Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216411.roa
File:                     AS216411.roa (raw, json)
Hash identifier:          ANvfOmh5Go2fsKL3kUGXc1UCpG1ZPtelwcGB8aU4ek0=
Subject key identifier:   A1:2E:B8:31:63:3A:8D:F3:67:79:80:81:1F:E0:97:07:0E:98:36:9B
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       787413FB1AC9B3920E530424ABAED56DC5AAFF36
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216411.roa
Signing time:             Wed 20 Dec 2023 16:22:26 +0000
ROA not before:           Wed 20 Dec 2023 16:17:26 +0000
ROA not after:            Wed 18 Dec 2024 16:22:26 +0000
asID:                     216411
IP address blocks:        2a13:df80:3802::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:74:13:fb:1a:c9:b3:92:0e:53:04:24:ab:ae:d5:6d:c5:aa:ff:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Dec 20 16:17:26 2023 GMT
            Not After : Dec 18 16:22:26 2024 GMT
        Subject: CN=A12EB831633A8DF3677980811FE097070E98369B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8f:ea:57:d6:aa:29:43:45:4b:ca:05:75:ff:
                    fb:3b:0e:b0:3d:a3:15:e8:83:29:3b:7f:ae:bd:26:
                    7d:8b:35:d3:d1:77:44:2e:dc:dc:e0:fc:59:e4:7a:
                    85:e0:81:af:a4:86:fa:ae:66:fe:82:b3:7d:75:1a:
                    9e:20:8c:e3:85:6a:d7:12:16:92:c9:ce:87:e0:39:
                    e3:72:21:ee:f0:b2:17:96:70:eb:05:b6:09:b0:09:
                    de:ec:bd:ae:66:87:93:41:5e:36:78:4c:5a:c8:2e:
                    7d:c9:c0:ab:11:b1:e7:d0:cd:d1:96:40:d4:5e:a2:
                    63:f2:b0:ba:b4:61:cf:60:9e:0f:07:f6:84:c5:1a:
                    f2:b6:e4:c8:7c:85:24:4d:21:06:88:cd:b7:0e:97:
                    b7:57:bf:66:4b:cb:4d:c4:c8:e7:6c:2d:90:f6:8a:
                    4f:e7:3f:52:7e:57:f6:ca:24:27:40:48:91:56:2e:
                    28:1a:63:3c:e8:3a:ca:9d:17:01:af:a9:ff:0a:18:
                    9e:df:05:94:99:c7:e8:1b:2d:68:64:85:df:91:a1:
                    8c:34:30:32:7d:9f:d9:cb:4c:38:36:b7:6f:d4:5b:
                    f4:a5:9a:68:8e:ec:41:2b:a6:d2:b4:55:1b:ed:86:
                    c2:16:a7:e5:68:00:c4:fd:d6:9b:3c:bc:94:7a:4a:
                    1a:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:2E:B8:31:63:3A:8D:F3:67:79:80:81:1F:E0:97:07:0E:98:36:9B
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216411.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df80:3802::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:1a:aa:29:82:b6:53:2b:dc:f7:13:b9:ce:1c:9f:08:b6:9b:
         f8:67:a3:3c:e2:38:09:31:3a:23:17:55:4a:57:bd:98:48:fc:
         73:aa:59:6f:a1:cf:3a:05:86:21:c8:7a:dc:11:12:2e:87:a0:
         bc:bb:1d:f5:a2:c2:42:88:a7:c9:45:95:ec:4b:47:ae:28:cf:
         ad:3e:dc:0f:17:56:f4:4a:51:41:02:ae:50:e4:59:32:86:04:
         c1:18:78:8d:6a:4f:e4:79:7a:22:7f:fb:57:80:91:a8:e5:b2:
         65:a8:08:b3:a4:f2:1a:4b:23:99:be:bf:dd:b9:81:6b:0d:38:
         79:81:2f:73:d4:d2:e7:24:b3:53:81:b8:51:73:f6:17:f9:64:
         f0:a1:e2:93:8d:a0:c8:6e:a7:31:0c:32:26:2c:4c:ec:ec:96:
         9c:34:83:f7:58:21:2b:e6:ad:2f:fa:4c:3b:7f:72:2d:d9:dd:
         0b:e9:f5:13:6b:be:c7:44:7f:61:05:2b:4c:47:0e:c4:d6:c1:
         89:0e:54:64:ab:ba:30:98:1f:ab:7a:61:cd:45:d6:43:83:7d:
         21:1b:38:6e:bc:05:e9:c2:e0:72:eb:a0:06:ab:a6:ee:3b:fc:
         3b:c6:92:22:91:65:87:4f:f3:4f:75:eb:2a:70:18:e9:23:f7:
         9e:07:25:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUeHQT+xrJs5IOUwQkq67VbcWq/zYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjZaFw0yNDEyMTgxNjIyMjZaMDMxMTAvBgNV
BAMTKEExMkVCODMxNjMzQThERjM2Nzc5ODA4MTFGRTA5NzA3MEU5ODM2OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzj+pX1qopQ0VLygV1//s7DrA9
oxXogyk7f669Jn2LNdPRd0Qu3Nzg/FnkeoXgga+khvquZv6Cs311Gp4gjOOFatcS
FpLJzofgOeNyIe7wsheWcOsFtgmwCd7sva5mh5NBXjZ4TFrILn3JwKsRsefQzdGW
QNReomPysLq0Yc9gng8H9oTFGvK25Mh8hSRNIQaIzbcOl7dXv2ZLy03EyOdsLZD2
ik/nP1J+V/bKJCdASJFWLigaYzzoOsqdFwGvqf8KGJ7fBZSZx+gbLWhkhd+RoYw0
MDJ9n9nLTDg2t2/UW/SlmmiO7EErptK0VRvthsIWp+VoAMT91ps8vJR6Shp1AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUoS64MWM6jfNneYCBH+CXBw6YNpswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2NDExLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gDgCMA0GCSqGSIb3DQEBCwUAA4IBAQADGqopgrZTK9z3E7nOHJ8Itpv4Z6M84jgJ
MTojF1VKV72YSPxzqllvoc86BYYhyHrcERIuh6C8ux31osJCiKfJRZXsS0euKM+t
PtwPF1b0SlFBAq5Q5FkyhgTBGHiNak/keXoif/tXgJGo5bJlqAizpPIaSyOZvr/d
uYFrDTh5gS9z1NLnJLNTgbhRc/YX+WTwoeKTjaDIbqcxDDImLEzs7JacNIP3WCEr
5q0v+kw7f3It2d0L6fUTa77HRH9hBStMRw7E1sGJDlRkq7owmB+remHNRdZDg30h
GzhuvAXpwuBy66AGq6buO/w7xpIikWWHT/NPdesqcBjpI/eeByWc
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org