Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b0c75df9-5b92-48c0-bbda-a43bd19ef7d3/1/326130613a363034343a623366303a3a2f34382d3438203d3e20323134383039.roa
File:                     326130613a363034343a623366303a3a2f34382d3438203d3e20323134383039.roa (raw, json)
Hash identifier:          lVMQUvaRdbLM/2DhOhdRarMFBmfWJ4U6HL++YlT6IvA=
Subject key identifier:   8A:3A:FF:D4:11:C0:C1:3C:74:6E:37:CD:E1:17:13:D1:A0:1B:C6:A8
Certificate issuer:       /CN=5FED2AFCA7C9FBDEAC83527A15BE547D7B63C296
Certificate serial:       16BF87D3BD4B9CB5BE4580DEA84DE250BFBCFDAC
Authority key identifier: 5F:ED:2A:FC:A7:C9:FB:DE:AC:83:52:7A:15:BE:54:7D:7B:63:C2:96
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5FED2AFCA7C9FBDEAC83527A15BE547D7B63C296.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b0c75df9-5b92-48c0-bbda-a43bd19ef7d3/1/326130613a363034343a623366303a3a2f34382d3438203d3e20323134383039.roa
Signing time:             Wed 28 Aug 2024 15:53:04 +0000
ROA not before:           Wed 28 Aug 2024 15:48:04 +0000
ROA not after:            Wed 27 Aug 2025 15:53:04 +0000
asID:                     214809
IP address blocks:        2a0a:6044:b3f0::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:bf:87:d3:bd:4b:9c:b5:be:45:80:de:a8:4d:e2:50:bf:bc:fd:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5FED2AFCA7C9FBDEAC83527A15BE547D7B63C296
        Validity
            Not Before: Aug 28 15:48:04 2024 GMT
            Not After : Aug 27 15:53:04 2025 GMT
        Subject: CN=8A3AFFD411C0C13C746E37CDE11713D1A01BC6A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:12:47:a1:e0:c8:b9:14:39:f0:e9:f2:6b:bb:
                    e1:c5:8a:b6:01:48:38:7c:f1:74:65:56:cb:98:5e:
                    80:11:4e:f1:2e:dd:24:99:89:d1:3f:64:5c:02:f3:
                    3f:9b:f6:9e:cf:60:eb:46:f2:df:71:a4:3f:00:cd:
                    0b:8d:ce:55:13:7c:c9:37:04:51:5e:01:c9:57:23:
                    92:c0:ae:b9:95:9b:62:69:d9:09:70:2f:d4:ec:c8:
                    66:56:89:69:a4:41:2f:68:f0:a1:df:1d:b5:a0:e2:
                    b6:e4:5e:f9:e5:77:8b:dc:12:9c:1c:17:df:c0:47:
                    c2:ba:4b:d3:64:80:7c:b2:5d:66:8c:5b:2c:21:8c:
                    d1:9d:b4:9e:4e:95:da:8f:5c:41:7f:c9:6d:de:eb:
                    f8:e3:85:9a:b7:c7:40:6f:a9:d7:ff:b1:62:39:3b:
                    06:31:81:3c:ca:77:97:85:4a:9a:c3:95:bf:0a:8a:
                    3f:9b:fe:9f:f8:f3:d8:f0:c1:96:3a:97:23:e1:72:
                    65:bc:47:0e:a9:14:d2:f1:46:b0:65:48:87:6a:10:
                    71:47:3d:36:54:b0:af:ae:66:b2:d7:11:f2:1a:60:
                    ad:b6:39:45:c8:d5:d4:49:3d:c7:37:91:2d:b1:9f:
                    14:26:a5:c4:70:64:cc:f2:7e:6a:ac:50:34:48:41:
                    5c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:3A:FF:D4:11:C0:C1:3C:74:6E:37:CD:E1:17:13:D1:A0:1B:C6:A8
            X509v3 Authority Key Identifier:
                keyid:5F:ED:2A:FC:A7:C9:FB:DE:AC:83:52:7A:15:BE:54:7D:7B:63:C2:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b0c75df9-5b92-48c0-bbda-a43bd19ef7d3/1/5FED2AFCA7C9FBDEAC83527A15BE547D7B63C296.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5FED2AFCA7C9FBDEAC83527A15BE547D7B63C296.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b0c75df9-5b92-48c0-bbda-a43bd19ef7d3/1/326130613a363034343a623366303a3a2f34382d3438203d3e20323134383039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:b3f0::/48

    Signature Algorithm: sha256WithRSAEncryption
         e2:52:79:4d:8d:f8:44:81:9b:c8:12:51:e9:a8:16:e0:d5:5c:
         2b:a4:a3:cc:50:b3:80:81:bb:f7:aa:16:82:6f:b7:e8:eb:78:
         00:19:50:14:dc:59:ce:c7:13:de:af:30:9e:2a:0c:da:78:d2:
         37:c6:5f:f4:2f:c3:d5:7a:40:c2:08:10:44:61:64:55:c5:8e:
         da:2b:a0:2b:c7:9e:8f:33:1d:d7:0f:e6:bd:e5:be:19:c2:21:
         b9:8a:83:db:09:18:8e:5b:d6:8e:dd:bf:c6:db:f2:4f:46:f1:
         66:fa:51:e0:cf:a2:96:1f:38:78:a6:37:53:42:e1:90:e9:21:
         97:bf:cd:9c:7c:a5:a2:6d:7b:94:16:1c:76:ef:b0:8a:ec:8d:
         79:b8:ed:7d:4f:5a:78:5e:e6:c9:f1:f9:56:58:1c:c6:c6:6d:
         e2:1f:f3:95:b2:31:b2:61:0c:8f:e6:1b:62:6d:c1:26:24:ad:
         46:c9:1d:35:8c:93:57:f8:fb:e8:71:c3:c0:4b:92:8a:25:ab:
         61:bb:e7:4a:69:13:8b:3b:f0:bd:2e:7f:d2:a9:c8:04:79:a8:
         dc:f1:55:d2:46:b0:7c:8a:88:4e:f2:b0:60:2a:5e:9d:22:94:
         d1:99:2a:7b:1b:60:cd:e8:89:b9:57:0e:43:95:1b:64:90:26:
         dc:14:09:2e
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUFr+H071LnLW+RYDeqE3iUL+8/awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUZFRDJBRkNBN0M5RkJERUFDODM1MjdBMTVCRTU0N0Q3
QjYzQzI5NjAeFw0yNDA4MjgxNTQ4MDRaFw0yNTA4MjcxNTUzMDRaMDMxMTAvBgNV
BAMTKDhBM0FGRkQ0MTFDMEMxM0M3NDZFMzdDREUxMTcxM0QxQTAxQkM2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbEkeh4Mi5FDnw6fJru+HFirYB
SDh88XRlVsuYXoARTvEu3SSZidE/ZFwC8z+b9p7PYOtG8t9xpD8AzQuNzlUTfMk3
BFFeAclXI5LArrmVm2Jp2QlwL9TsyGZWiWmkQS9o8KHfHbWg4rbkXvnld4vcEpwc
F9/AR8K6S9NkgHyyXWaMWywhjNGdtJ5OldqPXEF/yW3e6/jjhZq3x0Bvqdf/sWI5
OwYxgTzKd5eFSprDlb8Kij+b/p/489jwwZY6lyPhcmW8Rw6pFNLxRrBlSIdqEHFH
PTZUsK+uZrLXEfIaYK22OUXI1dRJPcc3kS2xnxQmpcRwZMzyfmqsUDRIQVzLAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUijr/1BHAwTx0bjfN4RcT0aAbxqgwHwYDVR0j
BBgwFoAUX+0q/KfJ+96sg1J6Fb5UfXtjwpYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjBjNzVkZjktNWI5Mi00OGMwLWJiZGEtYTQzYmQxOWVm
N2QzLzEvNUZFRDJBRkNBN0M5RkJERUFDODM1MjdBMTVCRTU0N0Q3QjYzQzI5Ni5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC81RkVEMkFGQ0E3QzlGQkRFQUM4MzUyN0Ex
NUJFNTQ3RDdCNjNDMjk2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iMGM3NWRmOS01YjkyLTQ4YzAtYmJkYS1hNDNiZDE5ZWY3ZDMvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYyMzM2NjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzgzMDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRLPwMA0GCSqGSIb3DQEBCwUAA4IBAQDi
UnlNjfhEgZvIElHpqBbg1VwrpKPMULOAgbv3qhaCb7fo63gAGVAU3FnOxxPerzCe
KgzaeNI3xl/0L8PVekDCCBBEYWRVxY7aK6Arx56PMx3XD+a95b4ZwiG5ioPbCRiO
W9aO3b/G2/JPRvFm+lHgz6KWHzh4pjdTQuGQ6SGXv82cfKWibXuUFhx277CK7I15
uO19T1p4XubJ8flWWBzGxm3iH/OVsjGyYQyP5htibcEmJK1GyR01jJNX+PvoccPA
S5KKJathu+dKaROLO/C9Ln/SqcgEeajc8VXSRrB8iohO8rBgKl6dIpTRmSp7G2DN
6Im5Vw5DlRtkkCbcFAku
-----END CERTIFICATE-----
Generated at Thu Oct 24 07:23:05 2024 by rpki-client on console-fra.rpki-client.org