Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215216.roa
File:                     AS215216.roa (raw, json)
Hash identifier:          FGm4mKjZXZFr1J0YA+bIcC86WwsAlNqQXfg9Htgvqi4=
Subject key identifier:   1A:2F:CA:5E:77:5D:D4:34:AF:73:2C:A9:03:A6:70:23:6E:C3:A8:C7
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       5DD7258BD528100002742175DF2C4BE2B2AD3EB9
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215216.roa
Signing time:             Thu 23 May 2024 16:49:11 +0000
ROA not before:           Thu 23 May 2024 16:44:11 +0000
ROA not after:            Thu 22 May 2025 16:49:11 +0000
asID:                     215216
IP address blocks:        2a0f:85c1:3a8::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:d7:25:8b:d5:28:10:00:02:74:21:75:df:2c:4b:e2:b2:ad:3e:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:11 2024 GMT
            Not After : May 22 16:49:11 2025 GMT
        Subject: CN=1A2FCA5E775DD434AF732CA903A670236EC3A8C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2c:44:41:5f:4b:49:b0:d3:65:4f:c8:f9:f7:
                    b9:12:6b:3a:e8:d4:44:92:71:27:66:ec:52:53:a7:
                    a9:99:0f:a5:eb:46:1e:23:5b:c1:46:30:73:2a:4d:
                    a9:68:4e:9a:28:5a:68:f9:6a:47:c4:39:9f:4c:e7:
                    a5:29:1b:92:2e:cc:2c:d7:ad:a0:45:7e:04:6a:11:
                    dd:4d:6a:17:b4:a4:bd:eb:60:6f:c3:42:41:fb:cd:
                    b0:c2:1f:1d:e1:fa:0c:d6:ea:cb:14:c9:2a:2f:18:
                    15:3d:7d:fd:6a:f9:88:dd:e4:2c:ee:e7:2e:1a:82:
                    92:f5:39:ac:2f:42:e9:8a:cf:fa:38:d5:a2:9c:9b:
                    35:93:a0:d2:47:e3:b1:e4:56:49:3d:32:7f:f0:ce:
                    d0:44:8a:20:56:27:24:92:45:58:dd:39:45:82:86:
                    5c:ce:fe:97:44:37:be:4c:30:9e:a1:d9:c8:fc:e5:
                    bc:b7:f8:6e:73:5a:43:c7:d1:21:ab:8f:38:dd:2f:
                    fd:a7:6e:19:8b:9d:f9:55:96:be:e9:37:c8:19:28:
                    bc:55:5c:23:6e:a9:db:6d:d5:5f:63:2e:02:c1:63:
                    71:8b:4b:88:a4:93:e2:9a:c0:3e:0e:35:6f:67:e2:
                    cc:94:e4:b4:a7:f0:ad:74:a6:95:dc:68:40:be:56:
                    4c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:2F:CA:5E:77:5D:D4:34:AF:73:2C:A9:03:A6:70:23:6E:C3:A8:C7
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215216.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3a8::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:07:c0:99:87:6a:aa:34:8a:3a:08:d4:29:24:6a:54:f3:2c:
         99:a3:0d:52:ad:5a:8f:7a:cd:ff:c0:c2:7d:dc:66:88:1a:c5:
         c8:f0:be:9e:63:a1:ef:8b:24:77:49:eb:68:a6:0b:a7:1c:73:
         f7:66:40:8a:83:d8:42:f1:36:14:c3:97:2f:a4:d7:64:c4:d8:
         1e:37:91:75:03:86:26:bc:72:7c:a3:59:20:63:18:7a:d5:b2:
         d6:cb:04:69:bc:1f:f7:ae:0d:bd:a9:51:85:17:62:59:cf:30:
         18:66:6e:06:78:9e:6c:0c:f1:4f:f3:d9:51:4b:5e:51:a3:fc:
         1a:f9:12:3b:4d:18:42:62:45:6e:c8:05:2c:47:01:51:19:19:
         ae:a3:c4:dd:c3:c9:fb:29:49:2f:df:41:37:96:7e:be:7e:02:
         08:8f:ae:cb:b8:50:b0:cb:d1:c0:71:4b:69:d0:f3:68:08:d8:
         ed:a3:9d:78:6a:0d:77:d7:61:f5:9f:b0:69:7d:60:a1:38:14:
         f9:53:66:28:ee:f4:04:3c:ec:6f:23:a9:7d:e5:42:e9:d2:7a:
         c2:00:44:2f:cf:f3:9c:40:46:57:c6:e7:6a:58:4e:4d:ff:74:
         c9:f0:a9:68:44:4a:2e:ac:05:16:b9:26:b1:5a:aa:c3:ce:86:
         7f:4f:86:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXdcli9UoEAACdCF13yxL4rKtPrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTFaFw0yNTA1MjIxNjQ5MTFaMDMxMTAvBgNV
BAMTKDFBMkZDQTVFNzc1REQ0MzRBRjczMkNBOTAzQTY3MDIzNkVDM0E4QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOLERBX0tJsNNlT8j597kSazro
1ESScSdm7FJTp6mZD6XrRh4jW8FGMHMqTaloTpooWmj5akfEOZ9M56UpG5IuzCzX
raBFfgRqEd1Nahe0pL3rYG/DQkH7zbDCHx3h+gzW6ssUySovGBU9ff1q+Yjd5Czu
5y4agpL1OawvQumKz/o41aKcmzWToNJH47HkVkk9Mn/wztBEiiBWJySSRVjdOUWC
hlzO/pdEN75MMJ6h2cj85by3+G5zWkPH0SGrjzjdL/2nbhmLnflVlr7pN8gZKLxV
XCNuqdtt1V9jLgLBY3GLS4ikk+KawD4ONW9n4syU5LSn8K10ppXcaEC+VkzrAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUGi/KXndd1DSvcyypA6ZwI27DqMcwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE1MjE2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOoMA0GCSqGSIb3DQEBCwUAA4IBAQA3B8CZh2qqNIo6CNQpJGpU8yyZow1SrVqP
es3/wMJ93GaIGsXI8L6eY6HviyR3SetopgunHHP3ZkCKg9hC8TYUw5cvpNdkxNge
N5F1A4YmvHJ8o1kgYxh61bLWywRpvB/3rg29qVGFF2JZzzAYZm4GeJ5sDPFP89lR
S15Ro/wa+RI7TRhCYkVuyAUsRwFRGRmuo8Tdw8n7KUkv30E3ln6+fgIIj67LuFCw
y9HAcUtp0PNoCNjto514ag1312H1n7BpfWChOBT5U2Yo7vQEPOxvI6l95ULp0nrC
AEQvz/OcQEZXxudqWE5N/3TJ8KloREourAUWuSaxWqrDzoZ/T4ZK
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:17:46 2024 by rpki-client on console-fra.rpki-client.org