Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa
File:                     AS215665.roa (raw, json)
Hash identifier:          wGVCq2wjsSos7k3iZsbpCFJ/8IAf9Nx9zHwbhvt7hbg=
Subject key identifier:   CB:A3:A7:90:FF:FC:41:AD:05:CE:A2:B7:7E:40:76:3D:E8:BB:DE:ED
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       51F0AF73BA33D9FA17F4DB17D07C36177FFAF8CE
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa
Signing time:             Wed 24 Jan 2024 14:05:10 +0000
ROA not before:           Wed 24 Jan 2024 14:00:10 +0000
ROA not after:            Wed 22 Jan 2025 14:05:10 +0000
asID:                     215665
IP address blocks:        2a07:54c1:4700::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:f0:af:73:ba:33:d9:fa:17:f4:db:17:d0:7c:36:17:7f:fa:f8:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Jan 24 14:00:10 2024 GMT
            Not After : Jan 22 14:05:10 2025 GMT
        Subject: CN=CBA3A790FFFC41AD05CEA2B77E40763DE8BBDEED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:4f:77:5b:4e:ed:17:a9:bf:6b:51:38:ec:58:
                    12:a5:b9:63:6a:53:6e:c7:3a:79:ce:09:2b:c5:f6:
                    df:34:94:47:4d:bd:db:cc:4b:4f:75:01:a7:5e:ce:
                    4f:ca:f3:aa:e2:f7:35:65:ee:90:e8:c3:79:85:13:
                    54:4e:d6:c6:37:eb:32:9c:22:52:2b:3d:58:ef:33:
                    31:7f:7d:0c:9e:8a:e6:b0:16:cb:16:9a:7f:f0:e0:
                    e9:a0:99:5a:9f:23:35:97:3b:fb:c1:88:1e:2b:e3:
                    6c:90:e3:a3:7c:53:9e:0d:5c:d9:d5:2c:cc:68:5a:
                    1e:59:da:8c:97:f2:a5:76:cc:b7:aa:66:f0:ad:aa:
                    55:37:88:91:a2:a5:13:95:83:38:d3:db:86:f8:3a:
                    f9:13:16:71:b2:68:f3:c7:c2:91:85:8e:3c:9f:37:
                    37:8e:3d:ed:75:5d:69:93:bb:91:92:70:55:33:4c:
                    fc:fe:6c:ad:5e:dc:75:de:db:65:6b:b5:c1:8f:16:
                    6b:66:09:ab:b2:8a:22:cf:a3:0e:da:a7:4b:c3:52:
                    7f:e3:2f:c2:39:c7:46:af:00:7c:dc:74:2b:f1:f0:
                    cc:e7:22:cd:c2:c6:8d:c9:43:79:a0:a8:5d:44:25:
                    3a:89:73:b0:e0:17:c8:f2:e2:77:ed:9f:da:59:18:
                    5f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A3:A7:90:FF:FC:41:AD:05:CE:A2:B7:7E:40:76:3D:E8:BB:DE:ED
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c1:4700::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:8c:a9:ae:30:92:34:5e:36:df:f4:a2:23:e8:d4:e4:5b:dc:
         8e:fa:a0:ce:cd:ee:76:82:c4:62:4e:d4:9a:e4:bb:eb:31:0e:
         58:16:c9:0e:9f:7c:c7:97:98:44:a5:33:27:6b:e7:2d:9b:da:
         18:d6:f3:33:b4:94:03:47:d3:a5:f4:72:6a:3f:cc:fc:b2:8d:
         cb:32:9a:8a:9f:14:6b:67:35:a6:7b:84:ad:19:55:f2:5e:b7:
         8f:ee:12:4f:f4:fe:b6:ef:0c:e4:31:04:2c:98:8d:46:f8:fd:
         51:98:82:4a:93:ea:70:a1:9c:ed:2c:2f:6e:ba:06:63:57:9a:
         04:ba:29:c1:74:59:c2:a2:9f:5c:81:12:ab:67:d0:b8:53:a3:
         ef:d3:ac:41:e8:e5:d3:ca:df:b8:fc:b7:39:41:15:46:83:68:
         70:08:19:89:16:fd:62:d3:2e:fd:7b:36:ff:ed:ca:4e:d5:9e:
         94:64:c7:32:98:96:57:24:bb:92:5d:f4:b7:c3:8c:a5:1a:b2:
         ab:9b:46:fe:33:3a:d7:72:c4:f0:7e:b5:5f:df:5a:ee:a0:8e:
         8f:82:89:09:f5:0d:e0:46:cf:39:d8:73:9b:76:2f:3e:17:87:
         f8:72:42:15:5f:35:66:14:46:9c:2b:e4:9f:3f:68:44:6c:cb:
         0b:24:5a:0a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUUfCvc7oz2foX9NsX0Hw2F3/6+M4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDAxMjQxNDAwMTBaFw0yNTAxMjIxNDA1MTBaMDMxMTAvBgNV
BAMTKENCQTNBNzkwRkZGQzQxQUQwNUNFQTJCNzdFNDA3NjNERThCQkRFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGT3dbTu0Xqb9rUTjsWBKluWNq
U27HOnnOCSvF9t80lEdNvdvMS091Aadezk/K86ri9zVl7pDow3mFE1RO1sY36zKc
IlIrPVjvMzF/fQyeiuawFssWmn/w4OmgmVqfIzWXO/vBiB4r42yQ46N8U54NXNnV
LMxoWh5Z2oyX8qV2zLeqZvCtqlU3iJGipROVgzjT24b4OvkTFnGyaPPHwpGFjjyf
NzeOPe11XWmTu5GScFUzTPz+bK1e3HXe22VrtcGPFmtmCauyiiLPow7ap0vDUn/j
L8I5x0avAHzcdCvx8MznIs3Cxo3JQ3mgqF1EJTqJc7DgF8jy4nftn9pZGF+1AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUy6OnkP/8Qa0FzqK3fkB2Pei73u0wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NjY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wUcwDQYJKoZIhvcNAQELBQADggEBADGMqa4wkjReNt/0oiPo1ORb3I76oM7N7naC
xGJO1Jrku+sxDlgWyQ6ffMeXmESlMydr5y2b2hjW8zO0lANH06X0cmo/zPyyjcsy
moqfFGtnNaZ7hK0ZVfJet4/uEk/0/rbvDOQxBCyYjUb4/VGYgkqT6nChnO0sL266
BmNXmgS6KcF0WcKin1yBEqtn0LhTo+/TrEHo5dPK37j8tzlBFUaDaHAIGYkW/WLT
Lv17Nv/tyk7VnpRkxzKYllcku5Jd9LfDjKUasqubRv4zOtdyxPB+tV/fWu6gjo+C
iQn1DeBGzznYc5t2Lz4Xh/hyQhVfNWYURpwr5J8/aERsywskWgo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 10:22:13 2024 by rpki-client on console-fra.rpki-client.org