Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206781.roa
File:                     AS206781.roa (raw, json)
Hash identifier:          E+9mXisYKSoJoWr9yx0UAQqZzPS4l7XDwtJzK8WOHts=
Subject key identifier:   E2:D5:21:C4:4C:A8:42:9C:C6:F4:F5:86:8B:E7:04:0C:90:FD:5E:93
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       55B5616A58FA95E3675043013274793904CEF5CD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206781.roa
Signing time:             Wed 06 Aug 2025 09:12:24 +0000
ROA not before:           Wed 06 Aug 2025 09:07:24 +0000
ROA not after:            Wed 05 Aug 2026 09:12:24 +0000
asID:                     206781
IP address blocks:        2a13:9500:ba::/48 maxlen: 48
                          2a13:9500:bc::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:b5:61:6a:58:fa:95:e3:67:50:43:01:32:74:79:39:04:ce:f5:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Aug  6 09:07:24 2025 GMT
            Not After : Aug  5 09:12:24 2026 GMT
        Subject: CN=E2D521C44CA8429CC6F4F5868BE7040C90FD5E93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bc:f1:b5:7a:36:59:73:76:ca:24:03:4b:fb:
                    a2:bf:e2:15:d3:ff:55:9c:4e:30:5a:85:ba:fd:7b:
                    ce:85:09:9a:3b:48:56:55:f0:77:5e:68:1e:45:0e:
                    02:ad:77:dc:4b:c7:05:82:08:11:b1:27:65:71:ae:
                    43:a4:39:47:8b:81:50:e4:b6:29:ec:cd:05:d7:df:
                    d8:97:30:a0:8e:91:83:2a:f6:16:c0:dc:41:49:1b:
                    17:36:68:69:0c:8c:83:ff:ae:e5:6b:75:6d:31:d2:
                    9e:e5:61:88:6c:ed:9b:13:22:32:88:81:e2:47:43:
                    17:87:93:67:57:ab:21:9b:05:6c:7d:29:05:bd:5c:
                    09:c1:83:de:f4:38:26:a9:0d:31:5a:bc:80:c8:a8:
                    71:57:0f:86:b6:5c:2a:85:34:00:9b:a0:8c:eb:99:
                    df:e8:9e:10:88:d5:aa:63:d9:18:32:55:d0:af:d5:
                    9c:aa:61:55:ee:e4:9a:67:cb:0d:cb:80:27:12:cb:
                    57:7b:24:34:ee:1b:e8:51:d5:ce:2e:31:36:6b:68:
                    38:ca:f1:11:ad:dc:85:12:02:80:b2:cf:e7:7e:0d:
                    4c:cb:30:85:da:f1:e6:33:99:02:e5:d8:09:59:08:
                    b8:70:14:68:b6:a7:2d:7d:06:97:56:22:0e:e8:a1:
                    dc:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:D5:21:C4:4C:A8:42:9C:C6:F4:F5:86:8B:E7:04:0C:90:FD:5E:93
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS206781.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:ba::/48
                  2a13:9500:bc::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:e4:98:28:db:df:95:5b:ac:91:14:67:c9:69:64:cb:75:b9:
         9d:35:47:2f:a8:24:a1:86:4c:56:3d:ee:af:f4:ae:53:d6:d5:
         ec:72:6c:59:bb:34:aa:f6:8b:bd:84:35:ff:c1:fb:29:4e:2b:
         b6:10:df:4b:63:dd:3e:c2:0e:07:6f:fe:a9:64:e7:4f:d3:39:
         ff:8f:0e:d6:49:30:3f:13:83:91:8c:35:d7:ad:fb:63:d5:40:
         0f:3e:7c:8e:57:6e:42:dd:70:ec:8c:07:dc:83:5c:13:e0:d3:
         d4:a5:cd:2a:35:62:a1:23:3a:b9:36:02:53:47:db:0a:93:fa:
         94:8a:86:1a:d7:f3:72:9b:b2:d7:c5:3e:dd:f0:5a:67:ef:e2:
         80:36:19:aa:2f:39:f4:cb:98:0c:70:1f:71:8c:1d:27:9f:88:
         36:52:ef:d6:a6:8b:dd:48:2b:c7:3b:17:7b:93:62:7e:c3:0a:
         8b:8a:e3:dc:e1:70:5c:db:95:e3:5b:d3:2c:2d:95:90:e8:6a:
         f3:7f:5d:54:9e:c8:35:64:c2:55:4c:cf:2b:ee:83:d6:b6:de:
         56:57:ef:f2:2e:d0:3c:43:80:7a:1e:55:e4:8a:5e:77:34:34:
         6c:08:16:34:ee:06:3f:fb:03:2d:a6:26:4c:1c:3c:ed:9e:ac:
         36:88:be:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUVbVhalj6leNnUEMBMnR5OQTO9c0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDYwOTA3MjRaFw0yNjA4MDUwOTEyMjRaMDMxMTAvBgNV
BAMTKEUyRDUyMUM0NENBODQyOUNDNkY0RjU4NjhCRTcwNDBDOTBGRDVFOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2vPG1ejZZc3bKJANL+6K/4hXT
/1WcTjBahbr9e86FCZo7SFZV8HdeaB5FDgKtd9xLxwWCCBGxJ2VxrkOkOUeLgVDk
tinszQXX39iXMKCOkYMq9hbA3EFJGxc2aGkMjIP/ruVrdW0x0p7lYYhs7ZsTIjKI
geJHQxeHk2dXqyGbBWx9KQW9XAnBg970OCapDTFavIDIqHFXD4a2XCqFNACboIzr
md/onhCI1apj2RgyVdCv1ZyqYVXu5Jpnyw3LgCcSy1d7JDTuG+hR1c4uMTZraDjK
8RGt3IUSAoCyz+d+DUzLMIXa8eYzmQLl2AlZCLhwFGi2py19BpdWIg7oodxNAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU4tUhxEyoQpzG9PWGi+cEDJD9XpMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA2NzgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhOV
AAC6AwcAKhOVAAC8MA0GCSqGSIb3DQEBCwUAA4IBAQAy5Jgo29+VW6yRFGfJaWTL
dbmdNUcvqCShhkxWPe6v9K5T1tXscmxZuzSq9ou9hDX/wfspTiu2EN9LY90+wg4H
b/6pZOdP0zn/jw7WSTA/E4ORjDXXrftj1UAPPnyOV25C3XDsjAfcg1wT4NPUpc0q
NWKhIzq5NgJTR9sKk/qUioYa1/Nym7LXxT7d8Fpn7+KANhmqLzn0y5gMcB9xjB0n
n4g2Uu/WpovdSCvHOxd7k2J+wwqLiuPc4XBc25XjW9MsLZWQ6Grzf11Unsg1ZMJV
TM8r7oPWtt5WV+/yLtA8Q4B6HlXkil53NDRsCBY07gY/+wMtpiZMHDztnqw2iL4e
-----END CERTIFICATE-----