Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cb4b6b-18aa-4e2c-a405-e7e77b6fac1e/1/UXoj9j3ONWxOaxsFPyBmk6Abquc.roa
File:                     UXoj9j3ONWxOaxsFPyBmk6Abquc.roa (raw, json)
Hash identifier:          Lrz6yK/Clg+M9/h9Y2rNr+UQBfu7/k71QDYbCMFGIc0=
Subject key identifier:   51:7A:23:F6:3D:CE:35:6C:4E:6B:1B:05:3F:20:66:93:A0:1B:AA:E7
Certificate issuer:       /CN=d3202774b7de641d8ea18be56a75ff6098747618
Certificate serial:       018E803097E562C53CBDB62E4953D34E91C0
Authority key identifier: D3:20:27:74:B7:DE:64:1D:8E:A1:8B:E5:6A:75:FF:60:98:74:76:18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0yAndLfeZB2OoYvlanX_YJh0dhg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/cb4b6b-18aa-4e2c-a405-e7e77b6fac1e/1/UXoj9j3ONWxOaxsFPyBmk6Abquc.roa
Signing time:             Wed 27 Mar 2024 13:54:12 +0000
ROA not before:           Wed 27 Mar 2024 13:54:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212137
IP address blocks:        109.95.124.0/22 maxlen: 28

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:80:30:97:e5:62:c5:3c:bd:b6:2e:49:53:d3:4e:91:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3202774b7de641d8ea18be56a75ff6098747618
        Validity
            Not Before: Mar 27 13:54:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=517a23f63dce356c4e6b1b053f206693a01baae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e8:0c:55:8b:d5:69:86:f6:1a:7f:b0:48:53:
                    38:cc:53:7c:e2:16:49:d2:8b:45:b9:9b:a1:43:82:
                    ce:44:5f:c1:8e:1d:24:47:09:46:7c:02:91:a2:84:
                    f0:52:85:02:32:0a:fc:ca:35:9b:47:56:5a:8c:01:
                    83:3a:59:0b:59:2b:0e:97:83:a7:6b:8e:bb:c0:a0:
                    c9:c2:44:d6:63:9c:b8:24:8d:ea:89:27:22:66:95:
                    44:0d:51:f2:21:a4:72:74:e6:27:6e:ce:a1:35:3e:
                    3e:18:f9:7d:37:ae:d5:ef:14:75:5c:ce:1a:63:06:
                    1a:34:ad:47:bc:24:18:8f:8c:9a:4e:2a:83:96:41:
                    0a:0b:cc:8c:ef:74:36:18:9e:0d:7b:ba:a8:77:25:
                    29:2d:cc:5e:fc:82:25:96:61:ea:03:52:3e:7a:8e:
                    14:3b:18:d5:05:26:2f:76:65:30:11:2a:70:5a:69:
                    ad:60:aa:e1:da:b6:4b:10:33:dc:2c:e2:46:50:e0:
                    d8:b8:18:b2:c9:78:04:80:4a:13:62:04:34:2c:2d:
                    62:8c:2f:f2:ce:f6:fa:90:0e:4a:ec:5a:e4:23:a9:
                    97:91:1b:1a:4d:9e:2f:af:fa:e1:c5:bf:f5:42:bf:
                    90:1c:c5:d8:c3:61:79:64:fc:f9:e0:41:18:fe:13:
                    fc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:7A:23:F6:3D:CE:35:6C:4E:6B:1B:05:3F:20:66:93:A0:1B:AA:E7
            X509v3 Authority Key Identifier:
                keyid:D3:20:27:74:B7:DE:64:1D:8E:A1:8B:E5:6A:75:FF:60:98:74:76:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yAndLfeZB2OoYvlanX_YJh0dhg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cb4b6b-18aa-4e2c-a405-e7e77b6fac1e/1/UXoj9j3ONWxOaxsFPyBmk6Abquc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cb4b6b-18aa-4e2c-a405-e7e77b6fac1e/1/0yAndLfeZB2OoYvlanX_YJh0dhg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.95.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:be:b0:05:94:5a:b8:e7:b5:20:ea:9e:b7:a5:1a:58:76:3b:
         b3:40:14:3e:36:07:8b:d1:b3:58:7a:10:10:c2:37:84:4a:21:
         0a:6e:5a:ec:ea:e8:bc:74:9d:16:db:16:4d:ad:2b:f5:35:db:
         c4:4b:15:47:dd:8b:b5:ac:54:76:77:cd:eb:a0:9d:3a:86:e9:
         70:28:df:9b:78:bb:99:dd:08:d9:19:84:39:e5:c5:06:a5:4a:
         f4:03:46:06:6b:f4:ac:1a:d0:f0:30:3d:a8:c5:4e:a1:d5:5c:
         4c:f0:c7:10:26:97:c4:c6:83:d2:46:bc:3e:86:5a:a3:50:b5:
         b7:6b:1e:c3:76:51:25:f0:64:54:e1:43:b3:0a:6a:2b:42:1c:
         17:70:b2:e3:37:d0:c0:4e:42:20:ea:a0:d2:3e:f1:0d:6a:81:
         16:d9:0a:c3:56:5a:3e:45:9a:bb:a0:9b:96:14:c3:82:ff:cc:
         7a:45:e4:b7:cd:e3:9b:52:f5:73:1d:9e:c4:fd:20:46:ab:ac:
         97:34:fc:78:9d:58:c9:6c:f5:7e:48:a6:c9:d9:cf:a3:e4:98:
         18:b0:25:a5:49:35:cf:57:06:96:09:85:4d:27:b1:06:3d:e0:
         70:6a:3b:99:4a:85:8e:57:b1:64:fc:de:1f:b2:9a:81:39:e7:
         6e:6b:f1:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6AMJflYsU8vbYuSVPTTpHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjAyNzc0YjdkZTY0MWQ4ZWExOGJlNTZhNzVmZjYwOTg3
NDc2MTgwHhcNMjQwMzI3MTM1NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTdhMjNmNjNkY2UzNTZjNGU2YjFiMDUzZjIwNjY5M2EwMWJhYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOgMVYvVaYb2Gn+wSFM4zFN84hZJ
0otFuZuhQ4LORF/Bjh0kRwlGfAKRooTwUoUCMgr8yjWbR1ZajAGDOlkLWSsOl4On
a467wKDJwkTWY5y4JI3qiSciZpVEDVHyIaRydOYnbs6hNT4+GPl9N67V7xR1XM4a
YwYaNK1HvCQYj4yaTiqDlkEKC8yM73Q2GJ4Ne7qodyUpLcxe/IIllmHqA1I+eo4U
OxjVBSYvdmUwESpwWmmtYKrh2rZLEDPcLOJGUODYuBiyyXgEgEoTYgQ0LC1ijC/y
zvb6kA5K7FrkI6mXkRsaTZ4vr/rhxb/1Qr+QHMXYw2F5ZPz54EEY/hP8swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFF6I/Y9zjVsTmsbBT8gZpOgG6rnMB8GA1UdIwQY
MBaAFNMgJ3S33mQdjqGL5Wp1/2CYdHYYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlBbmRMZmVaQjJPb1l2bGFuWF9ZSmgwZGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYjRiNmItMThhYS00ZTJjLWE0MDUt
ZTdlNzdiNmZhYzFlLzEvVVhvajlqM09OV3hPYXhzRlB5Qm1rNkFicXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYjRiNmItMThhYS00ZTJjLWE0MDUtZTdlNzdiNmZhYzFl
LzEvMHlBbmRMZmVaQjJPb1l2bGFuWF9ZSmgwZGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV98MA0G
CSqGSIb3DQEBCwUAA4IBAQCwvrAFlFq457Ug6p63pRpYdjuzQBQ+NgeL0bNYehAQ
wjeESiEKblrs6ui8dJ0W2xZNrSv1NdvESxVH3Yu1rFR2d83roJ06hulwKN+beLuZ
3QjZGYQ55cUGpUr0A0YGa/SsGtDwMD2oxU6h1VxM8McQJpfExoPSRrw+hlqjULW3
ax7DdlEl8GRU4UOzCmorQhwXcLLjN9DATkIg6qDSPvENaoEW2QrDVlo+RZq7oJuW
FMOC/8x6ReS3zeObUvVzHZ7E/SBGq6yXNPx4nVjJbPV+SKbJ2c+j5JgYsCWlSTXP
VwaWCYVNJ7EGPeBwajuZSoWOV7Fk/N4fspqBOedua/H1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org