Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51082.roa
File:                     AS51082.roa (raw, json)
Hash identifier:          KQENKlYsoElFKYP14vKv6YGQsR1kD6SoD04rK4KwvE4=
Subject key identifier:   00:9B:5E:0A:7A:2D:CD:2C:27:0D:C9:16:6A:F2:03:DA:49:07:DF:30
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4454BD27674894D079764A7A72C890DFB0783705
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51082.roa
Signing time:             Fri 08 May 2026 11:54:19 +0000
ROA not before:           Fri 08 May 2026 11:49:19 +0000
ROA not after:            Fri 07 May 2027 11:54:19 +0000
asID:                     51082
IP address blocks:        82.41.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:54:bd:27:67:48:94:d0:79:76:4a:7a:72:c8:90:df:b0:78:37:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: May  8 11:49:19 2026 GMT
            Not After : May  7 11:54:19 2027 GMT
        Subject: CN=009B5E0A7A2DCD2C270DC9166AF203DA4907DF30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3a:90:02:2a:ce:b6:6a:85:09:ff:b8:2d:cc:
                    1b:e3:cf:2f:5b:2c:6a:bf:74:1c:7f:dc:09:12:a7:
                    fd:05:85:21:1d:06:65:bb:70:4f:0c:4b:74:b5:3e:
                    cf:ff:52:ea:31:86:a4:26:07:0b:72:40:c0:e5:5f:
                    c9:2e:f4:bc:18:51:2b:4e:6d:77:10:67:c5:37:bd:
                    72:3a:77:40:36:f0:09:52:e9:a8:c5:97:79:17:bd:
                    42:5d:60:1f:af:c2:c8:a7:2f:08:e3:57:6d:1a:cc:
                    3a:df:76:41:49:fd:a3:aa:79:51:58:1f:8f:0c:77:
                    c6:9d:bf:86:b5:7a:35:b0:68:19:ef:b8:75:29:cf:
                    cd:6a:f9:5e:10:77:a3:4d:90:d6:91:e7:9a:52:0f:
                    e4:e7:4c:bf:0c:64:28:61:76:14:bf:1d:65:6e:ca:
                    6e:64:43:31:fc:cd:f8:63:42:27:f6:aa:df:02:a1:
                    5d:df:39:0b:8f:e6:68:6b:57:94:ec:33:0b:bf:22:
                    cb:a6:7f:f5:05:4c:67:04:37:6f:ab:08:4f:4a:c1:
                    eb:67:c3:75:25:f3:07:44:ac:54:89:88:22:35:ae:
                    6a:99:2c:09:76:b4:cc:ec:e6:f5:e7:9f:fc:ca:83:
                    44:4b:46:2c:6b:23:5b:bb:00:21:04:e0:09:ef:e7:
                    eb:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:9B:5E:0A:7A:2D:CD:2C:27:0D:C9:16:6A:F2:03:DA:49:07:DF:30
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS51082.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.41.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:d1:1e:f7:a2:66:70:2d:fc:2f:82:9e:b3:b1:fa:bf:e3:43:
         04:91:86:3f:a0:ce:c5:bb:76:5a:cd:5a:c6:00:86:2c:5d:27:
         71:78:3d:9a:0b:ab:ce:26:b7:28:1d:8d:33:f7:50:24:f3:fc:
         f8:9f:0a:90:7f:f7:45:51:b1:20:3c:69:04:63:da:54:7e:8e:
         8a:d1:40:54:c8:e0:de:64:f1:cb:48:41:07:8c:fe:09:62:3d:
         05:a1:99:a7:ce:e9:32:5b:97:1b:fd:cc:9b:04:a1:c2:f3:25:
         95:35:5b:4c:ac:4e:ff:26:52:82:d5:61:46:59:57:a6:92:a1:
         5d:cf:d0:c4:c0:b3:df:a0:86:be:69:d9:89:44:22:6a:13:14:
         7e:a1:33:ba:1f:66:42:fb:33:fc:58:0e:3b:f5:ff:e5:04:28:
         7f:51:ed:96:bc:d7:88:1f:ad:e1:8f:61:34:dd:84:8e:b7:ea:
         19:38:d5:77:f2:fb:e0:45:20:96:fe:91:85:d7:22:1f:84:84:
         18:19:ad:c5:9d:d0:af:37:ad:e9:bf:aa:bf:55:f1:bf:e2:d6:
         3f:e9:81:b1:43:6f:97:f8:f8:06:83:b0:4e:07:46:82:70:50:
         19:4f:e8:1b:6c:f4:90:35:86:e5:84:7f:5d:d2:24:24:1e:a6:
         6b:a7:59:6a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURFS9J2dIlNB5dkp6csiQ37B4NwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MDgxMTQ5MTlaFw0yNzA1MDcxMTU0MTlaMDMxMTAvBgNV
BAMTKDAwOUI1RTBBN0EyRENEMkMyNzBEQzkxNjZBRjIwM0RBNDkwN0RGMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3OpACKs62aoUJ/7gtzBvjzy9b
LGq/dBx/3AkSp/0FhSEdBmW7cE8MS3S1Ps//UuoxhqQmBwtyQMDlX8ku9LwYUStO
bXcQZ8U3vXI6d0A28AlS6ajFl3kXvUJdYB+vwsinLwjjV20azDrfdkFJ/aOqeVFY
H48Md8adv4a1ejWwaBnvuHUpz81q+V4Qd6NNkNaR55pSD+TnTL8MZChhdhS/HWVu
ym5kQzH8zfhjQif2qt8CoV3fOQuP5mhrV5TsMwu/Isumf/UFTGcEN2+rCE9Kwetn
w3Ul8wdErFSJiCI1rmqZLAl2tMzs5vXnn/zKg0RLRixrI1u7ACEE4Anv5+slAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUAJteCnotzSwnDckWavID2kkH3zAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTEwODIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSKegw
DQYJKoZIhvcNAQELBQADggEBAG/RHveiZnAt/C+CnrOx+r/jQwSRhj+gzsW7dlrN
WsYAhixdJ3F4PZoLq84mtygdjTP3UCTz/PifCpB/90VRsSA8aQRj2lR+jorRQFTI
4N5k8ctIQQeM/gliPQWhmafO6TJblxv9zJsEocLzJZU1W0ysTv8mUoLVYUZZV6aS
oV3P0MTAs9+ghr5p2YlEImoTFH6hM7ofZkL7M/xYDjv1/+UEKH9R7Za814gfreGP
YTTdhI636hk41Xfy++BFIJb+kYXXIh+EhBgZrcWd0K83rem/qr9V8b/i1j/pgbFD
b5f4+AaDsE4HRoJwUBlP6Bts9JA1huWEf13SJCQepmunWWo=
-----END CERTIFICATE-----