Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214962.roa
File:                     AS214962.roa (raw, json)
Hash identifier:          virms/TPs+FAIleYL4C5xZG4LzeoGRbx3B2VXD+/TBM=
Subject key identifier:   F6:60:10:D4:C7:DF:D7:37:12:3D:AF:EE:62:B3:9A:68:C6:8F:C2:AA
Certificate issuer:       /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial:       18EC6622F829981340E8C6B45AAD4E28669A4175
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214962.roa
Signing time:             Tue 12 May 2026 09:04:23 +0000
ROA not before:           Tue 12 May 2026 08:59:23 +0000
ROA not after:            Tue 11 May 2027 09:04:23 +0000
asID:                     214962
IP address blocks:        46.202.84.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ec:66:22:f8:29:98:13:40:e8:c6:b4:5a:ad:4e:28:66:9a:41:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
        Validity
            Not Before: May 12 08:59:23 2026 GMT
            Not After : May 11 09:04:23 2027 GMT
        Subject: CN=F66010D4C7DFD737123DAFEE62B39A68C68FC2AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:32:ea:fe:f2:ee:fb:59:5e:b5:2b:64:f0:80:
                    0c:df:23:34:d7:b4:c1:15:9d:a2:9e:46:2b:5b:31:
                    ba:11:91:dd:8e:1d:62:2f:7a:18:ba:0b:81:af:a7:
                    94:35:e5:6a:7d:12:38:62:2c:40:66:9a:ea:fb:2a:
                    71:65:dc:18:be:2e:fe:9d:2c:c2:a1:00:42:44:7d:
                    3c:88:9e:6d:43:10:dc:2c:22:06:30:42:cc:4e:be:
                    af:c2:e0:92:89:7d:39:1d:a5:91:a3:17:dc:7c:bc:
                    e3:c7:48:57:af:66:0e:a7:27:9b:43:87:d5:bd:58:
                    a7:86:2e:cd:f4:c4:f5:50:c4:fc:97:4a:45:7a:74:
                    b2:02:11:d3:57:13:86:1f:2f:1e:66:e9:7f:36:af:
                    02:c5:ee:b8:f8:86:00:79:9f:28:d8:23:a8:05:d3:
                    9b:e9:e2:1d:e3:47:0d:2d:f0:3c:3a:ad:05:5a:1c:
                    0d:cc:af:9d:a8:52:db:65:32:50:a3:3d:48:a2:67:
                    5f:59:98:01:a1:16:f0:5a:47:b8:ed:da:c0:80:55:
                    a5:ce:8b:fb:3d:b8:7c:ad:01:b9:87:a3:80:31:87:
                    9e:43:59:9e:73:0f:a9:eb:7c:63:d7:65:9b:57:28:
                    d1:4d:3b:de:fe:4f:96:58:0e:35:60:cb:30:23:48:
                    8a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:60:10:D4:C7:DF:D7:37:12:3D:AF:EE:62:B3:9A:68:C6:8F:C2:AA
            X509v3 Authority Key Identifier:
                keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214962.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.202.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:88:f8:b7:d4:63:93:5e:95:ff:c4:00:e0:13:f4:d3:3e:9f:
         e9:43:c0:b0:45:81:c2:97:34:fd:32:f1:7d:93:ee:88:4c:98:
         4e:bf:cd:73:0a:20:cb:90:78:8f:e0:b8:7e:45:cd:30:90:61:
         f3:ff:f6:c6:58:c9:bc:ca:eb:23:fd:0f:5f:d6:e1:01:c9:db:
         2d:0c:f7:a5:c1:51:29:e0:c7:f8:d1:d7:a4:66:66:fe:34:ea:
         b9:04:6c:4c:80:62:43:9e:24:f7:85:2f:36:05:23:d7:43:8b:
         1e:aa:67:55:4b:76:f2:d6:9d:de:22:b3:27:aa:14:4a:c1:00:
         c2:04:18:78:66:1e:38:bf:cc:7f:19:41:58:87:3c:b4:15:2b:
         00:0b:97:0c:de:4a:f7:ca:e6:8d:6d:cd:7c:8e:61:37:60:c8:
         55:8f:93:37:76:b5:54:9b:6c:32:79:a3:92:b5:a0:33:a1:5b:
         b9:d2:5b:2b:18:44:ec:dd:e7:c1:e1:3b:fd:ae:05:5c:5a:69:
         41:c3:11:3b:4e:0e:75:7c:91:ad:57:62:5d:fc:08:07:d6:9f:
         38:4c:e2:83:b6:60:49:d9:fb:08:fb:3f:da:fc:71:27:72:eb:
         4d:0e:8a:48:a4:0c:3e:10:8b:6d:1e:6c:f4:95:90:47:de:2e:
         fd:7a:f0:5d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUGOxmIvgpmBNA6Ma0Wq1OKGaaQXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTIwODU5MjNaFw0yNzA1MTEwOTA0MjNaMDMxMTAvBgNV
BAMTKEY2NjAxMEQ0QzdERkQ3MzcxMjNEQUZFRTYyQjM5QTY4QzY4RkMyQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWMur+8u77WV61K2TwgAzfIzTX
tMEVnaKeRitbMboRkd2OHWIvehi6C4Gvp5Q15Wp9EjhiLEBmmur7KnFl3Bi+Lv6d
LMKhAEJEfTyInm1DENwsIgYwQsxOvq/C4JKJfTkdpZGjF9x8vOPHSFevZg6nJ5tD
h9W9WKeGLs30xPVQxPyXSkV6dLICEdNXE4YfLx5m6X82rwLF7rj4hgB5nyjYI6gF
05vp4h3jRw0t8Dw6rQVaHA3Mr52oUttlMlCjPUiiZ19ZmAGhFvBaR7jt2sCAVaXO
i/s9uHytAbmHo4Axh55DWZ5zD6nrfGPXZZtXKNFNO97+T5ZYDjVgyzAjSIpFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU9mAQ1Mff1zcSPa/uYrOaaMaPwqowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0OTYyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALspU
MA0GCSqGSIb3DQEBCwUAA4IBAQCqiPi31GOTXpX/xADgE/TTPp/pQ8CwRYHClzT9
MvF9k+6ITJhOv81zCiDLkHiP4Lh+Rc0wkGHz//bGWMm8yusj/Q9f1uEBydstDPel
wVEp4Mf40dekZmb+NOq5BGxMgGJDniT3hS82BSPXQ4seqmdVS3by1p3eIrMnqhRK
wQDCBBh4Zh44v8x/GUFYhzy0FSsAC5cM3kr3yuaNbc18jmE3YMhVj5M3drVUm2wy
eaOStaAzoVu50lsrGETs3efB4Tv9rgVcWmlBwxE7Tg51fJGtV2Jd/AgH1p84TOKD
tmBJ2fsI+z/a/HEncutNDopIpAw+EIttHmz0lZBH3i79evBd
-----END CERTIFICATE-----