Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e20323130393132.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e20323130393132.roa (raw, json)
Hash identifier:          LKZDSXb91xjjBG9nqpO9xhXaFmUFXxpCqeuJLyWInEY=
Subject key identifier:   0E:42:FE:04:7F:EF:FB:4F:5F:0A:E1:47:48:C9:E8:F7:46:80:5E:D1
Certificate issuer:       /CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
Certificate serial:       1E400129D3ADEB451ABD6C188C5EAE2B498B60F3
Authority key identifier: 1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e20323130393132.roa
Signing time:             Mon 30 Oct 2023 16:56:38 +0000
ROA not before:           Mon 30 Oct 2023 16:51:38 +0000
ROA not after:            Mon 28 Oct 2024 16:56:38 +0000
asID:                     210912
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:40:01:29:d3:ad:eb:45:1a:bd:6c:18:8c:5e:ae:2b:49:8b:60:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
        Validity
            Not Before: Oct 30 16:51:38 2023 GMT
            Not After : Oct 28 16:56:38 2024 GMT
        Subject: CN=0E42FE047FEFFB4F5F0AE14748C9E8F746805ED1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5c:a3:58:95:d6:a0:f2:ee:38:34:0b:1f:87:
                    43:a8:46:27:d9:fc:5a:d2:fc:ac:2e:bc:58:be:e7:
                    b0:46:da:7d:9b:95:3c:90:ab:91:0e:0e:27:ce:22:
                    ee:e3:b0:87:d6:9e:3a:d0:1d:18:38:86:3b:83:a1:
                    33:ea:af:b3:ca:65:55:80:91:7d:b2:bb:e7:e1:c4:
                    a4:dc:24:fb:30:39:a2:b6:e7:89:d5:75:dd:e5:9e:
                    e9:2a:f4:c2:c2:65:9d:f3:6f:63:d1:f7:03:91:88:
                    25:95:e5:3e:02:47:34:f0:aa:60:fe:67:94:6d:7c:
                    ff:d6:63:62:b0:69:f8:04:ce:f8:ee:6a:71:9f:35:
                    81:b1:07:9d:63:c6:b6:e9:6a:94:ba:ee:2d:89:26:
                    43:88:f5:ee:88:d2:5b:8b:6e:6a:f8:2b:17:0e:fd:
                    56:1b:f5:8e:d5:ce:f2:11:53:f5:c3:8a:09:68:d6:
                    92:f6:98:c2:92:95:b0:1b:a4:6a:3a:a5:e2:0c:ae:
                    4c:41:f4:80:cb:c2:4a:7d:d0:34:af:2b:92:a9:27:
                    15:e0:c8:38:e9:d8:c2:89:54:ad:91:83:68:de:c7:
                    cf:ae:f1:d1:ed:ca:e6:f7:49:9a:ae:a7:c3:c5:b9:
                    76:e7:ab:f2:2c:f6:78:f0:48:0f:09:04:57:f7:1e:
                    3e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:42:FE:04:7F:EF:FB:4F:5F:0A:E1:47:48:C9:E8:F7:46:80:5E:D1
            X509v3 Authority Key Identifier:
                keyid:1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/1AE905CAD2461E1C7666499F2F7D68BADFE781BB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e20323130393132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b6:d7:9f:ef:68:9e:b0:14:40:d3:c4:95:6b:0e:3e:4e:90:
         2b:87:6f:ab:dd:6c:b2:77:8e:b2:9b:d2:1e:59:7c:5f:98:75:
         6f:b7:57:44:f5:cb:44:eb:2e:85:e0:5f:32:6d:ab:3b:f7:01:
         d5:1f:8c:7d:10:f7:c3:aa:8c:c4:36:44:89:2a:fe:12:06:7a:
         b9:05:02:33:1b:7e:8b:b1:ca:07:99:c6:e9:7e:0f:4d:c7:55:
         6f:22:ef:bc:b5:f2:b6:57:ef:f1:63:8d:dc:a0:54:3d:73:fd:
         f9:a6:51:0e:40:09:6f:30:87:7a:39:3d:70:71:0f:c0:52:17:
         1b:b3:19:e7:ed:7d:1a:9d:3d:b1:9e:52:2f:a2:44:3e:db:d5:
         e2:a3:24:af:91:95:5d:79:be:99:27:eb:d0:86:af:ce:f4:55:
         c3:8c:d3:88:5c:30:49:89:e7:e3:ed:24:01:37:1f:48:c3:06:
         84:1d:bb:83:8d:61:9b:cb:30:21:cf:66:c5:af:7e:79:f0:70:
         0c:1f:9e:af:14:f3:3d:48:5b:c9:a5:a6:fb:38:90:fd:c9:36:
         0c:ae:b6:97:36:34:56:3c:54:a4:02:a0:9b:f3:71:82:60:34:
         90:e8:32:43:ce:d4:cc:77:5d:b1:13:b2:d8:ab:ce:a9:11:c2:
         69:ce:09:31
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIUHkABKdOt60UavWwYjF6uK0mLYPMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2
NWUxZDMwYjI5Y2YwYTgzZGYwHhcNMjMxMDMwMTY1MTM4WhcNMjQxMDI4MTY1NjM4
WjAzMTEwLwYDVQQDEygwRTQyRkUwNDdGRUZGQjRGNUYwQUUxNDc0OEM5RThGNzQ2
ODA1RUQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lyjWJXWoPLu
ODQLH4dDqEYn2fxa0vysLrxYvuewRtp9m5U8kKuRDg4nziLu47CH1p460B0YOIY7
g6Ez6q+zymVVgJF9srvn4cSk3CT7MDmitueJ1XXd5Z7pKvTCwmWd829j0fcDkYgl
leU+Akc08Kpg/meUbXz/1mNisGn4BM747mpxnzWBsQedY8a26WqUuu4tiSZDiPXu
iNJbi25q+CsXDv1WG/WO1c7yEVP1w4oJaNaS9pjCkpWwG6RqOqXiDK5MQfSAy8JK
fdA0ryuSqScV4Mg46djCiVStkYNo3sfPrvHR7crm90marqfDxbl256vyLPZ48EgP
CQRX9x4++wIDAQABo4ICzzCCAsswHQYDVR0OBBYEFA5C/gR/7/tPXwrhR0jJ6PdG
gF7RMB8GA1UdIwQYMBaAFBrpBcrSRh4cdmZJny99aLrf54G7MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC8yLzFBRTkwNUNBRDI0NjFFMUM3NjY2NDk5RjJGN0Q2OEJB
REZFNzgxQkIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2NWUx
ZDMwYjI5Y2YwYTgzZGYuY2VyMIGvBggrBgEFBQcBCwSBojCBnzCBnAYIKwYBBQUH
MAuGgY9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzkzMTMy
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAF6SYMA0GCSqGSIb3DQEBCwUAA4IBAQCcttef72iesBRA08SV
aw4+TpArh2+r3Wyyd46ym9IeWXxfmHVvt1dE9ctE6y6F4F8ybas79wHVH4x9EPfD
qozENkSJKv4SBnq5BQIzG36LscoHmcbpfg9Nx1VvIu+8tfK2V+/xY43coFQ9c/35
plEOQAlvMId6OT1wcQ/AUhcbsxnn7X0anT2xnlIvokQ+29XioySvkZVdeb6ZJ+vQ
hq/O9FXDjNOIXDBJiefj7SQBNx9IwwaEHbuDjWGbyzAhz2bFr3558HAMH56vFPM9
SFvJpab7OJD9yTYMrraXNjRWPFSkAqCb83GCYDSQ6DJDztTMd12xE7LYq86pEcJp
zgkx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org