Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa
File:                     AS199186.roa (raw, json)
Hash identifier:          cHWmRlDcJdkSqA0nPr8HfFjn7jYIwjMYxkMgP9COMn0=
Subject key identifier:   F4:4A:11:34:F9:7C:D5:1F:F2:87:B8:1A:D6:46:06:C6:37:88:CC:E0
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       4B80022F3710D4ECDE8385BFF3EB3AEBD3E500A9
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa
Signing time:             Wed 20 Dec 2023 16:21:46 +0000
ROA not before:           Wed 20 Dec 2023 16:16:46 +0000
ROA not after:            Wed 18 Dec 2024 16:21:46 +0000
asID:                     199186
IP address blocks:        2a13:df87:9c00::/38 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:80:02:2f:37:10:d4:ec:de:83:85:bf:f3:eb:3a:eb:d3:e5:00:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Dec 20 16:16:46 2023 GMT
            Not After : Dec 18 16:21:46 2024 GMT
        Subject: CN=F44A1134F97CD51FF287B81AD64606C63788CCE0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:df:35:29:76:32:23:2a:ee:a1:21:b8:35:7f:
                    75:65:df:9c:1a:cb:fd:9a:ad:5e:a6:e8:c4:f5:07:
                    87:f8:0d:83:dc:d3:63:f2:bb:19:41:9c:08:f9:da:
                    2c:20:ef:16:f0:f4:23:f9:d3:9b:91:01:b7:cc:15:
                    aa:1e:54:c3:63:54:81:78:8a:31:45:9e:c5:95:37:
                    44:0e:12:50:4b:e5:80:30:65:41:d0:8d:c6:87:49:
                    13:a4:d4:f3:7f:48:38:04:a9:14:0a:83:f8:92:15:
                    2f:ec:e1:eb:a7:4f:f2:d1:01:8d:e2:7c:0a:8f:84:
                    31:11:ce:b7:0f:ff:c2:0b:15:c1:d4:d3:e5:d0:a2:
                    6d:74:c7:be:4e:f6:49:5f:e4:c1:0d:57:10:18:9a:
                    89:74:fe:e2:a0:50:bb:42:e0:2c:70:83:22:24:7a:
                    3b:1a:49:12:37:91:86:60:11:74:be:c8:bf:cc:f2:
                    4e:e1:01:60:f0:e5:a4:0b:ff:5c:d9:70:f7:ca:23:
                    1d:7f:7c:7d:dc:b3:01:97:12:1c:cd:9e:d1:6d:31:
                    bc:98:68:a6:f1:9b:06:b8:17:49:9f:38:e9:a4:1c:
                    e2:71:a7:c0:1a:8c:3b:5e:db:cf:b8:c4:d8:65:f7:
                    83:ed:b7:b0:82:74:0a:11:0b:b9:be:45:05:a1:61:
                    e8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:4A:11:34:F9:7C:D5:1F:F2:87:B8:1A:D6:46:06:C6:37:88:CC:E0
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df87:9c00::/38

    Signature Algorithm: sha256WithRSAEncryption
         ab:77:4b:1d:1c:4d:26:2b:89:3b:04:83:ab:e0:c8:57:58:23:
         96:cc:21:e7:c4:e2:13:6b:30:47:8d:e6:99:b5:8b:da:a1:e5:
         79:cb:06:0c:72:00:65:dd:87:e2:45:74:5c:b1:0b:41:51:49:
         e1:2b:b0:97:6c:29:18:85:57:54:10:c6:7d:6c:7a:72:7b:b6:
         d2:d8:43:55:f0:81:97:c7:4d:1f:8c:8e:07:30:74:4b:75:36:
         9a:7b:ee:9e:bb:5a:9e:b7:89:e1:0f:8e:e2:0f:d9:a5:b5:d9:
         2e:ea:51:fa:32:48:e6:7e:d8:4e:37:e8:eb:14:6e:d4:60:0d:
         86:2c:3e:f5:73:3f:55:62:50:1d:47:20:91:f4:dc:66:ac:01:
         92:d9:7a:19:9c:cd:1b:61:8e:e4:0d:a8:47:d0:a7:a6:e4:be:
         dd:9b:54:47:00:ae:24:3a:ab:3d:3d:d3:43:ff:3c:27:a9:80:
         cc:99:c0:60:2c:32:c6:02:5d:d8:43:19:7c:75:e5:71:c5:1b:
         19:05:99:3f:4e:71:15:8e:4e:5e:29:73:98:6d:1e:77:ce:7b:
         01:de:78:be:31:18:b1:e4:ab:4b:25:f7:34:d0:a3:4c:5d:eb:
         e6:3a:c8:82:6e:38:23:7b:cd:94:32:74:53:33:80:93:aa:5d:
         c8:8b:ac:7c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUS4ACLzcQ1Ozeg4W/8+s669PlAKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDZaFw0yNDEyMTgxNjIxNDZaMDMxMTAvBgNV
BAMTKEY0NEExMTM0Rjk3Q0Q1MUZGMjg3QjgxQUQ2NDYwNkM2Mzc4OENDRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn3zUpdjIjKu6hIbg1f3Vl35wa
y/2arV6m6MT1B4f4DYPc02PyuxlBnAj52iwg7xbw9CP505uRAbfMFaoeVMNjVIF4
ijFFnsWVN0QOElBL5YAwZUHQjcaHSROk1PN/SDgEqRQKg/iSFS/s4eunT/LRAY3i
fAqPhDERzrcP/8ILFcHU0+XQom10x75O9klf5MENVxAYmol0/uKgULtC4CxwgyIk
ejsaSRI3kYZgEXS+yL/M8k7hAWDw5aQL/1zZcPfKIx1/fH3cswGXEhzNntFtMbyY
aKbxmwa4F0mfOOmkHOJxp8AajDte28+4xNhl94Ptt7CCdAoRC7m+RQWhYeiXAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU9EoRNPl81R/yh7ga1kYGxjeIzOAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk5MTg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
h5wwDQYJKoZIhvcNAQELBQADggEBAKt3Sx0cTSYriTsEg6vgyFdYI5bMIefE4hNr
MEeN5pm1i9qh5XnLBgxyAGXdh+JFdFyxC0FRSeErsJdsKRiFV1QQxn1senJ7ttLY
Q1XwgZfHTR+MjgcwdEt1Npp77p67Wp63ieEPjuIP2aW12S7qUfoySOZ+2E436OsU
btRgDYYsPvVzP1ViUB1HIJH03GasAZLZehmczRthjuQNqEfQp6bkvt2bVEcAriQ6
qz0900P/PCepgMyZwGAsMsYCXdhDGXx15XHFGxkFmT9OcRWOTl4pc5htHnfOewHe
eL4xGLHkq0sl9zTQo0xd6+Y6yIJuOCN7zZQydFMzgJOqXciLrHw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org