Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa
File:                     AS201780.roa (raw, json)
Hash identifier:          PDJotEdO5j2hfi5bWEp1qCrzUR0D+aDGAue0jFNY5ak=
Subject key identifier:   49:7E:D5:16:CC:40:47:F2:3C:2A:0E:44:4E:E8:6C:24:03:FE:A3:EB
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       3438FD0BFE59DEFB603125DCD68DF9EC12090DB8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa
Signing time:             Mon 10 Feb 2025 12:53:55 +0000
ROA not before:           Mon 10 Feb 2025 12:48:55 +0000
ROA not after:            Mon 09 Feb 2026 12:53:55 +0000
asID:                     201780
IP address blocks:        185.36.59.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Apr 2025 03:24:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:38:fd:0b:fe:59:de:fb:60:31:25:dc:d6:8d:f9:ec:12:09:0d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: Feb 10 12:48:55 2025 GMT
            Not After : Feb  9 12:53:55 2026 GMT
        Subject: CN=497ED516CC4047F23C2A0E444EE86C2403FEA3EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:7e:36:17:19:6b:4b:84:a2:12:16:47:43:89:
                    d1:69:b1:58:6a:4a:b7:4c:71:03:f3:03:4b:fa:e3:
                    9e:cd:5e:46:97:ec:50:69:3b:0a:42:6b:22:32:01:
                    3a:7a:f7:cc:2a:8f:e1:f6:4d:6d:4b:6e:47:0a:d8:
                    40:45:09:5c:54:28:82:8e:43:ac:b3:de:c1:50:9d:
                    a9:57:b6:3a:a2:e8:96:7e:e4:1f:8b:76:68:2e:f8:
                    97:f8:86:12:a0:df:ea:75:1b:49:fe:7b:f1:7f:36:
                    9c:36:b0:56:33:15:65:29:30:07:f4:9d:73:f8:d2:
                    4e:bb:e7:2d:07:d1:7d:b9:e0:f9:c1:ba:cb:bd:42:
                    ef:a4:fd:7d:56:5b:98:a7:68:0c:c6:97:c8:39:1a:
                    d2:75:ef:dd:68:3f:8c:0d:71:05:63:e4:ea:73:74:
                    e6:84:9d:a8:ba:05:a3:25:d9:93:ca:6c:97:2b:ee:
                    4e:81:de:43:7a:2b:c4:a5:22:63:6b:17:bd:b5:54:
                    60:36:ea:34:fd:b0:6f:60:0d:b8:1e:f8:1e:8f:3c:
                    84:5c:dc:75:d7:1b:72:b0:1b:ea:fd:ba:d3:6b:8f:
                    bc:48:9b:7a:cc:d9:48:13:7b:6b:cf:49:ae:04:3d:
                    83:07:ce:4c:ca:b2:7d:54:7d:aa:21:69:27:ab:fa:
                    27:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7E:D5:16:CC:40:47:F2:3C:2A:0E:44:4E:E8:6C:24:03:FE:A3:EB
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS201780.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:5b:2c:b4:a8:2e:1f:cb:a9:bd:84:85:cf:ee:4b:58:52:ab:
         1f:75:a6:19:d9:46:79:81:52:fe:57:43:72:1b:26:e1:bc:d5:
         66:f6:1b:30:73:b2:cc:7e:1f:d7:54:4d:fe:81:53:f1:59:25:
         d9:a8:6f:43:98:af:76:99:2b:8f:0e:a4:d7:61:c8:fb:72:c9:
         3e:e2:3f:5f:7f:3a:9c:43:f5:f9:13:83:6e:7a:e4:bf:53:3e:
         58:94:f1:70:3d:a3:1e:c2:68:1a:95:0e:c3:bd:31:51:be:68:
         db:f1:cf:8f:29:d5:a6:05:09:8f:d1:36:56:d8:df:e2:5f:27:
         75:c3:7d:9a:60:20:b6:0c:6e:a5:87:02:04:de:47:3b:c0:4a:
         02:c0:f5:5a:ef:a4:bd:95:7a:fd:1b:90:76:7c:5a:7b:3a:a7:
         57:2a:f9:c6:3b:cd:92:ae:70:3d:8d:c0:ad:d9:c9:ab:8f:3e:
         02:6b:51:3a:0a:8d:68:6e:99:b1:3f:a5:d0:34:18:68:3a:e6:
         b9:61:b8:15:a7:4e:d9:1c:f1:e5:41:34:5d:83:c7:9d:e9:3b:
         cb:5f:01:7c:6d:9e:bd:1a:1a:21:00:17:13:50:f9:d7:76:04:
         3b:cd:d1:a0:46:bf:38:aa:37:02:59:11:49:68:29:29:f1:e6:
         2b:db:56:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNDj9C/5Z3vtgMSXc1o357BIJDbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMTAxMjQ4NTVaFw0yNjAyMDkxMjUzNTVaMDMxMTAvBgNV
BAMTKDQ5N0VENTE2Q0M0MDQ3RjIzQzJBMEU0NDRFRTg2QzI0MDNGRUEzRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVfjYXGWtLhKISFkdDidFpsVhq
SrdMcQPzA0v6457NXkaX7FBpOwpCayIyATp698wqj+H2TW1LbkcK2EBFCVxUKIKO
Q6yz3sFQnalXtjqi6JZ+5B+Ldmgu+Jf4hhKg3+p1G0n+e/F/Npw2sFYzFWUpMAf0
nXP40k675y0H0X254PnBusu9Qu+k/X1WW5inaAzGl8g5GtJ1791oP4wNcQVj5Opz
dOaEnai6BaMl2ZPKbJcr7k6B3kN6K8SlImNrF721VGA26jT9sG9gDbge+B6PPIRc
3HXXG3KwG+r9utNrj7xIm3rM2UgTe2vPSa4EPYMHzkzKsn1UfaohaSer+icNAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSX7VFsxAR/I8Kg5ETuhsJAP+o+swHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjAxNzgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSQ7
MA0GCSqGSIb3DQEBCwUAA4IBAQAjWyy0qC4fy6m9hIXP7ktYUqsfdaYZ2UZ5gVL+
V0NyGybhvNVm9hswc7LMfh/XVE3+gVPxWSXZqG9DmK92mSuPDqTXYcj7csk+4j9f
fzqcQ/X5E4NueuS/Uz5YlPFwPaMewmgalQ7DvTFRvmjb8c+PKdWmBQmP0TZW2N/i
Xyd1w32aYCC2DG6lhwIE3kc7wEoCwPVa76S9lXr9G5B2fFp7OqdXKvnGO82SrnA9
jcCt2cmrjz4Ca1E6Co1obpmxP6XQNBhoOua5YbgVp07ZHPHlQTRdg8ed6TvLXwF8
bZ69GhohABcTUPnXdgQ7zdGgRr84qjcCWRFJaCkp8eYr21Z3
-----END CERTIFICATE-----