Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130342e302f32342d3234203d3e20323130303336.roa
File:                     3139332e33362e3130342e302f32342d3234203d3e20323130303336.roa (raw, json)
Hash identifier:          OCeKg1l3bm5CMGbt0uvhw1k2KKswNc/9cuB6HC8XAQk=
Subject key identifier:   AC:5B:CB:90:BA:1F:53:19:B6:C9:08:03:D9:55:E5:9A:26:E1:C5:98
Certificate issuer:       /CN=87d48146623246673056151f64abb8d1ee6b7727
Certificate serial:       42A4C97ADE82BC21B8E349EA42753B8ECB8103F7
Authority key identifier: 87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130342e302f32342d3234203d3e20323130303336.roa
Signing time:             Mon 15 Jan 2024 15:37:26 +0000
ROA not before:           Mon 15 Jan 2024 15:32:26 +0000
ROA not after:            Mon 13 Jan 2025 15:37:26 +0000
asID:                     210036
IP address blocks:        193.36.104.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:a4:c9:7a:de:82:bc:21:b8:e3:49:ea:42:75:3b:8e:cb:81:03:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87d48146623246673056151f64abb8d1ee6b7727
        Validity
            Not Before: Jan 15 15:32:26 2024 GMT
            Not After : Jan 13 15:37:26 2025 GMT
        Subject: CN=AC5BCB90BA1F5319B6C90803D955E59A26E1C598
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c1:09:ec:96:76:68:01:8a:87:a1:9b:98:3c:
                    41:55:31:cb:bb:cc:43:12:21:ed:41:11:84:9b:99:
                    9b:fa:8f:3e:34:b6:37:f2:64:4f:19:94:e4:83:bd:
                    dc:7f:29:6f:7f:a9:a9:ec:1f:84:32:3a:32:3f:ee:
                    0f:83:d8:a6:0c:99:b3:c9:ce:94:9e:13:48:63:7d:
                    ea:ac:5a:3b:24:a6:c1:a7:35:db:30:8b:15:a5:7a:
                    34:76:75:29:0f:83:06:df:26:4a:9c:56:65:9e:69:
                    cd:a1:79:14:2b:cd:a1:ce:50:52:c5:cc:6a:41:a4:
                    47:58:39:e8:e2:72:d4:2a:9b:c0:a8:90:c2:3d:d6:
                    10:84:ea:3c:d1:1b:98:fc:d9:96:e8:d8:60:b0:9a:
                    b0:35:65:f1:92:34:64:11:46:54:c5:21:ae:f2:fe:
                    9e:ab:a5:53:06:c9:ca:09:1e:e5:46:4c:9c:6e:f8:
                    72:ac:bd:8c:68:3d:99:fe:f9:6e:7c:03:96:78:f6:
                    0d:52:2e:d6:52:c9:e1:f8:f6:73:ba:11:91:62:a2:
                    d2:22:76:5a:df:cc:86:9c:a4:04:9f:0e:6b:5e:14:
                    56:c6:3a:bf:cb:e6:54:62:b4:d9:0e:75:53:f4:bc:
                    21:1e:18:51:59:4e:d0:fd:d8:1b:d3:97:38:96:9e:
                    7d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:5B:CB:90:BA:1F:53:19:B6:C9:08:03:D9:55:E5:9A:26:E1:C5:98
            X509v3 Authority Key Identifier:
                keyid:87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130342e302f32342d3234203d3e20323130303336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:2c:b4:5d:47:c5:db:e8:a8:50:22:27:e5:0f:f8:1e:4f:1c:
         03:8a:9a:e8:ef:94:41:3e:91:be:fc:2d:91:9c:ce:67:09:75:
         72:09:aa:ed:16:dc:ae:3e:1c:a5:fa:67:dc:cb:78:b8:ac:12:
         10:76:b6:41:3c:15:3e:f6:c3:91:da:f7:40:72:32:0d:91:09:
         b1:24:72:64:ba:2e:1c:93:b4:03:28:75:8b:f4:e3:08:fa:33:
         91:0c:d1:af:65:56:86:1b:d4:69:3e:1b:93:28:11:4c:24:fb:
         e2:41:32:e4:0f:84:0a:cf:6b:5f:95:01:45:21:33:38:95:4e:
         72:aa:a1:2d:16:4c:89:0d:67:41:40:23:4f:4c:61:70:52:7c:
         4d:5e:b2:fe:63:cf:1c:d0:96:db:49:05:c1:00:87:46:df:cf:
         ed:03:86:7f:00:1f:ca:c2:5c:8a:c4:60:43:24:17:c4:69:03:
         5f:d0:2b:5b:9e:ed:0e:3b:13:a8:f2:9e:a2:04:18:7c:ce:ba:
         f7:0f:95:ad:44:1c:04:0f:97:87:10:aa:84:10:a2:2d:d6:fa:
         ee:3e:51:12:a3:6f:da:64:59:c2:77:cd:38:79:e9:8d:d2:e3:
         8e:d8:3c:b2:d3:a1:7c:9b:4f:09:98:d9:0d:f9:f7:27:dd:17:
         95:93:f0:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQqTJet6CvCG440nqQnU7jsuBA/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODdkNDgxNDY2MjMyNDY2NzMwNTYxNTFmNjRhYmI4ZDFl
ZTZiNzcyNzAeFw0yNDAxMTUxNTMyMjZaFw0yNTAxMTMxNTM3MjZaMDMxMTAvBgNV
BAMTKEFDNUJDQjkwQkExRjUzMTlCNkM5MDgwM0Q5NTVFNTlBMjZFMUM1OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwQnslnZoAYqHoZuYPEFVMcu7
zEMSIe1BEYSbmZv6jz40tjfyZE8ZlOSDvdx/KW9/qansH4QyOjI/7g+D2KYMmbPJ
zpSeE0hjfeqsWjskpsGnNdswixWlejR2dSkPgwbfJkqcVmWeac2heRQrzaHOUFLF
zGpBpEdYOejictQqm8CokMI91hCE6jzRG5j82Zbo2GCwmrA1ZfGSNGQRRlTFIa7y
/p6rpVMGycoJHuVGTJxu+HKsvYxoPZn++W58A5Z49g1SLtZSyeH49nO6EZFiotIi
dlrfzIacpASfDmteFFbGOr/L5lRitNkOdVP0vCEeGFFZTtD92BvTlziWnn3TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrFvLkLofUxm2yQgD2VXlmibhxZgwHwYDVR0j
BBgwFoAUh9SBRmIyRmcwVhUfZKu40e5rdycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMtMjc1YS00NzZlLWJmYmUtNTQwZTczZTYy
MzgzLzAvODdENDgxNDY2MjMyNDY2NzMwNTYxNTFGNjRBQkI4RDFFRTZCNzcyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2g5U0JSbUl5Um1jd1ZoVWZaS3U0MGU1
cmR5Yy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMt
Mjc1YS00NzZlLWJmYmUtNTQwZTczZTYyMzgzLzAvMzEzOTMzMmUzMzM2MmUzMTMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAzMDMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBJGgwDQYJKoZIhvcNAQELBQADggEBAFUstF1HxdvoqFAiJ+UP+B5PHAOKmujv
lEE+kb78LZGczmcJdXIJqu0W3K4+HKX6Z9zLeLisEhB2tkE8FT72w5Ha90ByMg2R
CbEkcmS6LhyTtAModYv04wj6M5EM0a9lVoYb1Gk+G5MoEUwk++JBMuQPhArPa1+V
AUUhMziVTnKqoS0WTIkNZ0FAI09MYXBSfE1esv5jzxzQlttJBcEAh0bfz+0Dhn8A
H8rCXIrEYEMkF8RpA1/QK1ue7Q47E6jynqIEGHzOuvcPla1EHAQPl4cQqoQQoi3W
+u4+URKjb9pkWcJ3zTh56Y3S447YPLLToXybTwmY2Q359yfdF5WT8PU=
-----END CERTIFICATE-----
Generated at Tue Jul 16 10:03:40 2024 by rpki-client on console-ams.rpki-client.org