Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS200213.roa
File:                     AS200213.roa (raw, json)
Hash identifier:          WaFZ1nAciq9IYTdaknzSrBhbXhL5fGT8oauM5EYrMes=
Subject key identifier:   0E:56:CC:91:0D:F9:96:50:E4:BA:C9:45:DD:1A:A5:E5:D8:80:A9:70
Certificate issuer:       /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial:       4E829030AF30EA020C20C3824BD2AF1EE133ECB0
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS200213.roa
Signing time:             Wed 06 May 2026 08:32:07 +0000
ROA not before:           Wed 06 May 2026 08:27:07 +0000
ROA not after:            Wed 05 May 2027 08:32:07 +0000
asID:                     200213
IP address blocks:        78.105.154.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:82:90:30:af:30:ea:02:0c:20:c3:82:4b:d2:af:1e:e1:33:ec:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
        Validity
            Not Before: May  6 08:27:07 2026 GMT
            Not After : May  5 08:32:07 2027 GMT
        Subject: CN=0E56CC910DF99650E4BAC945DD1AA5E5D880A970
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:59:fc:01:a8:e4:84:29:00:48:d2:6b:55:ac:
                    12:fc:7e:32:85:35:01:be:08:9e:54:f9:44:1f:8b:
                    bf:18:58:ad:17:a5:f2:77:55:08:6e:1b:6e:a3:28:
                    48:36:3e:53:65:f2:42:40:ea:64:e7:97:f6:fd:33:
                    f7:94:ed:e1:40:4f:2c:29:b9:71:85:3f:f3:36:f5:
                    27:0a:00:01:f6:4d:31:3a:5a:de:a0:2b:46:4d:7d:
                    bc:97:03:1d:63:97:c1:d1:c6:f4:17:20:0b:c1:af:
                    d3:fa:1d:7e:d8:26:f5:b7:0b:c8:83:df:d7:7a:b9:
                    11:19:00:ca:42:00:c7:e9:c1:28:cc:44:11:d0:68:
                    19:10:93:8b:a2:cf:00:76:67:bc:12:23:43:4e:57:
                    22:a2:f9:2f:70:d7:08:ae:5a:c9:06:20:94:33:2b:
                    12:73:c4:29:93:0b:d2:3a:ad:36:76:14:63:4d:1c:
                    70:d8:76:36:9e:90:bb:3d:e6:59:e3:90:78:2f:fc:
                    15:e4:2c:f5:03:82:9a:b7:e0:f5:95:be:08:49:e1:
                    10:38:8d:27:06:b4:8e:ab:ec:eb:27:5f:08:45:2b:
                    56:59:0a:d5:dc:ac:6e:a6:7a:bd:ce:f0:66:f1:61:
                    d7:d7:1b:94:2e:20:48:89:7a:de:7f:a3:da:f8:65:
                    13:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:56:CC:91:0D:F9:96:50:E4:BA:C9:45:DD:1A:A5:E5:D8:80:A9:70
            X509v3 Authority Key Identifier:
                keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS200213.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.105.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:bd:3a:d8:db:ff:9a:25:a5:f8:8e:3d:db:2c:99:de:a9:f5:
         b6:25:65:90:cc:2a:60:6f:2d:b8:be:26:9f:73:3c:26:b4:a7:
         24:fa:5d:c0:14:97:57:0e:9a:8b:c5:b4:1d:6f:10:14:a6:80:
         2c:aa:6c:88:31:6c:01:ca:c3:a4:2b:ff:34:c4:71:d5:84:32:
         e8:e4:99:84:0c:fc:54:a3:44:ea:56:0a:7f:e1:0c:1f:c8:24:
         5f:5e:6f:b5:02:56:ac:a6:b2:a4:8f:01:15:2e:d7:04:63:39:
         e7:ca:fa:d1:53:1b:7f:82:8a:9c:60:1c:fa:eb:3a:aa:69:54:
         3b:3b:a5:80:01:c9:3f:a8:7b:17:fc:5d:3c:97:d9:31:7e:cb:
         54:bb:eb:a6:33:5f:06:e4:e6:8b:bc:d7:c7:61:89:ef:fc:68:
         51:d4:d0:1f:d6:df:66:25:54:82:03:e4:fc:13:82:ae:9c:8f:
         d6:ed:90:81:a8:e3:74:aa:ed:18:e7:46:d3:fe:2d:80:2f:a5:
         c9:b6:a8:b9:a9:14:d6:5b:0a:8e:52:3a:17:10:a9:71:7c:89:
         f5:af:4d:d7:50:bb:de:e7:a4:c8:7d:d6:2e:2f:1a:cb:20:96:
         74:4d:69:ae:cc:da:06:b8:42:d7:e5:95:d3:28:66:5d:51:92:
         37:70:a9:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUToKQMK8w6gIMIMOCS9KvHuEz7LAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA1MDYwODI3MDdaFw0yNzA1MDUwODMyMDdaMDMxMTAvBgNV
BAMTKDBFNTZDQzkxMERGOTk2NTBFNEJBQzk0NUREMUFBNUU1RDg4MEE5NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIWfwBqOSEKQBI0mtVrBL8fjKF
NQG+CJ5U+UQfi78YWK0XpfJ3VQhuG26jKEg2PlNl8kJA6mTnl/b9M/eU7eFATywp
uXGFP/M29ScKAAH2TTE6Wt6gK0ZNfbyXAx1jl8HRxvQXIAvBr9P6HX7YJvW3C8iD
39d6uREZAMpCAMfpwSjMRBHQaBkQk4uizwB2Z7wSI0NOVyKi+S9w1wiuWskGIJQz
KxJzxCmTC9I6rTZ2FGNNHHDYdjaekLs95lnjkHgv/BXkLPUDgpq34PWVvghJ4RA4
jScGtI6r7OsnXwhFK1ZZCtXcrG6mer3O8GbxYdfXG5QuIEiJet5/o9r4ZRMVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUDlbMkQ35llDkuslF3Rql5diAqXAwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjAwMjEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATmma
MA0GCSqGSIb3DQEBCwUAA4IBAQCPvTrY2/+aJaX4jj3bLJneqfW2JWWQzCpgby24
viafczwmtKck+l3AFJdXDpqLxbQdbxAUpoAsqmyIMWwBysOkK/80xHHVhDLo5JmE
DPxUo0TqVgp/4QwfyCRfXm+1AlasprKkjwEVLtcEYznnyvrRUxt/goqcYBz66zqq
aVQ7O6WAAck/qHsX/F08l9kxfstUu+umM18G5OaLvNfHYYnv/GhR1NAf1t9mJVSC
A+T8E4KunI/W7ZCBqON0qu0Y50bT/i2AL6XJtqi5qRTWWwqOUjoXEKlxfIn1r03X
ULve56TIfdYuLxrLIJZ0TWmuzNoGuELX5ZXTKGZdUZI3cKmn
-----END CERTIFICATE-----