Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
File:                     AS30058.roa (raw, json)
Hash identifier:          j594Af+2pd2CkqgOC0FqIhbo2BbdqxKnMfrLEkSnc+Y=
Subject key identifier:   74:52:B2:BC:C8:A5:4F:4C:A3:05:1A:DF:06:C5:CB:10:37:6F:84:35
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       113A67049AF47C04A91E77DC7A3F05D4F7965D28
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa
Signing time:             Tue 05 Aug 2025 12:06:27 +0000
ROA not before:           Tue 05 Aug 2025 12:01:27 +0000
ROA not after:            Tue 04 Aug 2026 12:06:27 +0000
asID:                     30058
IP address blocks:        82.26.169.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:3a:67:04:9a:f4:7c:04:a9:1e:77:dc:7a:3f:05:d4:f7:96:5d:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Aug  5 12:01:27 2025 GMT
            Not After : Aug  4 12:06:27 2026 GMT
        Subject: CN=7452B2BCC8A54F4CA3051ADF06C5CB10376F8435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:91:b4:ab:8f:c7:33:3b:66:4c:bd:a1:42:8e:
                    cf:3d:c0:b6:d3:95:dc:cc:f3:1b:d8:a3:70:fc:fc:
                    5a:96:67:9d:90:52:df:90:35:41:a1:92:1e:48:27:
                    28:9a:42:95:9c:69:b6:ed:c8:0b:1c:7d:9d:a1:bb:
                    1a:78:1d:e1:9b:30:2e:f8:a2:ba:f1:5a:37:76:fd:
                    d8:76:a4:1a:88:77:18:5c:62:b6:4e:af:ee:8d:35:
                    75:ad:04:2c:74:6d:bd:dc:4f:74:05:4b:2b:44:d3:
                    62:8e:09:f6:d9:7a:6b:52:24:82:2b:43:70:a6:93:
                    54:26:82:de:3c:a0:65:d4:1d:a3:31:c9:d7:fc:b0:
                    92:10:08:9c:04:48:cc:52:f4:e2:0b:c2:6a:90:c5:
                    ba:ec:a9:80:5a:9e:dd:63:04:74:c9:7c:41:39:cd:
                    f9:21:4c:21:05:54:d0:d2:5c:35:e9:00:0a:99:be:
                    60:a0:b9:59:61:9d:4e:48:9d:ee:65:b2:dd:d9:1d:
                    59:ad:a4:0b:3b:d2:77:75:d6:5d:e8:3b:2f:18:43:
                    27:9a:df:df:7d:f8:e9:c7:63:2f:40:d1:11:cd:5c:
                    ea:a1:a3:54:3e:e7:a0:5b:69:45:48:b3:57:8e:63:
                    2e:74:9f:4a:f1:63:ae:c6:1d:1c:78:02:dc:72:d1:
                    21:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:52:B2:BC:C8:A5:4F:4C:A3:05:1A:DF:06:C5:CB:10:37:6F:84:35
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS30058.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.26.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:ed:6d:5c:41:ff:a7:cf:3b:d4:0b:46:f4:40:12:28:c0:5b:
         b4:dc:8f:f3:19:5a:8a:04:5d:88:47:59:d9:89:10:a0:de:53:
         87:b8:79:1f:87:16:61:ca:7c:17:f6:1b:64:66:9e:49:10:c6:
         dd:aa:e0:42:fb:a7:22:b1:48:95:c3:c5:dd:92:1b:93:76:d2:
         35:94:a8:b2:ca:b0:df:dc:67:9d:f8:b1:d3:d5:4b:2f:d1:13:
         12:dd:cd:c7:12:b6:b5:ec:35:fb:ef:69:52:c2:65:be:80:a0:
         d6:9c:5f:33:a9:b6:9a:02:61:60:0e:31:b4:8f:aa:4a:78:17:
         8e:33:0b:0b:0e:1c:e8:6e:bc:95:80:ea:1d:4d:bf:c0:df:6c:
         6c:e1:48:02:49:42:0a:de:fd:20:33:ed:d1:df:6d:eb:98:77:
         06:52:14:29:b7:a1:ac:2f:6a:ec:f3:4c:91:f2:2f:f4:4c:61:
         0d:87:18:b4:43:c6:b8:f7:e2:9c:70:c5:7c:2e:f0:b0:fa:27:
         fe:e0:74:36:ed:fd:a9:eb:3e:2a:28:8d:d3:f7:8a:88:7e:ce:
         54:d2:79:41:42:54:55:4b:ff:3a:54:69:a1:3c:1d:57:b9:b7:
         87:c6:9f:4d:01:f8:fe:fd:a0:28:36:00:34:ce:c1:72:27:57:
         5f:66:1c:8a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUETpnBJr0fASpHnfcej8F1PeWXSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDUxMjAxMjdaFw0yNjA4MDQxMjA2MjdaMDMxMTAvBgNV
BAMTKDc0NTJCMkJDQzhBNTRGNENBMzA1MUFERjA2QzVDQjEwMzc2Rjg0MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCckbSrj8czO2ZMvaFCjs89wLbT
ldzM8xvYo3D8/FqWZ52QUt+QNUGhkh5IJyiaQpWcabbtyAscfZ2huxp4HeGbMC74
orrxWjd2/dh2pBqIdxhcYrZOr+6NNXWtBCx0bb3cT3QFSytE02KOCfbZemtSJIIr
Q3Cmk1Qmgt48oGXUHaMxydf8sJIQCJwESMxS9OILwmqQxbrsqYBant1jBHTJfEE5
zfkhTCEFVNDSXDXpAAqZvmCguVlhnU5Ine5lst3ZHVmtpAs70nd11l3oOy8YQyea
3999+OnHYy9A0RHNXOqho1Q+56BbaUVIs1eOYy50n0rxY67GHRx4Atxy0SEJAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUdFKyvMilT0yjBRrfBsXLEDdvhDUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzAwNTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSGqkw
DQYJKoZIhvcNAQELBQADggEBABftbVxB/6fPO9QLRvRAEijAW7Tcj/MZWooEXYhH
WdmJEKDeU4e4eR+HFmHKfBf2G2RmnkkQxt2q4EL7pyKxSJXDxd2SG5N20jWUqLLK
sN/cZ534sdPVSy/RExLdzccStrXsNfvvaVLCZb6AoNacXzOptpoCYWAOMbSPqkp4
F44zCwsOHOhuvJWA6h1Nv8DfbGzhSAJJQgre/SAz7dHfbeuYdwZSFCm3oawvauzz
TJHyL/RMYQ2HGLRDxrj34pxwxXwu8LD6J/7gdDbt/anrPioojdP3ioh+zlTSeUFC
VFVL/zpUaaE8HVe5t4fGn00B+P79oCg2ADTOwXInV19mHIo=
-----END CERTIFICATE-----