Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215312.roa
File:                     AS215312.roa (raw, json)
Hash identifier:          BETxUbluX2pL1CzeQN+XGl4h5pVu4eoQar4hqZBIHE4=
Subject key identifier:   CF:53:45:CE:43:AE:28:FD:43:04:D3:52:3D:3F:A1:72:9F:2B:67:1B
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       30EDAAAC8C39417036937526EB91D1C6B2837660
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215312.roa
Signing time:             Sun 17 Mar 2024 14:06:52 +0000
ROA not before:           Sun 17 Mar 2024 14:01:52 +0000
ROA not after:            Sun 16 Mar 2025 14:06:52 +0000
asID:                     215312
IP address blocks:        2a13:df87:8009::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:ed:aa:ac:8c:39:41:70:36:93:75:26:eb:91:d1:c6:b2:83:76:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Mar 17 14:01:52 2024 GMT
            Not After : Mar 16 14:06:52 2025 GMT
        Subject: CN=CF5345CE43AE28FD4304D3523D3FA1729F2B671B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:79:29:c6:5b:76:69:c0:f2:40:6b:82:9a:f7:
                    4a:69:13:c7:65:01:46:36:27:7a:15:f7:1a:e1:62:
                    c1:ba:ef:3d:81:73:15:dd:0b:3c:f1:4b:84:f9:12:
                    32:20:ce:5b:dc:d9:de:72:ac:11:fb:b6:11:5c:8f:
                    fc:31:f4:39:88:3b:a8:62:6f:02:de:42:c3:a3:f2:
                    d6:3b:4d:f1:9c:a7:9b:31:82:6a:08:b6:52:0c:1a:
                    bd:8a:eb:93:44:d3:d5:85:18:05:bb:9f:e2:c0:b1:
                    90:d1:17:94:a2:00:bd:98:85:00:6c:a2:50:c7:de:
                    b2:b4:69:44:35:e3:12:96:3f:1a:08:7a:63:2a:7a:
                    e5:45:ea:cc:b8:cf:6f:78:dd:21:7f:59:e7:e4:85:
                    38:df:02:48:0f:d8:06:75:1b:39:2c:a7:30:a5:4b:
                    07:d1:5e:b5:51:fd:7b:c7:d3:38:b3:fd:f7:86:e1:
                    27:d2:0f:04:b2:ae:a3:b5:be:6d:a5:86:b8:3c:94:
                    aa:f1:5e:e7:ff:b9:72:3d:c6:4c:d6:69:30:fb:c1:
                    bc:b4:e4:22:34:de:81:fd:e2:02:31:66:27:5c:5c:
                    03:97:69:0f:13:c2:d5:01:8e:a3:0e:cb:85:c5:96:
                    d7:10:b9:27:b6:ae:03:b4:ba:b4:2b:d3:b0:db:3e:
                    d0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:53:45:CE:43:AE:28:FD:43:04:D3:52:3D:3F:A1:72:9F:2B:67:1B
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215312.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df87:8009::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:16:6c:94:7b:66:df:0e:cd:6b:92:85:3e:19:63:34:d5:e1:
         2d:86:0d:78:db:03:8f:03:e4:c7:86:43:32:ad:cd:ce:a5:96:
         a0:cc:62:88:e0:97:13:ef:2a:d5:9b:64:a9:e2:42:48:b2:77:
         17:ee:b5:c3:36:2c:90:3c:c2:f0:e4:40:e8:ee:c6:5a:9c:c7:
         c4:6c:e5:9b:e1:56:bd:91:1b:03:e6:e3:02:2d:d1:5f:cf:7a:
         6e:6a:06:99:2a:55:2e:db:9e:b2:83:a0:06:ca:1e:60:69:9a:
         b6:e4:67:14:fc:6b:84:d0:90:ef:18:2e:c9:53:04:9e:c9:2b:
         4a:f1:87:29:d2:0e:2c:fe:21:a3:37:fb:62:ed:bc:d0:19:83:
         cc:55:3f:44:c2:e6:da:e5:06:2c:34:e0:75:ed:91:dc:86:08:
         e6:96:fd:50:2e:45:bb:f9:d8:58:2c:19:1a:d0:c1:34:ca:8d:
         0e:77:c5:d4:55:0d:07:79:99:90:eb:e9:ae:e3:42:00:66:96:
         d2:fb:36:69:eb:a2:9d:37:94:ba:a1:bb:e5:01:d8:cb:22:ae:
         ee:65:3e:fe:d4:92:d3:44:22:79:7c:ea:5b:05:42:8e:ce:29:
         30:fc:ce:8f:0d:97:b8:ed:cd:e1:52:35:00:01:4f:db:6e:70:
         9e:bf:af:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUMO2qrIw5QXA2k3Um65HRxrKDdmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAzMTcxNDAxNTJaFw0yNTAzMTYxNDA2NTJaMDMxMTAvBgNV
BAMTKENGNTM0NUNFNDNBRTI4RkQ0MzA0RDM1MjNEM0ZBMTcyOUYyQjY3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmeSnGW3ZpwPJAa4Ka90ppE8dl
AUY2J3oV9xrhYsG67z2BcxXdCzzxS4T5EjIgzlvc2d5yrBH7thFcj/wx9DmIO6hi
bwLeQsOj8tY7TfGcp5sxgmoItlIMGr2K65NE09WFGAW7n+LAsZDRF5SiAL2YhQBs
olDH3rK0aUQ14xKWPxoIemMqeuVF6sy4z2943SF/WefkhTjfAkgP2AZ1GzkspzCl
SwfRXrVR/XvH0ziz/feG4SfSDwSyrqO1vm2lhrg8lKrxXuf/uXI9xkzWaTD7wby0
5CI03oH94gIxZidcXAOXaQ8TwtUBjqMOy4XFltcQuSe2rgO0urQr07DbPtB3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUz1NFzkOuKP1DBNNSPT+hcp8rZxswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1MzEyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
h4AJMA0GCSqGSIb3DQEBCwUAA4IBAQC2FmyUe2bfDs1rkoU+GWM01eEthg142wOP
A+THhkMyrc3OpZagzGKI4JcT7yrVm2Sp4kJIsncX7rXDNiyQPMLw5EDo7sZanMfE
bOWb4Va9kRsD5uMCLdFfz3puagaZKlUu256yg6AGyh5gaZq25GcU/GuE0JDvGC7J
UwSeyStK8Ycp0g4s/iGjN/ti7bzQGYPMVT9Ewuba5QYsNOB17ZHchgjmlv1QLkW7
+dhYLBka0ME0yo0Od8XUVQ0HeZmQ6+mu40IAZpbS+zZp66KdN5S6obvlAdjLIq7u
ZT7+1JLTRCJ5fOpbBUKOzikw/M6PDZe47c3hUjUAAU/bbnCev6/m
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org