Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/5/32332e3137372e38382e302f32342d3234203d3e203630383538.roa
File:                     32332e3137372e38382e302f32342d3234203d3e203630383538.roa (raw, json)
Hash identifier:          WVbIJBGuIJ3DxtHsj6k4MYFh2yT2yB4/JvtfmG5cPKk=
Subject key identifier:   61:C7:F1:24:D4:FB:00:3B:1C:56:03:69:94:E8:86:6E:BF:D3:9A:9F
Certificate issuer:       /CN=96a2b0e2d1e5670b763908dae343a4bb519a1396ee5a23dce8
Certificate serial:       510A155D4FA6982B8CED32A045AD7D7B329E04FD
Authority key identifier: 90:D5:59:9F:5E:99:C9:58:60:99:3A:48:1D:04:26:0C:5A:59:4F:A8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/3c85ceae-9f38-49c6-ad1e-39e9bfeab158/96a2b0e2d1e5670b763908dae343a4bb519a1396ee5a23dce8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/5/32332e3137372e38382e302f32342d3234203d3e203630383538.roa
Signing time:             Tue 21 May 2024 12:05:23 +0000
ROA not before:           Tue 21 May 2024 12:00:23 +0000
ROA not after:            Tue 20 May 2025 12:05:23 +0000
asID:                     60858
IP address blocks:        23.177.88.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:0a:15:5d:4f:a6:98:2b:8c:ed:32:a0:45:ad:7d:7b:32:9e:04:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96a2b0e2d1e5670b763908dae343a4bb519a1396ee5a23dce8
        Validity
            Not Before: May 21 12:00:23 2024 GMT
            Not After : May 20 12:05:23 2025 GMT
        Subject: CN=61C7F124D4FB003B1C56036994E8866EBFD39A9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:74:d8:e0:ae:f0:44:df:06:37:64:14:69:03:
                    52:e0:3e:93:bb:c2:bb:bd:44:ce:84:03:74:1e:73:
                    d1:af:2a:f2:94:df:41:32:83:4f:3d:3a:64:e5:90:
                    68:f7:6d:a7:ab:7d:21:75:65:8e:b2:64:2c:87:26:
                    f7:64:5e:0d:2a:70:24:fb:e4:ea:ca:d0:b3:37:69:
                    8d:b2:d0:d9:ea:76:75:eb:76:7e:b3:fb:e5:e5:e0:
                    9c:42:e4:82:06:8e:5f:97:9a:e9:85:c1:f4:34:37:
                    f2:05:a7:7b:06:f0:d0:79:76:7f:8e:ac:29:4b:28:
                    50:01:a8:ae:19:80:7d:ee:61:d9:c8:ad:1e:5b:3a:
                    47:52:10:72:80:8b:2a:5c:75:4e:69:4d:e0:90:ce:
                    89:60:46:aa:e5:18:05:cc:25:a9:f2:a9:b6:a8:2b:
                    af:90:4e:00:20:8e:7e:1c:08:fc:86:d5:7f:9f:06:
                    d1:92:59:a7:24:eb:01:c2:0c:d6:73:9b:17:b9:19:
                    7c:d6:63:93:55:85:36:44:94:09:27:d5:27:ad:9f:
                    ad:6a:dd:6a:a5:45:67:2b:92:88:19:43:2d:47:32:
                    63:79:66:80:9d:de:83:70:76:76:21:9d:51:46:83:
                    6d:cb:40:a3:51:c1:73:3f:02:ef:a5:b1:08:17:2e:
                    99:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:C7:F1:24:D4:FB:00:3B:1C:56:03:69:94:E8:86:6E:BF:D3:9A:9F
            X509v3 Authority Key Identifier:
                keyid:90:D5:59:9F:5E:99:C9:58:60:99:3A:48:1D:04:26:0C:5A:59:4F:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/5/90D5599F5E99C95860993A481D04260C5A594FA8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/3c85ceae-9f38-49c6-ad1e-39e9bfeab158/96a2b0e2d1e5670b763908dae343a4bb519a1396ee5a23dce8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/5/32332e3137372e38382e302f32342d3234203d3e203630383538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.177.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:b6:b4:9d:fd:30:5b:1a:73:49:ef:5a:cf:9c:98:c5:80:26:
         5d:91:e7:33:bc:a4:3b:e3:fb:4f:67:45:38:f1:7b:44:89:3a:
         79:4b:7b:71:d7:88:e7:0b:9c:d0:fe:30:27:b1:39:bd:10:71:
         f9:b7:74:05:e3:c3:26:ec:e1:1d:f6:2a:90:c3:d2:f0:32:bf:
         5b:2e:92:3a:0e:ec:dc:b5:9f:25:ad:89:41:cf:46:45:68:64:
         51:eb:7b:af:98:62:29:4f:c3:07:f3:23:f7:f1:75:0b:6b:d4:
         38:22:79:e4:dd:dc:42:17:a1:c3:c0:60:00:a4:4b:0a:b7:8c:
         c4:95:a5:f7:a9:c5:63:58:19:ef:41:ee:f5:ee:0d:40:b4:cc:
         21:a9:48:41:08:12:04:c0:7a:9d:e5:eb:ea:5c:eb:2c:e4:34:
         fc:d1:93:21:79:f0:42:0c:c6:97:75:64:80:c7:44:55:ed:3a:
         ee:28:a8:e4:08:76:cd:01:bf:d4:93:47:22:40:13:8c:cb:be:
         c6:96:e0:27:de:f1:2c:6c:ff:21:ff:f0:6e:32:d9:f1:46:92:
         3e:1e:d0:d9:95:31:51:89:3c:15:34:68:c0:de:b1:4c:f3:4e:
         89:f4:47:3e:7a:f9:af:3a:31:a7:74:48:83:20:d3:37:b8:95:
         74:97:ec:3d
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIUUQoVXU+mmCuM7TKgRa19ezKeBP0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTZhMmIwZTJkMWU1NjcwYjc2MzkwOGRhZTM0M2E0YmI1
MTlhMTM5NmVlNWEyM2RjZTgwHhcNMjQwNTIxMTIwMDIzWhcNMjUwNTIwMTIwNTIz
WjAzMTEwLwYDVQQDEyg2MUM3RjEyNEQ0RkIwMDNCMUM1NjAzNjk5NEU4ODY2RUJG
RDM5QTlGMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3TY4K7wRN8G
N2QUaQNS4D6Tu8K7vUTOhAN0HnPRryrylN9BMoNPPTpk5ZBo922nq30hdWWOsmQs
hyb3ZF4NKnAk++TqytCzN2mNstDZ6nZ163Z+s/vl5eCcQuSCBo5fl5rphcH0NDfy
Bad7BvDQeXZ/jqwpSyhQAaiuGYB97mHZyK0eWzpHUhBygIsqXHVOaU3gkM6JYEaq
5RgFzCWp8qm2qCuvkE4AII5+HAj8htV/nwbRklmnJOsBwgzWc5sXuRl81mOTVYU2
RJQJJ9UnrZ+tat1qpUVnK5KIGUMtRzJjeWaAnd6DcHZ2IZ1RRoNty0CjUcFzPwLv
pbEIFy6ZJQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFGHH8STU+wA7HFYDaZTohm6/
05qfMB8GA1UdIwQYMBaAFJDVWZ9emclYYJk6SB0EJgxaWU+oMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTctNGMzYi05MDQz
LWEwZTdmZWJmMTY3ZC81LzkwRDU1OTlGNUU5OUM5NTg2MDk5M0E0ODFEMDQyNjBD
NUE1OTRGQTguY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS8zYzg1Y2VhZS05ZjM4LTQ5YzYtYWQxZS0z
OWU5YmZlYWIxNTgvOTZhMmIwZTJkMWU1NjcwYjc2MzkwOGRhZTM0M2E0YmI1MTlh
MTM5NmVlNWEyM2RjZTguY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC81LzMyMzMyZTMx
MzczNzJlMzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzODM1Mzgucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAAXsVgwDQYJKoZIhvcNAQELBQADggEBACO2tJ39MFsac0nvWs+cmMWA
Jl2R5zO8pDvj+09nRTjxe0SJOnlLe3HXiOcLnND+MCexOb0Qcfm3dAXjwybs4R32
KpDD0vAyv1sukjoO7Ny1nyWtiUHPRkVoZFHre6+YYilPwwfzI/fxdQtr1DgieeTd
3EIXocPAYACkSwq3jMSVpfepxWNYGe9B7vXuDUC0zCGpSEEIEgTAep3l6+pc6yzk
NPzRkyF58EIMxpd1ZIDHRFXtOu4oqOQIds0Bv9STRyJAE4zLvsaW4Cfe8Sxs/yH/
8G4y2fFGkj4e0NmVMVGJPBU0aMDesUzzTon0Rz56+a86Mad0SIMg0ze4lXSX7D0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org