Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS61049.roa
File:                     AS61049.roa (raw, json)
Hash identifier:          DfELoajoBhJ7Gad/VNSWGPFXfSAu6T5K044Qf3y1HYs=
Subject key identifier:   F5:36:9C:51:C7:AF:17:4D:6A:8C:E9:BA:04:A9:18:4F:B2:5D:29:B7
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       56927B2BB73431E3EF3BCE33D37CCDCD2924366B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS61049.roa
Signing time:             Mon 23 Jun 2025 08:55:27 +0000
ROA not before:           Mon 23 Jun 2025 08:50:27 +0000
ROA not after:            Mon 22 Jun 2026 08:55:27 +0000
asID:                     61049
IP address blocks:        82.25.181.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 11:27:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:92:7b:2b:b7:34:31:e3:ef:3b:ce:33:d3:7c:cd:cd:29:24:36:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 23 08:50:27 2025 GMT
            Not After : Jun 22 08:55:27 2026 GMT
        Subject: CN=F5369C51C7AF174D6A8CE9BA04A9184FB25D29B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c7:ad:1a:85:fe:73:fb:48:b2:36:ec:b2:04:
                    cc:2c:d9:bc:bb:8c:25:82:98:ca:3f:73:c6:83:65:
                    b6:ff:eb:67:87:e0:a1:0d:97:26:48:9d:9b:4e:d3:
                    2f:04:f7:62:f7:0e:63:51:f9:27:a0:7f:54:40:02:
                    83:a2:b9:af:7f:ae:84:e9:18:63:5f:0a:3f:40:a2:
                    32:35:82:6c:2f:f3:f3:b5:27:fd:33:c7:23:d0:34:
                    70:42:b8:9d:b2:aa:04:2e:61:63:2c:58:27:11:2a:
                    42:98:68:07:a1:e7:a8:8a:d1:6e:7a:8b:54:34:f1:
                    a2:35:fd:56:0f:3c:dd:98:87:f9:4d:41:5b:ee:83:
                    78:4a:1d:b0:47:10:a3:6f:8c:2c:4c:40:75:14:ba:
                    e8:f4:cb:40:59:03:de:e0:b0:31:f2:38:d7:37:19:
                    96:9e:14:0c:8c:70:99:06:7d:87:39:5f:9e:f4:17:
                    b4:bf:6d:a8:0a:cc:82:7c:8f:d4:03:38:d3:48:9f:
                    ec:f8:88:2f:ff:06:f8:62:95:34:22:63:07:a4:f1:
                    a8:dd:a4:7e:71:04:b3:18:ac:d0:44:5f:11:1b:16:
                    11:43:13:41:96:8d:e7:d1:aa:d7:0b:c6:14:54:27:
                    2f:2b:b7:d7:80:ad:f5:19:fc:c3:8a:9f:91:c6:f8:
                    d7:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:36:9C:51:C7:AF:17:4D:6A:8C:E9:BA:04:A9:18:4F:B2:5D:29:B7
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS61049.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.25.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:fe:c2:b8:33:8e:1d:bb:e6:42:36:b1:dd:0b:49:88:99:77:
         47:c7:dc:af:48:61:40:34:52:95:8f:14:3a:2a:c1:bb:81:1e:
         ae:21:2c:26:31:3d:4c:d6:56:4f:74:f9:b8:81:0f:f6:ce:61:
         ae:af:54:c2:c1:15:8a:10:3b:6b:fa:94:c2:ab:21:d5:18:3f:
         90:26:e4:07:e6:a6:ed:86:64:fb:24:e6:da:14:8f:c8:d3:9f:
         38:f1:e8:3a:3e:3e:20:b5:c4:af:86:f4:6c:04:e1:85:d5:40:
         b2:0f:a0:5b:e0:e3:21:1c:bd:f2:50:cd:f5:2e:f2:7e:01:58:
         1d:29:f4:80:7d:bc:2c:e5:a3:2b:f5:ca:fc:70:d9:ab:5d:fd:
         31:7f:0f:5e:4c:ca:dc:c4:fa:d8:fc:f6:a6:13:b9:14:aa:74:
         1d:bf:9f:1a:d2:bb:ad:85:84:1f:b8:4e:7d:c7:da:ec:9a:ed:
         00:50:21:c1:6a:62:96:c7:99:da:35:05:14:11:b4:8c:f6:af:
         c0:b8:95:8a:ae:84:3b:bd:1d:30:0f:2f:18:64:a2:da:3d:3b:
         47:39:ec:81:4a:0b:04:f1:c8:db:0b:aa:78:de:c2:fe:f5:7b:
         e6:69:53:6b:14:4d:81:c5:63:c6:b3:f6:88:fc:34:3e:51:3c:
         df:06:13:97
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUVpJ7K7c0MePvO84z03zNzSkkNmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjMwODUwMjdaFw0yNjA2MjIwODU1MjdaMDMxMTAvBgNV
BAMTKEY1MzY5QzUxQzdBRjE3NEQ2QThDRTlCQTA0QTkxODRGQjI1RDI5QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKx60ahf5z+0iyNuyyBMws2by7
jCWCmMo/c8aDZbb/62eH4KENlyZInZtO0y8E92L3DmNR+Segf1RAAoOiua9/roTp
GGNfCj9AojI1gmwv8/O1J/0zxyPQNHBCuJ2yqgQuYWMsWCcRKkKYaAeh56iK0W56
i1Q08aI1/VYPPN2Yh/lNQVvug3hKHbBHEKNvjCxMQHUUuuj0y0BZA97gsDHyONc3
GZaeFAyMcJkGfYc5X570F7S/bagKzIJ8j9QDONNIn+z4iC//BvhilTQiYwek8ajd
pH5xBLMYrNBEXxEbFhFDE0GWjefRqtcLxhRUJy8rt9eArfUZ/MOKn5HG+NcnAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU9TacUcevF01qjOm6BKkYT7JdKbcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNjEwNDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSGbUw
DQYJKoZIhvcNAQELBQADggEBACP+wrgzjh275kI2sd0LSYiZd0fH3K9IYUA0UpWP
FDoqwbuBHq4hLCYxPUzWVk90+biBD/bOYa6vVMLBFYoQO2v6lMKrIdUYP5Am5Afm
pu2GZPsk5toUj8jTnzjx6Do+PiC1xK+G9GwE4YXVQLIPoFvg4yEcvfJQzfUu8n4B
WB0p9IB9vCzloyv1yvxw2atd/TF/D15MytzE+tj89qYTuRSqdB2/nxrSu62FhB+4
Tn3H2uya7QBQIcFqYpbHmdo1BRQRtIz2r8C4lYquhDu9HTAPLxhkoto9O0c57IFK
CwTxyNsLqnjewv71e+ZpU2sUTYHFY8az9oj8ND5RPN8GE5c=
-----END CERTIFICATE-----