Route Origin Authorization

$ rpki-client -vvf k24.rrdp-rpki.athene-center.net/repo/k24-rpki-athene-center/0/3135382e3232302e3135332e302f32342d3234203d3e20323038313632.roa
File:                     3135382e3232302e3135332e302f32342d3234203d3e20323038313632.roa (raw, json)
Hash identifier:          LLkaVYqTZKxmDciChiMBbLUZIAsRtbp8e+W7JDzuVNc=
Subject key identifier:   3A:85:9C:1B:CD:A8:94:EC:A9:8A:37:62:87:4C:3C:38:EA:F8:AE:4E
Certificate issuer:       /CN=C7F6A432807263695F979A0E0CD62AE3E3FAA87B
Certificate serial:       37CD64A22CAC5F409379B310B533E16B850CBB84
Authority key identifier: C7:F6:A4:32:80:72:63:69:5F:97:9A:0E:0C:D6:2A:E3:E3:FA:A8:7B
Authority info access:    rsync://k00.rrdp-rpki.athene-center.net/repo/k00-rpki-athene-center/0/C7F6A432807263695F979A0E0CD62AE3E3FAA87B.cer
Subject info access:      rsync://k24.rrdp-rpki.athene-center.net/repo/k24-rpki-athene-center/0/3135382e3232302e3135332e302f32342d3234203d3e20323038313632.roa
Signing time:             Wed 27 Mar 2024 19:42:14 +0000
ROA not before:           Wed 27 Mar 2024 19:37:14 +0000
ROA not after:            Wed 26 Mar 2025 19:42:14 +0000
asID:                     208162
IP address blocks:        158.220.153.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:cd:64:a2:2c:ac:5f:40:93:79:b3:10:b5:33:e1:6b:85:0c:bb:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C7F6A432807263695F979A0E0CD62AE3E3FAA87B
        Validity
            Not Before: Mar 27 19:37:14 2024 GMT
            Not After : Mar 26 19:42:14 2025 GMT
        Subject: CN=3A859C1BCDA894ECA98A3762874C3C38EAF8AE4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c2:e5:53:e3:bb:a6:b7:87:5d:14:97:b1:8e:
                    d9:7b:89:e0:a8:42:c5:d3:fb:27:3b:d6:f3:36:0c:
                    1e:3a:c9:48:4d:9a:8b:05:30:1d:0b:08:ae:2e:c4:
                    77:82:9f:aa:29:b5:be:64:d0:02:43:97:0a:98:5f:
                    6d:8b:53:f6:42:5f:e2:ff:67:e1:e7:da:e4:a3:92:
                    28:1b:5f:20:3f:be:93:a1:9d:25:c7:05:50:49:d0:
                    69:4f:33:b6:6f:aa:86:46:d3:b5:c6:8d:41:c0:2b:
                    9f:6c:95:a2:a8:1b:22:bf:3e:4f:d8:7b:3f:ae:66:
                    d1:f7:94:97:2c:ee:b8:37:e3:3e:cd:43:c5:11:98:
                    ac:57:5e:d5:99:54:bd:48:6c:9c:f7:03:ac:a9:c9:
                    d9:69:dc:ea:1d:aa:88:f8:4c:09:8e:aa:bc:77:fa:
                    4d:b3:69:a8:68:f5:9e:a6:01:ed:3e:78:15:9f:1c:
                    af:2c:f8:10:ed:2a:3a:0f:de:7e:c6:fb:7a:1b:51:
                    e4:95:6f:9e:c3:58:9e:ef:6f:cd:04:0c:19:c8:83:
                    a7:72:e6:b0:c3:e6:a0:1d:a3:10:04:78:e7:ed:09:
                    b9:5f:91:1f:61:b6:a8:ee:f7:c0:c3:68:15:1c:38:
                    d8:16:48:25:05:c6:2c:89:0a:0c:92:4f:6c:02:dd:
                    c5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:85:9C:1B:CD:A8:94:EC:A9:8A:37:62:87:4C:3C:38:EA:F8:AE:4E
            X509v3 Authority Key Identifier:
                keyid:C7:F6:A4:32:80:72:63:69:5F:97:9A:0E:0C:D6:2A:E3:E3:FA:A8:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://k24.rrdp-rpki.athene-center.net/repo/k24-rpki-athene-center/0/C7F6A432807263695F979A0E0CD62AE3E3FAA87B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://k00.rrdp-rpki.athene-center.net/repo/k00-rpki-athene-center/0/C7F6A432807263695F979A0E0CD62AE3E3FAA87B.cer

            Subject Information Access:
                Signed Object - URI:rsync://k24.rrdp-rpki.athene-center.net/repo/k24-rpki-athene-center/0/3135382e3232302e3135332e302f32342d3234203d3e20323038313632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.220.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:ce:3c:a6:47:22:07:53:66:8c:5f:fb:a8:35:a2:2e:e3:0e:
         42:7a:a4:13:f8:ce:01:e0:96:c2:5a:75:bd:ed:25:78:2b:e5:
         26:75:98:45:00:35:9b:88:15:aa:72:2e:ac:64:aa:14:03:b6:
         dc:5a:21:88:be:7b:e8:39:c7:8a:5b:f2:b1:69:64:ca:e7:32:
         5a:f9:5e:fa:49:c4:ac:a6:51:fa:5b:be:7f:f5:13:78:b1:cc:
         ca:26:5c:91:12:51:3c:3c:47:ea:e6:bc:b6:04:49:93:70:f5:
         41:46:e7:55:e7:c7:ff:5e:a5:cd:c5:e4:15:d7:c5:49:b7:b6:
         f1:8d:82:e4:a5:ad:b4:cc:47:d8:3c:25:87:2b:18:b3:65:90:
         81:09:ea:fb:e1:9f:af:02:8e:ae:3d:f9:75:c2:4e:cc:dc:87:
         ef:00:b9:09:43:d3:11:42:0f:d5:28:88:90:ea:55:61:94:85:
         a1:b2:a1:32:c2:84:7f:42:ae:38:cb:8a:cb:aa:50:82:57:b3:
         d8:5f:00:98:17:37:82:22:9b:14:d5:48:86:0b:03:e7:21:fc:
         c4:7f:20:bb:86:34:4b:e7:34:d6:20:8d:71:f3:55:7a:77:0f:
         18:26:fd:9b:c6:02:8b:71:05:6e:0a:55:65:a2:29:17:8d:45:
         54:9d:ef:1a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUN81koiysX0CTebMQtTPha4UMu4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzdGNkE0MzI4MDcyNjM2OTVGOTc5QTBFMENENjJBRTNF
M0ZBQTg3QjAeFw0yNDAzMjcxOTM3MTRaFw0yNTAzMjYxOTQyMTRaMDMxMTAvBgNV
BAMTKDNBODU5QzFCQ0RBODk0RUNBOThBMzc2Mjg3NEMzQzM4RUFGOEFFNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJwuVT47umt4ddFJexjtl7ieCo
QsXT+yc71vM2DB46yUhNmosFMB0LCK4uxHeCn6optb5k0AJDlwqYX22LU/ZCX+L/
Z+Hn2uSjkigbXyA/vpOhnSXHBVBJ0GlPM7ZvqoZG07XGjUHAK59slaKoGyK/Pk/Y
ez+uZtH3lJcs7rg34z7NQ8URmKxXXtWZVL1IbJz3A6ypydlp3Oodqoj4TAmOqrx3
+k2zaaho9Z6mAe0+eBWfHK8s+BDtKjoP3n7G+3obUeSVb57DWJ7vb80EDBnIg6dy
5rDD5qAdoxAEeOftCblfkR9htqju98DDaBUcONgWSCUFxiyJCgyST2wC3cWrAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUOoWcG82olOypijdih0w8OOr4rk4wHwYDVR0j
BBgwFoAUx/akMoByY2lfl5oODNYq4+P6qHswDgYDVR0PAQH/BAQDAgeAMIGDBgNV
HR8EfDB6MHigdqB0hnJyc3luYzovL2syNC5ycmRwLXJwa2kuYXRoZW5lLWNlbnRl
ci5uZXQvcmVwby9rMjQtcnBraS1hdGhlbmUtY2VudGVyLzAvQzdGNkE0MzI4MDcy
NjM2OTVGOTc5QTBFMENENjJBRTNFM0ZBQTg3Qi5jcmwwgZAGCCsGAQUFBwEBBIGD
MIGAMH4GCCsGAQUFBzAChnJyc3luYzovL2swMC5ycmRwLXJwa2kuYXRoZW5lLWNl
bnRlci5uZXQvcmVwby9rMDAtcnBraS1hdGhlbmUtY2VudGVyLzAvQzdGNkE0MzI4
MDcyNjM2OTVGOTc5QTBFMENENjJBRTNFM0ZBQTg3Qi5jZXIwgaQGCCsGAQUFBwEL
BIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vazI0LnJyZHAtcnBraS5hdGhl
bmUtY2VudGVyLm5ldC9yZXBvL2syNC1ycGtpLWF0aGVuZS1jZW50ZXIvMC8zMTM1
MzgyZTMyMzIzMDJlMzEzNTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM4
MzEzNjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAntyZMA0GCSqGSIb3DQEBCwUAA4IBAQAuzjymRyIH
U2aMX/uoNaIu4w5CeqQT+M4B4JbCWnW97SV4K+UmdZhFADWbiBWqci6sZKoUA7bc
WiGIvnvoOceKW/KxaWTK5zJa+V76ScSsplH6W75/9RN4sczKJlyRElE8PEfq5ry2
BEmTcPVBRudV58f/XqXNxeQV18VJt7bxjYLkpa20zEfYPCWHKxizZZCBCer74Z+v
Ao6uPfl1wk7M3IfvALkJQ9MRQg/VKIiQ6lVhlIWhsqEywoR/Qq44y4rLqlCCV7PY
XwCYFzeCIpsU1UiGCwPnIfzEfyC7hjRL5zTWII1x81V6dw8YJv2bxgKLcQVuClVl
oikXjUVUne8a
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:57 2024 by rpki-client on console-fra.rpki-client.org