Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e203630383538.roa (raw, json)
Hash identifier:          mAdzrQFEoFbXeL0wOcCqZLOG/xCMJ6rSHcDq1xzyWfM=
Subject key identifier:   7D:74:A4:2F:1B:95:39:59:95:06:A4:E9:29:4D:6F:3D:F8:4A:97:06
Certificate issuer:       /CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
Certificate serial:       6738CCEC2B5E8B7AD99A5F2334BA8695F31BABD8
Authority key identifier: 1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa
Signing time:             Thu 18 Jan 2024 18:18:41 +0000
ROA not before:           Thu 18 Jan 2024 18:13:41 +0000
ROA not after:            Thu 16 Jan 2025 18:18:41 +0000
asID:                     60858
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:38:cc:ec:2b:5e:8b:7a:d9:9a:5f:23:34:ba:86:95:f3:1b:ab:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
        Validity
            Not Before: Jan 18 18:13:41 2024 GMT
            Not After : Jan 16 18:18:41 2025 GMT
        Subject: CN=7D74A42F1B9539599506A4E9294D6F3DF84A9706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ba:b7:a8:10:0b:63:d1:40:95:7a:76:6e:a0:
                    fd:40:09:dc:5b:41:6b:7b:c3:5c:e7:08:8f:01:48:
                    83:a6:6b:f1:88:3a:87:d2:60:04:1f:7c:88:5a:ba:
                    65:31:be:1e:2d:70:f3:c5:a7:67:25:7c:9f:ad:f4:
                    ee:30:16:83:ff:cd:d2:95:50:2a:1d:fc:8a:52:69:
                    b6:c7:3e:48:b2:55:e2:02:01:ac:45:ca:fd:8b:39:
                    5c:5f:e6:69:af:b8:87:56:f7:48:66:d2:9c:c0:70:
                    28:19:86:40:27:d5:fb:8b:63:d6:06:74:d3:54:dd:
                    3b:30:be:01:a4:77:f8:05:df:11:6f:ca:fb:3e:49:
                    38:dc:14:27:e3:d2:13:5d:1d:6d:cb:49:43:d4:58:
                    97:04:c9:2f:c4:5c:39:18:91:75:8a:b3:8f:1b:b2:
                    54:49:04:a0:a9:a4:46:c8:00:b4:f2:d2:03:9d:62:
                    53:a0:13:5f:e5:e1:99:56:29:17:8c:35:18:42:1d:
                    8e:27:91:eb:29:25:c3:85:21:8b:4f:39:5f:b3:83:
                    20:e2:df:b8:14:49:47:fa:6a:13:fc:5c:cb:eb:82:
                    7b:49:0d:15:39:37:bc:d8:3c:f7:b5:75:1b:1c:81:
                    5e:bb:46:42:f3:3a:8b:29:3d:45:d9:7c:be:19:79:
                    fc:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:74:A4:2F:1B:95:39:59:95:06:A4:E9:29:4D:6F:3D:F8:4A:97:06
            X509v3 Authority Key Identifier:
                keyid:1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/1AE905CAD2461E1C7666499F2F7D68BADFE781BB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:fc:07:42:17:2f:92:97:61:86:49:34:c6:82:07:dd:9c:da:
         4c:57:aa:47:d7:d8:a8:61:02:21:4d:f6:55:a9:64:85:db:75:
         b9:db:d7:74:a8:f9:29:b1:fe:0e:3b:bb:df:10:8a:cd:90:0d:
         d2:c4:c3:a9:ed:8b:cd:7c:a4:86:3f:45:fa:c9:26:c4:b7:9a:
         5f:b8:35:ac:ec:92:d2:f5:29:49:cb:7e:f7:ce:0c:41:34:03:
         fe:86:d7:44:8d:7c:2f:f6:5c:d8:7c:eb:19:55:57:31:ea:e4:
         5b:13:55:2d:78:53:81:22:18:4b:99:e3:a7:2f:8b:13:7c:a5:
         0e:ae:66:e9:85:c6:b0:5a:b7:78:4a:3e:4c:2f:78:b9:d9:21:
         f8:56:00:7d:ba:84:0f:be:b3:dc:4b:a4:b9:32:a2:6d:0d:66:
         9d:43:3a:bc:09:4d:ad:0d:bb:2b:ff:4b:d2:4c:c1:85:3a:5a:
         8f:c6:90:ae:8b:a5:91:1d:e0:0d:aa:7d:6e:b1:2b:34:83:a0:
         8f:89:57:4d:9a:26:55:65:ce:a7:d2:89:5e:e3:25:5c:ba:4c:
         db:b2:5a:5e:88:3d:f7:50:27:73:6d:88:63:f5:a4:f5:23:50:
         63:d9:96:e4:6f:d1:16:c9:ab:36:98:3a:32:25:8b:1a:32:d5:
         2b:a1:e9:06
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUZzjM7Ctei3rZml8jNLqGlfMbq9gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2
NWUxZDMwYjI5Y2YwYTgzZGYwHhcNMjQwMTE4MTgxMzQxWhcNMjUwMTE2MTgxODQx
WjAzMTEwLwYDVQQDEyg3RDc0QTQyRjFCOTUzOTU5OTUwNkE0RTkyOTRENkYzREY4
NEE5NzA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bq3qBALY9FA
lXp2bqD9QAncW0Fre8Nc5wiPAUiDpmvxiDqH0mAEH3yIWrplMb4eLXDzxadnJXyf
rfTuMBaD/83SlVAqHfyKUmm2xz5IslXiAgGsRcr9izlcX+Zpr7iHVvdIZtKcwHAo
GYZAJ9X7i2PWBnTTVN07ML4BpHf4Bd8Rb8r7Pkk43BQn49ITXR1ty0lD1FiXBMkv
xFw5GJF1irOPG7JUSQSgqaRGyAC08tIDnWJToBNf5eGZVikXjDUYQh2OJ5HrKSXD
hSGLTzlfs4Mg4t+4FElH+moT/FzL64J7SQ0VOTe82Dz3tXUbHIFeu0ZC8zqLKT1F
2Xy+GXn8JwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFH10pC8blTlZlQak6SlNbz34
SpcGMB8GA1UdIwQYMBaAFBrpBcrSRh4cdmZJny99aLrf54G7MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC8yLzFBRTkwNUNBRDI0NjFFMUM3NjY2NDk5RjJGN0Q2OEJB
REZFNzgxQkIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2NWUx
ZDMwYjI5Y2YwYTgzZGYuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM4MzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABekmDANBgkqhkiG9w0BAQsFAAOCAQEAifwHQhcvkpdhhkk0xoIH
3ZzaTFeqR9fYqGECIU32Valkhdt1udvXdKj5KbH+Dju73xCKzZAN0sTDqe2LzXyk
hj9F+skmxLeaX7g1rOyS0vUpSct+984MQTQD/obXRI18L/Zc2HzrGVVXMerkWxNV
LXhTgSIYS5njpy+LE3ylDq5m6YXGsFq3eEo+TC94udkh+FYAfbqED76z3EukuTKi
bQ1mnUM6vAlNrQ27K/9L0kzBhTpaj8aQroulkR3gDap9brErNIOgj4lXTZomVWXO
p9KJXuMlXLpM27JaXog991Anc22IY/Wk9SNQY9mW5G/RFsmrNpg6MiWLGjLVK6Hp
Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org