Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e2030.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier:          fzzJlJga8cj1rQ40CH+n+s+F2v3DOEY9s6af/zNmYKQ=
Subject key identifier:   49:DF:B0:60:60:60:C0:DC:A1:44:65:A5:8B:D4:F4:07:A2:A0:55:C3
Certificate issuer:       /CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
Certificate serial:       608C04FA06217EF73F4C27D50D7B31247F6D651A
Authority key identifier: 44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e2030.roa
Signing time:             Tue 20 Aug 2024 17:26:47 +0000
ROA not before:           Tue 20 Aug 2024 17:21:47 +0000
ROA not after:            Tue 19 Aug 2025 17:26:47 +0000
asID:                     0
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:8c:04:fa:06:21:7e:f7:3f:4c:27:d5:0d:7b:31:24:7f:6d:65:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
        Validity
            Not Before: Aug 20 17:21:47 2024 GMT
            Not After : Aug 19 17:26:47 2025 GMT
        Subject: CN=49DFB0606060C0DCA14465A58BD4F407A2A055C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:84:8b:cc:aa:b9:30:15:91:01:a4:df:71:70:
                    6c:28:68:dc:ab:96:12:80:a2:87:5f:20:18:79:a9:
                    bb:15:a5:e9:7c:13:4c:4d:18:e4:e4:de:10:d4:03:
                    a0:ba:78:b4:76:4a:d4:8e:00:39:37:f9:01:ad:4a:
                    1c:3c:23:e2:10:a1:8e:e6:0d:0f:d9:d1:10:56:7d:
                    13:6e:47:5d:d2:1d:a3:58:30:d1:be:a1:ad:42:53:
                    c1:a2:d1:90:d7:21:03:2a:ab:cc:d0:04:e8:93:fc:
                    30:53:c4:07:56:aa:15:0d:48:23:fa:56:c8:a1:c3:
                    f5:9f:c6:a9:90:22:64:10:ab:21:81:7b:5f:79:ec:
                    dc:6c:3b:34:d5:8a:bc:e9:e2:56:e5:19:9c:9d:a9:
                    7d:be:2f:16:47:41:0c:32:1b:19:14:57:13:e5:53:
                    b6:35:a0:3f:ca:73:d9:ae:1d:08:67:f5:f2:bc:92:
                    bd:74:c0:23:de:4d:04:34:6c:22:ca:99:95:46:55:
                    08:67:44:b8:3f:8e:10:ec:04:5e:7e:72:bc:5c:e0:
                    2e:cc:7a:15:5e:4f:fb:5e:d3:99:41:ad:49:6d:fa:
                    3d:89:32:4c:7c:c3:a7:e7:5e:b2:ec:80:d9:df:5b:
                    83:0d:f8:97:97:53:28:91:47:fe:bf:88:19:2c:be:
                    a3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:DF:B0:60:60:60:C0:DC:A1:44:65:A5:8B:D4:F4:07:A2:A0:55:C3
            X509v3 Authority Key Identifier:
                keyid:44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/4417C62BC8BB648A4A97DDF6505C2E443E4B35FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:51:4a:9c:60:51:d8:0e:a0:d6:00:23:00:87:04:3c:cf:67:
         b9:e0:09:e0:b0:d3:94:03:6a:7a:de:31:b2:90:b4:ae:ea:d6:
         9e:5d:f2:ce:24:01:ac:de:2c:4a:a6:f6:e3:fc:4d:8b:83:5a:
         d0:b8:99:fd:98:6e:3b:eb:27:6b:24:e7:29:8b:85:b0:0e:b7:
         dc:04:5f:5e:de:32:87:b7:7d:ea:fc:93:55:1f:4a:11:09:18:
         71:08:a5:ba:28:52:15:c8:50:f3:fc:6c:c8:97:4c:be:fa:7c:
         59:74:db:84:42:e8:a2:dc:86:a5:be:4d:af:ba:4f:fd:8a:1b:
         c7:0e:4a:28:5d:13:31:1d:ca:07:65:f8:69:05:65:31:45:d7:
         c3:f5:f8:91:32:e8:a3:8a:78:82:f9:c8:6a:43:63:34:52:4e:
         c4:e2:02:aa:3a:e6:12:bb:e6:d2:be:c1:b0:e1:56:3e:d9:ee:
         35:42:04:32:42:f5:cc:f5:0d:f7:d7:0c:05:54:3c:c2:ca:fb:
         2f:9c:c7:b4:f4:07:15:55:ff:e9:30:d5:65:98:81:7f:dc:99:
         1c:ba:78:25:b7:d2:99:e0:db:af:70:b1:f5:6b:40:4f:23:99:
         33:a6:7f:49:ba:ea:71:ef:bb:bc:5f:30:f3:0d:b5:79:dc:f7:
         82:3e:b1:30
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUYIwE+gYhfvc/TCfVDXsxJH9tZRowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0
NTczNTYxZWYzNDExOTk2MDAwHhcNMjQwODIwMTcyMTQ3WhcNMjUwODE5MTcyNjQ3
WjAzMTEwLwYDVQQDEyg0OURGQjA2MDYwNjBDMERDQTE0NDY1QTU4QkQ0RjQwN0Ey
QTA1NUMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYSLzKq5MBWR
AaTfcXBsKGjcq5YSgKKHXyAYeam7FaXpfBNMTRjk5N4Q1AOguni0dkrUjgA5N/kB
rUocPCPiEKGO5g0P2dEQVn0Tbkdd0h2jWDDRvqGtQlPBotGQ1yEDKqvM0ATok/ww
U8QHVqoVDUgj+lbIocP1n8apkCJkEKshgXtfeezcbDs01Yq86eJW5Rmcnal9vi8W
R0EMMhsZFFcT5VO2NaA/ynPZrh0IZ/XyvJK9dMAj3k0ENGwiypmVRlUIZ0S4P44Q
7ARefnK8XOAuzHoVXk/7XtOZQa1Jbfo9iTJMfMOn516y7IDZ31uDDfiXl1MokUf+
v4gZLL6jxQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFEnfsGBgYMDcoURlpYvU9Aei
oFXDMB8GA1UdIwQYMBaAFEQXxivIu2SKSpfd9lBcLkQ+SzX/MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS8yLzQ0MTdDNjJCQzhCQjY0OEE0QTk3RERGNjUwNUMyRTQ0
M0U0QjM1RkYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0NTcz
NTYxZWYzNDExOTk2MDAuY2VyMIGlBggrBgEFBQcBCwSBmDCBlTCBkgYIKwYBBQUH
MAuGgYVyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAXpJgwDQYJKoZIhvcNAQELBQADggEBAChRSpxgUdgOoNYAIwCHBDzPZ7ngCeCw
05QDanreMbKQtK7q1p5d8s4kAazeLEqm9uP8TYuDWtC4mf2YbjvrJ2sk5ymLhbAO
t9wEX17eMoe3fer8k1UfShEJGHEIpbooUhXIUPP8bMiXTL76fFl024RC6KLchqW+
Ta+6T/2KG8cOSihdEzEdygdl+GkFZTFF18P1+JEy6KOKeIL5yGpDYzRSTsTiAqo6
5hK75tK+wbDhVj7Z7jVCBDJC9cz1DffXDAVUPMLK+y+cx7T0BxVV/+kw1WWYgX/c
mRy6eCW30png269wsfVrQE8jmTOmf0m66nHvu7xfMPMNtXnc94I+sTA=
-----END CERTIFICATE-----
Generated at Fri Sep 6 14:56:09 2024 by rpki-client on console-fra.rpki-client.org