Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366434303a3a2f34322d3432203d3e20323136333630.roa
File:                     326130373a353463373a366434303a3a2f34322d3432203d3e20323136333630.roa (raw, json)
Hash identifier:          l6IAGSay1QbED9E2YWNz1+wgHGwKUfriNfzCvnSTL58=
Subject key identifier:   8C:3D:11:DB:7B:7B:81:33:61:34:DF:83:67:AF:C1:04:C2:56:82:07
Certificate issuer:       /CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Certificate serial:       66458A0A344F1B0E51CE021CAE5B45AFF7210D4C
Authority key identifier: F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366434303a3a2f34322d3432203d3e20323136333630.roa
Signing time:             Mon 04 Mar 2024 01:06:53 +0000
ROA not before:           Mon 04 Mar 2024 01:01:53 +0000
ROA not after:            Mon 03 Mar 2025 01:06:53 +0000
asID:                     216360
IP address blocks:        2a07:54c7:6d40::/42 maxlen: 42

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:45:8a:0a:34:4f:1b:0e:51:ce:02:1c:ae:5b:45:af:f7:21:0d:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
        Validity
            Not Before: Mar  4 01:01:53 2024 GMT
            Not After : Mar  3 01:06:53 2025 GMT
        Subject: CN=8C3D11DB7B7B81336134DF8367AFC104C2568207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:66:cd:34:85:e8:65:ab:9d:ff:28:45:82:71:
                    51:dc:6f:58:6a:7d:88:99:28:e0:a2:fa:99:f0:d6:
                    f0:92:58:3d:65:04:96:03:ad:df:1a:51:8c:74:0f:
                    08:4b:7b:91:5d:70:e3:51:a2:25:0f:7c:26:e8:ef:
                    44:ee:12:a5:a5:83:8d:cf:8c:3f:3a:f4:10:55:9c:
                    05:ae:89:05:76:0b:d1:ae:d8:e3:96:af:81:20:b6:
                    e5:a0:cb:82:24:ba:fb:53:c6:b7:c9:4e:f8:a3:b4:
                    09:22:6d:24:a7:25:6a:71:ed:fb:c9:7b:79:42:8a:
                    fa:0e:c3:8f:c5:1b:56:96:17:72:89:07:5f:66:33:
                    c2:20:a0:92:bd:b6:56:d1:a1:6b:c7:d8:59:2a:1c:
                    5c:2d:ed:7e:1b:b7:26:3f:c2:fa:6c:67:21:75:fe:
                    8a:f7:06:ec:71:ff:e4:91:58:1a:b5:17:56:d4:c7:
                    26:47:44:48:2f:3b:76:4e:28:30:54:a3:da:f1:29:
                    2d:e3:4e:e2:f3:52:4a:6f:fb:c2:59:79:42:5c:62:
                    92:b7:ad:a5:83:05:c4:ba:11:cb:d0:bb:88:34:52:
                    2b:55:85:13:bf:4f:b3:8d:38:b9:93:8d:8c:09:a3:
                    7f:7c:18:0c:6a:d9:d4:b3:f9:f7:93:b7:8c:1e:1f:
                    d0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:3D:11:DB:7B:7B:81:33:61:34:DF:83:67:AF:C1:04:C2:56:82:07
            X509v3 Authority Key Identifier:
                keyid:F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366434303a3a2f34322d3432203d3e20323136333630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:6d40::/42

    Signature Algorithm: sha256WithRSAEncryption
         5f:a1:97:80:29:96:a1:fd:a7:bb:17:c8:52:4b:64:a8:e5:d9:
         cc:66:93:0c:aa:88:da:31:d5:94:5d:50:14:47:b7:0b:59:c3:
         f4:e2:fc:c8:72:62:1d:b1:ad:21:29:4f:e5:7b:18:72:06:f4:
         32:fd:20:b8:c0:30:50:c4:a3:29:94:bb:13:d1:b8:97:d3:15:
         d4:d5:79:f2:6c:c7:06:f3:b1:52:39:36:ef:9e:67:92:42:37:
         16:d2:47:4a:f8:10:c6:82:0f:4d:15:c9:7f:cd:d3:e0:13:d4:
         e0:e8:81:22:99:20:3b:d4:cf:f7:62:c6:ce:ec:0d:db:35:85:
         a9:85:c6:f0:71:04:bf:cb:97:67:ec:4a:71:14:18:f7:e8:7f:
         7c:d3:08:b7:94:89:15:5b:6d:1b:02:93:9e:92:66:c3:4d:8e:
         fa:a0:23:b4:6b:63:dd:db:aa:69:de:51:d9:73:52:1c:37:1e:
         67:31:01:a9:96:03:77:0e:9d:5a:a8:58:f8:71:32:19:f0:ec:
         ee:07:f1:12:ea:58:a9:44:90:d8:49:be:90:2b:12:c5:f7:30:
         ab:98:9e:bb:1c:1e:c3:f2:f3:0a:3a:5c:2a:b6:04:5b:e7:d4:
         eb:a0:34:9a:00:cd:9f:50:32:e1:69:cb:d2:4c:25:af:73:c4:
         37:57:bc:23
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUZkWKCjRPGw5RzgIcrltFr/chDUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0
M0M5OUIzRTAeFw0yNDAzMDQwMTAxNTNaFw0yNTAzMDMwMTA2NTNaMDMxMTAvBgNV
BAMTKDhDM0QxMURCN0I3QjgxMzM2MTM0REY4MzY3QUZDMTA0QzI1NjgyMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwZs00hehlq53/KEWCcVHcb1hq
fYiZKOCi+pnw1vCSWD1lBJYDrd8aUYx0DwhLe5FdcONRoiUPfCbo70TuEqWlg43P
jD869BBVnAWuiQV2C9Gu2OOWr4EgtuWgy4IkuvtTxrfJTvijtAkibSSnJWpx7fvJ
e3lCivoOw4/FG1aWF3KJB19mM8IgoJK9tlbRoWvH2FkqHFwt7X4btyY/wvpsZyF1
/or3Buxx/+SRWBq1F1bUxyZHREgvO3ZOKDBUo9rxKS3jTuLzUkpv+8JZeUJcYpK3
raWDBcS6EcvQu4g0UitVhRO/T7ONOLmTjYwJo398GAxq2dSz+feTt4weH9CXAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjD0R23t7gTNhNN+DZ6/BBMJWggcwHwYDVR0j
BBgwFoAU8avZQp86czZoysaYwROp40PJmz4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjUzNmExZTQtM2JmMC00MzUyLTkwNjEtNjY2OTRkMmJj
YmQzLzAvRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0M0M5OUIzRS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9GMUFCRDk0MjlGM0E3MzM2NjhDQUM2OThD
MTEzQTlFMzQzQzk5QjNFLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mNTM2YTFlNC0zYmYwLTQzNTItOTA2MS02NjY5NGQyYmNiZDMvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM2NjQzNDMwM2EzYTJmMzQzMjJkMzQzMjIwM2QzZTIwMzIz
MTM2MzMzNjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcGKgdUx21AMA0GCSqGSIb3DQEBCwUAA4IBAQBf
oZeAKZah/ae7F8hSS2So5dnMZpMMqojaMdWUXVAUR7cLWcP04vzIcmIdsa0hKU/l
exhyBvQy/SC4wDBQxKMplLsT0biX0xXU1XnybMcG87FSOTbvnmeSQjcW0kdK+BDG
gg9NFcl/zdPgE9Tg6IEimSA71M/3YsbO7A3bNYWphcbwcQS/y5dn7EpxFBj36H98
0wi3lIkVW20bApOekmbDTY76oCO0a2Pd26pp3lHZc1IcNx5nMQGplgN3Dp1aqFj4
cTIZ8OzuB/ES6lipRJDYSb6QKxLF9zCrmJ67HB7D8vMKOlwqtgRb59TroDSaAM2f
UDLhacvSTCWvc8Q3V7wj
-----END CERTIFICATE-----
Generated at Mon Oct 21 19:13:57 2024 by rpki-client on console-fra.rpki-client.org