Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS202051.roa
File:                     AS202051.roa (raw, json)
Hash identifier:          8MN0pVIR8sdnEk2gJy0r1lCFNHrfbEzPWjQqOzWhuJ0=
Subject key identifier:   B9:09:19:60:67:07:04:EF:AC:6B:68:EB:A1:37:D5:0E:E8:72:0A:70
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       45858DA5DFFEF00C22E183F54EA08669255D5F36
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS202051.roa
Signing time:             Tue 24 Feb 2026 12:41:00 +0000
ROA not before:           Tue 24 Feb 2026 12:36:00 +0000
ROA not after:            Tue 23 Feb 2027 12:41:00 +0000
asID:                     202051
IP address blocks:        141.11.197.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:85:8d:a5:df:fe:f0:0c:22:e1:83:f5:4e:a0:86:69:25:5d:5f:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Feb 24 12:36:00 2026 GMT
            Not After : Feb 23 12:41:00 2027 GMT
        Subject: CN=B9091960670704EFAC6B68EBA137D50EE8720A70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:81:2d:27:7b:3f:6f:55:21:43:0f:a7:aa:e1:
                    7f:a0:29:44:4e:d9:6b:4c:b0:d5:09:27:90:53:67:
                    7a:32:c0:9f:ff:15:51:0a:79:33:1f:fe:2d:b1:bc:
                    bd:d8:b7:c7:fe:c8:a7:57:3b:94:e8:19:d0:93:5f:
                    53:69:b0:75:6e:dc:ad:5c:82:a7:0f:cc:1f:6b:7b:
                    64:e3:93:ab:b9:8b:4c:c6:6d:85:61:97:f8:27:39:
                    27:0c:0d:2e:90:fc:d9:fd:34:78:10:54:d1:74:44:
                    7c:7e:37:99:4e:d4:11:d2:fc:6e:21:23:5a:68:7e:
                    28:92:6f:1e:52:8d:b1:b0:27:1e:1a:3f:df:b4:57:
                    5b:45:c3:94:5b:f4:3f:b9:3f:fe:94:2d:4a:71:99:
                    ff:0c:c6:1a:71:f1:a1:5c:07:be:ac:d0:d2:75:6b:
                    9e:8e:a8:00:94:70:67:02:ec:f2:99:da:0b:04:a5:
                    6e:61:0c:a3:8d:43:13:30:82:06:7f:80:5a:90:85:
                    24:19:e6:83:8b:92:e3:cf:c9:b7:5e:ac:dc:3e:92:
                    32:60:98:44:6a:74:46:85:de:19:bd:98:d4:43:26:
                    77:0c:f6:f0:1f:a6:a1:a8:ad:92:6b:2e:f7:f0:3e:
                    b1:65:65:a6:60:41:99:3b:79:05:0a:96:a8:b7:18:
                    64:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:09:19:60:67:07:04:EF:AC:6B:68:EB:A1:37:D5:0E:E8:72:0A:70
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS202051.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:71:0b:12:fe:a4:bf:e9:ae:72:e7:3d:d2:a4:db:9f:a0:67:
         e2:ee:1c:be:84:44:90:f1:1b:64:9d:78:c0:71:18:0c:a4:1b:
         57:69:0c:64:53:b9:47:e6:20:ad:f5:57:74:c2:c8:8a:f3:7a:
         82:c3:9b:9a:62:bc:0a:79:5d:8d:b6:a5:53:74:98:6d:ee:28:
         a3:f4:e9:52:40:39:07:a3:ac:0a:cd:36:4d:df:d4:6b:09:b0:
         d8:77:e3:3a:23:76:8a:be:2a:b1:40:43:be:f2:d6:07:d8:7a:
         bc:42:04:49:67:dd:30:d4:25:28:b9:8b:dd:a4:6d:12:65:6b:
         09:d7:dd:6f:62:e4:73:02:6b:f7:9d:66:06:5e:42:3b:fb:e3:
         26:50:cd:71:3f:df:93:bc:22:0e:84:66:a9:e6:37:b2:15:bc:
         c8:23:1f:69:9b:2c:59:8c:77:35:bf:2e:99:63:0d:70:c2:eb:
         3f:01:50:7d:2b:12:b9:c6:bc:32:e4:20:ff:2c:7e:15:b9:7c:
         cd:ea:cc:f3:1f:b8:40:72:ce:60:96:39:77:9b:f0:0c:8c:0c:
         e8:c8:47:7e:6a:ed:a3:c3:cf:57:c7:c6:78:21:c5:b2:28:09:
         ea:f7:1f:7a:77:a1:8c:7f:3c:34:e1:41:ae:be:c4:12:b6:84:
         ef:dc:e5:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIURYWNpd/+8Awi4YP1TqCGaSVdXzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAyMjQxMjM2MDBaFw0yNzAyMjMxMjQxMDBaMDMxMTAvBgNV
BAMTKEI5MDkxOTYwNjcwNzA0RUZBQzZCNjhFQkExMzdENTBFRTg3MjBBNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAgS0nez9vVSFDD6eq4X+gKURO
2WtMsNUJJ5BTZ3oywJ//FVEKeTMf/i2xvL3Yt8f+yKdXO5ToGdCTX1NpsHVu3K1c
gqcPzB9re2Tjk6u5i0zGbYVhl/gnOScMDS6Q/Nn9NHgQVNF0RHx+N5lO1BHS/G4h
I1pofiiSbx5SjbGwJx4aP9+0V1tFw5Rb9D+5P/6ULUpxmf8Mxhpx8aFcB76s0NJ1
a56OqACUcGcC7PKZ2gsEpW5hDKONQxMwggZ/gFqQhSQZ5oOLkuPPybderNw+kjJg
mERqdEaF3hm9mNRDJncM9vAfpqGorZJrLvfwPrFlZaZgQZk7eQUKlqi3GGQJAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUuQkZYGcHBO+sa2jroTfVDuhyCnAwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjAyMDUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQvF
MA0GCSqGSIb3DQEBCwUAA4IBAQAXcQsS/qS/6a5y5z3SpNufoGfi7hy+hESQ8Rtk
nXjAcRgMpBtXaQxkU7lH5iCt9Vd0wsiK83qCw5uaYrwKeV2NtqVTdJht7iij9OlS
QDkHo6wKzTZN39RrCbDYd+M6I3aKviqxQEO+8tYH2Hq8QgRJZ90w1CUouYvdpG0S
ZWsJ191vYuRzAmv3nWYGXkI7++MmUM1xP9+TvCIOhGap5jeyFbzIIx9pmyxZjHc1
vy6ZYw1wwus/AVB9KxK5xrwy5CD/LH4VuXzN6szzH7hAcs5gljl3m/AMjAzoyEd+
au2jw89Xx8Z4IcWyKAnq9x96d6GMfzw04UGuvsQStoTv3OWG
-----END CERTIFICATE-----