Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135332e302f32342d3234203d3e203630383538.roa
File:                     32332e3136342e3135332e302f32342d3234203d3e203630383538.roa (raw, json)
Hash identifier:          gpizN9hmd2vRiAXeH9QTak/nmNa6pRsxOReDmVPvKwA=
Subject key identifier:   54:E2:5B:D1:2D:28:C7:92:D0:F5:5A:17:34:CE:9C:43:0E:7A:0E:B5
Certificate issuer:       /CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
Certificate serial:       28948C3C037E56CE43D6FF81C2C118C781AD9EB3
Authority key identifier: 1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135332e302f32342d3234203d3e203630383538.roa
Signing time:             Tue 21 May 2024 12:05:51 +0000
ROA not before:           Tue 21 May 2024 12:00:51 +0000
ROA not after:            Tue 20 May 2025 12:05:51 +0000
asID:                     60858
IP address blocks:        23.164.153.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:94:8c:3c:03:7e:56:ce:43:d6:ff:81:c2:c1:18:c7:81:ad:9e:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df
        Validity
            Not Before: May 21 12:00:51 2024 GMT
            Not After : May 20 12:05:51 2025 GMT
        Subject: CN=54E25BD12D28C792D0F55A1734CE9C430E7A0EB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:57:94:85:a7:55:ec:bc:f4:7a:45:ee:cf:ff:
                    d0:98:a2:17:30:07:85:84:28:18:6e:05:db:d0:d3:
                    d6:ed:51:ae:50:3a:9f:f7:b9:f8:74:2e:c3:0f:4c:
                    27:ed:34:bc:1a:3f:cb:85:51:05:59:67:12:1d:84:
                    90:f7:7e:fa:16:30:0b:dd:f5:7d:c1:1f:10:bb:2d:
                    3d:e5:9e:f0:ce:b0:53:58:e7:4c:bc:3b:0c:1c:8e:
                    1b:8e:40:ea:31:6e:d9:af:3a:25:b6:9d:51:90:dd:
                    67:d0:8a:81:71:19:73:b0:1b:76:e4:a4:1a:cc:3b:
                    81:61:e7:37:34:68:5d:24:f5:5a:dc:37:71:f8:dd:
                    ac:d2:81:9c:18:36:2e:30:16:c4:90:eb:3a:bb:11:
                    91:77:46:14:d5:d4:25:62:be:c8:e9:ec:64:1f:6f:
                    85:b5:e1:5d:2a:2c:3e:70:ff:25:08:3f:ce:d4:74:
                    29:02:2e:e1:8a:79:e8:28:3c:70:24:fe:84:eb:9a:
                    9f:2a:7c:76:4b:50:60:a8:6f:9e:be:19:b4:34:3c:
                    4a:e9:b6:7e:26:83:83:d5:6e:e8:c4:c3:0c:ef:6d:
                    4a:61:ec:40:c5:75:57:f8:df:1f:45:6a:cb:54:e1:
                    0b:5e:9a:64:a0:03:f7:eb:f7:55:91:c6:f5:bb:3a:
                    f0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:E2:5B:D1:2D:28:C7:92:D0:F5:5A:17:34:CE:9C:43:0E:7A:0E:B5
            X509v3 Authority Key Identifier:
                keyid:1A:E9:05:CA:D2:46:1E:1C:76:66:49:9F:2F:7D:68:BA:DF:E7:81:BB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/1AE905CAD2461E1C7666499F2F7D68BADFE781BB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a20be938d311f64dbe5a93065e1d30b29cf0a83df.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/2/32332e3136342e3135332e302f32342d3234203d3e203630383538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:58:72:f7:fa:bf:c0:ef:6f:50:57:ed:f5:56:d0:2d:48:2d:
         f9:0a:2a:42:d3:13:2d:3d:ca:69:7d:88:97:f4:94:ea:8e:c3:
         cf:3c:ee:01:46:66:33:17:a4:4e:48:4c:8c:ad:66:ac:bc:86:
         01:6f:88:22:d9:51:36:a2:ff:8e:a8:f1:ed:76:ab:a3:dd:f1:
         ac:43:46:9c:04:fd:99:d3:41:00:22:43:d5:21:e5:94:40:54:
         66:4e:0c:f6:36:b1:62:81:b8:9a:f6:66:7d:2e:b3:58:6b:39:
         08:46:31:da:d0:ed:59:4d:13:a7:32:45:67:1e:95:1b:03:db:
         40:ba:93:58:7f:48:be:63:38:5b:76:e7:49:a9:b4:19:5d:36:
         b4:df:40:ea:06:ec:3f:3e:b5:1c:bd:7a:d0:ac:dc:b6:87:9d:
         4e:d8:3c:80:01:e2:71:4d:03:d8:46:59:d2:b5:a5:dc:84:f6:
         f0:e1:9e:cc:8b:0c:dc:a4:1b:a4:b3:fd:e0:fd:1d:76:1a:2e:
         9b:f7:bc:c8:04:3b:dd:4b:a8:38:7c:84:6a:76:a5:cb:2f:47:
         b8:7e:7c:c8:68:43:ef:26:9f:44:fa:51:70:03:28:67:ac:6c:
         e2:32:8f:a1:21:dc:41:78:36:72:3a:62:22:90:cc:44:bc:8c:
         c5:66:b7:8c
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUKJSMPAN+Vs5D1v+BwsEYx4GtnrMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2
NWUxZDMwYjI5Y2YwYTgzZGYwHhcNMjQwNTIxMTIwMDUxWhcNMjUwNTIwMTIwNTUx
WjAzMTEwLwYDVQQDEyg1NEUyNUJEMTJEMjhDNzkyRDBGNTVBMTczNENFOUM0MzBF
N0EwRUI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1eUhadV7Lz0
ekXuz//QmKIXMAeFhCgYbgXb0NPW7VGuUDqf97n4dC7DD0wn7TS8Gj/LhVEFWWcS
HYSQ9376FjAL3fV9wR8Quy095Z7wzrBTWOdMvDsMHI4bjkDqMW7Zrzoltp1RkN1n
0IqBcRlzsBt25KQazDuBYec3NGhdJPVa3Ddx+N2s0oGcGDYuMBbEkOs6uxGRd0YU
1dQlYr7I6exkH2+FteFdKiw+cP8lCD/O1HQpAi7hinnoKDxwJP6E65qfKnx2S1Bg
qG+evhm0NDxK6bZ+JoOD1W7oxMMM721KYexAxXVX+N8fRWrLVOELXppkoAP36/dV
kcb1uzrwUwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFFTiW9EtKMeS0PVaFzTOnEMO
eg61MB8GA1UdIwQYMBaAFBrpBcrSRh4cdmZJny99aLrf54G7MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC8yLzFBRTkwNUNBRDI0NjFFMUM3NjY2NDk5RjJGN0Q2OEJB
REZFNzgxQkIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTIwYmU5MzhkMzExZjY0ZGJlNWE5MzA2NWUx
ZDMwYjI5Y2YwYTgzZGYuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM4MzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABekmTANBgkqhkiG9w0BAQsFAAOCAQEAHlhy9/q/wO9vUFft9VbQ
LUgt+QoqQtMTLT3KaX2Il/SU6o7DzzzuAUZmMxekTkhMjK1mrLyGAW+IItlRNqL/
jqjx7Xaro93xrENGnAT9mdNBACJD1SHllEBUZk4M9jaxYoG4mvZmfS6zWGs5CEYx
2tDtWU0TpzJFZx6VGwPbQLqTWH9IvmM4W3bnSam0GV02tN9A6gbsPz61HL160Kzc
toedTtg8gAHicU0D2EZZ0rWl3IT28OGezIsM3KQbpLP94P0ddhoum/e8yAQ73Uuo
OHyEanalyy9HuH58yGhD7yafRPpRcAMoZ6xs4jKPoSHcQXg2cjpiIpDMRLyMxWa3
jA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org