Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS53755.roa
File:                     AS53755.roa (raw, json)
Hash identifier:          +HarYEs6LdBP80nj7a4fszP+5gNN/+RlNTE0TXc/Cpc=
Subject key identifier:   0B:01:67:38:3C:A6:FF:E8:EB:8E:02:52:65:C3:51:74:CE:7B:EA:6D
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       7784258672207302DE89B970FB1C52FF08555595
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS53755.roa
Signing time:             Tue 24 Mar 2026 15:51:42 +0000
ROA not before:           Tue 24 Mar 2026 15:46:42 +0000
ROA not after:            Tue 23 Mar 2027 15:51:42 +0000
asID:                     53755
IP address blocks:        178.83.13.0/24 maxlen: 24
                          178.83.223.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:84:25:86:72:20:73:02:de:89:b9:70:fb:1c:52:ff:08:55:55:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Mar 24 15:46:42 2026 GMT
            Not After : Mar 23 15:51:42 2027 GMT
        Subject: CN=0B0167383CA6FFE8EB8E025265C35174CE7BEA6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1d:c4:1a:f3:71:1d:58:ef:6f:63:b3:10:7c:
                    84:67:93:68:d3:c8:b8:d8:0f:61:ab:41:2e:e8:82:
                    40:66:1a:8d:04:61:21:21:8d:61:6e:82:4e:f2:ea:
                    d5:39:a1:d5:28:74:e2:86:b5:11:e8:73:aa:a8:2b:
                    d6:61:19:64:93:ae:dc:3c:4a:62:6d:83:c7:d0:ef:
                    0b:13:46:8c:67:7e:5e:52:27:50:e7:87:22:11:ab:
                    77:6f:86:b9:25:6c:aa:70:31:b5:63:e5:4f:7d:94:
                    0f:36:30:58:4e:f2:6a:d3:47:ee:09:85:a6:d4:30:
                    8d:9d:2c:27:b7:5d:34:40:dd:aa:e3:fd:42:27:0c:
                    4b:70:4a:e7:cc:1a:25:0f:55:1d:0a:2b:46:61:1f:
                    3e:ba:3b:70:96:e0:ac:7f:99:a4:db:0e:ae:97:23:
                    f5:51:26:3e:35:4d:1c:92:b4:54:d9:69:f0:50:77:
                    40:7b:10:08:09:a1:66:a0:85:7d:fd:83:5d:e6:19:
                    44:cf:b5:66:17:e0:b4:cb:e0:19:da:ce:ee:b6:b6:
                    47:53:9d:9e:f7:15:b3:81:4f:5a:bd:5e:93:d3:f0:
                    e1:ea:5f:0e:8e:1d:6f:f0:9b:10:eb:07:77:7c:ab:
                    0a:d9:25:ea:c3:75:d8:3f:a4:b9:46:95:f0:e0:c4:
                    8b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:01:67:38:3C:A6:FF:E8:EB:8E:02:52:65:C3:51:74:CE:7B:EA:6D
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS53755.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.83.13.0/24
                  178.83.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:ad:32:f7:1a:81:88:ea:59:3e:10:13:bd:76:38:86:ba:b8:
         d3:23:da:29:fa:5d:f7:20:c2:7c:af:5e:aa:21:43:a6:f9:e9:
         ca:a0:86:4b:59:11:bb:3c:54:80:17:06:a7:e5:86:0e:06:db:
         7c:f5:fa:c0:79:ad:63:d3:41:bd:72:84:16:14:ea:48:d3:dc:
         f3:d5:b6:8d:2b:84:c5:58:26:de:ba:2e:b8:fd:d3:6a:11:b1:
         c9:8f:ce:1d:18:1a:91:4a:44:af:f0:aa:fb:de:09:b4:64:cf:
         e9:bd:b6:68:af:a4:91:47:8c:14:5f:77:4b:03:18:1f:08:52:
         d6:d6:49:28:db:ac:4c:c3:b1:d5:4a:c4:bb:b7:db:ca:40:b8:
         13:7d:aa:63:39:47:9f:7e:86:b6:9e:6d:f2:8e:ed:bb:aa:12:
         18:84:2d:e7:49:a8:05:93:10:06:d9:b0:16:8d:9d:3d:29:2b:
         0d:74:25:4e:07:dc:54:94:b0:58:0e:af:38:b2:6d:39:55:fb:
         7c:02:36:89:53:ec:0c:f9:8e:07:33:43:4e:a9:63:ea:a3:64:
         56:fa:a5:ab:b9:23:d2:6a:80:af:9e:37:8d:c2:04:94:5d:35:
         87:a8:f3:df:04:0d:3b:da:c7:e4:e7:5d:04:f2:e2:46:56:28:
         2d:7f:06:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUd4QlhnIgcwLeiblw+xxS/whVVZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjQxNTQ2NDJaFw0yNzAzMjMxNTUxNDJaMDMxMTAvBgNV
BAMTKDBCMDE2NzM4M0NBNkZGRThFQjhFMDI1MjY1QzM1MTc0Q0U3QkVBNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPHcQa83EdWO9vY7MQfIRnk2jT
yLjYD2GrQS7ogkBmGo0EYSEhjWFugk7y6tU5odUodOKGtRHoc6qoK9ZhGWSTrtw8
SmJtg8fQ7wsTRoxnfl5SJ1DnhyIRq3dvhrklbKpwMbVj5U99lA82MFhO8mrTR+4J
habUMI2dLCe3XTRA3arj/UInDEtwSufMGiUPVR0KK0ZhHz66O3CW4Kx/maTbDq6X
I/VRJj41TRyStFTZafBQd0B7EAgJoWaghX39g13mGUTPtWYX4LTL4Bnazu62tkdT
nZ73FbOBT1q9XpPT8OHqXw6OHW/wmxDrB3d8qwrZJerDddg/pLlGlfDgxIvpAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUCwFnODym/+jrjgJSZcNRdM576m0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTM3NTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACyUw0D
BACyU98wDQYJKoZIhvcNAQELBQADggEBAIutMvcagYjqWT4QE712OIa6uNMj2in6
XfcgwnyvXqohQ6b56cqghktZEbs8VIAXBqflhg4G23z1+sB5rWPTQb1yhBYU6kjT
3PPVto0rhMVYJt66Lrj902oRscmPzh0YGpFKRK/wqvveCbRkz+m9tmivpJFHjBRf
d0sDGB8IUtbWSSjbrEzDsdVKxLu328pAuBN9qmM5R59+hraebfKO7buqEhiELedJ
qAWTEAbZsBaNnT0pKw10JU4H3FSUsFgOrziybTlV+3wCNolT7Az5jgczQ06pY+qj
ZFb6pau5I9JqgK+eN43CBJRdNYeo898EDTvax+TnXQTy4kZWKC1/Bgs=
-----END CERTIFICATE-----