Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663a3a2f34382d3438203d3e20313937373130.roa
File:                     326131333a646638303a663a3a2f34382d3438203d3e20313937373130.roa (raw, json)
Hash identifier:          vp986qZUpcczdbyNrSupXBIH0+td3k4rlRp0CCoPxpE=
Subject key identifier:   9C:44:05:B7:7D:1C:16:B7:BF:95:09:48:FB:84:09:4A:41:91:59:DA
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       4C8BC41CC72A23B775942FB73CDC2C8D562569C7
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663a3a2f34382d3438203d3e20313937373130.roa
Signing time:             Thu 24 Aug 2023 20:17:53 +0000
ROA not before:           Thu 24 Aug 2023 20:12:53 +0000
ROA not after:            Thu 22 Aug 2024 20:17:53 +0000
asID:                     197710
IP address blocks:        2a13:df80:f::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:8b:c4:1c:c7:2a:23:b7:75:94:2f:b7:3c:dc:2c:8d:56:25:69:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Aug 24 20:12:53 2023 GMT
            Not After : Aug 22 20:17:53 2024 GMT
        Subject: CN=9C4405B77D1C16B7BF950948FB84094A419159DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c7:86:13:8c:d9:26:91:40:6b:6d:14:26:73:
                    9c:28:10:85:ed:f5:ea:66:f1:0f:1f:02:6a:16:2a:
                    1a:a7:2c:c9:1d:b4:7c:e9:fc:9b:f9:cd:50:6f:77:
                    5a:7a:45:f5:ef:70:cf:d7:d1:6d:fd:38:92:00:3c:
                    89:23:fd:a7:12:8c:41:07:c1:cb:fe:78:a2:40:b4:
                    60:5a:b9:36:0d:9e:c3:01:72:c1:05:4c:3a:24:6c:
                    a9:9a:60:f5:6f:39:1d:69:7b:9a:7e:0e:2a:06:50:
                    fa:99:7d:85:f0:3a:58:c6:0c:73:a7:70:5b:bd:02:
                    b6:1f:f4:ea:c6:31:64:9d:c8:7f:10:4f:1f:65:6e:
                    75:4c:0f:b6:94:42:c7:d2:0b:cb:49:ea:89:f7:ae:
                    ee:93:bc:4f:d5:4f:fb:5d:8f:d8:06:7c:49:2f:9b:
                    ec:09:ec:a5:16:5d:1e:be:d2:45:d5:89:db:3d:bf:
                    9a:47:ad:08:cd:cb:88:ea:9c:d2:7d:6a:8d:9b:b6:
                    1a:cc:93:a3:21:f1:95:af:13:2f:68:8d:da:a5:83:
                    a8:ce:cc:8b:4b:11:fa:07:cb:6e:1b:8a:0a:c1:98:
                    2e:d3:8e:83:94:67:b2:6e:6f:ed:8d:d0:25:57:a5:
                    80:d8:e8:72:f3:82:08:86:ee:2b:46:3c:ad:83:0b:
                    18:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:44:05:B7:7D:1C:16:B7:BF:95:09:48:FB:84:09:4A:41:91:59:DA
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663a3a2f34382d3438203d3e20313937373130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df80:f::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:d0:1d:ab:71:03:b4:97:03:cb:cd:85:e2:cb:6a:c1:bb:c4:
         36:44:61:5c:9c:17:5a:b5:b9:29:4f:fb:1e:00:e4:73:bf:95:
         e7:6e:c0:d5:22:cb:9b:c5:f5:bf:50:26:e2:5a:be:b8:2f:d9:
         4e:46:86:b2:b9:e5:73:5d:7e:8a:75:e0:d5:5c:a2:51:3f:ab:
         25:5b:0f:59:9b:4d:0b:99:07:cc:f7:c1:8a:17:46:fb:5a:85:
         98:3e:42:64:c2:fa:82:df:0b:57:5d:ca:39:ef:62:76:26:78:
         f9:7d:a8:b3:8a:9f:b3:ef:54:fd:86:48:4a:77:4a:18:40:64:
         69:75:c3:4d:9a:94:d1:36:37:24:29:e5:ce:d2:a3:d4:96:e3:
         9a:26:da:05:73:f0:b1:2c:6a:41:2c:4a:62:1c:52:9f:f3:0a:
         1b:f5:fc:de:e2:ed:73:85:f9:70:a4:50:45:ac:f9:ff:21:13:
         b8:5b:69:88:10:11:fc:25:c9:e5:de:3d:6c:5d:87:cb:ac:a7:
         66:56:5d:65:de:03:98:e5:6d:a3:f2:4d:24:2e:1f:9a:93:b2:
         cb:2a:f3:8a:37:6a:be:2e:c8:6c:cb:15:b4:05:cd:82:25:db:
         56:d2:f6:44:5c:ba:ac:e3:ce:64:1c:97:a4:0a:79:3a:de:20:
         ae:43:a9:55
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUTIvEHMcqI7d1lC+3PNwsjVYlaccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzA4MjQyMDEyNTNaFw0yNDA4MjIyMDE3NTNaMDMxMTAvBgNV
BAMTKDlDNDQwNUI3N0QxQzE2QjdCRjk1MDk0OEZCODQwOTRBNDE5MTU5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFx4YTjNkmkUBrbRQmc5woEIXt
9epm8Q8fAmoWKhqnLMkdtHzp/Jv5zVBvd1p6RfXvcM/X0W39OJIAPIkj/acSjEEH
wcv+eKJAtGBauTYNnsMBcsEFTDokbKmaYPVvOR1pe5p+DioGUPqZfYXwOljGDHOn
cFu9ArYf9OrGMWSdyH8QTx9lbnVMD7aUQsfSC8tJ6on3ru6TvE/VT/tdj9gGfEkv
m+wJ7KUWXR6+0kXVids9v5pHrQjNy4jqnNJ9ao2bthrMk6Mh8ZWvEy9ojdqlg6jO
zItLEfoHy24bigrBmC7TjoOUZ7Jub+2N0CVXpYDY6HLzggiG7itGPK2DCxiPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUnEQFt30cFre/lQlI+4QJSkGRWdowHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzI2MTMxMzMzYTY0NjYzODMw
M2E2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzNzM3MzEzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoT34AADzANBgkqhkiG9w0BAQsFAAOCAQEAUtAdq3EDtJcDy82F4stqwbvE
NkRhXJwXWrW5KU/7HgDkc7+V527A1SLLm8X1v1Am4lq+uC/ZTkaGsrnlc11+inXg
1VyiUT+rJVsPWZtNC5kHzPfBihdG+1qFmD5CZML6gt8LV13KOe9idiZ4+X2os4qf
s+9U/YZISndKGEBkaXXDTZqU0TY3JCnlztKj1JbjmibaBXPwsSxqQSxKYhxSn/MK
G/X83uLtc4X5cKRQRaz5/yETuFtpiBAR/CXJ5d49bF2Hy6ynZlZdZd4DmOVto/JN
JC4fmpOyyyrzijdqvi7IbMsVtAXNgiXbVtL2RFy6rOPOZByXpAp5Ot4grkOpVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org