Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47496.roa
File:                     AS47496.roa (raw, json)
Hash identifier:          86sM9SWs1yPSunOjLBBk0vjQQL72INMdbaj0UnYjGnA=
Subject key identifier:   E5:76:C8:C2:F2:58:E5:74:F9:9D:A6:B6:51:3A:0C:4F:8C:B9:34:63
Certificate issuer:       /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial:       719858E23965D058CD3878557AB1CA67F1EFCCFF
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47496.roa
Signing time:             Wed 20 Dec 2023 16:21:39 +0000
ROA not before:           Wed 20 Dec 2023 16:16:39 +0000
ROA not after:            Wed 18 Dec 2024 16:21:39 +0000
asID:                     47496
IP address blocks:        2a13:df80:3816::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:98:58:e2:39:65:d0:58:cd:38:78:55:7a:b1:ca:67:f1:ef:cc:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
        Validity
            Not Before: Dec 20 16:16:39 2023 GMT
            Not After : Dec 18 16:21:39 2024 GMT
        Subject: CN=E576C8C2F258E574F99DA6B6513A0C4F8CB93463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:a9:9b:82:3f:b9:f0:e4:e5:78:58:62:11:02:
                    3a:aa:6d:7a:0b:5c:07:2e:3d:79:a5:b2:76:bc:76:
                    fd:42:58:48:bd:20:bc:e7:ce:83:a3:1d:0c:79:b2:
                    2d:08:62:00:87:58:b1:4d:2b:4b:04:51:55:ce:11:
                    3c:b1:7f:a0:6e:76:14:10:ff:15:a4:65:84:a4:bf:
                    96:b1:f2:5b:68:f5:8f:6f:82:8e:05:fc:1b:98:71:
                    5a:6e:96:31:57:cd:f5:9a:84:0a:45:c6:f4:e8:a0:
                    cb:de:a7:73:c1:4b:0c:74:51:91:81:8c:c3:bc:47:
                    f5:78:b6:ad:8d:ae:30:1a:68:5f:4f:31:15:c8:82:
                    5e:16:f8:b4:21:47:2a:31:6f:38:ff:52:b1:f7:d1:
                    ea:b9:7a:67:cb:9f:f8:cd:d9:f9:e5:0d:fa:5f:da:
                    69:d6:d4:ee:b8:1d:84:f1:41:0b:8c:48:2d:7e:f5:
                    ac:f1:04:4c:f6:eb:85:f3:1c:ef:e9:79:32:fd:45:
                    4c:f4:d5:aa:3f:72:6d:24:78:64:8e:01:f3:34:89:
                    c3:48:4b:f9:cd:f5:4d:98:b2:70:a8:8e:f8:19:e8:
                    d2:79:7b:bc:f1:66:12:7f:68:82:07:0a:ae:ac:a0:
                    ab:6d:62:1d:ac:dd:ad:e7:83:44:90:84:a3:f8:0b:
                    c8:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:76:C8:C2:F2:58:E5:74:F9:9D:A6:B6:51:3A:0C:4F:8C:B9:34:63
            X509v3 Authority Key Identifier:
                keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47496.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:df80:3816::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:ad:78:73:47:2c:37:e8:c2:cd:57:4a:f9:1d:8b:c3:f2:6c:
         36:82:d6:dc:8d:b5:02:13:29:66:84:0c:b4:4f:cb:dc:71:7a:
         9d:d0:a7:0b:37:40:d9:52:23:a4:cc:2c:ca:72:92:52:bd:11:
         0b:07:b0:95:8d:13:05:4e:1d:1f:48:5f:62:d2:91:b9:84:e5:
         34:56:d6:6d:5a:68:ac:bd:6e:16:ee:f8:be:63:17:15:e5:76:
         59:dc:94:cf:90:9b:25:b1:c0:35:88:1d:2e:59:ce:88:b1:06:
         8a:48:ae:d1:f5:95:3d:32:f4:55:41:71:df:32:81:3f:fb:6c:
         ca:21:d5:d4:6e:8e:35:98:b0:05:cb:ac:e7:e5:a3:85:08:a6:
         cb:b8:19:8b:f6:a8:7a:63:fb:9c:31:d0:46:05:65:28:2e:86:
         40:14:87:63:ca:34:ab:82:47:f2:2c:d0:56:ab:96:85:f9:e7:
         b5:7f:f0:8c:9e:68:03:88:27:6e:e8:24:e8:ec:7d:f1:64:66:
         e4:cb:3e:48:95:91:a4:21:9d:6d:f5:2d:88:77:7d:5d:4e:41:
         25:de:f7:24:d2:3b:ed:6d:e6:bd:82:4b:8d:32:d3:f3:eb:f1:
         a6:36:d0:5b:ec:52:4c:c6:3f:a1:ab:63:17:25:08:a1:97:ae:
         4d:9b:d4:d1
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUcZhY4jll0FjNOHhVerHKZ/HvzP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzlaFw0yNDEyMTgxNjIxMzlaMDMxMTAvBgNV
BAMTKEU1NzZDOEMyRjI1OEU1NzRGOTlEQTZCNjUxM0EwQzRGOENCOTM0NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtqZuCP7nw5OV4WGIRAjqqbXoL
XAcuPXmlsna8dv1CWEi9ILznzoOjHQx5si0IYgCHWLFNK0sEUVXOETyxf6BudhQQ
/xWkZYSkv5ax8lto9Y9vgo4F/BuYcVpuljFXzfWahApFxvTooMvep3PBSwx0UZGB
jMO8R/V4tq2NrjAaaF9PMRXIgl4W+LQhRyoxbzj/UrH30eq5emfLn/jN2fnlDfpf
2mnW1O64HYTxQQuMSC1+9azxBEz264XzHO/peTL9RUz01ao/cm0keGSOAfM0icNI
S/nN9U2YsnCojvgZ6NJ5e7zxZhJ/aIIHCq6soKttYh2s3a3ng0SQhKP4C8jLAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU5XbIwvJY5XT5naa2UToMT4y5NGMwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDc0OTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE9+A
OBYwDQYJKoZIhvcNAQELBQADggEBAMGteHNHLDfows1XSvkdi8PybDaC1tyNtQIT
KWaEDLRPy9xxep3Qpws3QNlSI6TMLMpyklK9EQsHsJWNEwVOHR9IX2LSkbmE5TRW
1m1aaKy9bhbu+L5jFxXldlnclM+QmyWxwDWIHS5ZzoixBopIrtH1lT0y9FVBcd8y
gT/7bMoh1dRujjWYsAXLrOflo4UIpsu4GYv2qHpj+5wx0EYFZSguhkAUh2PKNKuC
R/Is0FarloX557V/8IyeaAOIJ27oJOjsffFkZuTLPkiVkaQhnW31LYh3fV1OQSXe
9yTSO+1t5r2CS40y0/Pr8aY20FvsUkzGP6GrYxclCKGXrk2b1NE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org