Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS202076.roa
File:                     AS202076.roa (raw, json)
Hash identifier:          BNTDYfZ88kN8J1ouxS7nr3sc5Fue7VXYR+P7e8Lj+f8=
Subject key identifier:   45:3B:65:C3:C2:35:FB:F1:69:19:CF:83:D9:19:B8:18:63:11:DE:4A
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       4C33F6761F4049905FD611766891B811BDD485BE
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS202076.roa
Signing time:             Thu 12 Feb 2026 15:23:44 +0000
ROA not before:           Thu 12 Feb 2026 15:18:44 +0000
ROA not after:            Thu 11 Feb 2027 15:23:44 +0000
asID:                     202076
IP address blocks:        2a13:9500:135::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:33:f6:76:1f:40:49:90:5f:d6:11:76:68:91:b8:11:bd:d4:85:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Feb 12 15:18:44 2026 GMT
            Not After : Feb 11 15:23:44 2027 GMT
        Subject: CN=453B65C3C235FBF16919CF83D919B8186311DE4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ee:48:d9:dc:2c:31:8f:5f:18:9e:e7:fe:b1:
                    67:69:e8:d5:c8:78:4b:34:47:50:8d:f7:7f:74:bd:
                    f0:ff:fc:87:1f:48:37:9d:e2:6a:2e:af:5a:8d:06:
                    2a:19:6d:de:09:77:ce:b5:3c:94:2b:9b:58:90:e9:
                    8d:50:4c:d1:94:07:46:43:23:3c:f9:fd:3f:1f:4d:
                    49:a4:7f:48:ee:74:fd:31:f1:e1:cb:26:ae:b4:a1:
                    81:f7:30:65:49:d4:62:20:42:88:9e:ed:ed:f3:16:
                    2e:c1:af:29:3e:a7:82:21:90:19:9c:ba:01:77:4e:
                    c7:cc:9a:32:cf:7a:b2:5b:e8:f2:8c:44:29:28:40:
                    c8:d1:d1:8d:6a:a1:5f:d9:a7:e8:45:8e:56:af:1b:
                    47:cb:3f:2e:54:c4:b8:2b:21:c5:bb:4c:84:40:9f:
                    3f:70:02:38:c3:24:32:2b:bc:1b:da:76:7a:8c:5c:
                    83:ef:89:05:e1:d5:4a:10:4f:0f:bf:10:c7:ee:8e:
                    79:3b:83:a2:e7:89:07:7f:16:fa:55:cf:4b:90:19:
                    a7:49:fc:e0:41:6d:62:33:5d:e7:9a:c2:34:a5:e7:
                    86:ac:67:67:34:ba:f8:9e:29:7e:24:3c:6a:84:d5:
                    49:09:01:6f:90:b4:1c:92:8f:4a:91:64:54:67:68:
                    05:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:3B:65:C3:C2:35:FB:F1:69:19:CF:83:D9:19:B8:18:63:11:DE:4A
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS202076.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9500:135::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:5a:54:f0:37:a9:6c:8e:bb:c0:72:34:cf:ef:ad:7f:f0:90:
         b7:86:d3:bb:73:d8:28:9a:82:31:63:f6:b0:0c:53:09:06:bf:
         4d:82:1b:5d:9a:47:ba:66:25:af:12:41:ae:e3:fa:b9:3f:51:
         64:40:dd:fb:0b:73:95:1e:be:34:50:1e:c5:42:f5:35:18:9f:
         b3:85:5f:92:e4:03:26:e7:35:21:a5:06:4a:7b:7f:49:e4:02:
         49:13:c4:24:bc:9c:a7:d3:7c:87:70:51:00:0e:80:3d:9e:9e:
         6e:e5:f8:a2:10:7e:13:32:b1:34:79:2f:69:f3:87:3c:a0:48:
         6f:4d:33:70:e0:76:f6:21:69:8d:6b:85:4a:23:8f:75:5a:e4:
         a0:15:65:a4:27:f3:02:33:1b:22:03:c6:0f:58:7c:f6:21:d3:
         9d:4d:a9:06:e8:82:82:ca:26:90:42:58:c3:07:60:1f:5d:88:
         eb:b2:3c:b9:5e:8a:e6:72:5f:b0:7a:4e:3a:75:ba:4c:25:5f:
         e0:fb:80:f0:32:7d:68:88:ec:43:dc:b1:18:b2:8a:c7:7a:b0:
         7d:8c:8e:b1:31:e4:3e:e6:dc:ec:3a:b1:aa:53:ec:9f:2c:f0:
         6d:8e:b7:37:29:68:c8:6c:4c:09:7e:d2:e8:7e:68:7b:38:a0:
         a6:7a:6b:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTDP2dh9ASZBf1hF2aJG4Eb3Uhb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAyMTIxNTE4NDRaFw0yNzAyMTExNTIzNDRaMDMxMTAvBgNV
BAMTKDQ1M0I2NUMzQzIzNUZCRjE2OTE5Q0Y4M0Q5MTlCODE4NjMxMURFNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7kjZ3Cwxj18Ynuf+sWdp6NXI
eEs0R1CN9390vfD//IcfSDed4mour1qNBioZbd4Jd861PJQrm1iQ6Y1QTNGUB0ZD
Izz5/T8fTUmkf0judP0x8eHLJq60oYH3MGVJ1GIgQoie7e3zFi7Bryk+p4IhkBmc
ugF3TsfMmjLPerJb6PKMRCkoQMjR0Y1qoV/Zp+hFjlavG0fLPy5UxLgrIcW7TIRA
nz9wAjjDJDIrvBvadnqMXIPviQXh1UoQTw+/EMfujnk7g6LniQd/FvpVz0uQGadJ
/OBBbWIzXeeawjSl54asZ2c0uvieKX4kPGqE1UkJAW+QtBySj0qRZFRnaAUTAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQURTtlw8I1+/FpGc+D2Rm4GGMR3kowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjAyMDc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOV
AAE1MA0GCSqGSIb3DQEBCwUAA4IBAQBJWlTwN6lsjrvAcjTP761/8JC3htO7c9go
moIxY/awDFMJBr9Nghtdmke6ZiWvEkGu4/q5P1FkQN37C3OVHr40UB7FQvU1GJ+z
hV+S5AMm5zUhpQZKe39J5AJJE8QkvJyn03yHcFEADoA9np5u5fiiEH4TMrE0eS9p
84c8oEhvTTNw4Hb2IWmNa4VKI491WuSgFWWkJ/MCMxsiA8YPWHz2IdOdTakG6IKC
yiaQQljDB2AfXYjrsjy5Xormcl+wek46dbpMJV/g+4DwMn1oiOxD3LEYsorHerB9
jI6xMeQ+5tzsOrGqU+yfLPBtjrc3KWjIbEwJftLofmh7OKCmemuU
-----END CERTIFICATE-----