Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214936.roa
File:                     AS214936.roa (raw, json)
Hash identifier:          arlfAcpwHCC4m0QMSldi8rgx+VWxsiM76vVXhCtiqWQ=
Subject key identifier:   B6:3C:B6:47:82:D6:39:FA:6A:56:02:A8:83:10:74:0A:8F:09:D5:E7
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       412E41F37296FC24D3F9582A041B859C0500AD1F
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214936.roa
Signing time:             Thu 23 May 2024 16:49:09 +0000
ROA not before:           Thu 23 May 2024 16:44:09 +0000
ROA not after:            Thu 22 May 2025 16:49:09 +0000
asID:                     214936
IP address blocks:        2a0f:85c1:3dc::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 17 Jul 2024 20:37:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:2e:41:f3:72:96:fc:24:d3:f9:58:2a:04:1b:85:9c:05:00:ad:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:09 2024 GMT
            Not After : May 22 16:49:09 2025 GMT
        Subject: CN=B63CB64782D639FA6A5602A88310740A8F09D5E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ad:ec:2d:f5:1b:cd:e7:49:7b:96:5b:1d:89:
                    ca:fd:79:ef:27:6a:f2:ef:7c:7a:96:2d:bf:3c:46:
                    19:41:7d:84:b5:0e:aa:a1:ca:0b:d2:44:f6:6a:cd:
                    be:25:6d:fa:7a:4f:0e:c5:f4:b8:61:50:6b:26:9b:
                    21:88:a1:17:21:10:4b:f0:6b:8a:22:6e:a7:89:e8:
                    4c:3c:e5:e0:93:40:36:ce:41:72:a7:96:9b:d8:f5:
                    19:aa:73:ed:dd:c1:99:b3:d7:ba:38:7e:69:a3:c9:
                    28:a4:12:5a:03:4e:ec:1a:52:dd:a8:53:cf:6e:14:
                    67:55:79:c7:6c:1b:b7:a8:5f:0a:af:c1:a4:7d:0f:
                    0a:e0:29:4d:18:04:0e:99:99:f2:b2:9e:5e:1e:a9:
                    83:65:90:43:d3:b0:5e:ba:9a:42:e2:86:b0:32:1e:
                    57:a4:a7:5a:94:89:25:58:b3:e2:5a:1a:16:d6:b1:
                    63:f5:82:4c:89:a1:46:e5:bd:a5:9a:cd:03:91:92:
                    16:95:c4:a4:6e:b8:18:8f:c3:6e:e7:f9:da:be:19:
                    19:99:ee:ce:46:bd:fd:5e:f9:17:f3:5c:19:20:29:
                    13:2b:5a:99:53:cc:9b:5d:dc:18:79:5b:c4:8d:71:
                    12:33:02:f9:13:07:c4:ec:3a:5f:6a:fe:de:d0:44:
                    80:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:3C:B6:47:82:D6:39:FA:6A:56:02:A8:83:10:74:0A:8F:09:D5:E7
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3dc::/48

    Signature Algorithm: sha256WithRSAEncryption
         09:4c:cc:a9:75:7c:28:2f:ad:f5:d7:bc:cb:be:47:90:b1:06:
         79:a7:36:72:d1:5b:e8:95:83:ae:81:b6:26:2c:81:04:c1:77:
         8c:42:8e:49:67:7b:c2:f3:68:e8:1c:22:e8:11:70:f6:32:91:
         bb:c2:e6:4a:97:83:9f:d3:92:41:52:3f:9b:97:6a:b9:7e:b8:
         55:dc:81:0b:f2:61:36:e0:83:ed:9d:0f:73:68:c4:38:4d:58:
         bb:e2:05:cd:1b:a7:37:b6:54:2f:06:be:9f:c6:59:e5:1b:8b:
         79:c1:4d:01:6c:44:97:2a:3a:30:4f:ed:f0:c1:a5:53:5c:f4:
         7b:c7:be:49:6a:98:08:b9:8f:92:73:7c:2e:b9:8a:c5:10:53:
         ac:88:48:39:49:5a:82:ec:86:96:cf:d0:ab:05:08:58:c2:e8:
         28:d7:cd:07:84:90:9a:a5:97:a5:ee:f4:b6:8e:06:1b:96:b6:
         2e:22:b5:a4:03:c6:f8:fd:46:ed:48:24:1c:0c:c0:23:49:06:
         32:2b:d4:a2:40:30:e1:44:57:e8:8e:c6:10:e6:72:19:04:a8:
         2e:57:da:ab:a2:77:40:a8:99:6f:fa:eb:5b:6d:47:89:3c:c7:
         d0:59:9c:61:15:ac:98:32:da:a9:c3:d2:b4:55:9a:c6:e4:70:
         f7:bf:24:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQS5B83KW/CTT+VgqBBuFnAUArR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MDlaFw0yNTA1MjIxNjQ5MDlaMDMxMTAvBgNV
BAMTKEI2M0NCNjQ3ODJENjM5RkE2QTU2MDJBODgzMTA3NDBBOEYwOUQ1RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCurewt9RvN50l7llsdicr9ee8n
avLvfHqWLb88RhlBfYS1DqqhygvSRPZqzb4lbfp6Tw7F9LhhUGsmmyGIoRchEEvw
a4oibqeJ6Ew85eCTQDbOQXKnlpvY9Rmqc+3dwZmz17o4fmmjySikEloDTuwaUt2o
U89uFGdVecdsG7eoXwqvwaR9DwrgKU0YBA6ZmfKynl4eqYNlkEPTsF66mkLihrAy
Hlekp1qUiSVYs+JaGhbWsWP1gkyJoUblvaWazQORkhaVxKRuuBiPw27n+dq+GRmZ
7s5Gvf1e+RfzXBkgKRMrWplTzJtd3Bh5W8SNcRIzAvkTB8TsOl9q/t7QRICHAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUtjy2R4LWOfpqVgKogxB0Co8J1ecwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0OTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPcMA0GCSqGSIb3DQEBCwUAA4IBAQAJTMypdXwoL63117zLvkeQsQZ5pzZy0Vvo
lYOugbYmLIEEwXeMQo5JZ3vC82joHCLoEXD2MpG7wuZKl4Of05JBUj+bl2q5frhV
3IEL8mE24IPtnQ9zaMQ4TVi74gXNG6c3tlQvBr6fxlnlG4t5wU0BbESXKjowT+3w
waVTXPR7x75JapgIuY+Sc3wuuYrFEFOsiEg5SVqC7IaWz9CrBQhYwugo180HhJCa
pZel7vS2jgYblrYuIrWkA8b4/UbtSCQcDMAjSQYyK9SiQDDhRFfojsYQ5nIZBKgu
V9qrondAqJlv+utbbUeJPMfQWZxhFayYMtqpw9K0VZrG5HD3vyTI
-----END CERTIFICATE-----
Generated at Wed Jul 17 04:35:22 2024 by rpki-client on console-ams.rpki-client.org