Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31312e302f32342d3234203d3e20313337343039.roa
File:                     38362e34382e31312e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier:          48Y6O6zGfaO5BOkxj3PJu6VAWAI6AB4O/oQd1xhg2dc=
Subject key identifier:   E3:72:F2:BC:B5:27:B3:52:37:B9:02:17:5B:B6:E1:C9:78:20:77:4F
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       3036ADFE454BE3D9F46E3439F63901FBE40E998A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31312e302f32342d3234203d3e20313337343039.roa
Signing time:             Mon 27 Jan 2025 09:45:02 +0000
ROA not before:           Mon 27 Jan 2025 09:40:02 +0000
ROA not after:            Mon 26 Jan 2026 09:45:02 +0000
asID:                     137409
IP address blocks:        86.48.11.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:36:ad:fe:45:4b:e3:d9:f4:6e:34:39:f6:39:01:fb:e4:0e:99:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Jan 27 09:40:02 2025 GMT
            Not After : Jan 26 09:45:02 2026 GMT
        Subject: CN=E372F2BCB527B35237B902175BB6E1C97820774F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e0:c6:92:06:0b:30:f3:e2:ef:ef:6b:85:ff:
                    9a:0f:8a:1c:36:7a:bf:70:5a:ab:c7:68:48:3c:c0:
                    29:0a:2a:8f:cd:5f:1d:7e:54:f8:ce:ae:82:79:2f:
                    e4:17:4e:ac:af:aa:cb:71:ea:e6:0c:ef:bb:1e:cf:
                    8f:92:f9:6c:61:f9:4c:59:99:b8:2c:4f:38:15:a5:
                    45:c2:28:43:83:98:f8:68:c4:b6:8d:98:7e:92:66:
                    dc:b7:a8:12:b0:59:12:6e:d1:e9:bf:d9:d0:9e:44:
                    70:2b:3c:fc:e4:cf:7f:a8:9d:d9:7c:39:ae:f8:20:
                    be:0a:b1:7b:98:26:9a:52:ae:bf:43:68:d7:b0:f1:
                    e3:a3:9b:be:2c:a6:db:37:1d:31:bb:15:1f:a2:91:
                    17:90:44:af:1f:8b:0a:8e:99:d5:b2:b5:52:6f:70:
                    44:97:6e:12:a7:50:52:ec:ed:7d:71:8e:5a:d2:7f:
                    2c:d1:13:5a:84:68:ce:83:c7:6e:5a:ba:21:e0:8d:
                    f5:86:f2:72:76:6f:ef:8a:56:29:8d:4b:4c:99:d5:
                    32:b1:5a:c8:6b:92:e8:a9:9b:44:4d:bd:93:8f:70:
                    1f:96:53:72:8a:f0:6a:5f:fa:59:81:d9:cd:50:5d:
                    67:ac:8e:23:26:2e:01:b2:e8:ca:6f:2c:24:a7:11:
                    12:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:72:F2:BC:B5:27:B3:52:37:B9:02:17:5B:B6:E1:C9:78:20:77:4F
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31312e302f32342d3234203d3e20313337343039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.48.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:15:62:a3:79:cb:df:92:31:be:a0:fb:b6:8a:b9:03:21:67:
         a3:eb:1c:fb:ec:16:29:68:15:fa:db:32:7a:2d:13:35:61:ac:
         af:5e:e8:48:9f:34:fd:92:a4:fa:f7:06:da:36:7b:11:52:7b:
         6c:e6:c1:79:1d:44:f9:79:fe:0f:b6:ea:41:08:0e:0c:a0:1a:
         31:5b:fc:f5:60:5c:e4:05:b3:0d:f4:cf:61:ef:2c:ba:46:fd:
         14:5a:12:00:7d:05:3e:f4:ea:1a:32:f8:a7:56:5b:0c:6b:f9:
         20:ef:82:cf:35:4f:bd:46:f4:c3:48:74:6e:24:90:d0:81:5e:
         96:eb:7f:b9:0e:38:7a:b9:37:fe:de:38:a8:83:a5:17:f6:83:
         59:c8:dc:67:3f:2e:ef:90:0d:97:d7:bd:dc:a3:85:b4:5d:64:
         f5:3e:9c:35:b9:90:48:eb:f9:fa:e1:b9:f2:70:55:cc:e3:19:
         69:a4:2c:40:db:53:65:34:4e:d6:19:58:42:82:16:6b:ab:f2:
         92:16:96:f0:a2:f9:bc:3d:8a:44:6e:d3:ad:30:d3:8b:23:74:
         6e:5a:9e:b7:fa:aa:99:d1:f3:b7:39:9c:9a:79:1e:3f:33:3a:
         25:79:10:d9:6b:ca:ba:0e:60:9c:22:00:cf:75:a9:f9:6c:7d:
         e8:ac:fb:fa
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMDat/kVL49n0bjQ59jkB++QOmYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDJaFw0yNjAxMjYwOTQ1MDJaMDMxMTAvBgNV
BAMTKEUzNzJGMkJDQjUyN0IzNTIzN0I5MDIxNzVCQjZFMUM5NzgyMDc3NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn4MaSBgsw8+Lv72uF/5oPihw2
er9wWqvHaEg8wCkKKo/NXx1+VPjOroJ5L+QXTqyvqstx6uYM77sez4+S+Wxh+UxZ
mbgsTzgVpUXCKEODmPhoxLaNmH6SZty3qBKwWRJu0em/2dCeRHArPPzkz3+ondl8
Oa74IL4KsXuYJppSrr9DaNew8eOjm74spts3HTG7FR+ikReQRK8fiwqOmdWytVJv
cESXbhKnUFLs7X1xjlrSfyzRE1qEaM6Dx25auiHgjfWG8nJ2b++KVimNS0yZ1TKx
Wshrkuipm0RNvZOPcB+WU3KK8Gpf+lmB2c1QXWesjiMmLgGy6MpvLCSnERIhAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU43LyvLUns1I3uQIXW7bhyXggd08wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM0MzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFYw
CzANBgkqhkiG9w0BAQsFAAOCAQEAIhVio3nL35IxvqD7toq5AyFno+sc++wWKWgV
+tsyei0TNWGsr17oSJ80/ZKk+vcG2jZ7EVJ7bObBeR1E+Xn+D7bqQQgODKAaMVv8
9WBc5AWzDfTPYe8sukb9FFoSAH0FPvTqGjL4p1ZbDGv5IO+CzzVPvUb0w0h0biSQ
0IFelut/uQ44erk3/t44qIOlF/aDWcjcZz8u75ANl9e93KOFtF1k9T6cNbmQSOv5
+uG58nBVzOMZaaQsQNtTZTRO1hlYQoIWa6vykhaW8KL5vD2KRG7TrTDTiyN0blqe
t/qqmdHztzmcmnkePzM6JXkQ2WvKug5gnCIAz3Wp+Wx96Kz7+g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:10:39 2025 by rpki-client