Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/806ccc-d932-4ebc-bec3-dd1c4c0cf005/1/PBOMA8KxXkxLwSCJyuZYlPSdULQ.roa
File:                     PBOMA8KxXkxLwSCJyuZYlPSdULQ.roa (raw, json)
Hash identifier:          0x1tqmknYoUM+apuywoKASdPEA3PnNPcWKpKg/najJQ=
Subject key identifier:   3C:13:8C:03:C2:B1:5E:4C:4B:C1:20:89:CA:E6:58:94:F4:9D:50:B4
Certificate issuer:       /CN=fc4d168cf9fa66d4a2c921dc2b54a3c77efbed61
Certificate serial:       0184527F5F1403EE691428F9B99105061ED6
Authority key identifier: FC:4D:16:8C:F9:FA:66:D4:A2:C9:21:DC:2B:54:A3:C7:7E:FB:ED:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_E0WjPn6ZtSiySHcK1Sjx3777WE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/806ccc-d932-4ebc-bec3-dd1c4c0cf005/1/PBOMA8KxXkxLwSCJyuZYlPSdULQ.roa
Signing time:             Mon 07 Nov 2022 14:29:49 +0000
ROA not before:           Mon 07 Nov 2022 14:29:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     9009
IP address blocks:        178.211.159.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:52:7f:5f:14:03:ee:69:14:28:f9:b9:91:05:06:1e:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc4d168cf9fa66d4a2c921dc2b54a3c77efbed61
        Validity
            Not Before: Nov  7 14:29:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3c138c03c2b15e4c4bc12089cae65894f49d50b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:bf:ef:18:5f:e5:30:e1:a1:c8:52:54:f6:63:
                    15:78:5a:ab:c9:f5:6a:79:cc:9c:77:d5:7b:8e:2b:
                    1f:fd:8d:30:8f:5e:91:ad:a5:9c:a6:7e:a8:b3:b9:
                    f4:57:64:64:e7:06:cc:ec:d7:43:18:41:d4:18:cf:
                    98:2a:02:14:5b:69:f8:29:4c:3b:80:f6:b2:40:53:
                    e5:80:cc:37:ce:40:59:18:e5:04:77:35:15:ea:f6:
                    16:6e:22:64:95:d2:1e:99:54:6c:04:87:66:44:00:
                    85:d5:c6:17:0a:72:ef:df:76:3a:94:c3:9a:43:73:
                    57:e7:d8:41:78:c1:8c:4d:ca:58:66:f1:58:c4:69:
                    dd:cc:a3:55:af:50:cf:66:c7:01:85:2d:02:cc:f8:
                    de:5f:03:92:c9:21:ec:f5:3f:2e:bd:36:f8:61:a0:
                    6e:67:14:a9:a3:09:36:b9:58:f2:04:61:73:70:71:
                    e6:35:32:5e:66:c6:e5:92:66:04:36:9e:59:60:b3:
                    0d:cb:33:8e:4c:bf:9e:5b:27:50:7b:70:90:b7:15:
                    45:38:94:e1:ea:ab:e1:e5:e4:7f:2b:92:b2:0a:cc:
                    6c:d6:fa:94:cc:3f:4b:53:62:c7:ce:17:32:e1:cb:
                    a3:b9:e6:3a:65:6b:c4:5b:4a:b6:69:4c:c3:f8:79:
                    3b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:13:8C:03:C2:B1:5E:4C:4B:C1:20:89:CA:E6:58:94:F4:9D:50:B4
            X509v3 Authority Key Identifier:
                keyid:FC:4D:16:8C:F9:FA:66:D4:A2:C9:21:DC:2B:54:A3:C7:7E:FB:ED:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0WjPn6ZtSiySHcK1Sjx3777WE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/806ccc-d932-4ebc-bec3-dd1c4c0cf005/1/PBOMA8KxXkxLwSCJyuZYlPSdULQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/806ccc-d932-4ebc-bec3-dd1c4c0cf005/1/_E0WjPn6ZtSiySHcK1Sjx3777WE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:55:22:5e:b3:c1:5e:04:57:01:2d:b7:99:1b:5c:37:03:a4:
         c5:a7:29:69:4f:58:c1:ec:79:a7:e7:8e:cb:91:d5:09:bb:b0:
         d6:d3:c9:8d:49:cc:96:18:a9:1c:be:53:ae:07:af:cf:de:d0:
         95:90:03:e7:e8:7e:ec:42:83:5c:20:29:a9:f9:fc:bf:ab:38:
         d8:a9:50:d7:ec:57:b1:dd:a9:2b:4c:d4:f5:85:3e:22:aa:36:
         e7:4f:79:06:46:cc:54:d3:62:30:9d:68:25:db:b3:5f:30:d1:
         1a:b8:5f:ad:db:4e:26:7b:78:be:55:e1:3f:be:25:b5:c4:20:
         7d:56:34:58:7f:f9:e4:ab:be:9f:e7:f9:a5:91:39:62:dd:35:
         84:5e:63:65:64:04:ee:fd:63:cc:ec:9f:49:8c:45:02:55:71:
         a0:e6:8b:e3:36:35:aa:d4:e2:50:f7:a2:6f:43:fd:8b:dc:ca:
         56:b9:0e:03:39:b1:dd:5e:d2:ca:c3:f3:55:9f:d8:fe:e9:72:
         c2:e2:d2:45:5a:0a:32:7f:53:51:73:7e:d6:1e:d2:65:47:ff:
         51:7f:89:e4:bf:51:33:db:30:d5:60:4a:36:75:2c:e4:0f:88:
         fb:d0:44:ef:4f:47:0a:54:09:65:7d:c3:6c:5d:99:9b:df:c5:
         f9:b1:2a:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRSf18UA+5pFCj5uZEFBh7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQxNjhjZjlmYTY2ZDRhMmM5MjFkYzJiNTRhM2M3N2Vm
YmVkNjEwHhcNMjIxMTA3MTQyOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzEzOGMwM2MyYjE1ZTRjNGJjMTIwODljYWU2NTg5NGY0OWQ1MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b/vGF/lMOGhyFJU9mMVeFqryfVq
ecycd9V7jisf/Y0wj16RraWcpn6os7n0V2Rk5wbM7NdDGEHUGM+YKgIUW2n4KUw7
gPayQFPlgMw3zkBZGOUEdzUV6vYWbiJkldIemVRsBIdmRACF1cYXCnLv33Y6lMOa
Q3NX59hBeMGMTcpYZvFYxGndzKNVr1DPZscBhS0CzPjeXwOSySHs9T8uvTb4YaBu
ZxSpowk2uVjyBGFzcHHmNTJeZsblkmYENp5ZYLMNyzOOTL+eWydQe3CQtxVFOJTh
6qvh5eR/K5KyCsxs1vqUzD9LU2LHzhcy4cujueY6ZWvEW0q2aUzD+Hk7XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwTjAPCsV5MS8EgicrmWJT0nVC0MB8GA1UdIwQY
MBaAFPxNFoz5+mbUoskh3CtUo8d+++1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwV2pQbjZadFNpeVNIY0sxU2p4Mzc3N1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84MDZjY2MtZDkzMi00ZWJjLWJlYzMt
ZGQxYzRjMGNmMDA1LzEvUEJPTUE4S3hYa3hMd1NDSnl1WllsUFNkVUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84MDZjY2MtZDkzMi00ZWJjLWJlYzMtZGQxYzRjMGNmMDA1
LzEvX0UwV2pQbjZadFNpeVNIY0sxU2p4Mzc3N1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOfMA0G
CSqGSIb3DQEBCwUAA4IBAQBqVSJes8FeBFcBLbeZG1w3A6TFpylpT1jB7Hmn547L
kdUJu7DW08mNScyWGKkcvlOuB6/P3tCVkAPn6H7sQoNcICmp+fy/qzjYqVDX7Fex
3akrTNT1hT4iqjbnT3kGRsxU02IwnWgl27NfMNEauF+t204me3i+VeE/viW1xCB9
VjRYf/nkq76f5/mlkTli3TWEXmNlZATu/WPM7J9JjEUCVXGg5ovjNjWq1OJQ96Jv
Q/2L3MpWuQ4DObHdXtLKw/NVn9j+6XLC4tJFWgoyf1NRc37WHtJlR/9Rf4nkv1Ez
2zDVYEo2dSzkD4j70ETvT0cKVAllfcNsXZmb38X5sSoW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:26 2024 by rpki-client on console-ams.rpki-client.org