Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e20323030333531.roa
File:                     32332e3136302e3135322e302f32342d3234203d3e20323030333531.roa (raw, json)
Hash identifier:          yjfbJ/3QVXvE7lJhlwnlgwM0ZOyZA1c67BxAEbKg7z4=
Subject key identifier:   80:F5:88:1A:F9:09:E5:F2:FE:55:20:2C:DE:19:99:F6:9B:49:DF:5F
Certificate issuer:       /CN=7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2
Certificate serial:       6DA87380E16C99DFFDA21AC19FA0B97D2EA78E57
Authority key identifier: 2C:8B:32:3B:D9:5B:B0:D4:44:81:CB:A2:DC:CE:3D:3A:BC:3A:3C:59
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/ee1bdff8-dbb5-4f0f-98e6-c8e1326ba79b/7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e20323030333531.roa
Signing time:             Wed 23 Oct 2024 18:42:00 +0000
ROA not before:           Wed 23 Oct 2024 18:37:00 +0000
ROA not after:            Wed 22 Oct 2025 18:42:00 +0000
asID:                     200351
IP address blocks:        23.160.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:a8:73:80:e1:6c:99:df:fd:a2:1a:c1:9f:a0:b9:7d:2e:a7:8e:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2
        Validity
            Not Before: Oct 23 18:37:00 2024 GMT
            Not After : Oct 22 18:42:00 2025 GMT
        Subject: CN=80F5881AF909E5F2FE55202CDE1999F69B49DF5F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:8c:f0:39:a3:77:f8:bd:67:47:6c:7c:74:cf:
                    d7:a6:f1:2c:28:67:8f:ab:d9:3d:a0:7a:78:4e:12:
                    cc:d5:82:73:38:29:ce:77:c8:2f:be:3c:46:21:2f:
                    13:16:cf:3c:c4:83:35:b1:02:f9:6d:6e:7f:7f:87:
                    07:2b:e6:fa:d5:d1:42:7f:2b:ca:76:08:23:dc:1b:
                    ff:0b:27:5f:c2:77:30:77:7a:77:cf:a9:1b:0f:1b:
                    88:ea:79:71:b3:53:31:d6:5f:25:e5:ba:d9:40:7b:
                    63:06:10:c0:7d:8e:95:37:e9:72:62:43:85:10:91:
                    71:8a:6b:d0:f3:5d:6c:aa:90:56:75:41:a2:c2:f4:
                    f6:c1:62:e0:76:56:09:46:fe:80:de:8b:ae:20:25:
                    4a:0c:f3:56:4d:f0:c9:54:7d:e6:60:de:b1:71:ad:
                    7b:f9:05:3d:d5:ed:0b:ca:59:ef:c5:29:dc:31:16:
                    fb:6a:45:59:e3:e4:b3:32:cf:7a:79:5e:ee:77:79:
                    04:92:d7:b4:2a:29:19:58:9b:e9:06:f2:b6:6b:d1:
                    84:11:f3:e7:f5:c8:12:bb:a1:f3:5a:47:08:95:19:
                    e0:53:bb:c5:66:01:ad:b7:49:dd:32:da:ae:4e:b7:
                    42:b1:df:32:cb:52:35:a0:28:3d:2e:50:f4:9e:75:
                    79:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:F5:88:1A:F9:09:E5:F2:FE:55:20:2C:DE:19:99:F6:9B:49:DF:5F
            X509v3 Authority Key Identifier:
                keyid:2C:8B:32:3B:D9:5B:B0:D4:44:81:CB:A2:DC:CE:3D:3A:BC:3A:3C:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/2C8B323BD95BB0D44481CBA2DCCE3D3ABC3A3C59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/ee1bdff8-dbb5-4f0f-98e6-c8e1326ba79b/7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e20323030333531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.160.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:d3:50:9b:c6:05:85:2a:42:58:57:17:4d:c4:94:4a:04:51:
         9a:b3:41:8c:9f:93:03:e5:7a:21:5a:a0:12:8e:65:8b:95:d9:
         94:35:f2:65:4f:f5:21:1c:90:6c:bd:12:36:70:e3:de:19:00:
         e9:e7:17:99:e1:77:5d:29:93:cf:51:8e:e1:b1:ba:68:54:3b:
         32:5a:9e:9a:dc:5c:1c:11:8f:58:a1:51:c6:9a:c3:11:80:9b:
         66:97:6b:3b:53:c9:57:de:b7:09:07:9e:ab:03:5b:9a:a3:12:
         7a:45:05:73:89:cf:72:52:15:dc:d6:4d:9e:a1:35:4d:75:7e:
         4d:dd:3d:47:59:c1:6f:fc:b9:51:a3:70:69:43:02:27:f2:c1:
         57:89:f7:f4:d1:21:56:30:f9:ad:60:a5:18:7c:6b:22:f1:ed:
         49:60:38:ad:ea:fb:b8:91:5a:83:b4:b1:c3:4c:15:99:6c:3c:
         72:17:57:75:4d:4d:a6:bb:e0:de:82:17:b2:d6:9d:1d:62:80:
         56:32:98:c5:6a:45:92:c2:17:eb:28:51:c5:64:f6:f4:a3:43:
         cf:bf:7d:54:34:a4:3f:94:99:94:ca:8e:3e:ca:21:4c:6d:e2:
         a8:06:d7:da:de:6f:2b:60:65:06:0a:0b:b1:fc:30:1d:08:29:
         31:e8:54:82
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIUbahzgOFsmd/9ohrBn6C5fS6njlcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2VjYWUzMjA0OTMxNjViZDI1NTg4MWUwMDA3ODA2OGNl
MzJlZmIzZWVhZWFlMDdjZjIwHhcNMjQxMDIzMTgzNzAwWhcNMjUxMDIyMTg0MjAw
WjAzMTEwLwYDVQQDEyg4MEY1ODgxQUY5MDlFNUYyRkU1NTIwMkNERTE5OTlGNjlC
NDlERjVGMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApozwOaN3+L1n
R2x8dM/XpvEsKGePq9k9oHp4ThLM1YJzOCnOd8gvvjxGIS8TFs88xIM1sQL5bW5/
f4cHK+b61dFCfyvKdggj3Bv/Cydfwncwd3p3z6kbDxuI6nlxs1Mx1l8l5brZQHtj
BhDAfY6VN+lyYkOFEJFximvQ811sqpBWdUGiwvT2wWLgdlYJRv6A3ouuICVKDPNW
TfDJVH3mYN6xca17+QU91e0LylnvxSncMRb7akVZ4+SzMs96eV7ud3kEkte0KikZ
WJvpBvK2a9GEEfPn9cgSu6HzWkcIlRngU7vFZgGtt0ndMtquTrdCsd8yy1I1oCg9
LlD0nnV5KwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFID1iBr5CeXy/lUgLN4Zmfab
Sd9fMB8GA1UdIwQYMBaAFCyLMjvZW7DURIHLotzOPTq8OjxZMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk4MmY4NWJjLTNkNjktNDhhMi1iOWMz
LTdlZjBhODM5Y2UxOS8zLzJDOEIzMjNCRDk1QkIwRDQ0NDgxQ0JBMkRDQ0UzRDNB
QkMzQTNDNTkuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9lZTFiZGZmOC1kYmI1LTRmMGYtOThlNi1j
OGUxMzI2YmE3OWIvN2VjYWUzMjA0OTMxNjViZDI1NTg4MWUwMDA3ODA2OGNlMzJl
ZmIzZWVhZWFlMDdjZjIuY2VyMIGvBggrBgEFBQcBCwSBojCBnzCBnAYIKwYBBQUH
MAuGgY9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
Lzk4MmY4NWJjLTNkNjktNDhhMi1iOWMzLTdlZjBhODM5Y2UxOS8zLzMyMzMyZTMx
MzYzMDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzMzNTMx
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAF6CYMA0GCSqGSIb3DQEBCwUAA4IBAQAz01CbxgWFKkJYVxdN
xJRKBFGas0GMn5MD5XohWqASjmWLldmUNfJlT/UhHJBsvRI2cOPeGQDp5xeZ4Xdd
KZPPUY7hsbpoVDsyWp6a3FwcEY9YoVHGmsMRgJtml2s7U8lX3rcJB56rA1uaoxJ6
RQVzic9yUhXc1k2eoTVNdX5N3T1HWcFv/LlRo3BpQwIn8sFXiff00SFWMPmtYKUY
fGsi8e1JYDit6vu4kVqDtLHDTBWZbDxyF1d1TU2mu+Deghey1p0dYoBWMpjFakWS
whfrKFHFZPb0o0PPv31UNKQ/lJmUyo4+yiFMbeKoBtfa3m8rYGUGCgux/DAdCCkx
6FSC
-----END CERTIFICATE-----
Generated at Thu Oct 24 23:48:13 2024 by rpki-client on console-ams.rpki-client.org