Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa
File:                     AS210481.roa (raw, json)
Hash identifier:          AjMJnSO1qdeqY7OecR+zx5hHhgK69NUpGc0Up1ooJQo=
Subject key identifier:   1D:E2:69:18:4C:5B:C5:76:1B:0E:8D:36:4E:5E:E6:D1:56:0A:73:36
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       321E26BC0FE94F3A400CFC5BCEBC06761A91EFE4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa
Signing time:             Thu 19 Mar 2026 09:40:25 +0000
ROA not before:           Thu 19 Mar 2026 09:35:25 +0000
ROA not after:            Thu 18 Mar 2027 09:40:25 +0000
asID:                     210481
IP address blocks:        2a13:9500:150::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:43:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:1e:26:bc:0f:e9:4f:3a:40:0c:fc:5b:ce:bc:06:76:1a:91:ef:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Mar 19 09:35:25 2026 GMT
            Not After : Mar 18 09:40:25 2027 GMT
        Subject: CN=1DE269184C5BC5761B0E8D364E5EE6D1560A7336
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e6:e7:d6:ce:49:c1:11:d0:fd:f7:1a:d2:f5:
                    af:37:06:f7:10:21:42:df:52:30:8f:97:56:03:95:
                    34:30:35:fe:f8:64:90:6d:2e:f7:58:3c:f9:05:06:
                    24:d0:66:77:25:b1:d2:fa:d9:40:bc:86:c7:81:00:
                    58:fa:a4:1f:4e:0e:e8:ef:bd:34:38:b7:c4:1f:05:
                    82:1d:f9:ea:59:73:40:76:46:5c:a3:b5:61:35:3d:
                    1f:c4:ed:bc:75:6d:b4:a5:41:a2:63:23:44:02:e7:
                    b9:a6:31:0d:f1:69:fc:8e:ae:2f:98:ab:ef:59:a5:
                    1e:b5:e9:bd:7a:0e:c7:ba:7a:16:3f:f8:7e:9d:ef:
                    e0:81:43:67:5a:1e:5a:a9:68:f8:6b:e9:11:af:f1:
                    92:84:1e:cc:c0:bf:25:76:29:d2:37:6b:2d:07:8c:
                    46:20:8e:1a:cd:c1:a3:c6:4a:e0:47:d1:b9:12:cd:
                    07:65:e8:b3:ca:6a:ee:96:0e:d8:f3:84:c0:73:95:
                    c8:a5:b8:63:cd:12:cd:33:08:bc:0e:84:2a:9f:48:
                    40:0b:93:22:08:af:2d:a1:ee:83:a5:45:42:a3:6d:
                    37:3c:22:a6:62:3c:3c:8b:8a:dc:44:70:1d:ca:ae:
                    a2:41:81:dd:a7:06:81:4b:07:63:ee:80:e2:6a:dc:
                    c3:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E2:69:18:4C:5B:C5:76:1B:0E:8D:36:4E:5E:E6:D1:56:0A:73:36
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS210481.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:150::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:72:05:97:52:d7:ec:26:31:85:5d:15:97:ca:71:bf:35:bb:
         c4:94:28:fe:5f:9c:5b:9f:f5:1a:f5:88:4e:75:d7:80:11:f7:
         54:f8:46:57:1e:8d:29:6d:42:95:6b:46:d5:63:d9:01:2c:e4:
         ad:5c:c8:47:b6:a1:c9:83:f0:47:3c:b2:31:a5:cc:d2:8f:a5:
         d3:94:c8:90:48:f4:b3:df:ee:93:82:ac:2d:be:91:ac:61:70:
         20:7e:e3:3d:30:3f:ef:93:45:d1:c9:6c:14:99:92:c3:b2:d8:
         de:15:c8:0a:f2:1a:38:c7:b2:55:15:c7:92:a7:f3:fb:4a:8a:
         1b:86:4b:94:fe:88:72:84:24:de:34:a5:b6:50:61:83:4c:a5:
         e4:85:64:ba:21:35:33:4e:ca:1d:9b:5a:c2:32:5d:7c:8f:7a:
         d3:2e:3e:cc:fe:8f:1e:a6:b8:ab:8d:98:55:7a:cc:d6:bb:5e:
         2e:b4:6a:91:00:bf:38:e5:c1:f0:b7:62:57:1b:41:38:7b:5a:
         e4:8d:76:65:09:bd:87:c7:87:ca:6a:7d:b7:09:e5:6b:b1:82:
         0a:b3:a8:de:65:1d:7b:86:23:67:51:41:fe:a2:15:e0:9a:26:
         81:e1:f3:45:28:dd:63:bf:fb:7d:49:d8:37:ac:f8:3b:80:39:
         c6:2f:09:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMh4mvA/pTzpADPxbzrwGdhqR7+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTkwOTM1MjVaFw0yNzAzMTgwOTQwMjVaMDMxMTAvBgNV
BAMTKDFERTI2OTE4NEM1QkM1NzYxQjBFOEQzNjRFNUVFNkQxNTYwQTczMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25ufWzknBEdD99xrS9a83BvcQ
IULfUjCPl1YDlTQwNf74ZJBtLvdYPPkFBiTQZnclsdL62UC8hseBAFj6pB9ODujv
vTQ4t8QfBYId+epZc0B2RlyjtWE1PR/E7bx1bbSlQaJjI0QC57mmMQ3xafyOri+Y
q+9ZpR616b16Dse6ehY/+H6d7+CBQ2daHlqpaPhr6RGv8ZKEHszAvyV2KdI3ay0H
jEYgjhrNwaPGSuBH0bkSzQdl6LPKau6WDtjzhMBzlciluGPNEs0zCLwOhCqfSEAL
kyIIry2h7oOlRUKjbTc8IqZiPDyLitxEcB3KrqJBgd2nBoFLB2PugOJq3MNlAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUHeJpGExbxXYbDo02Tl7m0VYKczYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjEwNDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAFQMA0GCSqGSIb3DQEBCwUAA4IBAQCWcgWXUtfsJjGFXRWXynG/NbvElCj+X5xb
n/Ua9YhOddeAEfdU+EZXHo0pbUKVa0bVY9kBLOStXMhHtqHJg/BHPLIxpczSj6XT
lMiQSPSz3+6TgqwtvpGsYXAgfuM9MD/vk0XRyWwUmZLDstjeFcgK8ho4x7JVFceS
p/P7SoobhkuU/ohyhCTeNKW2UGGDTKXkhWS6ITUzTsodm1rCMl18j3rTLj7M/o8e
prirjZhVeszWu14utGqRAL845cHwt2JXG0E4e1rkjXZlCb2Hx4fKan23CeVrsYIK
s6jeZR17hiNnUUH+ohXgmiaB4fNFKN1jv/t9Sdg3rPg7gDnGLwn0
-----END CERTIFICATE-----