Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/32332e3133322e3138342e302f32342d3234203d3e203233343730.roa
File:                     32332e3133322e3138342e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier:          +QQS+vRrHnO/La7O2UcQUQFo6cf+eu8xt7FEWOlIpY0=
Subject key identifier:   59:FF:8C:65:76:D4:90:6C:11:D8:44:C1:9D:C4:AE:13:2E:E4:40:A1
Certificate issuer:       /CN=eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46
Certificate serial:       141EC167A467EB9F1E097976EDBB89C34C711865
Authority key identifier: 1A:05:03:43:0B:A9:93:F7:0F:89:AB:E8:42:1B:F7:46:3F:E5:CA:BF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4/eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/32332e3133322e3138342e302f32342d3234203d3e203233343730.roa
Signing time:             Sun 01 Jan 2023 23:59:27 +0000
ROA not before:           Sun 01 Jan 2023 23:54:27 +0000
ROA not after:            Sun 31 Dec 2023 23:59:27 +0000
asID:                     23470
IP address blocks:        23.132.184.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:1e:c1:67:a4:67:eb:9f:1e:09:79:76:ed:bb:89:c3:4c:71:18:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46
        Validity
            Not Before: Jan  1 23:54:27 2023 GMT
            Not After : Dec 31 23:59:27 2023 GMT
        Subject: CN=59FF8C6576D4906C11D844C19DC4AE132EE440A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:30:f8:9a:81:f8:a6:4b:f7:31:62:84:31:46:
                    c9:a6:e6:80:58:11:cb:5c:08:b9:ee:2e:20:a2:94:
                    b9:8d:2d:74:21:82:01:b4:e3:30:88:2d:e4:38:0d:
                    ed:66:4f:74:83:25:58:a3:29:0f:d6:10:a1:d7:29:
                    ab:4b:10:22:c1:da:59:ec:96:0f:b9:cb:9c:a7:04:
                    f3:3b:15:f3:14:0b:5a:ce:96:3c:ff:8a:bd:2a:78:
                    e7:5d:9b:7f:fb:38:73:44:70:ea:64:9a:40:89:71:
                    d3:7e:6c:d3:bb:0a:44:a5:e2:b4:3b:17:f6:2d:ac:
                    86:28:4e:57:1d:b9:fb:41:91:81:ee:84:1b:3c:96:
                    fc:3d:3a:a0:8f:b2:89:87:7c:60:5c:04:80:b8:15:
                    b5:06:c2:3e:3b:fa:fe:17:c0:08:d5:8a:cc:a3:02:
                    fb:be:a1:47:85:12:47:cb:e5:3b:ec:f9:b7:80:aa:
                    4f:6e:4c:b0:79:d3:64:5a:fc:ad:61:f1:08:27:16:
                    2b:bc:83:4e:76:4f:6a:fa:81:81:3a:9a:e7:21:12:
                    eb:62:17:7a:98:0b:ef:de:5b:0d:64:35:8b:ba:8a:
                    3b:0c:13:44:59:09:48:8a:ec:a8:b9:f9:ac:a6:dd:
                    a6:1e:39:8b:21:4c:8a:f7:5d:06:10:84:97:0b:c9:
                    ef:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FF:8C:65:76:D4:90:6C:11:D8:44:C1:9D:C4:AE:13:2E:E4:40:A1
            X509v3 Authority Key Identifier:
                keyid:1A:05:03:43:0B:A9:93:F7:0F:89:AB:E8:42:1B:F7:46:3F:E5:CA:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/1A0503430BA993F70F89ABE8421BF7463FE5CABF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/a01e997c-b89e-47c2-8d79-d31e58bc3ca4/eecf847d7a32046881bbfaba0599bdd6dab3a81a88d8a48a46.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/1/32332e3133322e3138342e302f32342d3234203d3e203233343730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.132.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:d5:68:b2:ef:e0:86:94:45:66:b2:a3:1d:6f:ce:dd:11:0c:
         eb:1c:5f:b5:e6:42:04:7a:df:8f:9f:33:13:d0:56:ef:d5:3d:
         34:00:3e:56:09:0f:99:fb:0f:10:a1:d8:24:63:5d:93:19:49:
         2a:b4:0b:2c:4e:27:83:fc:9a:78:d6:2d:e1:a4:8b:48:8a:b3:
         5e:4c:cb:77:3c:49:c0:97:9e:f7:00:91:c2:2f:61:43:a7:bd:
         3e:ac:c4:3b:66:e8:86:7b:63:5a:d3:dc:4f:65:7f:48:e4:a5:
         14:42:5b:5e:08:3d:23:f3:fa:1b:33:43:27:ed:85:57:75:0b:
         fe:be:0a:d8:44:96:ee:4c:14:dc:ec:be:be:e3:62:fd:52:a3:
         e7:17:0a:28:94:b7:7a:0c:a9:31:28:dd:97:9f:6e:16:6e:4a:
         2a:64:63:de:04:ab:0d:e4:25:04:0b:b9:4d:cf:6c:af:ad:e2:
         e7:5b:0f:d8:f3:89:9a:3d:93:46:d8:b6:91:8f:c3:c0:af:a6:
         ed:c6:b5:00:78:58:7b:7a:bd:e2:bc:58:db:51:97:c7:8a:62:
         d2:62:fa:64:ba:26:fa:dc:88:31:92:6b:d1:77:7e:34:f9:c0:
         33:d1:15:60:23:29:6d:60:27:9e:29:69:8d:83:f3:f9:b6:fa:
         31:74:32:a0
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUFB7BZ6Rn658eCXl27buJw0xxGGUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZWVjZjg0N2Q3YTMyMDQ2ODgxYmJmYWJhMDU5OWJkZDZk
YWIzYTgxYTg4ZDhhNDhhNDYwHhcNMjMwMTAxMjM1NDI3WhcNMjMxMjMxMjM1OTI3
WjAzMTEwLwYDVQQDEyg1OUZGOEM2NTc2RDQ5MDZDMTFEODQ0QzE5REM0QUUxMzJF
RTQ0MEExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjD4moH4pkv3
MWKEMUbJpuaAWBHLXAi57i4gopS5jS10IYIBtOMwiC3kOA3tZk90gyVYoykP1hCh
1ymrSxAiwdpZ7JYPucucpwTzOxXzFAtazpY8/4q9KnjnXZt/+zhzRHDqZJpAiXHT
fmzTuwpEpeK0Oxf2LayGKE5XHbn7QZGB7oQbPJb8PTqgj7KJh3xgXASAuBW1BsI+
O/r+F8AI1YrMowL7vqFHhRJHy+U77Pm3gKpPbkywedNkWvytYfEIJxYrvINOdk9q
+oGBOprnIRLrYhd6mAvv3lsNZDWLuoo7DBNEWQlIiuyoufmspt2mHjmLIUyK910G
EISXC8nv+wIDAQABo4ICzTCCAskwHQYDVR0OBBYEFFn/jGV21JBsEdhEwZ3ErhMu
5EChMB8GA1UdIwQYMBaAFBoFA0MLqZP3D4mr6EIb90Y/5cq/MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUtNGU2OS1hODE1
LWJhMWU5YjMzNmQ2Mi8xLzFBMDUwMzQzMEJBOTkzRjcwRjg5QUJFODQyMUJGNzQ2
M0ZFNUNBQkYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2Mt
NDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9hMDFlOTk3Yy1iODllLTQ3YzItOGQ3OS1k
MzFlNThiYzNjYTQvZWVjZjg0N2Q3YTMyMDQ2ODgxYmJmYWJhMDU5OWJkZDZkYWIz
YTgxYTg4ZDhhNDhhNDYuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L2Y4ZTdkODY3LWMzNWUtNGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8xLzMyMzMyZTMx
MzMzMjJlMzEzODM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMzM0MzczMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeEuDANBgkqhkiG9w0BAQsFAAOCAQEATtVosu/ghpRFZrKjHW/O
3REM6xxfteZCBHrfj58zE9BW79U9NAA+VgkPmfsPEKHYJGNdkxlJKrQLLE4ng/ya
eNYt4aSLSIqzXkzLdzxJwJee9wCRwi9hQ6e9PqzEO2bohntjWtPcT2V/SOSlFEJb
Xgg9I/P6GzNDJ+2FV3UL/r4K2ESW7kwU3Oy+vuNi/VKj5xcKKJS3egypMSjdl59u
Fm5KKmRj3gSrDeQlBAu5Tc9sr63i51sP2POJmj2TRti2kY/DwK+m7ca1AHhYe3q9
4rxY21GXx4pi0mL6ZLom+tyIMZJr0Xd+NPnAM9EVYCMpbWAnnilpjYPz+bb6MXQy
oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-fra.rpki-client.org