Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/wHPzEze-TqAkOJTRbt9G8JQ_bFc.roa
File:                     wHPzEze-TqAkOJTRbt9G8JQ_bFc.roa (raw, json)
Hash identifier:          +G2V2xyDc2O/zhWa1NGX0KAmK/jwyqoqUBQDh63bUXw=
Subject key identifier:   C0:73:F3:13:37:BE:4E:A0:24:38:94:D1:6E:DF:46:F0:94:3F:6C:57
Certificate issuer:       /CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
Certificate serial:       010D23
Authority key identifier: 8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/wHPzEze-TqAkOJTRbt9G8JQ_bFc.roa
Signing time:             Mon 21 Mar 2022 17:44:09 +0000
ROA not before:           Mon 21 Mar 2022 17:44:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        176.97.205.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68899 (0x10d23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
        Validity
            Not Before: Mar 21 17:44:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c073f31337be4ea0243894d16edf46f0943f6c57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:61:4f:2a:f6:59:39:84:b6:4a:28:a7:a2:3d:
                    6a:40:36:83:69:c9:ac:f1:be:a5:70:c8:b8:b2:04:
                    b7:69:36:9d:26:d0:e5:94:2f:a5:c4:6a:3e:a5:91:
                    5d:f7:c2:5b:b0:4f:67:b2:4c:d0:a2:53:02:51:da:
                    a2:bb:d1:31:5a:70:82:8f:d1:b7:04:ef:dd:a5:d9:
                    10:4b:6c:8d:fa:bf:38:19:69:2c:f8:dd:e0:2b:7f:
                    1e:ad:e9:10:7b:a4:5f:3e:62:dd:7e:d4:18:de:b7:
                    4d:98:a9:0e:39:35:37:89:bb:0b:78:9b:c2:9f:cb:
                    f2:6b:9d:98:13:25:a8:8d:68:17:8c:2f:76:4f:60:
                    92:a9:78:a2:a4:21:25:03:27:4a:df:ea:1a:06:7f:
                    f2:43:7b:ec:b0:27:05:e6:81:83:43:9f:be:a7:3d:
                    87:84:3c:05:b3:45:79:5b:0e:d4:ef:fa:c7:5b:fe:
                    c3:cd:79:56:65:ce:58:42:e1:0e:28:0e:31:7a:21:
                    0a:60:42:b5:74:71:32:03:04:77:cc:e1:ee:d7:c4:
                    1a:ad:47:ba:59:7b:d2:05:c8:d3:f7:b2:fa:84:d1:
                    97:9c:73:5a:c8:be:b4:04:d9:66:26:1e:a6:46:80:
                    2f:8f:25:bf:fe:ae:1c:bf:61:9b:29:aa:8c:95:da:
                    74:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:73:F3:13:37:BE:4E:A0:24:38:94:D1:6E:DF:46:F0:94:3F:6C:57
            X509v3 Authority Key Identifier:
                keyid:8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/wHPzEze-TqAkOJTRbt9G8JQ_bFc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/jzh45rDzsQ5fMPRK651FU-2Agjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:cf:2d:ee:16:9d:66:a9:81:e8:62:2c:09:bd:d1:02:10:a8:
         ce:17:24:87:32:d4:e9:a4:b7:5c:10:55:b3:b4:64:f9:f9:c8:
         8b:f9:96:bf:1a:ce:59:77:7c:fa:08:7b:63:7f:ed:f0:f9:70:
         b8:71:21:d0:8f:7e:55:1d:07:d9:56:52:89:d0:03:f5:bf:57:
         0d:78:7f:8c:fc:48:88:a4:d4:7f:d0:57:e0:87:80:40:d3:ff:
         8d:5f:34:50:48:ca:e6:21:54:51:d9:83:09:3d:38:36:16:7c:
         76:ad:6f:01:36:0f:be:8d:be:3c:ef:5e:98:3d:06:4e:12:38:
         1e:c9:64:f7:26:c8:64:44:7c:39:5e:7c:56:f1:aa:79:de:d3:
         33:fe:37:66:5d:9a:be:cf:de:49:ca:f4:dc:43:3f:4e:1f:f7:
         72:3e:93:09:86:72:97:04:e1:a4:09:45:b3:e4:2a:25:a7:89:
         e3:a4:29:be:31:dc:49:de:b6:44:f5:67:85:82:73:49:07:85:
         86:06:95:05:21:ff:f1:8d:f7:4d:a3:1a:54:84:01:86:9b:ab:
         a0:79:e8:10:11:3d:ad:ba:f4:93:ce:d3:45:43:dc:20:3b:4b:
         c0:a6:b2:4f:33:34:6f:06:71:1c:b8:3d:8e:82:b5:33:f8:53:
         11:81:2a:ef
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAQ0jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhm
Mzg3OGU2YjBmM2IxMGU1ZjMwZjQ0YWViOWQ0NTUzZWQ4MDgyM2MwHhcNMjIwMzIx
MTc0NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMDczZjMxMzM3YmU0
ZWEwMjQzODk0ZDE2ZWRmNDZmMDk0M2Y2YzU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqmFPKvZZOYS2Siinoj1qQDaDacms8b6lcMi4sgS3aTadJtDl
lC+lxGo+pZFd98JbsE9nskzQolMCUdqiu9ExWnCCj9G3BO/dpdkQS2yN+r84GWks
+N3gK38erekQe6RfPmLdftQY3rdNmKkOOTU3ibsLeJvCn8vya52YEyWojWgXjC92
T2CSqXiipCElAydK3+oaBn/yQ3vssCcF5oGDQ5++pz2HhDwFs0V5Ww7U7/rHW/7D
zXlWZc5YQuEOKA4xeiEKYEK1dHEyAwR3zOHu18QarUe6WXvSBcjT97L6hNGXnHNa
yL60BNlmJh6mRoAvjyW//q4cv2GbKaqMldp0gwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMBz8xM3vk6gJDiU0W7fRvCUP2xXMB8GA1UdIwQYMBaAFI84eOaw87EOXzD0
SuudRVPtgII8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
anpoNDVyRHpzUTVmTVBSSzY1MUZVLTJBZ2p3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMi9iZTQ3YjktYmQ5Zi00MTY1LWE4NzEtNGFmMGM0YmRiYTZjLzEv
d0hQekV6ZS1UcUFrT0pUUmJ0OUc4SlFfYkZjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9i
ZTQ3YjktYmQ5Zi00MTY1LWE4NzEtNGFmMGM0YmRiYTZjLzEvanpoNDVyRHpzUTVm
TVBSSzY1MUZVLTJBZ2p3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHNMA0GCSqGSIb3DQEBCwUAA4IB
AQABzy3uFp1mqYHoYiwJvdECEKjOFySHMtTppLdcEFWztGT5+ciL+Za/Gs5Zd3z6
CHtjf+3w+XC4cSHQj35VHQfZVlKJ0AP1v1cNeH+M/EiIpNR/0Ffgh4BA0/+NXzRQ
SMrmIVRR2YMJPTg2Fnx2rW8BNg++jb48716YPQZOEjgeyWT3JshkRHw5XnxW8ap5
3tMz/jdmXZq+z95JyvTcQz9OH/dyPpMJhnKXBOGkCUWz5Colp4njpCm+MdxJ3rZE
9WeFgnNJB4WGBpUFIf/xjfdNoxpUhAGGm6ugeegQET2tuvSTztNFQ9wgO0vAprJP
MzRvBnEcuD2OgrUz+FMRgSrv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:12 2024 by rpki-client on console-ams.rpki-client.org