Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210046.roa
File:                     AS210046.roa (raw, json)
Hash identifier:          FMdQYpgQPJw0LzypsjPvrM7D/yL776zICVB4+ngC+8k=
Subject key identifier:   D8:32:15:3D:74:D6:A5:FE:4B:DD:FA:71:E3:5D:A7:20:4D:C5:7C:D7
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       368501E9292F03959FD6AA89F909D4BFFEABE0F5
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210046.roa
Signing time:             Wed 10 Jun 2026 09:22:54 +0000
ROA not before:           Wed 10 Jun 2026 09:17:54 +0000
ROA not after:            Wed 09 Jun 2027 09:22:54 +0000
asID:                     210046
IP address blocks:        141.11.53.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:85:01:e9:29:2f:03:95:9f:d6:aa:89:f9:09:d4:bf:fe:ab:e0:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jun 10 09:17:54 2026 GMT
            Not After : Jun  9 09:22:54 2027 GMT
        Subject: CN=D832153D74D6A5FE4BDDFA71E35DA7204DC57CD7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:06:b9:78:e5:80:0a:a6:01:d8:f0:9c:5f:77:
                    0e:18:51:b7:d3:c2:f4:6c:26:72:fb:5f:9f:3e:24:
                    8d:75:36:9f:a0:34:24:fe:2c:03:6d:b8:8f:04:8a:
                    6f:c5:ea:51:47:80:5f:34:fd:93:d0:93:2a:a5:87:
                    73:29:f9:d2:ca:77:55:20:59:da:3b:0b:bb:7e:3d:
                    6c:d9:e5:be:db:b7:07:3c:1a:45:3d:30:02:04:09:
                    49:e1:46:50:f3:98:50:57:e3:27:c1:6b:64:e1:1f:
                    e5:35:27:a2:78:3b:14:cd:81:bc:5f:6e:c6:02:f7:
                    ec:b0:c9:05:03:2e:d5:48:a7:71:b3:ab:e6:e2:79:
                    d7:44:72:7e:8f:ab:97:b5:98:ce:40:7d:6b:48:65:
                    4e:90:1a:fc:33:bb:9d:fa:2c:3a:89:00:57:34:60:
                    1d:e2:20:a9:fa:bf:8b:84:81:6a:fc:d5:35:11:4b:
                    84:6b:9e:8e:66:fe:cc:35:dc:bf:f0:0b:33:e9:09:
                    7a:82:92:ac:bb:7b:59:d3:7a:e0:73:3d:5a:c1:8b:
                    40:12:61:1a:3b:e5:3d:56:a4:f0:06:f7:85:6a:64:
                    ce:90:61:52:db:3f:c7:b5:9c:1b:ec:00:23:0e:cf:
                    df:fb:d1:ee:e8:9f:94:6f:6c:f2:53:c0:b0:7f:a3:
                    a4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:32:15:3D:74:D6:A5:FE:4B:DD:FA:71:E3:5D:A7:20:4D:C5:7C:D7
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS210046.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:fb:8a:e1:35:dc:cc:71:4f:ef:b3:fe:b2:87:0b:57:b9:e7:
         23:d3:9a:5b:68:27:ab:d4:58:d0:7c:5d:8b:93:4b:bd:50:10:
         44:ea:e4:f2:0c:f7:84:8e:95:06:3a:95:3d:f8:fc:24:f2:d3:
         03:fa:22:30:bb:9d:5f:1d:da:73:78:02:97:d6:09:60:b8:cb:
         9d:9a:a7:69:11:7f:e2:fc:20:83:5a:9c:5f:d3:8e:dc:4c:59:
         2e:21:1d:b8:a9:d0:50:8e:fa:a6:e7:f5:ad:45:a7:38:58:fa:
         f4:90:5b:2d:78:ca:8a:ca:af:02:34:75:c2:56:4e:2c:fc:68:
         04:e1:a7:6d:a7:99:32:5b:c7:67:51:4d:75:32:b9:51:e1:7e:
         a6:93:ec:19:17:01:19:8a:35:2a:ad:8c:88:17:16:dc:07:02:
         32:a2:9c:24:1e:52:17:b0:7c:90:97:4d:5c:cc:56:b2:22:76:
         6c:4b:c4:a5:11:35:04:b5:6e:c0:e1:ca:db:6d:09:68:67:18:
         6f:2c:26:76:72:57:47:db:de:72:66:f5:4d:4b:70:06:eb:2b:
         c6:b6:49:c2:df:23:28:cd:d9:76:0e:ed:06:97:79:b6:f8:3e:
         1f:b9:3e:70:b7:c8:28:83:16:e5:48:95:e4:37:37:de:f8:6b:
         e9:c2:a4:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNoUB6SkvA5Wf1qqJ+QnUv/6r4PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjA2MTAwOTE3NTRaFw0yNzA2MDkwOTIyNTRaMDMxMTAvBgNV
BAMTKEQ4MzIxNTNENzRENkE1RkU0QkRERkE3MUUzNURBNzIwNERDNTdDRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvBrl45YAKpgHY8Jxfdw4YUbfT
wvRsJnL7X58+JI11Np+gNCT+LANtuI8Eim/F6lFHgF80/ZPQkyqlh3Mp+dLKd1Ug
Wdo7C7t+PWzZ5b7btwc8GkU9MAIECUnhRlDzmFBX4yfBa2ThH+U1J6J4OxTNgbxf
bsYC9+ywyQUDLtVIp3Gzq+bieddEcn6Pq5e1mM5AfWtIZU6QGvwzu536LDqJAFc0
YB3iIKn6v4uEgWr81TURS4Rrno5m/sw13L/wCzPpCXqCkqy7e1nTeuBzPVrBi0AS
YRo75T1WpPAG94VqZM6QYVLbP8e1nBvsACMOz9/70e7on5RvbPJTwLB/o6SpAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU2DIVPXTWpf5L3fpx412nIE3FfNcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjEwMDQ2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQs1
MA0GCSqGSIb3DQEBCwUAA4IBAQB2+4rhNdzMcU/vs/6yhwtXuecj05pbaCer1FjQ
fF2Lk0u9UBBE6uTyDPeEjpUGOpU9+Pwk8tMD+iIwu51fHdpzeAKX1glguMudmqdp
EX/i/CCDWpxf047cTFkuIR24qdBQjvqm5/WtRac4WPr0kFsteMqKyq8CNHXCVk4s
/GgE4adtp5kyW8dnUU11MrlR4X6mk+wZFwEZijUqrYyIFxbcBwIyopwkHlIXsHyQ
l01czFayInZsS8SlETUEtW7A4crbbQloZxhvLCZ2cldH295yZvVNS3AG6yvGtknC
3yMozdl2Du0Gl3m2+D4fuT5wt8gogxblSJXkNzfe+GvpwqQE
-----END CERTIFICATE-----