Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215313.roa
File:                     AS215313.roa (raw, json)
Hash identifier:          EsmxHnkFt3VRzKQVo4s6HX2giQQDjrErAqyieW5fUME=
Subject key identifier:   EC:4C:3B:0D:43:F7:EC:AC:A1:F9:88:E6:79:F5:A7:E1:EC:56:B0:B7
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       03896017F2EF0BE170A4B5D2AED9498A129246CC
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215313.roa
Signing time:             Thu 23 May 2024 16:49:10 +0000
ROA not before:           Thu 23 May 2024 16:44:10 +0000
ROA not after:            Thu 22 May 2025 16:49:10 +0000
asID:                     215313
IP address blocks:        2a0f:85c1:398::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jul 2024 13:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:89:60:17:f2:ef:0b:e1:70:a4:b5:d2:ae:d9:49:8a:12:92:46:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:10 2024 GMT
            Not After : May 22 16:49:10 2025 GMT
        Subject: CN=EC4C3B0D43F7ECACA1F988E679F5A7E1EC56B0B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e8:b2:31:ec:95:e1:c8:f1:6b:7c:7a:6a:61:
                    ec:46:29:d9:6b:15:1c:bf:e3:8c:92:8a:e5:74:f6:
                    7d:3f:f0:d0:f8:17:53:1b:14:b2:56:40:38:83:2f:
                    c8:ab:cb:c8:41:75:5e:8c:c3:05:cd:ae:9b:19:f8:
                    2b:2c:c2:ae:97:74:86:b7:85:2b:73:55:5e:0e:6e:
                    0a:cc:74:ca:47:45:ae:a7:0a:e7:3d:e2:05:15:cb:
                    f1:b8:37:58:11:6e:a5:33:48:e9:ef:b9:b1:1c:51:
                    8d:0d:11:f7:f6:f6:b4:62:83:04:2d:db:67:2e:2e:
                    40:b3:16:57:78:d1:b8:6b:92:96:c9:4a:e5:e8:df:
                    e0:e9:4b:6b:e1:2e:f2:d4:b5:e9:06:e6:b3:56:47:
                    54:d2:d2:39:ee:29:ea:f6:85:50:d2:a2:72:b7:2d:
                    66:1e:b9:e1:83:a1:9a:8e:f4:f6:f6:85:17:4f:ff:
                    6d:76:0a:f0:19:76:a6:de:39:72:71:d6:dd:90:34:
                    50:a2:ce:30:30:c7:c2:c1:0f:fa:bd:3f:63:66:47:
                    fe:13:87:fd:c4:2e:49:de:f3:6e:28:41:4a:bd:28:
                    cd:fe:0b:3d:e0:53:1b:f0:93:31:26:b2:55:5e:07:
                    90:c7:0e:f4:57:30:17:2c:83:ea:4f:75:ab:52:8e:
                    a8:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:4C:3B:0D:43:F7:EC:AC:A1:F9:88:E6:79:F5:A7:E1:EC:56:B0:B7
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215313.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:398::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:f8:e5:69:d0:76:1c:3a:5d:02:b7:fc:4b:46:71:7b:2f:51:
         84:9c:69:a7:6f:50:73:30:2e:ac:18:a5:63:4b:e7:91:51:68:
         07:96:21:03:01:09:de:93:19:ea:b1:44:fd:b1:ca:be:c9:ee:
         82:f8:36:63:b0:54:a2:6f:56:98:9d:53:f3:7d:12:2e:4a:83:
         aa:ea:1f:2f:b5:6b:b8:b5:eb:d4:ae:f2:50:7b:c4:82:6f:a4:
         e8:bb:ec:27:4a:f2:da:21:15:ea:f8:d6:f8:77:24:8f:22:4b:
         20:46:f6:87:61:50:c1:69:0a:b9:35:40:33:a4:63:88:be:ac:
         06:0f:6b:93:39:35:92:17:af:25:bd:ec:aa:20:15:d0:24:74:
         2a:e2:f3:c6:61:c5:df:1c:e0:0c:95:ec:30:13:a3:f0:e1:34:
         e2:5a:bc:15:d2:a1:e9:13:ce:0d:88:fd:c3:b4:d5:de:27:72:
         7d:07:97:9f:83:b9:a5:27:d0:89:d1:b3:47:f3:e7:83:34:c7:
         e0:ba:b6:3f:df:6e:11:9b:41:d6:af:d2:53:b9:0a:9f:c0:a1:
         9f:72:2f:c4:e5:82:ea:ea:c3:9d:99:a7:79:46:30:7d:cb:46:
         fc:a4:16:b2:e8:aa:8b:1a:23:16:a5:ae:1e:28:6f:6d:a4:ec:
         94:ff:29:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUA4lgF/LvC+FwpLXSrtlJihKSRswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTBaFw0yNTA1MjIxNjQ5MTBaMDMxMTAvBgNV
BAMTKEVDNEMzQjBENDNGN0VDQUNBMUY5ODhFNjc5RjVBN0UxRUM1NkIwQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf6LIx7JXhyPFrfHpqYexGKdlr
FRy/44ySiuV09n0/8ND4F1MbFLJWQDiDL8iry8hBdV6MwwXNrpsZ+Csswq6XdIa3
hStzVV4ObgrMdMpHRa6nCuc94gUVy/G4N1gRbqUzSOnvubEcUY0NEff29rRigwQt
22cuLkCzFld40bhrkpbJSuXo3+DpS2vhLvLUtekG5rNWR1TS0jnuKer2hVDSonK3
LWYeueGDoZqO9Pb2hRdP/212CvAZdqbeOXJx1t2QNFCizjAwx8LBD/q9P2NmR/4T
h/3ELkne824oQUq9KM3+Cz3gUxvwkzEmslVeB5DHDvRXMBcsg+pPdatSjqiFAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7Ew7DUP37Kyh+YjmefWn4exWsLcwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE1MzEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQOYMA0GCSqGSIb3DQEBCwUAA4IBAQCK+OVp0HYcOl0Ct/xLRnF7L1GEnGmnb1Bz
MC6sGKVjS+eRUWgHliEDAQnekxnqsUT9scq+ye6C+DZjsFSib1aYnVPzfRIuSoOq
6h8vtWu4tevUrvJQe8SCb6Tou+wnSvLaIRXq+Nb4dySPIksgRvaHYVDBaQq5NUAz
pGOIvqwGD2uTOTWSF68lveyqIBXQJHQq4vPGYcXfHOAMlewwE6Pw4TTiWrwV0qHp
E84NiP3DtNXeJ3J9B5efg7mlJ9CJ0bNH8+eDNMfgurY/324Rm0HWr9JTuQqfwKGf
ci/E5YLq6sOdmad5RjB9y0b8pBay6KqLGiMWpa4eKG9tpOyU/ynu
-----END CERTIFICATE-----
Generated at Wed Jul 17 22:48:20 2024 by rpki-client on console-ams.rpki-client.org