Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366463303a3a2f34322d3432203d3e20323136333630.roa
File:                     326130373a353463373a366463303a3a2f34322d3432203d3e20323136333630.roa (raw, json)
Hash identifier:          gpkDT+VJGarzAZzyeoqgDX1+phCB92UTZyt2GykLTl4=
Subject key identifier:   16:DC:71:A9:4A:FC:31:5F:48:F2:BC:CE:E3:D4:DF:E6:19:5A:2E:A4
Certificate issuer:       /CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Certificate serial:       0F102F2070A369E4DD7A17B0DBC6BE50E84A216F
Authority key identifier: F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366463303a3a2f34322d3432203d3e20323136333630.roa
Signing time:             Mon 04 Mar 2024 01:08:19 +0000
ROA not before:           Mon 04 Mar 2024 01:03:19 +0000
ROA not after:            Mon 03 Mar 2025 01:08:19 +0000
asID:                     216360
IP address blocks:        2a07:54c7:6dc0::/42 maxlen: 42

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:10:2f:20:70:a3:69:e4:dd:7a:17:b0:db:c6:be:50:e8:4a:21:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
        Validity
            Not Before: Mar  4 01:03:19 2024 GMT
            Not After : Mar  3 01:08:19 2025 GMT
        Subject: CN=16DC71A94AFC315F48F2BCCEE3D4DFE6195A2EA4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ff:dc:d1:3b:22:09:1c:40:98:1b:cc:3f:ce:
                    c8:d9:ae:75:fc:c3:3d:84:da:e3:cc:82:e6:8e:2b:
                    29:73:f0:ef:8a:e7:0a:ca:64:12:d1:9c:59:9e:29:
                    4e:36:42:2a:ec:2f:7f:c8:db:08:5c:c1:91:2c:5a:
                    32:9e:57:2d:11:de:d2:4c:a1:fd:01:0a:13:4c:8a:
                    92:b6:ec:13:53:d7:72:be:b8:84:d8:4c:f9:e3:c9:
                    01:3b:65:36:36:95:a7:e3:bd:d6:23:33:67:79:eb:
                    5c:5a:f3:95:ab:a9:29:36:0f:9c:8e:25:be:61:9a:
                    26:e0:27:e8:72:3a:65:ac:8a:d1:0a:ec:a9:e1:dd:
                    6a:e3:ee:c5:26:46:76:71:34:1e:f5:28:4e:26:c3:
                    57:0d:a3:31:ff:9c:54:2d:15:51:74:1c:c5:67:09:
                    2e:51:76:4e:ca:e9:b5:22:d6:94:70:74:01:c3:3f:
                    7d:91:7f:91:45:65:54:2e:f5:b6:a9:9f:cf:79:15:
                    a6:60:3e:31:16:e6:67:28:22:99:98:f6:ec:6d:28:
                    3d:41:b0:ea:87:17:bb:e5:d9:9e:d5:92:56:cd:33:
                    e1:00:bf:7b:a5:79:69:12:02:15:25:bb:22:58:8f:
                    0f:b9:c8:91:d5:f7:fe:03:81:73:2c:c4:20:4c:00:
                    e8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:DC:71:A9:4A:FC:31:5F:48:F2:BC:CE:E3:D4:DF:E6:19:5A:2E:A4
            X509v3 Authority Key Identifier:
                keyid:F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366463303a3a2f34322d3432203d3e20323136333630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:6dc0::/42

    Signature Algorithm: sha256WithRSAEncryption
         67:94:f5:dd:02:97:d8:60:51:77:f3:49:9e:03:d2:48:37:d7:
         23:ca:8b:75:1e:26:94:c4:f2:e1:ae:95:28:be:63:73:b7:dc:
         6c:65:d9:03:5b:f8:33:7a:2e:b1:d5:1a:ac:af:8b:e7:35:99:
         1c:2b:60:10:25:3e:14:e2:fe:0a:9b:33:11:c3:55:d6:cc:3e:
         9e:b8:86:db:1e:27:fe:4e:24:a5:e3:ca:b6:b3:e5:7f:2e:b8:
         e3:cb:22:03:53:c2:65:73:a5:41:8d:21:7a:8c:1e:55:fc:85:
         f0:be:59:5f:ce:b9:34:46:3e:d7:dc:90:35:c0:9d:51:f5:c7:
         a6:c3:d0:7a:5e:4b:93:e3:ab:c9:a0:7b:61:31:86:16:fc:05:
         ad:24:66:9b:01:ee:58:37:d7:c9:09:99:04:06:05:38:03:3a:
         97:f2:84:ae:70:61:ab:33:7f:e7:57:70:b3:35:7c:22:23:b8:
         b1:91:a5:60:86:13:e0:13:d9:d6:6a:ae:af:ee:9c:e5:56:fc:
         af:98:a7:ae:dc:77:3d:32:55:b7:34:98:fe:61:27:1c:ac:82:
         6a:0f:10:c1:82:f4:00:14:0d:5d:76:30:69:38:d9:23:bf:ed:
         84:e3:0a:be:64:1f:c3:8f:8c:e3:fc:f2:44:f7:18:3c:6a:2a:
         50:26:af:18
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUDxAvIHCjaeTdehew28a+UOhKIW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0
M0M5OUIzRTAeFw0yNDAzMDQwMTAzMTlaFw0yNTAzMDMwMTA4MTlaMDMxMTAvBgNV
BAMTKDE2REM3MUE5NEFGQzMxNUY0OEYyQkNDRUUzRDRERkU2MTk1QTJFQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl/9zROyIJHECYG8w/zsjZrnX8
wz2E2uPMguaOKylz8O+K5wrKZBLRnFmeKU42QirsL3/I2whcwZEsWjKeVy0R3tJM
of0BChNMipK27BNT13K+uITYTPnjyQE7ZTY2lafjvdYjM2d561xa85WrqSk2D5yO
Jb5hmibgJ+hyOmWsitEK7Knh3Wrj7sUmRnZxNB71KE4mw1cNozH/nFQtFVF0HMVn
CS5Rdk7K6bUi1pRwdAHDP32Rf5FFZVQu9bapn895FaZgPjEW5mcoIpmY9uxtKD1B
sOqHF7vl2Z7VklbNM+EAv3uleWkSAhUluyJYjw+5yJHV9/4DgXMsxCBMAOjVAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUFtxxqUr8MV9I8rzO49Tf5hlaLqQwHwYDVR0j
BBgwFoAU8avZQp86czZoysaYwROp40PJmz4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjUzNmExZTQtM2JmMC00MzUyLTkwNjEtNjY2OTRkMmJj
YmQzLzAvRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0M0M5OUIzRS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9GMUFCRDk0MjlGM0E3MzM2NjhDQUM2OThD
MTEzQTlFMzQzQzk5QjNFLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mNTM2YTFlNC0zYmYwLTQzNTItOTA2MS02NjY5NGQyYmNiZDMvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM2NjQ2MzMwM2EzYTJmMzQzMjJkMzQzMjIwM2QzZTIwMzIz
MTM2MzMzNjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcGKgdUx23AMA0GCSqGSIb3DQEBCwUAA4IBAQBn
lPXdApfYYFF380meA9JIN9cjyot1HiaUxPLhrpUovmNzt9xsZdkDW/gzei6x1Rqs
r4vnNZkcK2AQJT4U4v4KmzMRw1XWzD6euIbbHif+TiSl48q2s+V/LrjjyyIDU8Jl
c6VBjSF6jB5V/IXwvllfzrk0Rj7X3JA1wJ1R9cemw9B6XkuT46vJoHthMYYW/AWt
JGabAe5YN9fJCZkEBgU4AzqX8oSucGGrM3/nV3CzNXwiI7ixkaVghhPgE9nWaq6v
7pzlVvyvmKeu3Hc9MlW3NJj+YSccrIJqDxDBgvQAFA1ddjBpONkjv+2E4wq+ZB/D
j4zj/PJE9xg8aipQJq8Y
-----END CERTIFICATE-----
Generated at Mon Oct 21 19:13:57 2024 by rpki-client on console-fra.rpki-client.org