Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215513.roa
File:                     AS215513.roa (raw, json)
Hash identifier:          zaNbjFGdoKT4ItabmY+//ptyTs8x8kfemy9iegrVYgQ=
Subject key identifier:   87:DE:B1:3F:50:5B:01:12:BE:CD:8E:23:14:C3:0E:1C:E8:CA:4A:54
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       2AD2F6C5AB05D4712265EC3AE45AFA1D5ABFB6BD
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215513.roa
Signing time:             Thu 23 May 2024 16:49:09 +0000
ROA not before:           Thu 23 May 2024 16:44:09 +0000
ROA not after:            Thu 22 May 2025 16:49:09 +0000
asID:                     215513
IP address blocks:        2a0f:85c1:36e::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jul 2024 13:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:d2:f6:c5:ab:05:d4:71:22:65:ec:3a:e4:5a:fa:1d:5a:bf:b6:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:09 2024 GMT
            Not After : May 22 16:49:09 2025 GMT
        Subject: CN=87DEB13F505B0112BECD8E2314C30E1CE8CA4A54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a3:48:b0:4a:f8:13:87:94:8f:2e:2b:2c:49:
                    3a:ba:6f:f9:ab:0e:a1:36:7e:6d:3c:ce:3e:78:8c:
                    59:af:ec:65:d5:e6:df:c0:4a:0f:94:bf:3a:c6:d4:
                    d0:60:93:b5:c7:1d:da:01:f8:b9:b0:60:9c:9b:54:
                    5c:a1:c9:e7:0a:95:07:fa:d3:98:4b:d8:b8:b2:57:
                    3d:10:21:3d:70:a2:51:26:d0:a1:f3:8f:b0:86:8a:
                    85:1d:89:1b:58:d1:6c:6d:d9:57:16:bc:fe:47:f0:
                    eb:36:ec:4a:00:30:f3:7c:87:38:e2:7c:fd:26:a5:
                    5d:c7:ef:18:06:52:a7:e5:7d:3f:5f:d7:5a:55:75:
                    5b:68:8a:c7:15:9d:44:1d:bb:c8:6f:9d:05:1a:8f:
                    f6:ae:74:10:2f:e1:22:50:9e:f3:5c:73:20:e9:7b:
                    a3:ad:dd:e0:3c:f0:13:cd:3c:1b:2a:4e:46:02:56:
                    e0:71:4e:13:59:0a:c0:39:90:ae:76:26:69:b6:71:
                    1d:e7:77:d0:59:a5:48:e2:aa:c7:c3:f5:74:61:4c:
                    5f:7b:38:76:f5:d4:ac:94:7c:b7:e2:9b:34:52:0e:
                    d7:9c:ea:3f:b3:e4:f6:ef:62:86:ab:bf:cb:7d:42:
                    45:ce:4c:ed:85:0a:ed:1b:09:ed:de:f8:37:c2:06:
                    39:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:DE:B1:3F:50:5B:01:12:BE:CD:8E:23:14:C3:0E:1C:E8:CA:4A:54
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS215513.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:36e::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:ab:8f:1f:b6:47:17:83:37:4c:e4:d0:24:71:aa:5e:54:2c:
         5e:dc:94:66:61:bd:1a:51:bc:b1:f7:52:a6:57:a2:24:bc:74:
         a4:f8:f6:c0:7b:83:85:8a:75:17:ad:c2:10:bd:5d:42:96:89:
         b5:a9:a7:65:fd:fc:5d:fa:a6:d5:15:85:ba:ba:d2:1f:ec:51:
         7c:b7:36:fd:e2:dc:26:b3:de:c2:2e:e5:f4:68:ce:98:bb:fd:
         de:db:5f:6e:20:ab:34:b5:b5:a7:fb:53:d8:84:0a:16:09:f2:
         4c:3b:35:e3:e7:7b:c4:e7:b3:d4:21:f0:8f:a5:41:62:3d:4c:
         8e:95:64:4b:e2:78:39:ff:b6:e0:86:71:3b:8c:3b:52:f0:1f:
         07:a0:b6:ca:21:20:e4:20:47:18:1e:12:e6:b1:1f:ed:11:c8:
         fa:54:14:76:b5:17:12:2d:92:91:cb:61:ed:21:b6:a2:ba:2e:
         b8:6e:95:0f:f2:fd:4e:5a:15:10:58:7a:fd:01:45:7b:07:22:
         79:1d:8d:ca:74:c9:04:37:95:9b:8b:bf:df:7b:82:a9:e6:9d:
         14:95:e2:60:b7:90:44:6f:66:9e:a6:da:c7:0b:dd:8a:76:0a:
         88:93:de:41:af:13:05:ed:0d:69:e4:ee:f9:80:c2:db:6a:00:
         47:a9:58:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUKtL2xasF1HEiZew65Fr6HVq/tr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MDlaFw0yNTA1MjIxNjQ5MDlaMDMxMTAvBgNV
BAMTKDg3REVCMTNGNTA1QjAxMTJCRUNEOEUyMzE0QzMwRTFDRThDQTRBNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlo0iwSvgTh5SPLissSTq6b/mr
DqE2fm08zj54jFmv7GXV5t/ASg+UvzrG1NBgk7XHHdoB+LmwYJybVFyhyecKlQf6
05hL2LiyVz0QIT1wolEm0KHzj7CGioUdiRtY0Wxt2VcWvP5H8Os27EoAMPN8hzji
fP0mpV3H7xgGUqflfT9f11pVdVtoiscVnUQdu8hvnQUaj/audBAv4SJQnvNccyDp
e6Ot3eA88BPNPBsqTkYCVuBxThNZCsA5kK52Jmm2cR3nd9BZpUjiqsfD9XRhTF97
OHb11KyUfLfimzRSDtec6j+z5PbvYoarv8t9QkXOTO2FCu0bCe3e+DfCBjkVAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUh96xP1BbARK+zY4jFMMOHOjKSlQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE1NTEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQNuMA0GCSqGSIb3DQEBCwUAA4IBAQB2q48ftkcXgzdM5NAkcapeVCxe3JRmYb0a
Ubyx91KmV6IkvHSk+PbAe4OFinUXrcIQvV1Clom1qadl/fxd+qbVFYW6utIf7FF8
tzb94twms97CLuX0aM6Yu/3e219uIKs0tbWn+1PYhAoWCfJMOzXj53vE57PUIfCP
pUFiPUyOlWRL4ng5/7bghnE7jDtS8B8HoLbKISDkIEcYHhLmsR/tEcj6VBR2tRcS
LZKRy2HtIbaiui64bpUP8v1OWhUQWHr9AUV7ByJ5HY3KdMkEN5Wbi7/fe4Kp5p0U
leJgt5BEb2aeptrHC92KdgqIk95BrxMF7Q1p5O75gMLbagBHqVhP
-----END CERTIFICATE-----
Generated at Wed Jul 17 22:48:20 2024 by rpki-client on console-ams.rpki-client.org