Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6330333a3a2f34382d3438203d3e20323136313037.roa
File:                     326130353a646663313a6330333a3a2f34382d3438203d3e20323136313037.roa (raw, json)
Hash identifier:          Aq1osVocEgtFxX/FAb17xhC9QC240mHPikxcciTcwwI=
Subject key identifier:   92:5C:8D:82:FB:81:10:00:ED:B9:03:39:D6:91:A4:C9:87:F2:FE:C0
Certificate issuer:       /CN=A0BDCD4CEF02B9AA3CBD0A837666716397198BFD
Certificate serial:       3593EF6D65046143AFE65DE7305650DF246924D2
Authority key identifier: A0:BD:CD:4C:EF:02:B9:AA:3C:BD:0A:83:76:66:71:63:97:19:8B:FD
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6330333a3a2f34382d3438203d3e20323136313037.roa
Signing time:             Fri 19 Jan 2024 19:26:00 +0000
ROA not before:           Fri 19 Jan 2024 19:21:00 +0000
ROA not after:            Fri 17 Jan 2025 19:26:00 +0000
asID:                     216107
IP address blocks:        2a05:dfc1:c03::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:93:ef:6d:65:04:61:43:af:e6:5d:e7:30:56:50:df:24:69:24:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0BDCD4CEF02B9AA3CBD0A837666716397198BFD
        Validity
            Not Before: Jan 19 19:21:00 2024 GMT
            Not After : Jan 17 19:26:00 2025 GMT
        Subject: CN=925C8D82FB811000EDB90339D691A4C987F2FEC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:64:db:d6:92:33:bd:b2:51:d2:f6:12:5b:31:
                    c0:a1:5f:a8:39:1a:70:da:b2:bf:d8:b9:29:f1:3b:
                    79:6d:1a:70:77:84:4b:2f:f3:15:bb:6f:54:17:06:
                    90:43:eb:9e:59:ae:25:48:42:2b:19:63:ed:eb:72:
                    8a:9e:46:53:23:a4:c3:16:51:bc:39:64:91:e0:63:
                    f7:03:1f:7c:72:be:8e:3e:1b:f4:05:2d:55:8e:12:
                    55:22:e3:e9:70:ce:3c:15:e5:cf:09:22:40:33:5a:
                    38:39:88:a7:79:f9:07:d4:ca:2b:b1:af:4b:31:59:
                    b7:d3:ce:c6:f6:41:00:64:86:88:6b:40:f5:41:08:
                    7d:89:ff:0b:23:1b:0f:5a:65:a0:df:bb:0e:ff:da:
                    d2:be:b9:49:6a:8c:2d:c9:f6:3f:b7:98:f7:50:4f:
                    a9:8f:94:83:11:e3:e4:59:2d:4c:64:09:fe:84:7f:
                    30:de:a3:26:ef:c1:4b:db:52:21:ca:52:fc:4d:ff:
                    87:3c:62:ba:b5:88:df:e5:9b:3f:7f:cd:ae:f2:ea:
                    41:97:49:a8:bb:24:b2:6e:fc:93:23:4e:9a:a0:09:
                    cc:f2:39:82:e9:9e:e5:c4:0e:83:e7:b7:3b:f6:00:
                    21:65:91:ba:97:bf:a6:e8:d7:c4:b2:89:ff:8a:08:
                    c0:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:5C:8D:82:FB:81:10:00:ED:B9:03:39:D6:91:A4:C9:87:F2:FE:C0
            X509v3 Authority Key Identifier:
                keyid:A0:BD:CD:4C:EF:02:B9:AA:3C:BD:0A:83:76:66:71:63:97:19:8B:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A0BDCD4CEF02B9AA3CBD0A837666716397198BFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/28cd6224-a3b0-468e-aa37-82ca6a3e9243/1/326130353a646663313a6330333a3a2f34382d3438203d3e20323136313037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:c03::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:06:e8:1d:9e:c9:54:06:37:de:fe:88:95:60:c4:e9:ca:d8:
         6a:6f:f1:f9:4c:0e:ab:a0:cd:50:05:d8:b6:4d:fb:a7:8d:39:
         c7:32:a7:30:26:49:8b:50:d7:3d:48:ed:ee:0a:2c:5f:bb:54:
         d7:5e:26:d7:6c:67:4d:23:fd:f8:11:b8:c4:02:d1:90:94:4f:
         31:1f:d8:e0:7f:c0:34:8d:17:db:34:af:87:94:20:1c:91:58:
         62:3b:64:12:ad:dc:8c:fc:32:30:3c:00:9d:6e:18:b2:17:04:
         51:ff:1f:f7:05:e2:ba:8a:d9:67:4f:7d:dc:4f:a4:6b:27:2d:
         51:0a:2b:80:e5:2c:35:a7:aa:0e:5d:24:e1:ea:25:94:de:5e:
         5a:2c:8a:0e:41:9c:e8:ad:bd:1d:23:2c:d2:cd:28:ff:2c:b9:
         00:d9:9c:ed:ea:a9:a2:ec:31:c0:22:59:64:2a:9c:9e:ba:36:
         48:b5:8b:2e:26:98:dd:08:ff:4f:1a:0a:f8:9e:cc:ec:9c:6d:
         43:37:11:76:aa:f8:3c:18:dc:24:3f:f0:2d:b5:84:db:1f:7c:
         b8:f0:00:65:1e:4d:48:a0:6b:b3:98:ed:9e:62:e6:9a:ed:44:
         50:1a:41:67:04:40:c1:82:bd:34:44:7b:6a:04:87:e5:25:76:
         2b:55:f5:2a
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUNZPvbWUEYUOv5l3nMFZQ3yRpJNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBCRENENENFRjAyQjlBQTNDQkQwQTgzNzY2NjcxNjM5
NzE5OEJGRDAeFw0yNDAxMTkxOTIxMDBaFw0yNTAxMTcxOTI2MDBaMDMxMTAvBgNV
BAMTKDkyNUM4RDgyRkI4MTEwMDBFREI5MDMzOUQ2OTFBNEM5ODdGMkZFQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ZNvWkjO9slHS9hJbMcChX6g5
GnDasr/YuSnxO3ltGnB3hEsv8xW7b1QXBpBD655ZriVIQisZY+3rcoqeRlMjpMMW
Ubw5ZJHgY/cDH3xyvo4+G/QFLVWOElUi4+lwzjwV5c8JIkAzWjg5iKd5+QfUyiux
r0sxWbfTzsb2QQBkhohrQPVBCH2J/wsjGw9aZaDfuw7/2tK+uUlqjC3J9j+3mPdQ
T6mPlIMR4+RZLUxkCf6EfzDeoybvwUvbUiHKUvxN/4c8Yrq1iN/lmz9/za7y6kGX
Sai7JLJu/JMjTpqgCczyOYLpnuXEDoPntzv2ACFlkbqXv6bo18Syif+KCMAJAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUklyNgvuBEADtuQM51pGkyYfy/sAwHwYDVR0j
BBgwFoAUoL3NTO8Cuao8vQqDdmZxY5cZi/0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjhjZDYyMjQtYTNiMC00NjhlLWFhMzctODJjYTZhM2U5
MjQzLzEvQTBCRENENENFRjAyQjlBQTNDQkQwQTgzNzY2NjcxNjM5NzE5OEJGRC5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0EwQkRDRDRDRUYwMkI5
QUEzQ0JEMEE4Mzc2NjY3MTYzOTcxOThCRkQuY2VyMIG1BggrBgEFBQcBCwSBqDCB
pTCBogYIKwYBBQUHMAuGgZVyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzI4Y2Q2MjI0LWEzYjAtNDY4ZS1hYTM3LTgyY2E2YTNlOTI0
My8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhNjMzMDMzM2EzYTJmMzQzODJkMzQzODIw
M2QzZTIwMzIzMTM2MzEzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgXfwQwDMA0GCSqGSIb3DQEB
CwUAA4IBAQAdBugdnslUBjfe/oiVYMTpythqb/H5TA6roM1QBdi2TfunjTnHMqcw
JkmLUNc9SO3uCixfu1TXXibXbGdNI/34EbjEAtGQlE8xH9jgf8A0jRfbNK+HlCAc
kVhiO2QSrdyM/DIwPACdbhiyFwRR/x/3BeK6itlnT33cT6RrJy1RCiuA5Sw1p6oO
XSTh6iWU3l5aLIoOQZzorb0dIyzSzSj/LLkA2Zzt6qmi7DHAIllkKpyeujZItYsu
JpjdCP9PGgr4nszsnG1DNxF2qvg8GNwkP/AttYTbH3y48ABlHk1IoGuzmO2eYuaa
7URQGkFnBEDBgr00RHtqBIflJXYrVfUq
-----END CERTIFICATE-----
Generated at Sun Jul 28 17:19:07 2024 by rpki-client on console-fra.rpki-client.org