Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
File:                     AS984.roa (raw, json)
Hash identifier:          0SV6eo8eiOjrvB0Ps+2qPFEvvHCvmp4YFqFhZCvzs6s=
Subject key identifier:   C3:2A:D4:76:D6:77:30:59:29:9C:AE:C8:04:38:B7:C4:E4:26:19:DA
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       32E13A017C3BC6D7E27E3F77525A0E6807BB5F39
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa
Signing time:             Sat 11 Oct 2025 06:50:29 +0000
ROA not before:           Sat 11 Oct 2025 06:45:29 +0000
ROA not after:            Sat 10 Oct 2026 06:50:29 +0000
asID:                     984
IP address blocks:        82.21.7.0/24 maxlen: 24
                          82.23.163.0/24 maxlen: 24
                          82.24.79.0/24 maxlen: 24
                          82.24.113.0/24 maxlen: 24
                          82.24.123.0/24 maxlen: 24
                          82.26.174.0/24 maxlen: 24
                          2a13:9500:8c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 05:35:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:e1:3a:01:7c:3b:c6:d7:e2:7e:3f:77:52:5a:0e:68:07:bb:5f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Oct 11 06:45:29 2025 GMT
            Not After : Oct 10 06:50:29 2026 GMT
        Subject: CN=C32AD476D6773059299CAEC80438B7C4E42619DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:03:2e:0c:54:82:0b:69:ae:aa:d8:19:03:f9:
                    c3:da:89:89:cf:30:aa:85:11:f6:3a:ef:b2:9f:97:
                    f7:b6:1a:ca:b4:35:b1:f1:7f:44:b3:b6:71:75:84:
                    7f:46:1d:ba:f4:c8:82:e4:f2:f4:81:02:94:1b:20:
                    45:80:4b:64:38:32:13:9d:fd:f5:74:04:01:84:46:
                    8b:b2:f1:be:a7:fa:39:32:42:26:11:87:a7:40:f4:
                    66:8c:1f:3d:c0:7e:32:0f:30:5d:6c:9f:e7:52:ef:
                    19:c9:84:e6:09:06:f2:67:99:2c:d3:e4:46:33:36:
                    ec:03:8c:28:69:77:f6:99:5a:cc:55:01:90:50:cc:
                    72:9c:b0:3f:02:22:0e:1c:42:bd:48:94:80:4f:66:
                    4f:85:89:24:b2:8d:fd:42:ad:45:6f:6f:8f:5b:90:
                    cf:00:1c:f8:2c:a8:ba:db:0c:52:15:4c:1b:55:b0:
                    bf:10:65:28:e6:d3:53:ba:3b:b9:64:bc:ba:51:cb:
                    45:47:1a:96:9f:c3:9d:7e:62:32:c8:b4:48:d1:cf:
                    2b:22:67:84:67:5f:11:d8:5f:78:76:a4:65:e0:53:
                    61:11:be:d1:22:9d:f1:70:d2:ea:32:6e:22:ac:94:
                    ec:5e:48:1c:fd:51:7f:89:93:df:2a:32:5d:26:50:
                    da:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2A:D4:76:D6:77:30:59:29:9C:AE:C8:04:38:B7:C4:E4:26:19:DA
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS984.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.7.0/24
                  82.23.163.0/24
                  82.24.79.0/24
                  82.24.113.0/24
                  82.24.123.0/24
                  82.26.174.0/24
                IPv6:
                  2a13:9500:8c::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:81:cd:c2:0f:b6:a5:be:42:bf:ba:5f:10:6b:1a:4a:8f:01:
         fd:8a:5e:3e:3e:f3:5c:38:ad:02:d4:f1:af:dd:59:90:fb:c7:
         15:37:be:a4:50:ba:4f:9f:76:44:09:e9:a8:16:ce:a0:fd:10:
         df:45:7d:53:76:6a:ff:dd:36:52:a2:b0:88:dc:7f:d1:b7:f1:
         9a:07:c3:06:c9:67:44:a7:02:a6:6a:28:8c:24:5c:be:1e:91:
         31:9c:87:a3:4c:c9:8e:24:b2:5b:4c:82:c2:fc:77:3b:17:93:
         55:8b:77:d4:7c:37:9b:de:b4:4b:0a:17:41:b4:03:f3:4e:0e:
         c6:ea:63:c5:e6:6d:d0:3d:41:3b:eb:1a:1f:fe:b5:59:a7:fa:
         ae:ce:e3:30:d8:b0:80:a4:f8:ea:59:35:87:5a:4e:f6:36:b6:
         de:63:11:17:21:05:72:57:72:5a:dd:ea:cb:b3:a8:a9:b6:93:
         aa:af:38:8a:9c:0f:91:96:ba:d8:3c:22:20:4a:c1:94:7f:2a:
         db:2e:d9:c4:56:47:24:75:c5:ac:e6:a2:38:b7:85:de:a4:b2:
         55:0f:13:f5:3c:7e:a6:18:1a:85:5d:a2:be:ff:36:9c:61:dc:
         00:29:30:2b:f4:9f:7d:f6:0a:bc:52:38:45:7f:1d:ba:0c:ef:
         25:44:94:b2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUMuE6AXw7xtfifj93UloOaAe7XzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTEwNjQ1MjlaFw0yNjEwMTAwNjUwMjlaMDMxMTAvBgNV
BAMTKEMzMkFENDc2RDY3NzMwNTkyOTlDQUVDODA0MzhCN0M0RTQyNjE5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOAy4MVIILaa6q2BkD+cPaiYnP
MKqFEfY677Kfl/e2Gsq0NbHxf0SztnF1hH9GHbr0yILk8vSBApQbIEWAS2Q4MhOd
/fV0BAGERouy8b6n+jkyQiYRh6dA9GaMHz3AfjIPMF1sn+dS7xnJhOYJBvJnmSzT
5EYzNuwDjChpd/aZWsxVAZBQzHKcsD8CIg4cQr1IlIBPZk+FiSSyjf1CrUVvb49b
kM8AHPgsqLrbDFIVTBtVsL8QZSjm01O6O7lkvLpRy0VHGpafw51+YjLItEjRzysi
Z4RnXxHYX3h2pGXgU2ERvtEinfFw0uoybiKslOxeSBz9UX+Jk98qMl0mUNqHAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUwyrUdtZ3MFkpnK7IBDi3xOQmGdowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTg0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUhUHAwQA
UhejAwQAUhhPAwQAUhhxAwQAUhh7AwQAUhquMA8EAgACMAkDBwAqE5UAAIwwDQYJ
KoZIhvcNAQELBQADggEBACGBzcIPtqW+Qr+6XxBrGkqPAf2KXj4+81w4rQLU8a/d
WZD7xxU3vqRQuk+fdkQJ6agWzqD9EN9FfVN2av/dNlKisIjcf9G38ZoHwwbJZ0Sn
AqZqKIwkXL4ekTGch6NMyY4ksltMgsL8dzsXk1WLd9R8N5vetEsKF0G0A/NODsbq
Y8XmbdA9QTvrGh/+tVmn+q7O4zDYsICk+OpZNYdaTvY2tt5jERchBXJXclrd6suz
qKm2k6qvOIqcD5GWutg8IiBKwZR/Ktsu2cRWRyR1xazmoji3hd6kslUPE/U8fqYY
GoVdor7/Npxh3AApMCv0n332CrxSOEV/HboM7yVElLI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:04:12 2025 by rpki-client