Route Origin Authorization

$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS63150.roa
File:                     AS63150.roa (raw, json)
Hash identifier:          2GQrVYKlhaq/+Q9PdLOHrO57HMVV4jpoAMA9BTr/Jg8=
Subject key identifier:   18:F0:15:7D:0E:97:65:8C:A6:1E:B4:A3:F5:88:B6:CB:78:69:56:D5
Certificate issuer:       /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial:       76441DD99033C146B07EEBE72BC627E75BBBEA53
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access:      rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS63150.roa
Signing time:             Fri 25 Apr 2025 11:46:14 +0000
ROA not before:           Fri 25 Apr 2025 11:41:14 +0000
ROA not after:            Fri 24 Apr 2026 11:46:14 +0000
asID:                     63150
IP address blocks:        2a06:9f81:4000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Apr 2025 07:09:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:44:1d:d9:90:33:c1:46:b0:7e:eb:e7:2b:c6:27:e7:5b:bb:ea:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
        Validity
            Not Before: Apr 25 11:41:14 2025 GMT
            Not After : Apr 24 11:46:14 2026 GMT
        Subject: CN=18F0157D0E97658CA61EB4A3F588B6CB786956D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:9f:b6:86:33:d1:0a:d7:c5:79:93:a5:f0:0e:
                    1d:bb:dd:da:8c:de:87:6b:c1:20:0e:e7:39:8a:80:
                    41:be:5c:48:86:0c:68:0a:ad:22:6e:1f:8c:5a:ae:
                    dd:1f:55:a1:99:b2:51:5f:83:37:ea:dd:6c:bf:91:
                    37:32:be:38:f1:54:35:1e:96:a1:dd:e6:5b:58:b4:
                    30:f0:a6:5f:8c:06:24:e7:67:5e:b2:20:c3:a1:a6:
                    8e:6b:3f:59:c5:65:42:2c:43:04:a6:08:55:7a:1f:
                    9d:d1:f1:b9:32:2b:46:1b:37:1a:e5:f6:02:76:d6:
                    35:77:09:1b:20:f5:ae:02:0e:30:63:a1:c3:ec:e6:
                    b9:d3:d9:71:7c:e5:cf:e8:13:78:3a:35:8a:07:03:
                    b6:5b:2d:5b:7f:1c:a7:35:36:a6:38:76:f5:bb:d0:
                    db:ce:b4:70:e8:2a:bd:f4:cc:43:da:3f:48:39:de:
                    f1:be:82:01:f8:a0:24:2a:21:ae:3f:38:d1:ce:6c:
                    15:70:c2:a6:1d:92:5f:75:26:a7:53:fc:70:e7:46:
                    5f:9b:a6:0f:53:50:1e:3a:43:42:ed:9a:2f:d1:cb:
                    7c:59:e8:0d:f5:6c:de:56:d0:f3:97:e5:58:2f:38:
                    db:c7:56:84:06:e8:24:cf:8c:17:77:4c:c1:f8:ff:
                    ff:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F0:15:7D:0E:97:65:8C:A6:1E:B4:A3:F5:88:B6:CB:78:69:56:D5
            X509v3 Authority Key Identifier:
                keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer

            Subject Information Access:
                Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS63150.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f81:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b1:0a:2f:c3:f4:db:00:c5:1d:bc:c4:45:e5:f4:e8:24:49:03:
         a0:64:eb:cd:4b:fc:00:72:7b:c4:00:eb:f9:6b:3a:67:29:bc:
         9a:c0:0a:93:4e:1f:c9:a6:1d:02:ce:f6:ff:7b:b9:0a:f2:9b:
         e6:02:9d:48:e0:a2:38:9b:ee:51:78:61:7f:0b:90:ed:8c:77:
         a9:d0:71:8e:51:98:f1:40:02:df:a6:00:f7:1a:3f:a7:4c:bb:
         d3:84:03:e7:d4:26:bb:af:e2:2c:78:38:1b:48:b0:ce:6e:e9:
         27:cf:35:73:f7:0d:2c:13:1c:ff:ef:3c:35:7c:bf:17:49:37:
         54:52:3f:01:2c:38:cc:a3:de:2b:a7:e5:b6:d2:11:6f:71:63:
         ae:35:a0:26:aa:1b:a4:74:97:6e:8c:a4:33:7c:42:d5:8f:ef:
         e4:04:19:3b:c6:5e:e1:8d:6a:5a:14:a0:d4:f3:53:ed:0e:79:
         1c:aa:86:20:e4:66:f9:a7:e2:19:03:a8:94:53:4a:b4:e2:17:
         ff:7c:af:9c:34:09:95:0d:88:6e:68:1b:99:3a:e5:cf:e9:5d:
         c3:bc:10:e2:ef:7e:ec:3c:c7:25:00:64:d9:38:5a:34:95:40:
         ad:4a:1e:d3:8f:b6:68:71:e3:b7:a6:6e:1c:3a:d9:69:7f:a4:
         7e:e6:3d:49
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUdkQd2ZAzwUawfuvnK8Yn51u76lMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yNTA0MjUxMTQxMTRaFw0yNjA0MjQxMTQ2MTRaMDMxMTAvBgNV
BAMTKDE4RjAxNTdEMEU5NzY1OENBNjFFQjRBM0Y1ODhCNkNCNzg2OTU2RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHn7aGM9EK18V5k6XwDh273dqM
3odrwSAO5zmKgEG+XEiGDGgKrSJuH4xart0fVaGZslFfgzfq3Wy/kTcyvjjxVDUe
lqHd5ltYtDDwpl+MBiTnZ16yIMOhpo5rP1nFZUIsQwSmCFV6H53R8bkyK0YbNxrl
9gJ21jV3CRsg9a4CDjBjocPs5rnT2XF85c/oE3g6NYoHA7ZbLVt/HKc1NqY4dvW7
0NvOtHDoKr30zEPaP0g53vG+ggH4oCQqIa4/ONHObBVwwqYdkl91JqdT/HDnRl+b
pg9TUB46Q0Ltmi/Ry3xZ6A31bN5W0POX5VgvONvHVoQG6CTPjBd3TMH4//+RAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQUGPAVfQ6XZYymHrSj9Yi2y3hpVtUwHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwWQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1y
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTNjMxNTAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUH
AQcBAf8EEjAQMA4EAgACMAgDBgAqBp+BQDANBgkqhkiG9w0BAQsFAAOCAQEAsQov
w/TbAMUdvMRF5fToJEkDoGTrzUv8AHJ7xADr+Ws6Zym8msAKk04fyaYdAs72/3u5
CvKb5gKdSOCiOJvuUXhhfwuQ7Yx3qdBxjlGY8UAC36YA9xo/p0y704QD59Qmu6/i
LHg4G0iwzm7pJ881c/cNLBMc/+88NXy/F0k3VFI/ASw4zKPeK6flttIRb3FjrjWg
JqobpHSXboykM3xC1Y/v5AQZO8Ze4Y1qWhSg1PNT7Q55HKqGIORm+afiGQOolFNK
tOIX/3yvnDQJlQ2IbmgbmTrlz+ldw7wQ4u9+7DzHJQBk2ThaNJVArUoe04+2aHHj
t6ZuHDrZaX+kfuY9SQ==
-----END CERTIFICATE-----