Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198585.roa
File:                     AS198585.roa (raw, json)
Hash identifier:          Oua8pDUazmXxBQ54MKBlna8x6X5EcpfwXXV6TAF6JK0=
Subject key identifier:   84:81:D1:FC:ED:BB:AC:30:82:FB:B6:56:3A:CA:A1:2D:E6:B4:DB:4B
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       5A7D61710EAAC31281BB2951BEAB89DC7B6B1357
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198585.roa
Signing time:             Wed 20 Dec 2023 16:21:50 +0000
ROA not before:           Wed 20 Dec 2023 16:16:50 +0000
ROA not after:            Wed 18 Dec 2024 16:21:50 +0000
asID:                     198585
IP address blocks:        2a13:df80:c0::/44 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:7d:61:71:0e:aa:c3:12:81:bb:29:51:be:ab:89:dc:7b:6b:13:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Dec 20 16:16:50 2023 GMT
            Not After : Dec 18 16:21:50 2024 GMT
        Subject: CN=8481D1FCEDBBAC3082FBB6563ACAA12DE6B4DB4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:58:8f:95:87:80:39:99:67:31:97:7d:83:ef:
                    12:71:a8:30:0c:c0:2d:a3:56:20:bd:5f:5b:a0:ba:
                    52:30:b9:b2:58:0f:fd:a6:84:9d:2c:cc:37:ef:cf:
                    a7:4c:42:78:f4:91:d4:f5:eb:71:d7:6f:b5:d0:6f:
                    6b:21:e3:d8:f3:7b:5c:23:c8:8d:cd:4c:b6:b7:bd:
                    6c:4e:80:26:f5:25:bf:48:3a:51:9b:40:33:2c:de:
                    41:64:31:a3:4b:dc:e0:00:41:60:4b:bb:a8:46:eb:
                    c3:02:6a:43:30:b4:4a:b1:fd:df:32:29:59:84:af:
                    cd:8d:7f:d0:73:46:c3:7b:36:95:44:35:dd:da:60:
                    e0:ca:90:48:5d:7f:ee:74:91:f2:56:f7:da:6d:e2:
                    aa:6d:85:85:95:77:cd:34:65:33:2d:5f:e0:86:5e:
                    b6:b4:12:a0:ab:9f:9f:70:7b:a5:c1:e1:0d:41:19:
                    75:ac:db:ba:26:0d:76:26:d5:ea:fb:21:71:72:24:
                    dd:04:23:55:ff:66:7f:5b:10:e8:de:01:3e:f5:13:
                    7c:32:75:b2:f0:8b:3e:c3:13:4d:7a:ed:06:c2:99:
                    d3:b9:6e:87:2c:33:50:c8:c1:7d:65:c6:dd:63:2f:
                    0a:b5:c5:ae:1c:cc:f9:5d:ad:08:02:95:6d:52:b2:
                    4b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:81:D1:FC:ED:BB:AC:30:82:FB:B6:56:3A:CA:A1:2D:E6:B4:DB:4B
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198585.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df80:c0::/44

    Signature Algorithm: sha256WithRSAEncryption
         2d:60:cc:5c:97:1f:97:61:22:55:2f:36:5a:7c:c1:51:fe:bc:
         32:0e:f0:15:e8:63:41:61:7d:de:73:bc:90:2e:c9:37:62:95:
         2b:0e:b5:db:0d:c4:da:49:3b:f1:14:bd:5e:9b:59:31:8f:09:
         a3:9f:7e:6b:fc:68:0d:95:97:ca:8f:c8:ad:17:ae:89:8e:59:
         cf:e6:d5:f1:41:85:d5:38:03:33:6a:54:dc:15:93:64:ac:54:
         aa:b5:eb:e5:eb:26:a3:40:80:e0:79:98:c4:6b:4b:e4:d1:b1:
         25:f0:ff:ec:c5:36:0e:03:fb:41:18:bf:f9:ae:21:81:90:6a:
         ca:15:43:fc:e3:7d:b7:7c:32:cf:f2:f2:25:f8:27:e5:07:95:
         e2:ed:22:91:16:53:7f:df:8e:e0:ce:9e:2a:0f:b8:f0:3c:2f:
         f0:88:ea:ac:b1:1e:e5:33:0e:17:7e:f7:f8:c5:e5:d8:30:46:
         a7:b0:b3:03:44:f4:d8:cc:c6:f2:9b:35:b8:2a:5b:2d:de:f1:
         72:de:90:2b:36:85:13:fa:f2:db:36:bc:36:00:13:94:1d:de:
         71:29:87:54:47:f0:96:6d:93:32:de:6d:08:70:63:e2:1f:e5:
         1b:c3:79:9e:85:36:d3:4e:61:6f:ad:37:30:64:a6:e8:da:ae:
         ee:dc:8c:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUWn1hcQ6qwxKBuylRvquJ3HtrE1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTBaFw0yNDEyMTgxNjIxNTBaMDMxMTAvBgNV
BAMTKDg0ODFEMUZDRURCQkFDMzA4MkZCQjY1NjNBQ0FBMTJERTZCNERCNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9WI+Vh4A5mWcxl32D7xJxqDAM
wC2jViC9X1ugulIwubJYD/2mhJ0szDfvz6dMQnj0kdT163HXb7XQb2sh49jze1wj
yI3NTLa3vWxOgCb1Jb9IOlGbQDMs3kFkMaNL3OAAQWBLu6hG68MCakMwtEqx/d8y
KVmEr82Nf9BzRsN7NpVENd3aYODKkEhdf+50kfJW99pt4qpthYWVd800ZTMtX+CG
Xra0EqCrn59we6XB4Q1BGXWs27omDXYm1er7IXFyJN0EI1X/Zn9bEOjeAT71E3wy
dbLwiz7DE0167QbCmdO5bocsM1DIwX1lxt1jLwq1xa4czPldrQgClW1SskvLAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUhIHR/O27rDCC+7ZWOsqhLea020swHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk4NTg1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gADAMA0GCSqGSIb3DQEBCwUAA4IBAQAtYMxclx+XYSJVLzZafMFR/rwyDvAV6GNB
YX3ec7yQLsk3YpUrDrXbDcTaSTvxFL1em1kxjwmjn35r/GgNlZfKj8itF66JjlnP
5tXxQYXVOAMzalTcFZNkrFSqtevl6yajQIDgeZjEa0vk0bEl8P/sxTYOA/tBGL/5
riGBkGrKFUP84323fDLP8vIl+CflB5Xi7SKRFlN/347gzp4qD7jwPC/wiOqssR7l
Mw4Xfvf4xeXYMEansLMDRPTYzMbymzW4Klst3vFy3pArNoUT+vLbNrw2ABOUHd5x
KYdUR/CWbZMy3m0IcGPiH+Ubw3mehTbTTmFvrTcwZKbo2q7u3Izb
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org