Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/88abd2-6288-4471-80ab-e49f7f31362c/1/C9fSuihNn4L0Q5qCKKWWwv0oyvo.roa
File:                     C9fSuihNn4L0Q5qCKKWWwv0oyvo.roa (raw, json)
Hash identifier:          8w1EtNyJbAbYNlBkYaCKQ6OWfoADgwblJH0C3zOCHJA=
Subject key identifier:   0B:D7:D2:BA:28:4D:9F:82:F4:43:9A:82:28:A5:96:C2:FD:28:CA:FA
Certificate issuer:       /CN=655db0434a917bb2980986a7c84e3512c2a895ad
Certificate serial:       01856BCA1E92D2F495941CEEE26FA647405E
Authority key identifier: 65:5D:B0:43:4A:91:7B:B2:98:09:86:A7:C8:4E:35:12:C2:A8:95:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZV2wQ0qRe7KYCYanyE41EsKola0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/88abd2-6288-4471-80ab-e49f7f31362c/1/C9fSuihNn4L0Q5qCKKWWwv0oyvo.roa
Signing time:             Sun 01 Jan 2023 05:24:46 +0000
ROA not before:           Sun 01 Jan 2023 05:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        194.70.234.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ca:1e:92:d2:f4:95:94:1c:ee:e2:6f:a6:47:40:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=655db0434a917bb2980986a7c84e3512c2a895ad
        Validity
            Not Before: Jan  1 05:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0bd7d2ba284d9f82f4439a8228a596c2fd28cafa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:af:c0:f0:ea:2a:a5:88:7a:8f:0a:ea:58:cf:
                    da:13:3e:58:23:72:48:0a:dd:1a:d1:bc:e6:e7:fd:
                    3a:d4:27:a9:2a:4a:93:0f:56:e1:aa:14:8e:4e:a8:
                    c6:ab:8b:7b:ae:13:c0:95:e0:9d:89:11:59:fc:ea:
                    32:6b:b5:5c:58:52:ea:4d:b0:33:7a:4a:11:28:e2:
                    1e:09:83:a1:1e:9b:3b:a0:3c:60:9b:e3:32:ee:fe:
                    9b:4d:b3:de:e2:ea:39:9c:b2:32:77:63:77:68:02:
                    ff:aa:7f:c6:26:8f:e2:11:21:d4:c3:86:8d:f3:d5:
                    03:ee:5a:1b:89:24:37:8e:72:17:6b:22:e9:7f:d2:
                    9e:b8:1d:e2:5c:e9:e1:6b:97:3d:c3:dc:eb:31:42:
                    15:05:aa:cc:95:24:08:03:db:6a:b7:7a:05:65:bb:
                    e0:91:6d:cc:1b:ba:e5:d8:80:87:db:04:d2:1c:22:
                    dd:f5:40:20:5b:64:b3:4f:b8:61:76:01:68:35:32:
                    5b:0c:66:da:25:f8:45:2e:56:c5:43:79:f3:36:b6:
                    0c:8c:0a:0a:20:c5:31:9b:a7:67:96:05:e8:f7:8d:
                    70:12:08:7c:14:fd:97:03:45:69:f0:97:bc:79:60:
                    a6:af:be:6c:f3:be:c8:b9:e3:4c:23:c0:44:74:d9:
                    ac:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:D7:D2:BA:28:4D:9F:82:F4:43:9A:82:28:A5:96:C2:FD:28:CA:FA
            X509v3 Authority Key Identifier:
                keyid:65:5D:B0:43:4A:91:7B:B2:98:09:86:A7:C8:4E:35:12:C2:A8:95:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZV2wQ0qRe7KYCYanyE41EsKola0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88abd2-6288-4471-80ab-e49f7f31362c/1/C9fSuihNn4L0Q5qCKKWWwv0oyvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88abd2-6288-4471-80ab-e49f7f31362c/1/ZV2wQ0qRe7KYCYanyE41EsKola0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.70.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:40:d7:e6:0c:cf:2e:df:8a:ac:48:4f:42:08:d0:e6:7a:d0:
         13:5e:f1:f4:11:c2:3c:04:46:46:c9:62:96:00:52:cc:12:17:
         34:64:9b:25:1b:87:42:b4:67:65:50:64:87:62:a0:1f:b9:aa:
         96:7e:12:68:89:7e:84:ce:20:ae:8b:9c:bf:8e:25:57:7b:07:
         e5:50:41:10:43:63:3b:05:4a:b4:27:c5:e6:4f:2d:73:59:e0:
         23:11:fc:12:07:a3:93:0f:46:9c:b6:11:99:33:d2:e2:8d:6d:
         4d:3b:7b:cc:3d:de:f2:66:2b:23:e0:18:90:ea:ea:26:57:6b:
         d9:ab:1a:bc:1d:30:96:0f:7d:e3:f9:20:22:81:9c:ee:c9:79:
         42:76:0a:eb:20:fa:33:6f:9b:99:d5:25:2c:78:3b:56:c9:62:
         0f:05:66:3a:da:0c:09:3f:e2:fa:e4:91:c6:ae:41:54:3e:5e:
         84:7e:fc:60:31:3c:ce:3a:80:63:94:eb:25:2c:e2:07:25:f9:
         0e:d0:25:1c:7b:e9:e1:ed:a2:55:f2:f0:0a:9a:c5:e5:10:86:
         d4:2f:17:d0:69:58:3b:6f:ce:c4:04:74:03:a5:58:53:be:0a:
         fa:87:45:87:c1:6d:aa:31:f1:a6:0d:12:54:69:59:bb:0c:59:
         01:37:fd:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryh6S0vSVlBzu4m+mR0BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NWRiMDQzNGE5MTdiYjI5ODA5ODZhN2M4NGUzNTEyYzJh
ODk1YWQwHhcNMjMwMTAxMDUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ3ZDJiYTI4NGQ5ZjgyZjQ0MzlhODIyOGE1OTZjMmZkMjhjYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK/A8OoqpYh6jwrqWM/aEz5YI3JI
Ct0a0bzm5/061CepKkqTD1bhqhSOTqjGq4t7rhPAleCdiRFZ/Ooya7VcWFLqTbAz
ekoRKOIeCYOhHps7oDxgm+My7v6bTbPe4uo5nLIyd2N3aAL/qn/GJo/iESHUw4aN
89UD7lobiSQ3jnIXayLpf9KeuB3iXOnha5c9w9zrMUIVBarMlSQIA9tqt3oFZbvg
kW3MG7rl2ICH2wTSHCLd9UAgW2SzT7hhdgFoNTJbDGbaJfhFLlbFQ3nzNrYMjAoK
IMUxm6dnlgXo941wEgh8FP2XA0Vp8Je8eWCmr75s877IueNMI8BEdNmsywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAvX0rooTZ+C9EOagiillsL9KMr6MB8GA1UdIwQY
MBaAFGVdsENKkXuymAmGp8hONRLCqJWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlYyd1EwcVJlN0tZQ1lhbnlFNDFFc0tvbGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84OGFiZDItNjI4OC00NDcxLTgwYWIt
ZTQ5ZjdmMzEzNjJjLzEvQzlmU3VpaE5uNEwwUTVxQ0tLV1d3djBveXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84OGFiZDItNjI4OC00NDcxLTgwYWItZTQ5ZjdmMzEzNjJj
LzEvWlYyd1EwcVJlN0tZQ1lhbnlFNDFFc0tvbGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkbqMA0G
CSqGSIb3DQEBCwUAA4IBAQADQNfmDM8u34qsSE9CCNDmetATXvH0EcI8BEZGyWKW
AFLMEhc0ZJslG4dCtGdlUGSHYqAfuaqWfhJoiX6EziCui5y/jiVXewflUEEQQ2M7
BUq0J8XmTy1zWeAjEfwSB6OTD0acthGZM9LijW1NO3vMPd7yZisj4BiQ6uomV2vZ
qxq8HTCWD33j+SAigZzuyXlCdgrrIPozb5uZ1SUseDtWyWIPBWY62gwJP+L65JHG
rkFUPl6EfvxgMTzOOoBjlOslLOIHJfkO0CUce+nh7aJV8vAKmsXlEIbULxfQaVg7
b87EBHQDpVhTvgr6h0WHwW2qMfGmDRJUaVm7DFkBN/1i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:30 2024 by rpki-client on console-ams.rpki-client.org