Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3138362e302f32342d3234203d3e203631333137.roa
File:                     3137382e3230382e3138362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          5yPcSy4Vfj9HiqZGxG2HDEfJ2hM7TFVbjZKEe91WtoU=
Subject key identifier:   16:46:FE:9E:0B:59:A6:BC:B9:D0:AB:27:22:33:2B:A5:FE:BE:88:16
Certificate issuer:       /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial:       2DBFB2E4A4002B2B7FB8B26A861457F567335265
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3138362e302f32342d3234203d3e203631333137.roa
Signing time:             Wed 22 Mar 2023 15:29:40 +0000
ROA not before:           Wed 22 Mar 2023 15:24:40 +0000
ROA not after:            Wed 20 Mar 2024 15:29:40 +0000
asID:                     61317
IP address blocks:        178.208.186.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:bf:b2:e4:a4:00:2b:2b:7f:b8:b2:6a:86:14:57:f5:67:33:52:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
        Validity
            Not Before: Mar 22 15:24:40 2023 GMT
            Not After : Mar 20 15:29:40 2024 GMT
        Subject: CN=1646FE9E0B59A6BCB9D0AB2722332BA5FEBE8816
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:63:94:72:c5:a7:8b:3b:0d:47:42:2f:e1:5a:
                    b8:ff:ba:cf:2f:a3:85:e3:88:8b:ca:88:fb:42:4f:
                    af:09:cb:9f:92:61:44:b7:e1:4a:d7:bb:27:57:e0:
                    96:8e:de:10:96:c4:55:bb:76:e9:ed:34:96:e6:97:
                    df:84:09:c0:c9:d7:76:e4:d5:33:ae:3a:d7:02:fb:
                    46:36:66:7f:ae:d3:b5:41:a0:09:7c:8e:1a:be:ea:
                    a9:7e:e6:6e:3a:04:0b:42:e5:e2:9c:06:ad:ae:b8:
                    93:81:eb:be:57:a6:71:1b:28:8e:26:58:60:b9:ac:
                    bf:da:4b:40:97:aa:8d:ea:02:a1:48:8d:35:11:3d:
                    9d:06:19:a9:18:df:12:61:36:57:ee:be:d7:1a:1f:
                    e2:2f:bb:e8:c5:4a:59:c7:5e:02:b4:6f:16:8f:d0:
                    b3:d4:e3:58:37:d1:f1:9a:96:85:70:1a:f8:ef:02:
                    8f:ef:e2:23:b6:c5:53:44:48:73:60:2d:97:e6:6c:
                    ec:01:42:6d:26:f4:f5:d8:2a:e9:36:7f:ce:03:57:
                    c8:44:72:7a:50:80:81:dd:d6:e8:16:4a:7f:4b:32:
                    f9:7e:60:d7:f5:1b:29:f8:7f:b9:2e:b2:f2:04:f9:
                    36:e4:5b:0f:99:1f:28:60:af:83:09:8b:ed:f6:53:
                    71:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:46:FE:9E:0B:59:A6:BC:B9:D0:AB:27:22:33:2B:A5:FE:BE:88:16
            X509v3 Authority Key Identifier:
                keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3138362e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.208.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:6d:27:28:97:50:72:90:7e:42:18:d7:ac:98:61:e0:cf:32:
         fa:d7:1b:f3:5f:46:e6:65:81:85:d6:53:40:f1:b1:7d:8d:e8:
         76:26:8b:b9:12:3d:8c:93:9d:04:fa:e8:ec:9a:97:fc:8e:d3:
         eb:57:0d:4d:2e:29:52:3b:6f:d7:f6:4d:a8:8d:bd:07:8e:c5:
         ce:ac:ac:fc:36:a8:a4:89:b1:7f:a0:ad:2b:14:59:30:e8:35:
         ab:04:22:00:17:fc:1f:38:fe:2d:04:da:72:bc:a6:27:21:ee:
         b7:3f:55:d0:7d:1c:81:50:60:13:49:6d:90:f8:41:62:af:f9:
         03:4e:94:1d:8f:51:82:ae:76:3b:69:54:1c:b1:0f:01:83:b4:
         5f:80:ac:07:28:e8:b0:ce:4d:36:84:a8:3e:9d:8f:00:08:af:
         60:ab:37:2e:a5:17:84:3c:3e:96:3e:39:d0:6d:a9:9e:ce:09:
         f7:63:7d:b2:0b:1c:67:8d:e6:0a:26:96:99:c8:af:54:1d:f7:
         68:53:f9:6e:82:e0:9f:e5:7e:80:f9:fe:60:ca:ea:d4:86:c0:
         86:db:86:c1:37:15:53:47:ad:76:d1:0a:56:70:63:29:36:f4:
         82:90:da:cd:8c:be:89:76:d8:25:ce:9d:d0:60:24:d2:3a:bf:
         f7:be:30:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULb+y5KQAKyt/uLJqhhRX9WczUmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDBaFw0yNDAzMjAxNTI5NDBaMDMxMTAvBgNV
BAMTKDE2NDZGRTlFMEI1OUE2QkNCOUQwQUIyNzIyMzMyQkE1RkVCRTg4MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMY5RyxaeLOw1HQi/hWrj/us8v
o4XjiIvKiPtCT68Jy5+SYUS34UrXuydX4JaO3hCWxFW7duntNJbml9+ECcDJ13bk
1TOuOtcC+0Y2Zn+u07VBoAl8jhq+6ql+5m46BAtC5eKcBq2uuJOB675XpnEbKI4m
WGC5rL/aS0CXqo3qAqFIjTURPZ0GGakY3xJhNlfuvtcaH+Ivu+jFSlnHXgK0bxaP
0LPU41g30fGaloVwGvjvAo/v4iO2xVNESHNgLZfmbOwBQm0m9PXYKuk2f84DV8hE
cnpQgIHd1ugWSn9LMvl+YNf1Gyn4f7kusvIE+TbkWw+ZHyhgr4MJi+32U3HXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFkb+ngtZpry50KsnIjMrpf6+iBYwHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy0LowDQYJKoZIhvcNAQELBQADggEBACptJyiXUHKQfkIY16yYYeDPMvrXG/Nf
RuZlgYXWU0DxsX2N6HYmi7kSPYyTnQT66Oyal/yO0+tXDU0uKVI7b9f2TaiNvQeO
xc6srPw2qKSJsX+grSsUWTDoNasEIgAX/B84/i0E2nK8pich7rc/VdB9HIFQYBNJ
bZD4QWKv+QNOlB2PUYKudjtpVByxDwGDtF+ArAco6LDOTTaEqD6djwAIr2CrNy6l
F4Q8PpY+OdBtqZ7OCfdjfbILHGeN5gomlpnIr1Qd92hT+W6C4J/lfoD5/mDK6tSG
wIbbhsE3FVNHrXbRClZwYyk29IKQ2s2Mvol22CXOndBgJNI6v/e+MNU=
-----END CERTIFICATE-----
Generated at Wed Sep 13 09:30:19 2023 by rpki-client on console-ams.rpki-client.org