Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/gvXjOu--Si8HCb8SDupF1M5VRGs.roa
File:                     gvXjOu--Si8HCb8SDupF1M5VRGs.roa (raw, json)
Hash identifier:          vkIGcLU//BMvRWi1lLpE2ao7dvijtPHqKchEbmBxoek=
Subject key identifier:   82:F5:E3:3A:EF:BE:4A:2F:07:09:BF:12:0E:EA:45:D4:CE:55:44:6B
Certificate issuer:       /CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
Certificate serial:       0187C1DA99D1E034D400810456B588E945F9
Authority key identifier: 8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/gvXjOu--Si8HCb8SDupF1M5VRGs.roa
Signing time:             Thu 27 Apr 2023 08:35:41 +0000
ROA not before:           Thu 27 Apr 2023 08:35:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     134176
IP address blocks:        176.97.205.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c1:da:99:d1:e0:34:d4:00:81:04:56:b5:88:e9:45:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
        Validity
            Not Before: Apr 27 08:35:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82f5e33aefbe4a2f0709bf120eea45d4ce55446b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f3:06:12:85:1d:b8:15:d3:68:75:8d:03:9d:
                    26:98:d3:d3:2b:d4:58:ea:6b:fc:4f:d3:32:4d:ab:
                    3e:0e:1a:f8:c2:d7:11:a3:f1:4e:bf:7a:83:f2:33:
                    85:d7:20:87:ea:ad:6e:b1:be:4c:61:4a:ed:83:cc:
                    21:08:13:9f:5d:59:f0:91:09:8a:81:50:d9:37:ff:
                    a2:8d:bf:b8:47:71:d2:93:30:19:b0:fd:69:d5:4e:
                    1b:a6:9e:e2:93:90:96:27:32:80:ca:55:ea:70:bf:
                    61:15:8d:3e:d7:a0:18:72:80:8f:88:d7:a6:87:16:
                    a6:23:03:c4:4f:7a:a2:25:11:2c:6b:23:bf:55:b1:
                    4b:91:bd:8f:e3:85:39:63:5b:51:5d:12:5e:c3:4a:
                    16:f2:4e:2a:15:d7:44:16:0f:80:e8:fd:13:c2:eb:
                    93:42:16:57:16:a6:fc:6d:f7:dc:b4:22:26:07:a9:
                    13:f1:cc:00:4a:54:98:8a:cd:80:96:53:ec:37:70:
                    2e:cc:d1:74:58:8f:f9:32:84:61:6a:6b:5b:ae:d1:
                    e6:3a:8d:6c:cb:1a:47:f1:32:4e:78:48:90:fb:59:
                    5c:34:b7:b9:a9:30:e0:23:1b:90:cd:97:3a:46:8f:
                    3f:cc:dc:b3:d4:f2:bd:ec:e2:56:05:a9:ef:af:8f:
                    4f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:F5:E3:3A:EF:BE:4A:2F:07:09:BF:12:0E:EA:45:D4:CE:55:44:6B
            X509v3 Authority Key Identifier:
                keyid:8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/gvXjOu--Si8HCb8SDupF1M5VRGs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/jzh45rDzsQ5fMPRK651FU-2Agjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:06:38:bc:8a:44:30:a8:7d:e2:43:84:0a:e8:21:60:9c:b3:
         8f:0d:82:2f:4b:87:72:03:a2:57:8c:cd:e5:8f:d1:ce:f7:63:
         fd:c8:4c:a1:84:c9:4d:76:3b:ea:7d:f4:eb:ab:a9:08:c7:4d:
         20:9e:f0:5a:89:7a:f6:a9:e8:f7:81:f2:30:78:26:9b:3e:d2:
         b2:38:14:d3:2f:95:88:7b:23:51:d9:39:dd:8d:4d:b0:92:60:
         96:ba:be:6e:17:79:cb:b8:76:b7:cd:d3:cd:4c:46:1c:59:ae:
         e2:08:a9:08:51:b7:ca:c5:d3:cf:e9:4d:10:45:96:59:43:a4:
         e6:01:c7:cf:f2:25:6f:e6:0f:33:95:b5:4e:c8:ca:2c:76:2a:
         61:01:a4:ba:5b:38:e4:41:ab:79:6e:ac:db:64:10:ba:67:b6:
         6b:5d:06:8e:71:b8:3b:16:89:b4:91:f9:01:79:26:61:27:18:
         70:ad:6d:ba:69:5d:e1:53:e6:0a:e7:47:2f:e4:1e:87:2f:80:
         ce:37:48:6b:65:a6:2c:f5:6c:30:24:25:5f:78:67:55:2d:21:
         11:4f:a3:d4:16:e4:c1:09:16:58:aa:3e:e1:70:5d:2f:83:fc:
         50:64:f8:60:7a:af:25:13:a5:ac:ee:c3:84:bc:1b:81:b5:0a:
         e3:f7:ff:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfB2pnR4DTUAIEEVrWI6UX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzg3OGU2YjBmM2IxMGU1ZjMwZjQ0YWViOWQ0NTUzZWQ4
MDgyM2MwHhcNMjMwNDI3MDgzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmY1ZTMzYWVmYmU0YTJmMDcwOWJmMTIwZWVhNDVkNGNlNTU0NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvMGEoUduBXTaHWNA50mmNPTK9RY
6mv8T9MyTas+Dhr4wtcRo/FOv3qD8jOF1yCH6q1usb5MYUrtg8whCBOfXVnwkQmK
gVDZN/+ijb+4R3HSkzAZsP1p1U4bpp7ik5CWJzKAylXqcL9hFY0+16AYcoCPiNem
hxamIwPET3qiJREsayO/VbFLkb2P44U5Y1tRXRJew0oW8k4qFddEFg+A6P0TwuuT
QhZXFqb8bffctCImB6kT8cwASlSYis2AllPsN3AuzNF0WI/5MoRhamtbrtHmOo1s
yxpH8TJOeEiQ+1lcNLe5qTDgIxuQzZc6Ro8/zNyz1PK97OJWBanvr49PPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIL14zrvvkovBwm/Eg7qRdTOVURrMB8GA1UdIwQY
MBaAFI84eOaw87EOXzD0SuudRVPtgII8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpoNDVyRHpzUTVmTVBSSzY1MUZVLTJBZ2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iZTQ3YjktYmQ5Zi00MTY1LWE4NzEt
NGFmMGM0YmRiYTZjLzEvZ3ZYak91LS1TaThIQ2I4U0R1cEYxTTVWUkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iZTQ3YjktYmQ5Zi00MTY1LWE4NzEtNGFmMGM0YmRiYTZj
LzEvanpoNDVyRHpzUTVmTVBSSzY1MUZVLTJBZ2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHNMA0G
CSqGSIb3DQEBCwUAA4IBAQBlBji8ikQwqH3iQ4QK6CFgnLOPDYIvS4dyA6JXjM3l
j9HO92P9yEyhhMlNdjvqffTrq6kIx00gnvBaiXr2qej3gfIweCabPtKyOBTTL5WI
eyNR2TndjU2wkmCWur5uF3nLuHa3zdPNTEYcWa7iCKkIUbfKxdPP6U0QRZZZQ6Tm
AcfP8iVv5g8zlbVOyMosdiphAaS6WzjkQat5bqzbZBC6Z7ZrXQaOcbg7Fom0kfkB
eSZhJxhwrW26aV3hU+YK50cv5B6HL4DON0hrZaYs9WwwJCVfeGdVLSERT6PUFuTB
CRZYqj7hcF0vg/xQZPhgeq8lE6Ws7sOEvBuBtQrj9/9a
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:12 2024 by rpki-client on console-ams.rpki-client.org