQB2dmvpzVAsIwLqt9BPniXxfXKEPk9QB9JiTDSf/JA492a7JCEALIdnCqZLiYC+
2mzn4R8fzl7AcYCViH9ul9N2plLLXSnv38dHDZ/2xjKiSvEf+5Kvd+2q3YDtNNdb
9MTsbRFQ3BO7zjDi4dYWPgMVbvWZmdm2eGTICsJobseofv+BoBybMfL4MSQDAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUO5DCu28z5vAU0xY4lme0fhcwmrIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTEwMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE5UA
AYIwDQYJKoZIhvcNAQELBQADggEBAHSyWDxQOUXQ6i6QXUCYj8Ca6PMkGbv0jB1D
+WXzrag2nTk5wtYpmxVcjl5L2Vk1F+8A6EUVdq/++Z+zeuPlDMWlFog4/9FYDnSX
W3WLCPqXLNjMTL4YGvJnroiKHSk5Mzvk+yfXwwBBqTW58qMVRHqCshc1n5IB/J6D
z0vyWKlYVk2667HRq/kLKTvTS4aA2J1wnKHql+cpTdenNH1ibYahCjc7r7kXV6Xc
GEN8XU+5hUDzBQ3QcLVBo7pflKrNsnXvKorzKwQeV8Cv45Hfb5DeoTDonWVuTr29
ISKI7HRRkxhvBgbltisjf53rJudffAVymoflaiLj2A1EM6V2TPg=
-----END CERTIFICATE-----