Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS63286.roa
File:                     AS63286.roa (raw, json)
Hash identifier:          n8yZboJFONcRMSUzn4WYeUcHtETCoOcwayAuBjWq2LQ=
Subject key identifier:   2C:AE:29:B6:5E:6A:79:3A:E5:EB:72:1C:3F:B9:5A:C2:55:E3:3C:3C
Certificate issuer:       /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial:       0F31DE170EEDCFBEEFE7C69D58A7D93762AEA682
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS63286.roa
Signing time:             Tue 12 May 2026 00:21:31 +0000
ROA not before:           Tue 12 May 2026 00:16:31 +0000
ROA not after:            Tue 11 May 2027 00:21:31 +0000
asID:                     63286
IP address blocks:        2a14:7580:4000::/36 maxlen: 36
                          2a14:7585::/36 maxlen: 36
                          2a14:7585:f000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 08:48:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:31:de:17:0e:ed:cf:be:ef:e7:c6:9d:58:a7:d9:37:62:ae:a6:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
        Validity
            Not Before: May 12 00:16:31 2026 GMT
            Not After : May 11 00:21:31 2027 GMT
        Subject: CN=2CAE29B65E6A793AE5EB721C3FB95AC255E33C3C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a8:f1:43:29:5c:39:b9:61:be:f7:b4:57:6d:
                    16:99:f1:ee:99:54:72:d1:05:0a:35:37:4f:bb:dc:
                    42:f1:4f:9b:5f:75:45:52:e6:8e:0d:e5:9a:30:d7:
                    83:24:97:df:33:6c:9e:b4:3f:68:15:c6:db:40:78:
                    d5:d3:d5:10:a6:11:10:93:85:23:7c:22:34:ce:4c:
                    65:4c:7d:c1:d1:62:c5:48:6b:8a:6b:24:64:7f:ff:
                    94:89:8e:2c:05:b9:50:b8:9a:dc:42:87:15:6a:28:
                    e9:6c:06:dd:45:f5:b3:0e:57:0a:4c:e3:3a:4e:ba:
                    3a:62:3e:97:b2:c2:78:fb:b3:da:df:69:14:97:82:
                    20:57:59:82:cc:f7:3b:c0:d6:4e:13:0d:07:27:a1:
                    f9:0c:db:43:5e:0e:61:6c:2d:14:a5:8a:0d:88:87:
                    ed:e4:40:9f:6a:c0:0d:e2:ce:a7:cf:16:24:81:16:
                    4f:8e:85:40:41:75:b3:a0:fc:33:1a:f8:1d:bb:1b:
                    8c:0c:d8:04:d8:b3:87:97:49:87:f5:e7:d2:b9:89:
                    c4:0b:f7:80:c2:d9:b6:33:f9:0a:6c:2a:0c:0b:4f:
                    24:0d:43:6c:3c:b9:12:5d:3d:d0:f0:4e:01:45:a4:
                    ac:bb:3a:a8:e1:00:66:f5:b0:02:2b:cf:d6:31:8a:
                    98:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:AE:29:B6:5E:6A:79:3A:E5:EB:72:1C:3F:B9:5A:C2:55:E3:3C:3C
            X509v3 Authority Key Identifier:
                keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS63286.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7580:4000::/36
                  2a14:7585::/36
                  2a14:7585:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         82:ae:09:5f:d5:46:ff:80:c1:43:e2:f4:fd:9e:19:91:7a:9a:
         71:e7:8a:48:0a:13:89:6f:bc:fa:29:14:bb:68:2e:72:0d:f4:
         0b:06:d8:54:f1:c5:0e:05:38:37:fa:d5:46:e6:8f:81:77:34:
         08:3a:b4:41:25:d2:40:a6:b6:b9:33:a5:0b:8b:6c:18:66:b5:
         64:26:80:4d:c3:1f:01:dc:c9:4f:a8:44:cf:40:b5:24:7a:eb:
         d8:82:e4:d0:0f:e2:95:4b:54:7d:63:3d:8c:dc:da:e2:10:76:
         ff:31:f4:59:aa:98:05:5f:18:a0:30:89:94:be:04:85:0c:4f:
         e6:ec:1d:37:20:eb:12:e4:f9:54:b7:d9:76:a0:b8:7b:83:de:
         02:72:32:66:75:aa:45:47:9e:13:ab:fc:6b:b7:85:6f:a2:8f:
         cb:0f:c3:8e:0b:40:9a:17:69:80:4e:05:e1:ed:6f:ab:b8:b5:
         7c:94:ff:f4:cd:5d:69:b6:da:b8:02:bf:e4:ff:a4:56:2d:5e:
         04:15:a5:bf:95:d9:26:92:c7:e8:64:38:1c:ae:30:e2:02:29:
         9b:ad:02:76:97:48:2b:4f:8a:37:b7:3a:a0:2e:18:74:47:7f:
         92:1b:f6:50:1a:4b:6c:2f:c0:46:28:0c:82:85:76:7e:82:bd:
         ec:c6:28:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUDzHeFw7tz77v58adWKfZN2KupoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNjA1MTIwMDE2MzFaFw0yNzA1MTEwMDIxMzFaMDMxMTAvBgNV
BAMTKDJDQUUyOUI2NUU2QTc5M0FFNUVCNzIxQzNGQjk1QUMyNTVFMzNDM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCGqPFDKVw5uWG+97RXbRaZ8e6Z
VHLRBQo1N0+73ELxT5tfdUVS5o4N5Zow14Mkl98zbJ60P2gVxttAeNXT1RCmERCT
hSN8IjTOTGVMfcHRYsVIa4prJGR//5SJjiwFuVC4mtxChxVqKOlsBt1F9bMOVwpM
4zpOujpiPpeywnj7s9rfaRSXgiBXWYLM9zvA1k4TDQcnofkM20NeDmFsLRSlig2I
h+3kQJ9qwA3izqfPFiSBFk+OhUBBdbOg/DMa+B27G4wM2ATYs4eXSYf159K5icQL
94DC2bYz+QpsKgwLTyQNQ2w8uRJdPdDwTgFFpKy7OqjhAGb1sAIrz9Yxipg1AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQULK4ptl5qeTrl63IcP7lawlXjPDwwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNjMyODYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgACMBgDBgQqFHWA
QAMGBCoUdYUAAwYEKhR1hfAwDQYJKoZIhvcNAQELBQADggEBAIKuCV/VRv+AwUPi
9P2eGZF6mnHnikgKE4lvvPopFLtoLnIN9AsG2FTxxQ4FODf61Ubmj4F3NAg6tEEl
0kCmtrkzpQuLbBhmtWQmgE3DHwHcyU+oRM9AtSR669iC5NAP4pVLVH1jPYzc2uIQ
dv8x9FmqmAVfGKAwiZS+BIUMT+bsHTcg6xLk+VS32XaguHuD3gJyMmZ1qkVHnhOr
/Gu3hW+ij8sPw44LQJoXaYBOBeHtb6u4tXyU//TNXWm22rgCv+T/pFYtXgQVpb+V
2SaSx+hkOByuMOICKZutAnaXSCtPije3OqAuGHRHf5Ib9lAaS2wvwEYoDIKFdn6C
vezGKEM=
-----END CERTIFICATE-----