Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS58202.roa
File:                     AS58202.roa (raw, json)
Hash identifier:          cxVhZPYze0jlOixfnyGAJfd+Bv3jHupIx52viumh684=
Subject key identifier:   77:D2:C3:C1:2A:64:91:AD:FE:BC:F8:EA:FD:53:AE:1A:B8:2F:63:DC
Certificate issuer:       /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial:       1690B756734190FBB38BB0AC08743A6978294FB4
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS58202.roa
Signing time:             Wed 10 Jun 2026 06:00:01 +0000
ROA not before:           Wed 10 Jun 2026 05:55:01 +0000
ROA not after:            Wed 09 Jun 2027 06:00:01 +0000
asID:                     58202
IP address blocks:        2a14:7580::/44 maxlen: 48
                          2a14:7580::/48 maxlen: 48
                          2a14:7580:1::/48 maxlen: 48
                          2a14:7580:2::/48 maxlen: 48
                          2a14:7580:3::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 14:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:90:b7:56:73:41:90:fb:b3:8b:b0:ac:08:74:3a:69:78:29:4f:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
        Validity
            Not Before: Jun 10 05:55:01 2026 GMT
            Not After : Jun  9 06:00:01 2027 GMT
        Subject: CN=77D2C3C12A6491ADFEBCF8EAFD53AE1AB82F63DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9f:80:44:e4:d7:83:69:94:20:c3:be:a3:b2:
                    b6:da:2f:45:ff:3a:c7:d1:ac:12:8f:92:6c:18:42:
                    a4:85:05:98:93:81:d2:9f:d3:55:3c:fa:c2:ac:6e:
                    22:28:9e:07:5f:3b:96:f5:4e:56:55:12:8d:d3:6e:
                    ee:b5:e4:78:73:e8:e0:f7:bb:86:59:35:71:b8:b4:
                    32:54:0f:63:1b:5a:e9:3c:13:47:99:87:e4:68:f3:
                    88:af:ff:7e:0f:e3:e5:27:c6:21:09:59:a0:65:ae:
                    d7:c4:c5:14:a8:72:f9:46:ca:60:ca:da:af:fc:93:
                    4b:2b:c2:af:4b:16:2b:99:a5:7c:57:ef:4c:58:39:
                    c9:fa:b4:1a:fa:27:34:97:ca:9e:3d:df:f9:e5:42:
                    67:6d:b3:34:20:35:3d:e1:b9:4c:15:c0:a0:db:6d:
                    75:b6:85:cf:e6:41:4e:69:aa:4e:ab:e8:89:7e:75:
                    b7:7c:cd:12:b4:70:5b:1b:e5:f3:bd:e5:45:70:56:
                    70:1c:2e:0a:8c:be:44:08:aa:b2:e7:dc:4a:b3:10:
                    01:56:3b:2c:89:a3:4c:26:59:49:20:f5:8b:1a:9e:
                    47:77:24:d5:7e:66:45:45:e8:b0:2b:02:4f:09:00:
                    17:99:c6:f9:c6:e1:41:dd:07:d7:de:2b:fe:e4:d8:
                    f8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:D2:C3:C1:2A:64:91:AD:FE:BC:F8:EA:FD:53:AE:1A:B8:2F:63:DC
            X509v3 Authority Key Identifier:
                keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS58202.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580::/44

    Signature Algorithm: sha256WithRSAEncryption
         90:96:d2:ba:99:9c:39:4d:6d:55:8f:7e:0d:bb:ea:b6:bc:e2:
         78:54:70:dc:78:81:24:5e:76:97:38:a7:0f:b3:be:50:49:bd:
         ac:e0:f8:29:61:14:86:44:3c:9e:46:58:60:0d:e6:a2:44:94:
         38:8c:a1:97:e9:89:0e:b3:4a:75:42:99:d7:78:a2:2f:00:8a:
         b4:9d:b7:10:20:02:c0:d1:cc:59:71:30:60:bf:28:16:5f:4a:
         48:22:a3:9c:4b:aa:e8:6c:38:75:4b:3f:39:52:c8:1a:be:12:
         9a:e7:11:08:c1:55:0e:a8:48:23:15:a1:29:26:d3:bb:ee:24:
         d4:d1:c5:e2:37:a5:4e:40:5b:06:3f:7b:17:7f:a2:4e:de:82:
         4a:7d:40:f1:60:e7:4d:98:73:99:cb:7d:06:89:c7:27:32:44:
         78:c4:94:c2:2c:a0:1e:e9:43:90:f8:d1:01:68:fc:be:9d:cc:
         ec:91:23:9b:ca:2b:85:0b:0d:d3:f7:fc:b4:69:31:c5:28:58:
         cc:8b:82:b8:7c:35:d3:c1:6a:1b:c1:57:46:af:76:d7:ed:eb:
         ce:46:3d:f7:08:3e:d1:63:c9:81:67:71:0b:fd:95:47:a1:99:
         f5:60:f5:bc:c7:d9:cb:42:eb:0d:0c:80:82:d1:94:22:c5:1b:
         a4:8c:4c:9d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUFpC3VnNBkPuzi7CsCHQ6aXgpT7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA2MTAwNTU1MDFaFw0yNzA2MDkwNjAwMDFaMDMxMTAvBgNV
BAMTKDc3RDJDM0MxMkE2NDkxQURGRUJDRjhFQUZENTNBRTFBQjgyRjYzREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwn4BE5NeDaZQgw76jsrbaL0X/
OsfRrBKPkmwYQqSFBZiTgdKf01U8+sKsbiIongdfO5b1TlZVEo3Tbu615Hhz6OD3
u4ZZNXG4tDJUD2MbWuk8E0eZh+Ro84iv/34P4+UnxiEJWaBlrtfExRSocvlGymDK
2q/8k0srwq9LFiuZpXxX70xYOcn6tBr6JzSXyp493/nlQmdtszQgNT3huUwVwKDb
bXW2hc/mQU5pqk6r6Il+dbd8zRK0cFsb5fO95UVwVnAcLgqMvkQIqrLn3EqzEAFW
OyyJo0wmWUkg9Ysankd3JNV+ZkVF6LArAk8JABeZxvnG4UHdB9feK/7k2PidAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUd9LDwSpkka3+vPjq/VOuGrgvY9wwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNTgyMDIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqFHWA
AAAwDQYJKoZIhvcNAQELBQADggEBAJCW0rqZnDlNbVWPfg276ra84nhUcNx4gSRe
dpc4pw+zvlBJvazg+ClhFIZEPJ5GWGAN5qJElDiMoZfpiQ6zSnVCmdd4oi8AirSd
txAgAsDRzFlxMGC/KBZfSkgio5xLquhsOHVLPzlSyBq+EprnEQjBVQ6oSCMVoSkm
07vuJNTRxeI3pU5AWwY/exd/ok7egkp9QPFg502Yc5nLfQaJxycyRHjElMIsoB7p
Q5D40QFo/L6dzOyRI5vKK4ULDdP3/LRpMcUoWMyLgrh8NdPBahvBV0avdtft685G
PfcIPtFjyYFncQv9lUehmfVg9bzH2ctC6w0MgILRlCLFG6SMTJ0=
-----END CERTIFICATE-----