Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207781.roa
File:                     AS207781.roa (raw, json)
Hash identifier:          rWC7BPdm+kDEjzCXYn8Qh3KC2MTNv3s2OJYPGzzjYvw=
Subject key identifier:   F2:12:C0:1A:09:31:7E:FE:BB:F5:BD:3E:88:83:87:45:0B:7E:A7:8D
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       53CAFF81BBC2890BA509DD0CA515AA3D18E76DC3
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207781.roa
Signing time:             Thu 23 May 2024 16:49:12 +0000
ROA not before:           Thu 23 May 2024 16:44:12 +0000
ROA not after:            Thu 22 May 2025 16:49:12 +0000
asID:                     207781
IP address blocks:        2a0f:85c1:beef::/48 maxlen: 48
                          2a0f:85c1:cafe::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:ca:ff:81:bb:c2:89:0b:a5:09:dd:0c:a5:15:aa:3d:18:e7:6d:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: May 23 16:44:12 2024 GMT
            Not After : May 22 16:49:12 2025 GMT
        Subject: CN=F212C01A09317EFEBBF5BD3E888387450B7EA78D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:64:f4:b3:91:14:2f:d5:0d:fd:95:ec:91:f1:
                    bb:f0:ac:e2:27:c8:c2:39:da:40:85:b3:3b:7f:56:
                    96:09:29:aa:b7:17:83:62:a0:d4:ac:6d:69:00:65:
                    ee:ce:8a:75:f8:19:5d:3d:7f:72:b3:06:b6:27:9f:
                    a2:fc:fd:47:96:8b:da:0d:d5:b8:ef:0b:11:67:cc:
                    56:3f:e0:ee:b5:72:d0:4f:ec:5b:a0:7c:6d:64:27:
                    45:fb:3c:a9:57:0e:66:98:5d:38:2e:80:c9:53:3f:
                    5b:18:64:15:d6:97:21:13:1c:96:88:c5:d5:9b:d7:
                    29:67:d1:9e:2c:ff:54:43:55:7e:2f:4d:d7:dd:b6:
                    c9:b4:c4:90:c4:fc:06:a4:39:4d:bb:19:20:c7:a4:
                    c9:a1:3a:79:5e:5f:e5:a4:b0:44:93:b5:78:f0:c4:
                    40:ee:f0:b0:3b:85:0a:45:09:05:b4:37:f9:85:fb:
                    2c:f5:73:2e:f4:3a:49:2f:5d:1d:ec:1c:bf:05:d8:
                    0c:4f:c3:1d:06:b2:a5:c7:76:7f:91:74:c7:43:56:
                    16:5a:fa:09:cc:35:d4:f4:ff:e4:6f:1f:81:28:f5:
                    d1:c7:8d:b7:75:a8:c8:06:ae:c7:47:94:c5:5c:8c:
                    dc:9a:2d:99:cc:46:66:8e:83:35:30:ee:7d:83:ce:
                    a2:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:12:C0:1A:09:31:7E:FE:BB:F5:BD:3E:88:83:87:45:0B:7E:A7:8D
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207781.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:beef::/48
                  2a0f:85c1:cafe::/48

    Signature Algorithm: sha256WithRSAEncryption
         b8:36:84:57:2e:b0:cf:d0:1a:e3:18:2b:d4:b1:2d:ec:ff:26:
         bd:b6:8b:be:57:3c:af:eb:6d:88:44:dd:05:e9:f3:ff:13:cd:
         e2:1c:f5:26:06:1c:39:7a:1c:5a:37:58:8b:4a:36:dd:af:f6:
         1e:80:2c:c4:c3:76:c5:4e:6b:64:74:93:70:d2:b1:1c:9d:a1:
         02:6d:00:bd:b4:6e:06:da:49:fb:00:e2:df:91:a8:45:5d:d3:
         75:53:c6:e2:9b:b4:73:e0:a7:91:69:02:7c:36:cc:80:6a:00:
         af:8b:71:54:e2:f6:d3:f4:7a:0a:5c:7e:8e:3c:1b:92:9d:a3:
         37:e5:dd:0f:92:8f:2e:ee:09:5f:fc:68:ef:d1:1a:79:57:00:
         38:25:34:29:54:27:3b:96:86:8c:ca:e0:44:d7:21:a9:ad:23:
         07:75:ed:41:53:41:11:f2:98:78:45:df:9a:71:a4:99:d0:cb:
         a9:13:31:55:73:9e:d3:64:16:b6:bb:9a:68:34:31:c9:c0:8c:
         c9:de:4a:14:e7:77:41:15:1a:8b:68:8f:ab:a4:2f:a9:15:15:
         90:17:91:cb:7a:ff:6d:fc:0b:90:75:7c:ab:8e:ee:40:8c:1f:
         e7:09:14:68:12:96:1d:21:b5:81:ee:c2:1b:1b:85:8f:fa:67:
         6e:ac:e7:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUU8r/gbvCiQulCd0MpRWqPRjnbcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTJaFw0yNTA1MjIxNjQ5MTJaMDMxMTAvBgNV
BAMTKEYyMTJDMDFBMDkzMTdFRkVCQkY1QkQzRTg4ODM4NzQ1MEI3RUE3OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjZPSzkRQv1Q39leyR8bvwrOIn
yMI52kCFszt/VpYJKaq3F4NioNSsbWkAZe7OinX4GV09f3KzBrYnn6L8/UeWi9oN
1bjvCxFnzFY/4O61ctBP7FugfG1kJ0X7PKlXDmaYXTgugMlTP1sYZBXWlyETHJaI
xdWb1yln0Z4s/1RDVX4vTdfdtsm0xJDE/AakOU27GSDHpMmhOnleX+WksESTtXjw
xEDu8LA7hQpFCQW0N/mF+yz1cy70OkkvXR3sHL8F2AxPwx0GsqXHdn+RdMdDVhZa
+gnMNdT0/+RvH4Eo9dHHjbd1qMgGrsdHlMVcjNyaLZnMRmaOgzUw7n2DzqJjAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU8hLAGgkxfv679b0+iIOHRQt+p40wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjA3NzgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wb7vAwcAKg+Fwcr+MA0GCSqGSIb3DQEBCwUAA4IBAQC4NoRXLrDP0BrjGCvUsS3s
/ya9tou+Vzyv622IRN0F6fP/E83iHPUmBhw5ehxaN1iLSjbdr/YegCzEw3bFTmtk
dJNw0rEcnaECbQC9tG4G2kn7AOLfkahFXdN1U8bim7Rz4KeRaQJ8NsyAagCvi3FU
4vbT9HoKXH6OPBuSnaM35d0Pko8u7glf/Gjv0Rp5VwA4JTQpVCc7loaMyuBE1yGp
rSMHde1BU0ER8ph4Rd+acaSZ0MupEzFVc57TZBa2u5poNDHJwIzJ3koU53dBFRqL
aI+rpC+pFRWQF5HLev9t/AuQdXyrju5AjB/nCRRoEpYdIbWB7sIbG4WP+mdurOd6
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org