Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e20343031303339.roa
File:                     32332e3137372e382e302f32342d3234203d3e20343031303339.roa (raw, json)
Hash identifier:          mAlPyj0n1a53bOSmutdtjc3hiTHcypiCrunnNVvRZ+g=
Subject key identifier:   6D:FF:5A:56:5F:7F:36:44:9E:90:20:A3:88:24:6E:18:74:D7:61:27
Certificate issuer:       /CN=200ae5435fb90645e100822def5e63484c98f880d9093373a5
Certificate serial:       239D43DB956FF3D2F0571B4F070C26795F7994A8
Authority key identifier: 2D:0F:81:69:76:82:D4:91:BD:CC:43:90:2B:3C:EC:73:6D:61:31:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435fb90645e100822def5e63484c98f880d9093373a5.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e20343031303339.roa
Signing time:             Tue 21 May 2024 11:40:31 +0000
ROA not before:           Tue 21 May 2024 11:35:31 +0000
ROA not after:            Tue 20 May 2025 11:40:31 +0000
asID:                     401039
IP address blocks:        23.177.8.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:9d:43:db:95:6f:f3:d2:f0:57:1b:4f:07:0c:26:79:5f:79:94:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=200ae5435fb90645e100822def5e63484c98f880d9093373a5
        Validity
            Not Before: May 21 11:35:31 2024 GMT
            Not After : May 20 11:40:31 2025 GMT
        Subject: CN=6DFF5A565F7F36449E9020A388246E1874D76127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:47:59:d9:66:e4:35:cc:9c:a6:90:ba:53:9d:
                    99:49:8f:8a:38:27:51:a8:08:a8:b3:81:9d:54:9f:
                    9f:ee:cd:bc:71:2b:61:d2:3b:e3:86:a2:03:56:29:
                    d4:ac:2a:2a:1d:19:72:f4:7e:72:88:63:e1:9d:15:
                    f8:6f:e7:49:c6:a2:80:f0:1b:5b:15:50:70:90:12:
                    c1:c8:52:29:53:2c:06:af:fb:e0:54:06:5b:99:b5:
                    3a:ed:a1:d3:03:ef:52:18:48:5a:b1:3b:8c:20:d6:
                    ae:18:e1:2e:86:f1:7d:b7:73:e9:48:83:c0:51:34:
                    72:5b:25:bf:67:a6:25:00:fd:06:0d:b7:44:92:49:
                    08:76:b2:13:c1:fc:0c:9f:ac:a3:3f:4f:89:09:78:
                    ca:22:4b:20:02:1f:b7:9e:8d:58:ac:bc:e0:46:26:
                    49:9b:27:4d:b2:7d:64:b6:ac:1e:6b:6b:64:97:2e:
                    15:b1:ae:e8:35:5d:81:6a:17:37:99:68:be:44:c0:
                    85:21:e0:60:e1:df:38:1f:8d:be:2e:c0:32:f3:dd:
                    db:8a:c2:21:1a:56:28:5a:da:19:89:a2:55:92:ee:
                    0e:28:6e:2a:30:1d:2d:47:02:7c:c1:5d:f3:63:65:
                    9e:36:9d:a3:d6:89:1f:22:34:df:bf:95:90:de:0d:
                    e1:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:FF:5A:56:5F:7F:36:44:9E:90:20:A3:88:24:6E:18:74:D7:61:27
            X509v3 Authority Key Identifier:
                keyid:2D:0F:81:69:76:82:D4:91:BD:CC:43:90:2B:3C:EC:73:6D:61:31:E4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/2D0F81697682D491BDCC43902B3CEC736D6131E4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435fb90645e100822def5e63484c98f880d9093373a5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/4/32332e3137372e382e302f32342d3234203d3e20343031303339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.177.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:9c:ad:90:8b:ab:42:a8:45:60:ec:1f:a5:00:f9:e4:50:a0:
         c4:96:d1:21:b1:40:b1:1f:36:f7:64:c5:c8:6c:94:c4:a6:22:
         82:a2:7a:1e:49:b3:46:0d:d9:3d:b2:95:1f:0a:97:fc:73:d7:
         09:5a:fc:b1:3a:fb:83:e1:b8:05:2e:88:15:23:92:56:70:70:
         eb:90:83:fd:27:ef:c4:dd:2c:43:a5:e2:94:cb:07:b9:67:44:
         e3:e4:1d:dd:46:ed:d6:20:d5:13:7b:f3:d2:11:a6:64:f4:6f:
         f8:22:f5:e1:f7:f2:5f:e0:f4:2a:e4:b3:f2:63:4e:ed:35:4a:
         a2:68:24:04:05:49:ca:99:91:a4:63:76:33:1e:2b:d2:b1:11:
         91:1d:da:fa:df:da:97:dd:9e:23:be:b4:a5:f3:12:35:3c:4b:
         ac:46:91:58:7b:10:43:61:a3:6f:22:75:8a:89:b2:59:39:87:
         a2:7f:7a:6f:65:6d:4d:f7:1a:0f:6e:f3:c9:d0:7e:6a:cf:81:
         72:40:e2:b2:35:1c:67:30:8b:97:59:d0:a1:a9:99:3c:70:26:
         ec:f5:ae:c3:83:19:88:c8:3d:60:ea:8d:2a:84:39:7d:93:54:
         81:ea:f0:a7:b2:71:78:e0:a5:6e:58:30:da:cf:25:b8:48:f1:
         ab:08:0e:e8
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIUI51D25Vv89LwVxtPBwwmeV95lKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjAwYWU1NDM1ZmI5MDY0NWUxMDA4MjJkZWY1ZTYzNDg0
Yzk4Zjg4MGQ5MDkzMzczYTUwHhcNMjQwNTIxMTEzNTMxWhcNMjUwNTIwMTE0MDMx
WjAzMTEwLwYDVQQDEyg2REZGNUE1NjVGN0YzNjQ0OUU5MDIwQTM4ODI0NkUxODc0
RDc2MTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0dZ2WbkNcyc
ppC6U52ZSY+KOCdRqAios4GdVJ+f7s28cSth0jvjhqIDVinUrCoqHRly9H5yiGPh
nRX4b+dJxqKA8BtbFVBwkBLByFIpUywGr/vgVAZbmbU67aHTA+9SGEhasTuMINau
GOEuhvF9t3PpSIPAUTRyWyW/Z6YlAP0GDbdEkkkIdrITwfwMn6yjP0+JCXjKIksg
Ah+3no1YrLzgRiZJmydNsn1ktqwea2tkly4Vsa7oNV2Bahc3mWi+RMCFIeBg4d84
H42+LsAy893bisIhGlYoWtoZiaJVku4OKG4qMB0tRwJ8wV3zY2WeNp2j1okfIjTf
v5WQ3g3hHwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFG3/WlZffzZEnpAgo4gkbhh0
12EnMB8GA1UdIwQYMBaAFC0PgWl2gtSRvcxDkCs87HNtYTHkMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC80LzJEMEY4MTY5NzY4MkQ0OTFCRENDNDM5MDJCM0NFQzcz
NkQ2MTMxRTQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS84ZTYxNDdiOC1kNTVkLTRlZDgtODk3My1k
NWNmMmEyN2UxNjEvMjAwYWU1NDM1ZmI5MDY0NWUxMDA4MjJkZWY1ZTYzNDg0Yzk4
Zjg4MGQ5MDkzMzczYTUuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC80LzMyMzMyZTMx
MzczNzJlMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzEzMDMzMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAAXsQgwDQYJKoZIhvcNAQELBQADggEBACWcrZCLq0KoRWDsH6UA+eRQ
oMSW0SGxQLEfNvdkxchslMSmIoKieh5Js0YN2T2ylR8Kl/xz1wla/LE6+4PhuAUu
iBUjklZwcOuQg/0n78TdLEOl4pTLB7lnROPkHd1G7dYg1RN789IRpmT0b/gi9eH3
8l/g9Crks/JjTu01SqJoJAQFScqZkaRjdjMeK9KxEZEd2vrf2pfdniO+tKXzEjU8
S6xGkVh7EENho28idYqJslk5h6J/em9lbU33Gg9u88nQfmrPgXJA4rI1HGcwi5dZ
0KGpmTxwJuz1rsODGYjIPWDqjSqEOX2TVIHq8KeycXjgpW5YMNrPJbhI8asIDug=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org