Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/37411d6b-3615-4a86-8673-340ce2f226ee/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa
File:                     32332e3135332e3233322e302f32342d3234203d3e203539393933.roa (raw, json)
Hash identifier:          3bywHP82XFJJtzXyC1QDSBuDi50f1gDkmOcBxOd2mSg=
Subject key identifier:   BA:CD:30:4F:A0:A5:F1:31:C7:6E:6F:7C:86:01:8B:C1:67:3E:BE:95
Certificate issuer:       /CN=4b43c64a687a7f29b1e394a7fd64a6dddf2eceebbcf5cd8c44
Certificate serial:       66D9F7661596CE971B1152B67A981FA244E6A7F3
Authority key identifier: 2F:10:9D:2D:30:06:3E:6B:C5:80:23:A5:9C:9A:87:B6:05:87:6C:32
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b150e98d-80e9-45f6-bc63-6b40a3d59e9c/4b43c64a687a7f29b1e394a7fd64a6dddf2eceebbcf5cd8c44.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/37411d6b-3615-4a86-8673-340ce2f226ee/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa
Signing time:             Thu 14 Dec 2023 15:20:32 +0000
ROA not before:           Thu 14 Dec 2023 15:15:32 +0000
ROA not after:            Thu 12 Dec 2024 15:20:32 +0000
asID:                     59993
IP address blocks:        23.153.232.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:d9:f7:66:15:96:ce:97:1b:11:52:b6:7a:98:1f:a2:44:e6:a7:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b43c64a687a7f29b1e394a7fd64a6dddf2eceebbcf5cd8c44
        Validity
            Not Before: Dec 14 15:15:32 2023 GMT
            Not After : Dec 12 15:20:32 2024 GMT
        Subject: CN=BACD304FA0A5F131C76E6F7C86018BC1673EBE95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:73:c1:d2:85:aa:cf:d8:d7:83:8c:04:04:e1:
                    2a:19:dd:88:e3:6b:00:45:5f:5f:41:dd:9c:3e:30:
                    dc:64:f7:50:c8:98:a8:6a:79:6c:a4:f5:14:41:6e:
                    fa:e5:2a:1c:d5:2e:94:01:d9:79:9f:7b:8e:05:4c:
                    70:1f:ed:ec:62:5a:04:a2:1e:85:07:a4:3b:db:e2:
                    84:41:e4:54:26:d1:d3:f4:f3:6f:c8:5e:9b:77:5e:
                    dc:bc:1a:5f:f2:0a:1b:a9:ed:46:ac:45:91:d5:06:
                    11:24:cf:7d:90:0d:47:eb:57:cf:a2:c1:31:07:61:
                    e2:dd:c7:7e:9a:bf:a6:07:0e:71:c2:fd:ef:6c:10:
                    df:d8:be:75:50:50:b5:08:25:21:bb:59:b1:7a:26:
                    27:d1:33:0c:e2:d1:0e:80:b5:97:b6:b0:f8:9b:3c:
                    86:98:cd:da:df:69:dc:58:ff:6f:ad:df:fa:e6:66:
                    5a:d0:e5:66:b1:ca:41:59:3f:ad:3f:55:2b:91:54:
                    ac:b9:c9:08:e9:80:7f:b4:52:c1:42:4a:6a:f7:9b:
                    22:a8:fc:0a:5c:65:ed:b5:6f:9f:c8:41:29:ae:31:
                    2b:b8:ba:aa:03:b8:fb:71:b9:07:48:18:10:db:ce:
                    4b:1f:79:97:e5:2f:dc:58:ff:6b:23:c6:19:7b:f3:
                    64:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:CD:30:4F:A0:A5:F1:31:C7:6E:6F:7C:86:01:8B:C1:67:3E:BE:95
            X509v3 Authority Key Identifier:
                keyid:2F:10:9D:2D:30:06:3E:6B:C5:80:23:A5:9C:9A:87:B6:05:87:6C:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/37411d6b-3615-4a86-8673-340ce2f226ee/7/2F109D2D30063E6BC58023A59C9A87B605876C32.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b150e98d-80e9-45f6-bc63-6b40a3d59e9c/4b43c64a687a7f29b1e394a7fd64a6dddf2eceebbcf5cd8c44.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/37411d6b-3615-4a86-8673-340ce2f226ee/7/32332e3135332e3233322e302f32342d3234203d3e203539393933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.153.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:33:f2:0c:05:e7:e6:21:7e:15:8f:72:2b:2a:4f:e8:ca:79:
         39:1f:73:d9:eb:ad:14:c1:db:7b:3c:06:02:6f:76:ab:55:53:
         da:77:9c:9f:c6:d3:c2:51:99:a4:de:c7:a1:43:17:5c:04:e7:
         ad:ae:73:91:6d:17:32:86:c9:15:96:3f:2b:01:90:aa:18:94:
         48:3a:8f:8f:52:9a:97:81:49:86:a7:49:06:3a:ed:db:31:28:
         56:97:dc:e8:19:08:6d:9b:d9:42:de:5f:59:cc:16:74:8f:48:
         0b:0b:78:04:58:eb:e0:09:54:45:d3:6e:39:a2:ef:c1:29:57:
         5e:54:7c:d5:f1:95:1c:aa:71:09:bb:5d:43:6b:bb:8b:2d:d0:
         16:f9:36:1e:94:f1:79:6c:9f:cb:9d:b8:2d:03:25:a2:f8:8c:
         50:cc:a5:f1:54:e5:01:61:b9:fb:3d:cf:07:02:4f:2a:83:5b:
         39:c5:53:48:49:ae:57:ba:cd:d6:0c:c4:88:f1:e9:2c:88:95:
         6c:c1:03:d5:da:e3:36:ab:11:eb:c6:8a:42:98:b7:e6:28:fe:
         c9:85:4b:3d:fb:97:1b:1f:84:31:19:e6:6b:ec:05:e7:8a:f3:
         03:c0:20:4f:5f:0a:bc:d6:cc:13:7f:94:60:00:1c:70:26:99:
         ce:8f:04:2d
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUZtn3ZhWWzpcbEVK2epgfokTmp/MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNGI0M2M2NGE2ODdhN2YyOWIxZTM5NGE3ZmQ2NGE2ZGRk
ZjJlY2VlYmJjZjVjZDhjNDQwHhcNMjMxMjE0MTUxNTMyWhcNMjQxMjEyMTUyMDMy
WjAzMTEwLwYDVQQDEyhCQUNEMzA0RkEwQTVGMTMxQzc2RTZGN0M4NjAxOEJDMTY3
M0VCRTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3PB0oWqz9jX
g4wEBOEqGd2I42sARV9fQd2cPjDcZPdQyJioanlspPUUQW765Soc1S6UAdl5n3uO
BUxwH+3sYloEoh6FB6Q72+KEQeRUJtHT9PNvyF6bd17cvBpf8gobqe1GrEWR1QYR
JM99kA1H61fPosExB2Hi3cd+mr+mBw5xwv3vbBDf2L51UFC1CCUhu1mxeiYn0TMM
4tEOgLWXtrD4mzyGmM3a32ncWP9vrd/65mZa0OVmscpBWT+tP1UrkVSsuckI6YB/
tFLBQkpq95siqPwKXGXttW+fyEEprjEruLqqA7j7cbkHSBgQ285LH3mX5S/cWP9r
I8YZe/NkZQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFLrNME+gpfExx25vfIYBi8Fn
Pr6VMB8GA1UdIwQYMBaAFC8QnS0wBj5rxYAjpZyah7YFh2wyMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzM3NDExZDZiLTM2MTUtNGE4Ni04Njcz
LTM0MGNlMmYyMjZlZS83LzJGMTA5RDJEMzAwNjNFNkJDNTgwMjNBNTlDOUE4N0I2
MDU4NzZDMzIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2Mt
NGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9iMTUwZTk4ZC04MGU5LTQ1ZjYtYmM2My02
YjQwYTNkNTllOWMvNGI0M2M2NGE2ODdhN2YyOWIxZTM5NGE3ZmQ2NGE2ZGRkZjJl
Y2VlYmJjZjVjZDhjNDQuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzM3NDExZDZiLTM2MTUtNGE4Ni04NjczLTM0MGNlMmYyMjZlZS83LzMyMzMyZTMx
MzUzMzJlMzIzMzMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzOTM5MzkzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeZ6DANBgkqhkiG9w0BAQsFAAOCAQEAhDPyDAXn5iF+FY9yKypP
6Mp5OR9z2eutFMHbezwGAm92q1VT2necn8bTwlGZpN7HoUMXXATnra5zkW0XMobJ
FZY/KwGQqhiUSDqPj1Kal4FJhqdJBjrt2zEoVpfc6BkIbZvZQt5fWcwWdI9ICwt4
BFjr4AlURdNuOaLvwSlXXlR81fGVHKpxCbtdQ2u7iy3QFvk2HpTxeWyfy524LQMl
oviMUMyl8VTlAWG5+z3PBwJPKoNbOcVTSEmuV7rN1gzEiPHpLIiVbMED1drjNqsR
68aKQpi35ij+yYVLPfuXGx+EMRnma+wF54rzA8AgT18KvNbME3+UYAAccCaZzo8E
LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:59 2024 by rpki-client on console-ams.rpki-client.org