Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214374.roa
File:                     AS214374.roa (raw, json)
Hash identifier:          dT2d9hCTUGgpYKmVUN9SWF6pgZYR3a0eFSwogCwNKh4=
Subject key identifier:   5E:35:72:5D:58:71:A7:CD:DC:C7:FF:19:4D:BD:B3:8D:62:59:BF:38
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       555B2CABABA0421703577E7B2172AD2D61F7D460
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214374.roa
Signing time:             Tue 13 Aug 2024 01:00:07 +0000
ROA not before:           Tue 13 Aug 2024 00:55:07 +0000
ROA not after:            Tue 12 Aug 2025 01:00:07 +0000
asID:                     214374
IP address blocks:        2a0f:85c1:883::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:5b:2c:ab:ab:a0:42:17:03:57:7e:7b:21:72:ad:2d:61:f7:d4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Aug 13 00:55:07 2024 GMT
            Not After : Aug 12 01:00:07 2025 GMT
        Subject: CN=5E35725D5871A7CDDCC7FF194DBDB38D6259BF38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:68:18:5e:00:59:93:93:54:0e:dc:db:9a:ad:
                    f8:5c:51:18:2a:6f:e6:7c:d2:3d:d4:66:93:14:22:
                    ef:cd:76:35:a9:1e:0a:b8:ec:87:78:95:2f:93:68:
                    ff:ca:7d:ec:0e:34:86:6f:94:93:bd:61:f9:64:cc:
                    87:c2:1f:fb:e8:d4:91:20:ee:39:b2:cf:aa:88:b7:
                    b2:e7:a3:a2:f4:a5:d1:bd:af:40:5f:25:d1:0b:4e:
                    79:c9:b2:90:08:33:0a:08:91:32:a8:63:d0:78:f9:
                    14:11:5a:68:f2:10:75:54:b8:1c:52:88:68:7a:1c:
                    37:d4:0d:02:d8:14:e0:e6:04:85:46:1e:99:8b:1b:
                    1e:53:77:e6:74:09:de:08:f2:d7:44:0c:93:08:56:
                    15:00:14:89:d2:22:73:92:82:85:b5:cd:b4:4b:8f:
                    db:7e:05:32:2c:43:12:df:3a:ed:0c:96:b2:a2:cf:
                    28:eb:5b:88:a1:96:8a:91:cd:6a:13:2c:5c:25:b1:
                    5f:af:ac:17:21:cd:c7:3d:35:48:ec:15:c7:1a:cc:
                    a8:a5:fc:68:3d:3c:4b:7f:2d:5a:f1:0e:54:21:1c:
                    3d:c2:23:b6:d5:c3:33:6f:67:de:75:9b:07:61:3e:
                    e1:13:e3:26:90:19:ea:1d:61:ac:dd:d8:00:8f:05:
                    82:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:35:72:5D:58:71:A7:CD:DC:C7:FF:19:4D:BD:B3:8D:62:59:BF:38
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214374.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:883::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:ee:78:48:c8:d8:29:e5:5f:f2:a2:e9:88:d6:29:cc:99:46:
         b6:50:3c:23:07:be:45:67:74:bc:c0:14:42:ad:50:5f:99:89:
         5e:5d:4c:69:f5:39:8a:9e:bd:b7:36:dc:d6:0f:3f:a9:e8:bb:
         d5:f1:b9:fe:2d:ea:45:6c:df:14:6f:3e:ba:50:4d:df:f1:73:
         3b:d0:59:a5:a3:06:a8:4d:30:16:8c:02:ec:38:7d:c9:84:59:
         08:92:7b:e5:e5:77:6d:e0:c0:c9:19:39:8f:cb:a0:05:73:7c:
         0e:7f:ea:1d:bd:15:5b:35:e4:0c:9a:87:f1:ae:5f:41:2c:f3:
         1e:e4:4c:e2:a0:8c:e9:ef:f3:d9:aa:1b:5d:2c:4e:9c:6d:7a:
         39:83:5c:4a:bb:ef:6a:a1:7e:59:87:00:b2:09:d1:99:a2:a1:
         c2:b2:28:11:23:b8:99:e4:8c:d6:08:c5:e9:ed:92:34:63:6e:
         58:17:54:0d:74:d8:e8:39:0b:6a:1c:dc:03:96:d0:5d:72:93:
         9a:d4:00:5b:bc:f1:1f:2d:02:2f:7b:d7:ec:32:f7:31:8d:19:
         6a:81:0e:7d:67:1f:dd:ca:09:37:3d:45:10:6b:e5:4d:62:35:
         5c:0f:db:29:ad:13:71:4c:3c:a9:95:ba:32:7e:f6:25:70:ff:
         25:d2:5b:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUVVssq6ugQhcDV357IXKtLWH31GAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MTMwMDU1MDdaFw0yNTA4MTIwMTAwMDdaMDMxMTAvBgNV
BAMTKDVFMzU3MjVENTg3MUE3Q0REQ0M3RkYxOTREQkRCMzhENjI1OUJGMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/aBheAFmTk1QO3NuarfhcURgq
b+Z80j3UZpMUIu/NdjWpHgq47Id4lS+TaP/KfewONIZvlJO9YflkzIfCH/vo1JEg
7jmyz6qIt7Lno6L0pdG9r0BfJdELTnnJspAIMwoIkTKoY9B4+RQRWmjyEHVUuBxS
iGh6HDfUDQLYFODmBIVGHpmLGx5Td+Z0Cd4I8tdEDJMIVhUAFInSInOSgoW1zbRL
j9t+BTIsQxLfOu0MlrKizyjrW4ihloqRzWoTLFwlsV+vrBchzcc9NUjsFccazKil
/Gg9PEt/LVrxDlQhHD3CI7bVwzNvZ951mwdhPuET4yaQGeodYazd2ACPBYKNAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUXjVyXVhxp83cx/8ZTb2zjWJZvzgwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0Mzc0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiDMA0GCSqGSIb3DQEBCwUAA4IBAQCT7nhIyNgp5V/youmI1inMmUa2UDwjB75F
Z3S8wBRCrVBfmYleXUxp9TmKnr23NtzWDz+p6LvV8bn+LepFbN8Ubz66UE3f8XM7
0FmlowaoTTAWjALsOH3JhFkIknvl5Xdt4MDJGTmPy6AFc3wOf+odvRVbNeQMmofx
rl9BLPMe5EzioIzp7/PZqhtdLE6cbXo5g1xKu+9qoX5ZhwCyCdGZoqHCsigRI7iZ
5IzWCMXp7ZI0Y25YF1QNdNjoOQtqHNwDltBdcpOa1ABbvPEfLQIve9fsMvcxjRlq
gQ59Zx/dygk3PUUQa+VNYjVcD9sprRNxTDyplboyfvYlcP8l0ltl
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org