Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215150.roa
File:                     AS215150.roa (raw, json)
Hash identifier:          JaFaH3vecb5DbQu/gETd7WFTWuTu7lKqG8mC6Np5nOk=
Subject key identifier:   EF:2C:4A:41:F2:48:27:A0:05:4E:A7:97:E7:C8:38:F8:54:7F:16:ED
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       1B7208BDF451388BF22C3A58F7EF9D345E622572
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215150.roa
Signing time:             Thu 23 May 2024 16:49:09 +0000
ROA not before:           Thu 23 May 2024 16:44:09 +0000
ROA not after:            Thu 22 May 2025 16:49:09 +0000
asID:                     215150
IP address blocks:        2a0f:85c1:3b2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jul 2024 13:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:72:08:bd:f4:51:38:8b:f2:2c:3a:58:f7:ef:9d:34:5e:62:25:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:09 2024 GMT
            Not After : May 22 16:49:09 2025 GMT
        Subject: CN=EF2C4A41F24827A0054EA797E7C838F8547F16ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:b9:33:ed:d3:5f:96:fd:54:61:76:a1:55:ee:
                    cb:bf:7b:be:41:ba:f6:1f:f8:5e:08:06:47:21:e3:
                    ad:2c:bd:53:6c:47:36:7a:a6:9a:99:75:6d:a8:45:
                    d5:a8:29:ff:9a:c7:d0:38:00:29:0d:9a:86:ef:ab:
                    4c:2a:0c:38:a0:41:c4:b4:af:21:b3:4b:99:92:0c:
                    e5:d1:2a:2d:77:78:a0:b6:93:b0:c8:e6:6b:1f:0e:
                    fb:3a:7c:84:09:d5:51:69:f9:c6:86:3f:92:db:38:
                    60:f4:d4:18:10:c8:1c:b4:89:06:0b:6a:c0:df:bf:
                    30:88:d1:1c:f2:5f:cd:be:f7:2a:7e:a4:60:41:9e:
                    89:27:08:f1:60:75:29:dd:82:bb:69:7a:90:4e:08:
                    67:3e:3d:b5:24:63:32:b7:24:86:a9:25:64:16:29:
                    22:09:5e:30:05:d3:4f:59:51:7f:08:ae:6e:7d:db:
                    d7:3d:27:6e:5d:ac:75:22:e1:da:af:f3:4e:8a:8c:
                    51:1b:a8:b1:f8:22:39:1f:08:34:0d:33:db:64:e7:
                    39:7f:0d:d3:45:9c:37:7e:0c:28:75:23:eb:20:e7:
                    31:de:96:d7:96:d2:d5:0a:aa:7d:e2:77:eb:f4:78:
                    91:66:e7:a7:69:54:98:9d:11:3a:b0:8b:6c:8b:de:
                    0f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:2C:4A:41:F2:48:27:A0:05:4E:A7:97:E7:C8:38:F8:54:7F:16:ED
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215150.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3b2::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:6a:81:79:26:57:09:46:07:69:83:e8:58:ff:6e:2d:90:a2:
         6a:4e:9e:20:ed:e8:27:ba:66:0e:a5:2e:3e:9a:c7:a7:e4:be:
         54:25:92:05:e6:5d:c4:22:92:dd:bb:a3:66:71:05:5a:3b:1c:
         a2:fe:ff:0f:c1:2e:1f:05:69:96:0e:56:12:11:c5:8c:87:4e:
         6c:42:30:d1:aa:6f:fa:8e:74:2f:4a:a7:1f:b0:49:4b:62:ec:
         23:e6:9c:14:b2:6b:62:db:c1:5d:ba:cd:3b:48:b6:d5:ea:f3:
         ac:98:84:14:4c:6c:0d:42:16:1b:19:d5:f5:6b:d0:d3:de:8c:
         bc:8a:0f:0f:e8:42:a9:38:be:47:66:06:40:d5:ac:bf:0b:52:
         4e:54:16:5e:43:e1:df:d4:74:6a:9c:3e:da:86:0e:8a:10:3c:
         05:66:6f:62:5e:1c:e2:4b:72:9c:5b:86:3c:13:8f:a4:62:b2:
         d0:6c:7a:d6:8c:bf:b1:0d:3a:07:19:1e:0c:97:05:2a:40:bb:
         73:d4:a9:45:e1:1e:8e:ec:1c:be:f2:f8:47:3e:d0:ac:93:16:
         1e:0f:b2:21:6d:94:9f:3d:93:f0:1d:8a:ca:ca:39:b9:83:d4:
         54:fd:47:4d:4c:80:a2:79:4b:1c:34:0a:46:8d:03:21:67:d0:
         10:df:7f:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUG3IIvfRROIvyLDpY9++dNF5iJXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MDlaFw0yNTA1MjIxNjQ5MDlaMDMxMTAvBgNV
BAMTKEVGMkM0QTQxRjI0ODI3QTAwNTRFQTc5N0U3QzgzOEY4NTQ3RjE2RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkuTPt01+W/VRhdqFV7su/e75B
uvYf+F4IBkch460svVNsRzZ6ppqZdW2oRdWoKf+ax9A4ACkNmobvq0wqDDigQcS0
ryGzS5mSDOXRKi13eKC2k7DI5msfDvs6fIQJ1VFp+caGP5LbOGD01BgQyBy0iQYL
asDfvzCI0RzyX82+9yp+pGBBnoknCPFgdSndgrtpepBOCGc+PbUkYzK3JIapJWQW
KSIJXjAF009ZUX8Irm5929c9J25drHUi4dqv806KjFEbqLH4IjkfCDQNM9tk5zl/
DdNFnDd+DCh1I+sg5zHelteW0tUKqn3id+v0eJFm56dpVJidETqwi2yL3g8/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7yxKQfJIJ6AFTqeX58g4+FR/Fu0wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE1MTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOyMA0GCSqGSIb3DQEBCwUAA4IBAQApaoF5JlcJRgdpg+hY/24tkKJqTp4g7egn
umYOpS4+msen5L5UJZIF5l3EIpLdu6NmcQVaOxyi/v8PwS4fBWmWDlYSEcWMh05s
QjDRqm/6jnQvSqcfsElLYuwj5pwUsmti28Fdus07SLbV6vOsmIQUTGwNQhYbGdX1
a9DT3oy8ig8P6EKpOL5HZgZA1ay/C1JOVBZeQ+Hf1HRqnD7ahg6KEDwFZm9iXhzi
S3KcW4Y8E4+kYrLQbHrWjL+xDToHGR4MlwUqQLtz1KlF4R6O7By+8vhHPtCskxYe
D7IhbZSfPZPwHYrKyjm5g9RU/UdNTICieUscNApGjQMhZ9AQ33+S
-----END CERTIFICATE-----
Generated at Wed Jul 17 20:57:13 2024 by rpki-client on console-fra.rpki-client.org