Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa
File:                     AS214769.roa (raw, json)
Hash identifier:          2ntrKq/Qc9CksQ0nzuGzCIJSshgWWcZmVqhl3bZ638k=
Subject key identifier:   3B:0C:7A:4E:40:A0:03:5F:6F:04:54:F6:DD:E1:CA:24:3E:E7:A7:04
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       7E2E47B3934E404F60809983D9819C155B23F96E
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa
Signing time:             Thu 06 Jun 2024 03:38:46 +0000
ROA not before:           Thu 06 Jun 2024 03:33:46 +0000
ROA not after:            Thu 05 Jun 2025 03:38:46 +0000
asID:                     214769
IP address blocks:        2a0f:85c1:3d5::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jul 2024 13:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:2e:47:b3:93:4e:40:4f:60:80:99:83:d9:81:9c:15:5b:23:f9:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Jun  6 03:33:46 2024 GMT
            Not After : Jun  5 03:38:46 2025 GMT
        Subject: CN=3B0C7A4E40A0035F6F0454F6DDE1CA243EE7A704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ec:ec:a9:b9:f3:97:e6:72:13:4a:b2:8d:d2:
                    15:3c:31:ca:73:76:45:20:60:05:c1:39:82:1a:ee:
                    ea:14:50:69:56:f1:af:48:99:8a:4e:6d:fe:d3:b9:
                    be:53:7b:58:3f:6e:9b:7a:9f:b1:8b:ae:d3:07:f6:
                    65:c8:9a:5c:35:3c:4c:29:c4:93:74:b0:d7:6d:aa:
                    71:8b:ab:35:ba:4e:c5:b4:db:b6:6c:8e:4d:a2:ae:
                    46:3d:1e:c3:88:dc:91:5a:43:c2:60:b8:b8:85:1a:
                    dd:7b:59:fb:42:5b:fb:4f:d0:71:b2:52:09:2f:cb:
                    64:20:1e:5a:21:ee:17:c8:6a:c3:89:cc:2a:3a:8c:
                    14:87:b2:a2:e5:d6:19:9c:2d:25:00:ab:01:a4:38:
                    0b:02:c9:6d:01:08:d4:98:c7:33:7c:69:46:45:5d:
                    76:04:1b:17:74:37:76:fa:a6:f9:d5:ff:80:b2:70:
                    6c:cc:8e:d2:75:e2:5a:cd:9e:4a:2c:1b:63:57:48:
                    21:91:9d:c9:f5:38:69:ec:16:60:12:f7:80:7a:d7:
                    6a:60:37:cb:9a:2d:71:a1:b8:91:74:49:9e:1e:6b:
                    91:33:14:7a:73:a0:3b:f8:f4:21:ac:b3:d0:28:a2:
                    16:14:c0:df:b4:c9:42:fc:dc:c4:37:1c:3a:ed:47:
                    9c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:0C:7A:4E:40:A0:03:5F:6F:04:54:F6:DD:E1:CA:24:3E:E7:A7:04
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3d5::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:59:9a:2c:0d:55:f6:6c:16:6c:6f:6f:a7:fe:b1:5f:bc:62:
         af:f0:45:a2:09:57:8d:6d:4e:86:db:e7:98:69:64:63:80:b5:
         07:09:8f:fe:04:52:bb:1c:3c:0d:d1:cf:4d:f2:d4:4c:42:0c:
         9e:52:17:ad:22:a2:a3:d8:69:2e:df:e2:00:fc:c5:91:cc:0f:
         ec:be:91:7d:6a:db:81:82:1e:de:71:9b:d1:27:3b:fa:67:33:
         64:08:e1:36:4f:cf:4d:36:4c:32:5e:86:ee:26:1c:07:bb:b0:
         7a:73:13:67:d3:66:76:de:af:97:ea:ff:f1:ae:e5:b9:7e:30:
         42:18:4b:2c:59:a8:4a:2c:56:58:1e:be:1b:a6:51:5c:5e:14:
         fa:76:db:76:1e:bc:ad:0d:30:f5:34:5b:39:db:a8:7e:9b:48:
         31:f1:11:d7:b8:da:60:ac:5e:41:00:86:70:fb:02:bc:9b:3a:
         7c:43:cf:d9:1e:19:54:7d:d1:c3:b7:9f:82:7b:a1:0b:76:03:
         0e:d6:cb:14:5e:ec:f5:63:02:ea:36:b5:c6:5e:86:ba:fc:3a:
         30:af:4f:63:a3:ea:4d:9b:ef:50:2b:df:28:c1:b1:52:67:7f:
         73:c5:af:4d:73:54:ad:31:c2:10:dc:eb:a3:7d:9a:72:4c:50:
         6d:d7:c4:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUfi5Hs5NOQE9ggJmD2YGcFVsj+W4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA2MDYwMzMzNDZaFw0yNTA2MDUwMzM4NDZaMDMxMTAvBgNV
BAMTKDNCMEM3QTRFNDBBMDAzNUY2RjA0NTRGNkRERTFDQTI0M0VFN0E3MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7OypufOX5nITSrKN0hU8Mcpz
dkUgYAXBOYIa7uoUUGlW8a9ImYpObf7Tub5Te1g/bpt6n7GLrtMH9mXImlw1PEwp
xJN0sNdtqnGLqzW6TsW027Zsjk2irkY9HsOI3JFaQ8JguLiFGt17WftCW/tP0HGy
Ugkvy2QgHloh7hfIasOJzCo6jBSHsqLl1hmcLSUAqwGkOAsCyW0BCNSYxzN8aUZF
XXYEGxd0N3b6pvnV/4CycGzMjtJ14lrNnkosG2NXSCGRncn1OGnsFmAS94B612pg
N8uaLXGhuJF0SZ4ea5EzFHpzoDv49CGss9AoohYUwN+0yUL83MQ3HDrtR5x7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUOwx6TkCgA19vBFT23eHKJD7npwQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NzY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPVMA0GCSqGSIb3DQEBCwUAA4IBAQCMWZosDVX2bBZsb2+n/rFfvGKv8EWiCVeN
bU6G2+eYaWRjgLUHCY/+BFK7HDwN0c9N8tRMQgyeUhetIqKj2Gku3+IA/MWRzA/s
vpF9atuBgh7ecZvRJzv6ZzNkCOE2T89NNkwyXobuJhwHu7B6cxNn02Z23q+X6v/x
ruW5fjBCGEssWahKLFZYHr4bplFcXhT6dtt2HrytDTD1NFs526h+m0gx8RHXuNpg
rF5BAIZw+wK8mzp8Q8/ZHhlUfdHDt5+Ce6ELdgMO1ssUXuz1YwLqNrXGXoa6/Dow
r09jo+pNm+9QK98owbFSZ39zxa9Nc1StMcIQ3OujfZpyTFBt18Qm
-----END CERTIFICATE-----
Generated at Wed Jul 17 22:48:20 2024 by rpki-client on console-ams.rpki-client.org