Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214495.roa
File:                     AS214495.roa (raw, json)
Hash identifier:          qY6yuNEp2OQHhUaBsFVbboKIkLe4axS5+CM3wwW6vbg=
Subject key identifier:   46:A0:37:87:5B:E6:F5:22:04:80:01:69:95:46:B2:E3:1C:50:1C:65
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       33F57971FF1E5046081CC0119E1E37B1BEC463FC
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214495.roa
Signing time:             Sat 20 Jul 2024 20:47:32 +0000
ROA not before:           Sat 20 Jul 2024 20:42:32 +0000
ROA not after:            Sat 19 Jul 2025 20:47:32 +0000
asID:                     214495
IP address blocks:        2a0f:85c1:83c::/48 maxlen: 48

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:f5:79:71:ff:1e:50:46:08:1c:c0:11:9e:1e:37:b1:be:c4:63:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Jul 20 20:42:32 2024 GMT
            Not After : Jul 19 20:47:32 2025 GMT
        Subject: CN=46A037875BE6F522048001699546B2E31C501C65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:6b:c7:c5:44:bb:ff:42:70:a0:66:07:54:c8:
                    64:be:7a:15:f9:c2:cb:f6:22:a8:f2:d0:d7:4d:8b:
                    40:3c:db:fd:7b:47:4f:6a:d4:3e:f4:59:90:a6:da:
                    82:a9:f9:82:05:a9:3b:67:51:ab:00:28:09:60:90:
                    3e:dd:1b:af:f5:a1:52:d6:73:bd:8b:56:4e:86:fd:
                    99:45:02:89:2a:ef:5b:2d:92:88:c3:61:ad:62:1c:
                    89:70:61:fd:f5:ae:41:2e:0b:fd:ae:11:7b:3e:71:
                    03:cc:75:c2:f4:08:02:6d:46:8f:0f:51:06:3d:c4:
                    04:17:03:fe:a8:b3:03:78:3c:20:07:17:f6:63:e1:
                    3c:a8:d1:be:a4:2c:32:c4:37:b9:4e:c0:f8:e8:cd:
                    b0:b5:c8:17:ad:c8:65:7b:b3:58:59:b0:0f:b3:20:
                    49:4a:75:c7:7d:55:0d:63:a6:0d:db:60:bf:fa:58:
                    07:52:5a:3d:4f:77:54:10:6f:31:bd:f2:78:d2:2c:
                    18:2f:d5:a1:db:33:c5:0a:35:a6:80:55:ee:68:df:
                    94:62:68:f4:25:f8:6b:99:65:db:3f:a6:a1:c5:3d:
                    d0:02:94:a4:9f:35:84:ff:57:1b:b0:57:46:ba:47:
                    08:f5:aa:ad:bd:14:9a:45:5c:75:a2:b7:f7:04:db:
                    dd:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A0:37:87:5B:E6:F5:22:04:80:01:69:95:46:B2:E3:1C:50:1C:65
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214495.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:83c::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:9d:95:7f:67:33:0b:0f:35:f6:7b:95:3b:6c:97:4f:ba:12:
         ea:7e:30:0e:05:0e:b1:db:7b:9d:77:f6:6a:49:6e:30:f1:7d:
         52:87:99:6e:35:36:2f:21:e9:72:49:d0:3c:93:6e:ab:ee:16:
         cb:ac:ea:9d:fb:1d:e5:74:0a:9c:52:25:0a:5f:eb:0e:5f:28:
         ba:46:dc:38:5c:62:10:a2:2c:96:73:cb:d1:fe:00:3e:2f:13:
         ed:f8:61:22:32:ec:11:74:35:75:c4:ee:a6:bf:7f:39:85:c9:
         3c:4c:5e:24:a7:72:8e:44:19:90:ae:c2:f4:5f:ed:d7:c2:e1:
         49:f2:da:11:81:dc:34:2a:02:6c:bd:83:ef:42:c1:a6:ed:f9:
         9d:f7:d4:38:be:51:d1:cb:20:02:5e:ab:7d:2f:00:e8:3a:2f:
         35:cc:09:bd:3e:1b:82:8b:ce:0b:a7:59:bb:48:cd:06:9b:36:
         22:db:c6:77:10:8e:33:ad:ff:f8:84:59:e5:81:12:31:23:a9:
         55:e9:30:2a:60:04:c7:1c:5c:45:de:02:77:6b:67:30:db:db:
         81:bb:26:fb:0c:10:b7:c1:42:00:91:49:fc:1b:88:63:ad:6c:
         a2:91:01:f3:c2:c4:6f:fa:4c:83:28:1a:b3:7d:ca:27:af:ab:
         73:32:75:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUM/V5cf8eUEYIHMARnh43sb7EY/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MjAyMDQyMzJaFw0yNTA3MTkyMDQ3MzJaMDMxMTAvBgNV
BAMTKDQ2QTAzNzg3NUJFNkY1MjIwNDgwMDE2OTk1NDZCMkUzMUM1MDFDNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaa8fFRLv/QnCgZgdUyGS+ehX5
wsv2Iqjy0NdNi0A82/17R09q1D70WZCm2oKp+YIFqTtnUasAKAlgkD7dG6/1oVLW
c72LVk6G/ZlFAokq71stkojDYa1iHIlwYf31rkEuC/2uEXs+cQPMdcL0CAJtRo8P
UQY9xAQXA/6oswN4PCAHF/Zj4Tyo0b6kLDLEN7lOwPjozbC1yBetyGV7s1hZsA+z
IElKdcd9VQ1jpg3bYL/6WAdSWj1Pd1QQbzG98njSLBgv1aHbM8UKNaaAVe5o35Ri
aPQl+GuZZds/pqHFPdAClKSfNYT/VxuwV0a6Rwj1qq29FJpFXHWit/cE292PAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQURqA3h1vm9SIEgAFplUay4xxQHGUwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NDk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQg8MA0GCSqGSIb3DQEBCwUAA4IBAQBinZV/ZzMLDzX2e5U7bJdPuhLqfjAOBQ6x
23udd/ZqSW4w8X1Sh5luNTYvIelySdA8k26r7hbLrOqd+x3ldAqcUiUKX+sOXyi6
Rtw4XGIQoiyWc8vR/gA+LxPt+GEiMuwRdDV1xO6mv385hck8TF4kp3KORBmQrsL0
X+3XwuFJ8toRgdw0KgJsvYPvQsGm7fmd99Q4vlHRyyACXqt9LwDoOi81zAm9PhuC
i84Lp1m7SM0GmzYi28Z3EI4zrf/4hFnlgRIxI6lV6TAqYATHHFxF3gJ3a2cw29uB
uyb7DBC3wUIAkUn8G4hjrWyikQHzwsRv+kyDKBqzfconr6tzMnVQ
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org