Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS55470.roa
File:                     AS55470.roa (raw, json)
Hash identifier:          3AlWfYj7IptQQnJL7Y6VkU84Rh8C2K8SJbwtfaSHqcY=
Subject key identifier:   DB:46:96:F0:9D:2C:E2:61:F3:AB:B3:C3:7C:D8:A8:44:15:D7:B3:6E
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       3C8D7E7959ADBFC21F59FDF82A4C4A62A18B5CBE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS55470.roa
Signing time:             Fri 22 May 2026 16:47:15 +0000
ROA not before:           Fri 22 May 2026 16:42:15 +0000
ROA not after:            Fri 21 May 2027 16:47:15 +0000
asID:                     55470
IP address blocks:        2a13:9500:7f::/48 maxlen: 48
                          2a13:9500:97::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 13:27:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:8d:7e:79:59:ad:bf:c2:1f:59:fd:f8:2a:4c:4a:62:a1:8b:5c:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May 22 16:42:15 2026 GMT
            Not After : May 21 16:47:15 2027 GMT
        Subject: CN=DB4696F09D2CE261F3ABB3C37CD8A84415D7B36E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:c5:7d:3b:50:8f:f5:27:61:95:f1:05:a9:8c:
                    c7:03:6f:ee:e9:8e:bb:e1:07:cc:32:c5:32:15:b6:
                    c2:bc:67:76:ba:1f:16:34:8b:56:d6:d7:3a:77:1d:
                    47:7f:64:3b:42:d8:25:63:0c:0e:87:52:be:e1:3c:
                    ef:99:cc:dc:4c:b6:28:8c:17:9f:da:09:83:07:97:
                    21:ea:4f:7d:ed:07:1c:63:84:40:e3:08:af:93:71:
                    d8:3a:82:c9:66:fe:8e:a3:27:1d:07:1a:2e:c1:87:
                    48:ef:60:9e:c2:2d:9b:d1:ba:93:1b:e1:12:fe:f5:
                    ad:a2:ae:52:c4:ad:fb:cc:2e:df:c3:5c:47:41:2c:
                    18:be:7e:0f:9f:b2:f0:a9:ff:41:98:b3:ee:39:15:
                    2e:85:72:15:d9:7a:7a:fc:dc:f4:ce:08:bb:42:e0:
                    54:cc:14:01:f2:6c:e8:07:64:5c:c3:f6:86:48:3f:
                    64:f8:5b:97:25:56:c2:38:8f:b4:af:79:ce:de:57:
                    86:56:ec:46:58:05:4e:9c:71:de:ff:ef:c1:9e:80:
                    ac:de:77:06:ad:7a:7d:b3:51:78:d9:e1:dc:18:e3:
                    41:78:03:79:dd:03:f2:5b:e3:b4:f2:88:d4:50:86:
                    16:a0:dc:74:77:2b:41:79:61:7e:18:df:1e:e4:b8:
                    83:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:46:96:F0:9D:2C:E2:61:F3:AB:B3:C3:7C:D8:A8:44:15:D7:B3:6E
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS55470.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:7f::/48
                  2a13:9500:97::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:a7:87:72:0c:d0:c5:47:06:b1:51:5b:f2:ba:ed:16:66:18:
         ee:a8:ea:c4:55:67:79:bb:95:39:06:66:fe:ed:0f:e5:6e:94:
         95:41:21:e9:df:0b:e9:c2:d4:5f:d3:f7:e2:95:37:2f:8c:68:
         0a:64:1a:8c:36:5a:ed:20:37:2b:e0:2b:89:80:7e:17:cd:89:
         21:ec:b2:8b:b2:d0:98:fe:3b:42:ec:73:e2:88:46:47:77:ef:
         6e:30:66:f3:8e:61:08:5a:11:a0:8c:a1:64:d9:74:31:c1:c5:
         5e:bf:3e:69:fb:b9:a1:dd:5a:d5:c2:38:2d:19:58:a8:a5:30:
         68:fe:62:34:f1:fc:ed:ef:b3:c6:23:6c:f0:8a:78:9d:08:b7:
         cf:f5:85:a9:29:57:7e:c7:39:5b:65:88:2f:cf:e8:c7:7a:88:
         e9:e5:53:fa:4f:39:3b:52:74:3a:ad:70:17:bb:c1:26:d9:72:
         1f:cd:6d:a8:a3:63:f4:bb:46:0c:45:aa:21:71:89:61:a3:1b:
         a4:2e:ad:c9:6b:f1:f7:34:ba:f5:6d:50:31:32:e8:2f:11:90:
         88:9c:3e:8a:f8:d6:9f:27:3d:b8:31:6e:c9:43:f4:bc:ad:f2:
         bf:b2:c9:81:68:8a:fc:9a:b8:ae:c3:30:09:f1:a9:7d:63:9d:
         ea:63:7f:86
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUPI1+eVmtv8IfWf34KkxKYqGLXL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MjIxNjQyMTVaFw0yNzA1MjExNjQ3MTVaMDMxMTAvBgNV
BAMTKERCNDY5NkYwOUQyQ0UyNjFGM0FCQjNDMzdDRDhBODQ0MTVEN0IzNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZxX07UI/1J2GV8QWpjMcDb+7p
jrvhB8wyxTIVtsK8Z3a6HxY0i1bW1zp3HUd/ZDtC2CVjDA6HUr7hPO+ZzNxMtiiM
F5/aCYMHlyHqT33tBxxjhEDjCK+Tcdg6gslm/o6jJx0HGi7Bh0jvYJ7CLZvRupMb
4RL+9a2irlLErfvMLt/DXEdBLBi+fg+fsvCp/0GYs+45FS6FchXZenr83PTOCLtC
4FTMFAHybOgHZFzD9oZIP2T4W5clVsI4j7Svec7eV4ZW7EZYBU6ccd7/78GegKze
dwaten2zUXjZ4dwY40F4A3ndA/Jb47TyiNRQhhag3HR3K0F5YX4Y3x7kuIMrAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU20aW8J0s4mHzq7PDfNioRBXXs24wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTU0NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwAqE5UA
AH8DBwAqE5UAAJcwDQYJKoZIhvcNAQELBQADggEBAHWnh3IM0MVHBrFRW/K67RZm
GO6o6sRVZ3m7lTkGZv7tD+VulJVBIenfC+nC1F/T9+KVNy+MaApkGow2Wu0gNyvg
K4mAfhfNiSHssouy0Jj+O0Lsc+KIRkd3724wZvOOYQhaEaCMoWTZdDHBxV6/Pmn7
uaHdWtXCOC0ZWKilMGj+YjTx/O3vs8YjbPCKeJ0It8/1hakpV37HOVtliC/P6Md6
iOnlU/pPOTtSdDqtcBe7wSbZch/NbaijY/S7RgxFqiFxiWGjG6Qurclr8fc0uvVt
UDEy6C8RkIicPor41p8nPbgxbslD9Lyt8r+yyYFoivyauK7DMAnxqX1jnepjf4Y=
-----END CERTIFICATE-----