Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS206822.roa
File:                     AS206822.roa (raw, json)
Hash identifier:          QBnaJQ308+H8gbgaVvP617WyWgyIoNrXr/Pn4fysykI=
Subject key identifier:   C2:75:FD:ED:4E:16:66:07:12:4C:A8:0A:D5:45:05:3E:B0:C1:E5:FE
Certificate issuer:       /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial:       48E9D81370E510AA25F703E85CB5ED56D1A190A5
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS206822.roa
Signing time:             Wed 20 May 2026 08:09:19 +0000
ROA not before:           Wed 20 May 2026 08:04:19 +0000
ROA not after:            Wed 19 May 2027 08:09:19 +0000
asID:                     206822
IP address blocks:        51.241.141.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 04 Jun 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:e9:d8:13:70:e5:10:aa:25:f7:03:e8:5c:b5:ed:56:d1:a1:90:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
        Validity
            Not Before: May 20 08:04:19 2026 GMT
            Not After : May 19 08:09:19 2027 GMT
        Subject: CN=C275FDED4E166607124CA80AD545053EB0C1E5FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e2:66:64:86:30:8a:5c:23:6e:bb:1a:86:c3:
                    15:3f:9d:c8:27:42:f0:ae:8c:81:a7:59:dc:c6:63:
                    b7:72:43:59:b7:ad:c3:9f:5a:a6:c4:75:1d:d8:b2:
                    3d:b9:66:5e:82:2d:b1:ba:fe:8a:c9:fd:cb:4a:cf:
                    66:b6:92:ec:75:1b:8d:48:81:6a:ab:7f:fe:be:95:
                    6c:29:9f:22:9e:36:fc:6f:8f:56:61:bb:d7:14:15:
                    1a:46:38:cb:6a:8a:9c:05:10:28:d1:f4:52:e0:3f:
                    b5:66:3f:b0:c1:bf:c0:60:0d:57:c4:09:ed:e2:7b:
                    54:e8:59:4b:6d:35:04:f0:d2:eb:2b:71:79:65:ce:
                    fc:1f:cc:f6:0a:b6:54:26:cc:49:b9:3c:2e:f6:64:
                    c9:35:8c:d7:cb:55:a9:20:33:8e:a2:78:43:50:85:
                    a9:27:15:00:56:ae:f0:95:a2:c6:56:cd:90:89:98:
                    dd:00:d6:25:0d:48:f4:52:64:2c:23:8a:7f:34:31:
                    9b:3b:08:c2:1f:b0:09:5b:11:ad:49:1c:bf:fe:db:
                    fd:0b:28:fc:f1:cb:84:50:18:8f:06:96:99:49:8b:
                    e7:a4:a4:3c:fb:20:63:ff:f0:8b:c8:ef:ab:dd:19:
                    e1:02:52:d3:74:71:1f:66:89:a2:29:d9:a1:40:ad:
                    a9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:75:FD:ED:4E:16:66:07:12:4C:A8:0A:D5:45:05:3E:B0:C1:E5:FE
            X509v3 Authority Key Identifier:
                keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS206822.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  51.241.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:d4:ca:b9:0d:b8:c1:2f:19:e3:00:48:66:3a:98:c5:ea:9c:
         79:86:00:52:ba:1e:5e:68:3a:54:a6:55:26:d2:3d:7f:ba:0b:
         f0:68:57:02:8e:98:1f:7d:3f:b5:95:f1:c0:1a:db:f2:f9:73:
         f4:11:17:6b:b5:ca:ae:5e:13:55:fc:cb:43:4e:1f:8e:0a:30:
         39:7d:f4:f2:83:31:ea:97:a0:0d:63:7c:1b:f2:8f:b3:6d:5d:
         42:96:5c:3f:07:f9:32:8c:95:44:5d:01:c4:a6:0d:72:76:72:
         12:75:d0:95:be:97:60:1e:93:e6:5d:d1:03:93:a9:91:35:97:
         15:41:50:d7:09:aa:76:24:1f:c0:4a:38:ce:86:8d:25:14:82:
         d7:0d:7f:c7:16:70:c1:29:8d:cd:89:21:93:2a:b0:c5:46:64:
         af:90:0f:9e:ba:06:b2:49:8b:25:aa:7a:6a:de:da:f8:33:55:
         ac:5f:a8:cb:8d:33:6a:36:54:9b:9f:1e:90:aa:21:42:c6:f3:
         ea:a0:e6:b2:41:dc:fa:1f:c0:9a:03:48:74:b1:37:9b:af:8f:
         54:4a:83:bf:ee:9e:b1:e2:59:3f:84:b3:ea:e0:8b:e0:f8:19:
         24:64:33:b3:e5:93:54:fb:34:4f:25:a5:80:ea:3c:26:2b:6d:
         c7:7c:80:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUSOnYE3DlEKol9wPoXLXtVtGhkKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA1MjAwODA0MTlaFw0yNzA1MTkwODA5MTlaMDMxMTAvBgNV
BAMTKEMyNzVGREVENEUxNjY2MDcxMjRDQTgwQUQ1NDUwNTNFQjBDMUU1RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz4mZkhjCKXCNuuxqGwxU/ncgn
QvCujIGnWdzGY7dyQ1m3rcOfWqbEdR3Ysj25Zl6CLbG6/orJ/ctKz2a2kux1G41I
gWqrf/6+lWwpnyKeNvxvj1Zhu9cUFRpGOMtqipwFECjR9FLgP7VmP7DBv8BgDVfE
Ce3ie1ToWUttNQTw0usrcXllzvwfzPYKtlQmzEm5PC72ZMk1jNfLVakgM46ieENQ
haknFQBWrvCVosZWzZCJmN0A1iUNSPRSZCwjin80MZs7CMIfsAlbEa1JHL/+2/0L
KPzxy4RQGI8GlplJi+ekpDz7IGP/8IvI76vdGeECUtN0cR9miaIp2aFArakdAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUwnX97U4WZgcSTKgK1UUFPrDB5f4wHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjA2ODIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAM/GN
MA0GCSqGSIb3DQEBCwUAA4IBAQBf1Mq5DbjBLxnjAEhmOpjF6px5hgBSuh5eaDpU
plUm0j1/ugvwaFcCjpgffT+1lfHAGtvy+XP0ERdrtcquXhNV/MtDTh+OCjA5ffTy
gzHql6ANY3wb8o+zbV1Cllw/B/kyjJVEXQHEpg1ydnISddCVvpdgHpPmXdEDk6mR
NZcVQVDXCap2JB/ASjjOho0lFILXDX/HFnDBKY3NiSGTKrDFRmSvkA+eugaySYsl
qnpq3tr4M1WsX6jLjTNqNlSbnx6QqiFCxvPqoOayQdz6H8CaA0h0sTebr49USoO/
7p6x4lk/hLPq4Ivg+BkkZDOz5ZNU+zRPJaWA6jwmK23HfIAR
-----END CERTIFICATE-----