Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215087.roa
File:                     AS215087.roa (raw, json)
Hash identifier:          gyh5QbkyZkuR+JXlo7QNmW1nm+7VPT5CaNEIgaxwkSU=
Subject key identifier:   79:87:C6:00:88:72:E5:09:DB:1D:31:3A:21:F5:F7:8A:B9:F1:65:5A
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       5BD7BA83292D79E91F8BBE49E772671004C44C43
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215087.roa
Signing time:             Thu 23 May 2024 16:49:12 +0000
ROA not before:           Thu 23 May 2024 16:44:12 +0000
ROA not after:            Thu 22 May 2025 16:49:12 +0000
asID:                     215087
IP address blocks:        2a0f:85c1:3b6::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:d7:ba:83:29:2d:79:e9:1f:8b:be:49:e7:72:67:10:04:c4:4c:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:12 2024 GMT
            Not After : May 22 16:49:12 2025 GMT
        Subject: CN=7987C6008872E509DB1D313A21F5F78AB9F1655A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bb:d2:3b:dd:8e:3c:77:b8:de:5a:a1:bf:75:
                    b7:84:8b:75:e2:99:4c:4b:b2:35:0c:3d:04:07:3a:
                    c7:2e:e8:da:6b:e4:45:bf:ac:f0:f8:bc:5a:ad:55:
                    d6:c7:f5:c8:3b:a1:cf:06:a3:17:b4:bb:c7:f9:95:
                    3f:c2:75:02:16:82:40:f8:3d:fd:7e:0f:04:b4:78:
                    84:36:db:c0:26:0d:dd:bb:4d:46:d7:8a:fa:0d:b2:
                    55:1e:cb:8f:7f:3b:e0:61:86:a0:56:b0:76:ff:99:
                    97:de:fd:0d:7a:ce:eb:c9:db:66:34:10:d1:65:37:
                    be:6b:e7:0d:a5:51:b8:01:41:e3:f4:61:73:ad:72:
                    44:a6:78:76:00:97:60:03:bc:b8:e8:55:5d:ef:da:
                    1b:24:3e:7f:f7:17:86:50:f6:ba:f4:36:fe:86:8b:
                    9f:2d:98:cc:da:a4:f5:4e:b8:b3:73:64:26:50:3e:
                    30:64:94:bc:40:2f:20:69:43:c2:54:d1:ea:b4:c1:
                    01:cb:6b:cf:e0:e3:77:d0:87:07:eb:8f:b8:6a:1f:
                    67:92:e5:06:3c:b2:75:be:2a:a4:c4:7d:e7:aa:7d:
                    76:71:5f:c3:be:7a:27:4f:ba:58:3b:6a:80:6b:10:
                    c0:84:18:ca:10:ee:a4:64:71:61:3a:06:13:91:b1:
                    a8:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:87:C6:00:88:72:E5:09:DB:1D:31:3A:21:F5:F7:8A:B9:F1:65:5A
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215087.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3b6::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:b9:c5:a0:6e:ab:77:11:95:0b:75:c8:d6:7f:af:7a:be:e2:
         00:29:ca:00:e4:3a:5b:68:c7:81:d9:2a:e0:5f:93:4d:9c:bd:
         ae:fa:3b:9c:83:77:d1:4a:3e:8c:1a:1d:75:7c:5f:94:7a:29:
         c1:83:ba:6d:52:42:38:94:29:ea:ae:d2:73:0e:22:18:8c:00:
         5b:e1:3a:0b:46:4c:c8:70:7f:a2:a0:b4:a3:e0:cf:74:97:87:
         6a:5c:88:52:6b:82:2d:63:be:c9:11:f1:7c:89:80:60:06:16:
         1f:39:15:1c:24:81:13:01:99:ea:1b:36:51:64:8d:53:55:f2:
         34:ab:ef:17:d2:30:e8:ec:fc:84:25:c6:43:43:de:6c:48:55:
         eb:c4:aa:4a:53:af:7f:93:c0:f9:0c:39:df:24:b6:46:19:ed:
         90:3d:c8:66:ae:16:f0:30:84:74:07:47:c6:bb:50:19:06:b8:
         74:f0:2b:ac:1c:77:52:62:cb:6b:e0:1c:01:ec:4e:66:c0:b5:
         4c:8e:52:1b:9f:a5:b3:d1:1c:62:ba:67:84:2c:ed:49:ed:84:
         dd:00:e5:83:22:aa:60:5a:63:ab:24:4a:83:bf:23:b5:8e:d0:
         a7:9d:6b:64:9b:cd:d4:a5:4a:aa:cd:14:c4:15:fa:9d:ac:32:
         a1:b4:75:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUW9e6gykteekfi75J53JnEATETEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTJaFw0yNTA1MjIxNjQ5MTJaMDMxMTAvBgNV
BAMTKDc5ODdDNjAwODg3MkU1MDlEQjFEMzEzQTIxRjVGNzhBQjlGMTY1NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4u9I73Y48d7jeWqG/dbeEi3Xi
mUxLsjUMPQQHOscu6Npr5EW/rPD4vFqtVdbH9cg7oc8Goxe0u8f5lT/CdQIWgkD4
Pf1+DwS0eIQ228AmDd27TUbXivoNslUey49/O+BhhqBWsHb/mZfe/Q16zuvJ22Y0
ENFlN75r5w2lUbgBQeP0YXOtckSmeHYAl2ADvLjoVV3v2hskPn/3F4ZQ9rr0Nv6G
i58tmMzapPVOuLNzZCZQPjBklLxALyBpQ8JU0eq0wQHLa8/g43fQhwfrj7hqH2eS
5QY8snW+KqTEfeeqfXZxX8O+eidPulg7aoBrEMCEGMoQ7qRkcWE6BhORsajNAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUeYfGAIhy5QnbHTE6IfX3irnxZVowHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE1MDg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQO2MA0GCSqGSIb3DQEBCwUAA4IBAQAmucWgbqt3EZULdcjWf696vuIAKcoA5Dpb
aMeB2SrgX5NNnL2u+jucg3fRSj6MGh11fF+UeinBg7ptUkI4lCnqrtJzDiIYjABb
4ToLRkzIcH+ioLSj4M90l4dqXIhSa4ItY77JEfF8iYBgBhYfORUcJIETAZnqGzZR
ZI1TVfI0q+8X0jDo7PyEJcZDQ95sSFXrxKpKU69/k8D5DDnfJLZGGe2QPchmrhbw
MIR0B0fGu1AZBrh08CusHHdSYstr4BwB7E5mwLVMjlIbn6Wz0RxiumeELO1J7YTd
AOWDIqpgWmOrJEqDvyO1jtCnnWtkm83UpUqqzRTEFfqdrDKhtHVA
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:31:24 2024 by rpki-client on console-ams.rpki-client.org