Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366530303a3a2f34302d3430203d3e20323136333630.roa
File:                     326130373a353463373a366530303a3a2f34302d3430203d3e20323136333630.roa (raw, json)
Hash identifier:          VevqVtohE7E15MPnYrIGQKTSWA9Lx2A3Zo592w2P5IQ=
Subject key identifier:   3A:D9:D7:D6:0A:46:9D:6B:17:60:A5:0E:13:68:E4:4A:BA:4E:69:7B
Certificate issuer:       /CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Certificate serial:       72D8EA76F6FC923A4B7F2DBD0D3C8EB3F25B4E8C
Authority key identifier: F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366530303a3a2f34302d3430203d3e20323136333630.roa
Signing time:             Mon 04 Mar 2024 01:07:24 +0000
ROA not before:           Mon 04 Mar 2024 01:02:24 +0000
ROA not after:            Mon 03 Mar 2025 01:07:24 +0000
asID:                     216360
IP address blocks:        2a07:54c7:6e00::/40 maxlen: 40

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:d8:ea:76:f6:fc:92:3a:4b:7f:2d:bd:0d:3c:8e:b3:f2:5b:4e:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
        Validity
            Not Before: Mar  4 01:02:24 2024 GMT
            Not After : Mar  3 01:07:24 2025 GMT
        Subject: CN=3AD9D7D60A469D6B1760A50E1368E44ABA4E697B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:09:d9:5c:fc:87:b1:ad:61:0c:72:f3:e4:12:
                    80:59:de:5f:1a:02:4a:ba:f0:72:9d:51:a9:ee:80:
                    6e:df:d8:20:71:d1:07:75:18:e0:a7:e6:a3:14:f5:
                    12:29:81:17:ae:8e:c4:83:b7:d7:36:31:8c:51:2a:
                    3c:1a:29:ca:bb:97:f2:8f:34:7c:74:8f:72:99:9d:
                    54:3e:2a:d2:ef:70:b1:34:20:42:f6:53:4c:41:52:
                    42:59:08:b8:49:19:87:a1:e5:71:2c:af:4a:f7:2d:
                    d9:dd:2d:7c:4e:df:76:bc:3b:05:5d:77:07:2c:f3:
                    a2:e1:98:4f:36:99:d5:69:c0:2e:86:b5:be:04:8d:
                    fe:1b:4e:ff:be:44:d7:ad:b1:13:6d:a4:6f:9b:65:
                    93:0e:d6:7b:60:61:72:35:81:df:32:86:de:a6:55:
                    b2:6b:85:eb:82:62:66:11:28:c5:fd:c0:b5:c0:97:
                    e1:46:70:40:48:ee:93:71:5d:70:79:50:c8:a0:3f:
                    fa:34:a8:e3:79:8c:77:00:6f:74:8e:38:5d:af:1b:
                    7c:14:1f:b4:d7:63:53:37:14:c7:77:bf:72:c7:1c:
                    80:a8:35:4b:18:13:44:b3:7d:31:8f:48:1e:92:3e:
                    97:3b:6a:20:51:46:8f:12:73:8b:e3:60:39:5c:7f:
                    39:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D9:D7:D6:0A:46:9D:6B:17:60:A5:0E:13:68:E4:4A:BA:4E:69:7B
            X509v3 Authority Key Identifier:
                keyid:F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366530303a3a2f34302d3430203d3e20323136333630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c7:6e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1e:b4:33:5b:19:42:c5:aa:9d:18:14:b6:e2:f2:5d:a4:b1:e6:
         ad:b9:a6:0f:94:bd:84:00:cd:70:7a:95:bb:cd:aa:33:ac:9f:
         57:cc:44:0e:0f:07:30:71:28:ea:04:09:86:3d:05:2d:fa:e9:
         d4:0e:f5:a9:0f:bc:1e:36:b1:9b:4d:7d:5b:92:58:e8:62:2b:
         e0:e3:bf:26:27:87:15:e0:36:f1:db:45:90:dd:74:0e:1a:99:
         fd:90:d4:50:24:0b:b5:b0:d8:2d:ad:8a:d9:77:a1:d0:fb:7e:
         60:65:e9:42:41:c5:b1:e9:75:e6:a3:29:ce:13:fb:6c:7b:0f:
         ef:95:bf:ac:9b:c0:36:5b:ff:a0:0e:97:d9:da:16:1d:24:05:
         f8:7a:73:eb:d3:ce:3f:5d:e6:26:f2:1d:a8:49:1b:5c:e2:72:
         0a:6d:03:07:c2:48:f6:2f:52:5b:24:3a:23:af:cd:be:ed:a9:
         42:c4:7a:eb:44:6a:a6:ad:3a:7f:e4:49:e9:05:82:82:40:f4:
         4b:03:5a:75:00:98:c1:4d:83:a9:fd:20:ca:99:28:16:ce:54:
         6e:45:40:32:3f:14:8e:46:a3:e9:5a:be:41:98:5a:88:cf:07:
         33:c6:a7:cf:f7:e9:13:3c:83:d9:46:86:c4:93:0a:98:9e:74:
         e6:50:5c:a1
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUctjqdvb8kjpLfy29DTyOs/JbTowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0
M0M5OUIzRTAeFw0yNDAzMDQwMTAyMjRaFw0yNTAzMDMwMTA3MjRaMDMxMTAvBgNV
BAMTKDNBRDlEN0Q2MEE0NjlENkIxNzYwQTUwRTEzNjhFNDRBQkE0RTY5N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMCdlc/IexrWEMcvPkEoBZ3l8a
Akq68HKdUanugG7f2CBx0Qd1GOCn5qMU9RIpgReujsSDt9c2MYxRKjwaKcq7l/KP
NHx0j3KZnVQ+KtLvcLE0IEL2U0xBUkJZCLhJGYeh5XEsr0r3LdndLXxO33a8OwVd
dwcs86LhmE82mdVpwC6Gtb4Ejf4bTv++RNetsRNtpG+bZZMO1ntgYXI1gd8yht6m
VbJrheuCYmYRKMX9wLXAl+FGcEBI7pNxXXB5UMigP/o0qON5jHcAb3SOOF2vG3wU
H7TXY1M3FMd3v3LHHICoNUsYE0SzfTGPSB6SPpc7aiBRRo8Sc4vjYDlcfzm3AgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUOtnX1gpGnWsXYKUOE2jkSrpOaXswHwYDVR0j
BBgwFoAU8avZQp86czZoysaYwROp40PJmz4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjUzNmExZTQtM2JmMC00MzUyLTkwNjEtNjY2OTRkMmJj
YmQzLzAvRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0M0M5OUIzRS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9GMUFCRDk0MjlGM0E3MzM2NjhDQUM2OThD
MTEzQTlFMzQzQzk5QjNFLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mNTM2YTFlNC0zYmYwLTQzNTItOTA2MS02NjY5NGQyYmNiZDMvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM2NjUzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTM2MzMzNjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdUx24wDQYJKoZIhvcNAQELBQADggEBAB60
M1sZQsWqnRgUtuLyXaSx5q25pg+UvYQAzXB6lbvNqjOsn1fMRA4PBzBxKOoECYY9
BS366dQO9akPvB42sZtNfVuSWOhiK+DjvyYnhxXgNvHbRZDddA4amf2Q1FAkC7Ww
2C2titl3odD7fmBl6UJBxbHpdeajKc4T+2x7D++Vv6ybwDZb/6AOl9naFh0kBfh6
c+vTzj9d5ibyHahJG1zicgptAwfCSPYvUlskOiOvzb7tqULEeutEaqatOn/kSekF
goJA9EsDWnUAmMFNg6n9IMqZKBbOVG5FQDI/FI5Go+lavkGYWojPBzPGp8/36RM8
g9lGhsSTCpiedOZQXKE=
-----END CERTIFICATE-----
Generated at Mon Oct 21 19:38:58 2024 by rpki-client on console-ams.rpki-client.org