Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e203236353631.roa
File:                     32332e3137372e382e302f32342d3234203d3e203236353631.roa (raw, json)
Hash identifier:          Hv5TWpM7sIVls13WG2ZstgDoVZowG7JSd6EvbKJMHX0=
Subject key identifier:   93:CD:21:AA:DE:60:B4:29:45:70:9C:BD:35:CE:F0:44:0C:61:CF:23
Certificate issuer:       /CN=200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db
Certificate serial:       57B8E287DE48991F491657BC1C08D1D8C19BC285
Authority key identifier: 63:55:2D:73:63:6A:C0:8B:8F:CA:F6:E9:C2:46:3D:64:72:CA:3B:F3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e203236353631.roa
Signing time:             Sun 01 Sep 2024 17:06:03 +0000
ROA not before:           Sun 01 Sep 2024 17:01:03 +0000
ROA not after:            Sun 31 Aug 2025 17:06:03 +0000
asID:                     26561
IP address blocks:        23.177.8.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b8:e2:87:de:48:99:1f:49:16:57:bc:1c:08:d1:d8:c1:9b:c2:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db
        Validity
            Not Before: Sep  1 17:01:03 2024 GMT
            Not After : Aug 31 17:06:03 2025 GMT
        Subject: CN=93CD21AADE60B42945709CBD35CEF0440C61CF23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2c:26:2a:4f:d0:38:66:1e:dd:30:69:ca:2d:
                    c9:a2:17:1a:7c:c0:87:5a:63:e7:06:da:ee:f8:17:
                    57:12:2e:f3:cb:98:f8:33:fa:0e:38:4e:68:d1:5f:
                    af:69:a9:29:b9:04:31:03:57:ac:b9:b7:4e:ca:a4:
                    93:b8:d7:6d:03:90:44:c4:e4:d9:42:99:09:3e:2d:
                    ae:1b:1a:b7:cc:92:d8:9e:43:df:a8:03:b5:ff:1b:
                    fe:bc:af:ad:55:d3:f8:34:aa:91:3e:c9:7a:a7:1c:
                    51:e8:e7:3a:3c:c0:63:83:15:90:15:35:9e:24:48:
                    a9:55:35:25:b7:bc:a4:60:7e:c3:3f:99:f2:20:87:
                    ad:25:82:ee:b6:72:cd:7a:18:08:ae:5f:fa:c6:90:
                    58:df:55:22:d2:79:dd:49:9d:59:c7:64:e0:e1:0e:
                    ba:fb:f6:dc:39:b3:bf:52:ae:a2:f3:07:1b:be:81:
                    df:61:8a:b1:50:d6:4d:dd:8b:a6:9b:f4:cb:d1:49:
                    c0:50:76:3e:1e:1f:ce:3e:a6:c2:ee:cd:05:2d:f9:
                    75:42:d1:da:8f:1e:08:e0:e7:78:f6:1f:c2:3c:05:
                    1a:4c:41:d6:63:da:f6:aa:1f:0b:ed:dd:09:d5:ad:
                    b2:12:9e:b2:6d:eb:44:7a:22:30:db:67:cf:87:cb:
                    45:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:CD:21:AA:DE:60:B4:29:45:70:9C:BD:35:CE:F0:44:0C:61:CF:23
            X509v3 Authority Key Identifier:
                keyid:63:55:2D:73:63:6A:C0:8B:8F:CA:F6:E9:C2:46:3D:64:72:CA:3B:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/63552D73636AC08B8FCAF6E9C2463D6472CA3BF3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e203236353631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.177.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:70:53:d4:0e:ff:8c:b5:b2:78:88:41:5b:7c:3b:c7:2a:cc:
         cb:2a:dd:d7:d2:d7:88:09:3c:30:1f:d1:e9:65:a0:e2:74:eb:
         fd:f0:50:bf:44:77:98:88:3a:7d:e3:ea:75:2a:1c:04:5a:88:
         33:31:bb:31:c0:67:6e:85:97:87:34:77:d8:f0:f1:5c:bf:37:
         d0:29:e1:97:92:26:9e:b6:6e:c6:4b:b2:d7:b8:70:40:04:3d:
         46:b5:39:f1:b0:45:86:c4:34:4b:19:8e:3a:d7:77:75:b5:00:
         d6:c4:23:4b:9d:c8:17:d0:38:bb:90:ab:06:2d:d4:7f:dc:af:
         00:88:b0:c9:04:7e:bd:9e:f1:af:a4:cd:80:cd:a8:24:c8:08:
         62:bc:49:a7:41:90:b4:8a:ea:cc:83:c7:d5:b3:04:10:6c:65:
         3d:5e:0a:80:38:06:92:ee:b8:b6:cc:ab:e8:29:87:35:d6:7b:
         26:67:8b:40:ba:01:0c:69:1d:8f:3d:8d:df:ce:a0:61:44:db:
         9e:9f:01:7e:6d:84:29:67:58:af:57:55:72:84:30:4c:70:6a:
         73:61:72:0b:37:e5:48:af:24:70:d0:35:e5:a0:8a:fe:6d:ff:
         dd:08:ca:96:86:b8:f5:5a:01:e4:f0:cc:db:0b:d8:a6:c4:fb:
         f1:aa:f8:10
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIUV7jih95ImR9JFle8HAjR2MGbwoUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjAwYWU1NDM1ZjM4ZDQyZDRhMTE3NjNmZTIxMDRlMDc3
NzdhNjI1OGE1ZTBiNGM5ZGIwHhcNMjQwOTAxMTcwMTAzWhcNMjUwODMxMTcwNjAz
WjAzMTEwLwYDVQQDEyg5M0NEMjFBQURFNjBCNDI5NDU3MDlDQkQzNUNFRjA0NDBD
NjFDRjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArywmKk/QOGYe
3TBpyi3JohcafMCHWmPnBtru+BdXEi7zy5j4M/oOOE5o0V+vaakpuQQxA1esubdO
yqSTuNdtA5BExOTZQpkJPi2uGxq3zJLYnkPfqAO1/xv+vK+tVdP4NKqRPsl6pxxR
6Oc6PMBjgxWQFTWeJEipVTUlt7ykYH7DP5nyIIetJYLutnLNehgIrl/6xpBY31Ui
0nndSZ1Zx2Tg4Q66+/bcObO/Uq6i8wcbvoHfYYqxUNZN3Yumm/TL0UnAUHY+Hh/O
PqbC7s0FLfl1QtHajx4I4Od49h/CPAUaTEHWY9r2qh8L7d0J1a2yEp6ybetEeiIw
22fPh8tFVwIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFJPNIareYLQpRXCcvTXO8EQM
Yc8jMB8GA1UdIwQYMBaAFGNVLXNjasCLj8r26cJGPWRyyjvzMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS80LzYzNTUyRDczNjM2QUMwOEI4RkNBRjZFOUMyNDYzRDY0
NzJDQTNCRjMuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS84ZTYxNDdiOC1kNTVkLTRlZDgtODk3My1k
NWNmMmEyN2UxNjEvMjAwYWU1NDM1ZjM4ZDQyZDRhMTE3NjNmZTIxMDRlMDc3Nzdh
NjI1OGE1ZTBiNGM5ZGIuY2VyMIGpBggrBgEFBQcBCwSBnDCBmTCBlgYIKwYBBQUH
MAuGgYlyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS80LzMyMzMyZTMx
MzczNzJlMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzUzNjMxLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQAF7EIMA0GCSqGSIb3DQEBCwUAA4IBAQAecFPUDv+MtbJ4iEFbfDvHKszL
Kt3X0teICTwwH9HpZaDidOv98FC/RHeYiDp94+p1KhwEWogzMbsxwGduhZeHNHfY
8PFcvzfQKeGXkiaetm7GS7LXuHBABD1GtTnxsEWGxDRLGY4613d1tQDWxCNLncgX
0Di7kKsGLdR/3K8AiLDJBH69nvGvpM2AzagkyAhivEmnQZC0iurMg8fVswQQbGU9
XgqAOAaS7ri2zKvoKYc11nsmZ4tAugEMaR2PPY3fzqBhRNuenwF+bYQpZ1ivV1Vy
hDBMcGpzYXILN+VIryRw0DXloIr+bf/dCMqWhrj1WgHk8MzbC9imxPvxqvgQ
-----END CERTIFICATE-----
Generated at Thu Sep 5 21:53:23 2024 by rpki-client on console-ams.rpki-client.org