Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/kwa0Z-HTXRglxd05LbY68sMP3pQ.roa
File:                     kwa0Z-HTXRglxd05LbY68sMP3pQ.roa (raw, json)
Hash identifier:          kro9LG/iRqLOsFeC4g7EN96O3XDcfXUDrKTQMlscY4Y=
Subject key identifier:   93:06:B4:67:E1:D3:5D:18:25:C5:DD:39:2D:B6:3A:F2:C3:0F:DE:94
Certificate issuer:       /CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
Certificate serial:       01877A7F14DD2D8DD1B96921E04FD3A39CEA
Authority key identifier: 9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/kwa0Z-HTXRglxd05LbY68sMP3pQ.roa
Signing time:             Thu 13 Apr 2023 12:02:41 +0000
ROA not before:           Thu 13 Apr 2023 12:02:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.85.94.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7a:7f:14:dd:2d:8d:d1:b9:69:21:e0:4f:d3:a3:9c:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
        Validity
            Not Before: Apr 13 12:02:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9306b467e1d35d1825c5dd392db63af2c30fde94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:35:3b:49:1f:56:b7:60:f8:ba:38:12:90:a4:
                    9a:2d:9b:38:40:1c:8d:53:02:65:3d:e3:be:16:ed:
                    1f:3a:3a:76:18:07:a6:28:0a:26:3c:5f:2b:7f:04:
                    06:48:87:20:6d:7e:8c:6f:aa:6d:31:19:a9:c4:23:
                    1f:75:48:a4:b2:e6:77:c7:7a:68:eb:c3:5a:62:7a:
                    c6:f4:ce:55:77:7a:2e:7c:c4:2c:0a:19:b3:9c:d1:
                    bd:ab:6c:00:f8:12:78:b5:80:7f:b6:f9:99:a7:b6:
                    34:97:62:d6:24:fc:0a:02:0a:10:8f:2f:85:6e:42:
                    05:4c:2a:f4:00:bb:e2:7d:57:d1:dc:fc:73:26:f7:
                    ef:9e:e3:92:df:da:46:91:14:83:f1:61:cd:df:9d:
                    55:86:e8:9a:00:15:2b:3b:1b:ec:af:a3:d1:8f:13:
                    41:ee:fe:a3:4f:d0:49:cc:67:9f:d3:d4:7d:ee:dc:
                    46:a1:d4:95:10:3a:a8:39:32:1c:53:39:40:5b:6d:
                    30:7d:9e:fb:87:2f:78:da:26:cc:7d:74:9c:ce:cc:
                    90:a4:de:54:2c:8b:2a:7f:af:74:c8:89:29:ab:93:
                    12:fa:80:2c:84:97:db:64:2c:d3:ff:3b:a9:ef:52:
                    fc:ee:b6:fa:4d:3a:ff:46:db:a0:9a:63:c4:42:30:
                    3e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:06:B4:67:E1:D3:5D:18:25:C5:DD:39:2D:B6:3A:F2:C3:0F:DE:94
            X509v3 Authority Key Identifier:
                keyid:9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/kwa0Z-HTXRglxd05LbY68sMP3pQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/n2YrPPqLkFkGjCnUa5kmO6LeUME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:4c:58:62:84:d6:c0:67:b1:c7:45:9b:dd:b8:d1:02:a8:3a:
         b5:64:c3:26:a2:23:b1:b2:ea:cb:65:13:09:bc:df:d4:64:11:
         13:58:a4:4d:fc:cf:2f:30:7b:19:1f:f8:fe:89:f1:e0:a8:52:
         4e:68:d8:e6:c4:1b:80:a5:cf:4b:ca:e0:41:18:b3:50:c5:0b:
         ad:ee:42:ca:ae:cd:7c:c0:5b:6f:37:02:49:df:72:77:3f:72:
         c8:a4:cc:37:ac:26:55:40:c5:59:26:54:0e:78:8c:2e:1d:1e:
         f1:ac:fc:c4:2e:64:7a:b6:87:3c:45:d2:3f:e6:c8:49:02:85:
         49:34:c4:11:d8:2a:c6:cb:67:02:8c:da:5d:14:2f:67:d3:a1:
         62:8e:0d:b3:13:76:fc:10:9b:c0:8a:49:b8:2b:5d:aa:10:f6:
         cb:3c:c4:d8:08:21:7d:05:ca:39:8e:a3:72:2f:c6:b6:68:37:
         79:d2:fd:e2:68:d9:69:8e:81:03:55:b5:2c:ee:a7:5d:b5:f5:
         48:7d:1b:e7:0c:8a:2a:23:13:5d:ee:5d:d9:dd:20:ad:68:a7:
         58:a2:1e:b5:7a:13:69:d4:82:f1:cc:48:24:d6:a3:c3:8b:11:
         40:d9:03:bc:b2:b1:48:96:01:51:f5:9c:55:dc:a3:e9:dd:7d:
         c3:02:c5:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6fxTdLY3RuWkh4E/To5zqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjYyYjNjZmE4YjkwNTkwNjhjMjlkNDZiOTkyNjNiYTJk
ZTUwYzEwHhcNMjMwNDEzMTIwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA2YjQ2N2UxZDM1ZDE4MjVjNWRkMzkyZGI2M2FmMmMzMGZkZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzU7SR9Wt2D4ujgSkKSaLZs4QByN
UwJlPeO+Fu0fOjp2GAemKAomPF8rfwQGSIcgbX6Mb6ptMRmpxCMfdUiksuZ3x3po
68NaYnrG9M5Vd3oufMQsChmznNG9q2wA+BJ4tYB/tvmZp7Y0l2LWJPwKAgoQjy+F
bkIFTCr0ALvifVfR3PxzJvfvnuOS39pGkRSD8WHN351VhuiaABUrOxvsr6PRjxNB
7v6jT9BJzGef09R97txGodSVEDqoOTIcUzlAW20wfZ77hy942ibMfXSczsyQpN5U
LIsqf690yIkpq5MS+oAshJfbZCzT/zup71L87rb6TTr/RtugmmPEQjA+eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMGtGfh010YJcXdOS22OvLDD96UMB8GA1UdIwQY
MBaAFJ9mKzz6i5BZBowp1GuZJjui3lDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTct
NmExZjk3ZmY4ZDM0LzEva3dhMFotSFRYUmdseGQwNUxiWTY4c01QM3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTctNmExZjk3ZmY4ZDM0
LzEvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVeMA0G
CSqGSIb3DQEBCwUAA4IBAQAxTFhihNbAZ7HHRZvduNECqDq1ZMMmoiOxsurLZRMJ
vN/UZBETWKRN/M8vMHsZH/j+ifHgqFJOaNjmxBuApc9LyuBBGLNQxQut7kLKrs18
wFtvNwJJ33J3P3LIpMw3rCZVQMVZJlQOeIwuHR7xrPzELmR6toc8RdI/5shJAoVJ
NMQR2CrGy2cCjNpdFC9n06Fijg2zE3b8EJvAikm4K12qEPbLPMTYCCF9Bco5jqNy
L8a2aDd50v3iaNlpjoEDVbUs7qddtfVIfRvnDIoqIxNd7l3Z3SCtaKdYoh61ehNp
1ILxzEgk1qPDixFA2QO8srFIlgFR9ZxV3KPp3X3DAsWj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:33 2024 by rpki-client on console-fra.rpki-client.org