Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e203534313438.roa
File:                     32332e3136302e3135322e302f32342d3234203d3e203534313438.roa (raw, json)
Hash identifier:          nik8U4n7gYUmHBNjACokyG5/711HdnZPO8EaCJ6hMro=
Subject key identifier:   38:ED:8A:95:84:63:45:3E:04:0E:2F:ED:44:3A:0C:AD:8E:DC:5A:1B
Certificate issuer:       /CN=7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2
Certificate serial:       3CE7DF8CC4734AE6F68A293FC84FE000A2CD397D
Authority key identifier: 2C:8B:32:3B:D9:5B:B0:D4:44:81:CB:A2:DC:CE:3D:3A:BC:3A:3C:59
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/ee1bdff8-dbb5-4f0f-98e6-c8e1326ba79b/7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e203534313438.roa
Signing time:             Wed 23 Oct 2024 18:41:57 +0000
ROA not before:           Wed 23 Oct 2024 18:36:57 +0000
ROA not after:            Wed 22 Oct 2025 18:41:57 +0000
asID:                     54148
IP address blocks:        23.160.152.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:e7:df:8c:c4:73:4a:e6:f6:8a:29:3f:c8:4f:e0:00:a2:cd:39:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2
        Validity
            Not Before: Oct 23 18:36:57 2024 GMT
            Not After : Oct 22 18:41:57 2025 GMT
        Subject: CN=38ED8A958463453E040E2FED443A0CAD8EDC5A1B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ee:85:fe:8d:10:8a:8c:ca:d8:a9:61:ad:55:
                    70:0c:63:a5:00:00:f0:4f:6c:c3:c7:4d:89:b9:2a:
                    b6:cd:c0:0d:e2:2b:7f:2a:b4:9d:7d:d9:ba:ae:6e:
                    e0:12:66:9b:af:6d:9a:4f:bd:a9:9c:b7:72:5a:8c:
                    eb:25:b3:9b:5f:f0:43:67:6b:f5:01:16:3a:a2:e5:
                    26:46:01:a3:a4:18:3c:83:18:9c:c2:90:43:58:44:
                    1e:9e:48:c8:1a:2f:46:75:f3:e9:8b:c3:47:14:dc:
                    49:3c:5c:7d:b6:ea:33:4c:e0:ef:c0:3b:31:4a:3f:
                    c9:d1:66:b4:09:c8:ab:30:d2:4b:32:a7:8b:6a:de:
                    71:f3:48:d1:8f:d6:db:aa:7e:c5:5e:ba:20:f5:e1:
                    5a:af:1f:40:73:02:c5:38:ed:79:7c:04:ac:23:6c:
                    bf:23:17:a0:af:d5:05:fb:72:c0:c2:7c:1d:87:0b:
                    f6:a2:a3:fe:4e:61:bd:bc:58:c0:31:0b:26:d2:f2:
                    a5:3d:9c:b2:7f:81:c5:03:54:c6:cc:79:09:cf:b8:
                    9e:c2:9e:b9:b3:fc:79:56:e7:f0:ab:06:02:14:4e:
                    d7:36:54:eb:09:49:14:09:0f:66:a3:ff:1b:17:6c:
                    87:d4:c8:b5:5e:dd:30:2d:b4:fb:51:ae:80:28:ac:
                    7f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:ED:8A:95:84:63:45:3E:04:0E:2F:ED:44:3A:0C:AD:8E:DC:5A:1B
            X509v3 Authority Key Identifier:
                keyid:2C:8B:32:3B:D9:5B:B0:D4:44:81:CB:A2:DC:CE:3D:3A:BC:3A:3C:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/2C8B323BD95BB0D44481CBA2DCCE3D3ABC3A3C59.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/ee1bdff8-dbb5-4f0f-98e6-c8e1326ba79b/7ecae320493165bd255881e00078068ce32efb3eeaeae07cf2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/3/32332e3136302e3135322e302f32342d3234203d3e203534313438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.160.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:8c:21:35:7f:38:7b:a2:14:88:a3:1c:ab:a7:df:07:fc:2d:
         2b:9c:3b:51:ff:28:57:42:8a:c1:91:cf:e5:c1:43:b8:e0:a3:
         60:91:e2:bc:f2:47:3e:62:10:c5:46:86:0a:b4:67:8c:9b:d7:
         74:4d:46:f2:2e:d8:5d:d8:e9:86:fa:73:5c:3d:cd:fe:7a:69:
         f5:04:c7:b0:d3:8a:d0:33:29:f4:e6:50:62:26:da:f7:78:26:
         96:1b:5d:26:f1:73:f1:13:10:7b:45:82:c1:fc:11:6b:c2:68:
         8e:75:e7:3a:71:05:04:be:61:b6:42:ec:a5:f9:d4:3e:19:7a:
         16:a2:ff:24:56:f2:f8:11:d3:64:1c:a2:8a:d0:cd:52:7b:00:
         cd:22:bd:ab:16:60:3a:78:19:02:4d:1b:74:67:0e:0b:d7:96:
         0d:3c:93:c1:a1:7c:bf:6e:2f:4d:76:d1:c8:f3:f5:86:5c:55:
         08:dd:28:40:b2:0f:5d:6f:d2:08:b2:9b:ec:f8:09:25:ab:b2:
         71:2f:c0:14:1d:7a:d1:44:32:a4:41:de:28:e5:99:72:2f:6c:
         52:92:03:8d:0d:4a:57:e6:55:0c:ae:27:74:24:a0:d5:5b:2e:
         ed:56:5c:fa:93:f3:08:46:69:46:8a:34:d3:5a:8f:18:56:fb:
         3f:7d:68:24
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUPOffjMRzSub2iik/yE/gAKLNOX0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2VjYWUzMjA0OTMxNjViZDI1NTg4MWUwMDA3ODA2OGNl
MzJlZmIzZWVhZWFlMDdjZjIwHhcNMjQxMDIzMTgzNjU3WhcNMjUxMDIyMTg0MTU3
WjAzMTEwLwYDVQQDEygzOEVEOEE5NTg0NjM0NTNFMDQwRTJGRUQ0NDNBMENBRDhF
REM1QTFCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+6F/o0QiozK
2KlhrVVwDGOlAADwT2zDx02JuSq2zcAN4it/KrSdfdm6rm7gEmabr22aT72pnLdy
WozrJbObX/BDZ2v1ARY6ouUmRgGjpBg8gxicwpBDWEQenkjIGi9GdfPpi8NHFNxJ
PFx9tuozTODvwDsxSj/J0Wa0CcirMNJLMqeLat5x80jRj9bbqn7FXrog9eFarx9A
cwLFOO15fASsI2y/Ixegr9UF+3LAwnwdhwv2oqP+TmG9vFjAMQsm0vKlPZyyf4HF
A1TGzHkJz7iewp65s/x5VufwqwYCFE7XNlTrCUkUCQ9mo/8bF2yH1Mi1Xt0wLbT7
Ua6AKKx/EQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFDjtipWEY0U+BA4v7UQ6DK2O
3FobMB8GA1UdIwQYMBaAFCyLMjvZW7DURIHLotzOPTq8OjxZMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk4MmY4NWJjLTNkNjktNDhhMi1iOWMz
LTdlZjBhODM5Y2UxOS8zLzJDOEIzMjNCRDk1QkIwRDQ0NDgxQ0JBMkRDQ0UzRDNB
QkMzQTNDNTkuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9lZTFiZGZmOC1kYmI1LTRmMGYtOThlNi1j
OGUxMzI2YmE3OWIvN2VjYWUzMjA0OTMxNjViZDI1NTg4MWUwMDA3ODA2OGNlMzJl
ZmIzZWVhZWFlMDdjZjIuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
Lzk4MmY4NWJjLTNkNjktNDhhMi1iOWMzLTdlZjBhODM5Y2UxOS8zLzMyMzMyZTMx
MzYzMDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNDMxMzQzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABegmDANBgkqhkiG9w0BAQsFAAOCAQEAbIwhNX84e6IUiKMcq6ff
B/wtK5w7Uf8oV0KKwZHP5cFDuOCjYJHivPJHPmIQxUaGCrRnjJvXdE1G8i7YXdjp
hvpzXD3N/npp9QTHsNOK0DMp9OZQYiba93gmlhtdJvFz8RMQe0WCwfwRa8JojnXn
OnEFBL5htkLspfnUPhl6FqL/JFby+BHTZByiitDNUnsAzSK9qxZgOngZAk0bdGcO
C9eWDTyTwaF8v24vTXbRyPP1hlxVCN0oQLIPXW/SCLKb7PgJJauycS/AFB160UQy
pEHeKOWZci9sUpIDjQ1KV+ZVDK4ndCSg1Vsu7VZc+pPzCEZpRoo001qPGFb7P31o
JA==
-----END CERTIFICATE-----
Generated at Thu Oct 24 22:39:05 2024 by rpki-client on console-fra.rpki-client.org