Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/3139332e332e3136352e302f32342d3234203d3e20323032333539.roa
File:                     3139332e332e3136352e302f32342d3234203d3e20323032333539.roa (raw, json)
Hash identifier:          VPeJ+EXNUHX+AbgJCLGku6UJdPKt5w7zKqkx1/Tnslc=
Subject key identifier:   B3:5E:C6:7F:61:BB:78:37:B6:54:09:7A:F7:45:F3:13:A0:DA:5E:AC
Certificate issuer:       /CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
Certificate serial:       687BA3EA07DC6E9C9FD81F901AFA8B78A6A1280C
Authority key identifier: 11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/3139332e332e3136352e302f32342d3234203d3e20323032333539.roa
Signing time:             Mon 13 Nov 2023 21:10:07 +0000
ROA not before:           Mon 13 Nov 2023 21:05:07 +0000
ROA not after:            Mon 11 Nov 2024 21:10:07 +0000
asID:                     202359
IP address blocks:        193.3.165.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:7b:a3:ea:07:dc:6e:9c:9f:d8:1f:90:1a:fa:8b:78:a6:a1:28:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11ad49c47e2d0e40cfc9b36a2bd2c514e2a6267b
        Validity
            Not Before: Nov 13 21:05:07 2023 GMT
            Not After : Nov 11 21:10:07 2024 GMT
        Subject: CN=B35EC67F61BB7837B654097AF745F313A0DA5EAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:48:42:db:8b:22:17:3f:a0:e2:a0:87:ca:91:
                    c6:ef:46:fe:16:b8:01:b3:c4:18:82:19:d0:91:92:
                    88:94:5c:8b:cf:60:c1:c2:91:62:6d:12:64:bf:68:
                    6e:88:bc:33:ea:92:8f:be:1c:bf:07:a4:4f:ea:49:
                    42:5b:55:22:2b:72:23:8d:fa:39:a7:b7:1f:25:dd:
                    75:a0:34:9c:91:37:52:98:b7:d3:de:96:b0:b1:da:
                    e4:6a:b2:31:8e:bd:43:32:c3:9e:eb:6c:99:96:0c:
                    11:50:cc:3e:3c:6a:32:fb:80:a1:69:ec:a1:cd:ee:
                    71:f2:53:a7:41:1b:4c:83:63:ad:1e:3d:bc:11:9e:
                    bb:24:4f:76:be:81:8a:65:cc:e1:e1:b9:ad:33:45:
                    4d:c5:55:51:90:98:1e:c4:1c:54:a3:c2:a9:03:f7:
                    ac:a3:ba:3c:55:ef:49:67:7d:ad:dd:33:db:af:4c:
                    d4:84:14:6a:5a:ab:18:4f:67:07:28:0f:70:cf:cd:
                    b8:05:90:2c:36:7d:29:1e:02:84:84:e8:18:8f:41:
                    5c:82:34:55:8b:a0:fe:2f:82:e0:8f:2e:3f:91:51:
                    4f:fb:c3:d5:50:58:5a:bd:a3:3d:9b:99:43:a2:ce:
                    a7:7e:5b:08:77:6f:04:e7:0c:5d:bf:60:06:2f:8a:
                    f8:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:5E:C6:7F:61:BB:78:37:B6:54:09:7A:F7:45:F3:13:A0:DA:5E:AC
            X509v3 Authority Key Identifier:
                keyid:11:AD:49:C4:7E:2D:0E:40:CF:C9:B3:6A:2B:D2:C5:14:E2:A6:26:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/11AD49C47E2D0E40CFC9B36A2BD2C514E2A6267B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ea1JxH4tDkDPybNqK9LFFOKmJns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7b575ea7-786f-4b2d-a455-79d7fc43ecee/7/3139332e332e3136352e302f32342d3234203d3e20323032333539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:ae:04:14:5f:6e:b8:85:7a:f4:bb:c3:1d:cb:7f:28:93:3d:
         9e:7e:67:4b:31:cd:3b:eb:00:01:35:67:43:16:ad:e7:38:45:
         8f:d5:96:82:b4:a1:1c:ff:64:eb:87:ed:d9:6a:84:78:f1:ca:
         f2:4a:d9:82:0b:30:af:f1:d5:5e:46:27:3b:48:8b:9c:d7:47:
         5c:fc:7d:65:fc:b9:ec:35:27:dd:62:b1:b5:8a:d6:ad:06:9a:
         b6:61:1d:84:1a:44:ff:b8:72:9e:89:51:ed:78:b8:92:75:18:
         42:cf:25:c1:20:55:4f:b6:77:08:b6:0f:fa:7b:f9:97:20:cc:
         67:1d:40:e8:56:f5:22:84:a4:8d:42:4e:68:cf:84:2c:59:f3:
         6d:3e:17:4c:d9:fa:e3:23:a0:3f:87:b1:f5:10:8b:cf:98:98:
         25:b5:86:14:93:0d:a1:9f:aa:36:af:06:28:ae:2e:e4:39:d4:
         4f:a1:49:2e:82:29:a3:75:f3:32:3d:dc:be:b9:34:e5:81:37:
         ae:9d:79:2c:f0:14:35:be:37:49:60:f3:3e:f7:dd:90:68:2b:
         e9:e0:20:04:bb:9b:39:b2:43:07:36:ea:45:9b:6f:81:43:9c:
         2b:28:b0:8c:44:22:74:f6:90:c3:98:12:61:46:b4:53:1e:64:
         8c:ff:ee:82
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaHuj6gfcbpyf2B+QGvqLeKahKAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFhZDQ5YzQ3ZTJkMGU0MGNmYzliMzZhMmJkMmM1MTRl
MmE2MjY3YjAeFw0yMzExMTMyMTA1MDdaFw0yNDExMTEyMTEwMDdaMDMxMTAvBgNV
BAMTKEIzNUVDNjdGNjFCQjc4MzdCNjU0MDk3QUY3NDVGMzEzQTBEQTVFQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhSELbiyIXP6DioIfKkcbvRv4W
uAGzxBiCGdCRkoiUXIvPYMHCkWJtEmS/aG6IvDPqko++HL8HpE/qSUJbVSIrciON
+jmntx8l3XWgNJyRN1KYt9PelrCx2uRqsjGOvUMyw57rbJmWDBFQzD48ajL7gKFp
7KHN7nHyU6dBG0yDY60ePbwRnrskT3a+gYplzOHhua0zRU3FVVGQmB7EHFSjwqkD
96yjujxV70lnfa3dM9uvTNSEFGpaqxhPZwcoD3DPzbgFkCw2fSkeAoSE6BiPQVyC
NFWLoP4vguCPLj+RUU/7w9VQWFq9oz2bmUOizqd+Wwh3bwTnDF2/YAYvivh5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUs17Gf2G7eDe2VAl690XzE6DaXqwwHwYDVR0j
BBgwFoAUEa1JxH4tDkDPybNqK9LFFOKmJnswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2I1NzVlYTctNzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNl
Y2VlLzcvMTFBRDQ5QzQ3RTJEMEU0MENGQzlCMzZBMkJEMkM1MTRFMkE2MjY3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VhMUp4SDR0RGtEUHliTnFLOUxGRk9L
bUpucy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2I1NzVlYTct
Nzg2Zi00YjJkLWE0NTUtNzlkN2ZjNDNlY2VlLzcvMzEzOTMzMmUzMzJlMzEzNjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzMzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wQOlMA0GCSqGSIb3DQEBCwUAA4IBAQAhrgQUX264hXr0u8Mdy38okz2efmdLMc07
6wABNWdDFq3nOEWP1ZaCtKEc/2Trh+3ZaoR48cryStmCCzCv8dVeRic7SIuc10dc
/H1l/LnsNSfdYrG1itatBpq2YR2EGkT/uHKeiVHteLiSdRhCzyXBIFVPtncItg/6
e/mXIMxnHUDoVvUihKSNQk5oz4QsWfNtPhdM2frjI6A/h7H1EIvPmJgltYYUkw2h
n6o2rwYori7kOdRPoUkugimjdfMyPdy+uTTlgTeunXks8BQ1vjdJYPM+992QaCvp
4CAEu5s5skMHNupFm2+BQ5wrKLCMRCJ09pDDmBJhRrRTHmSM/+6C
-----END CERTIFICATE-----
Generated at Sun Jun 30 18:29:29 2024 by rpki-client on console-ams.rpki-client.org