Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/z4cGcULZsck9H-3vUlfwtdd66oI.roa
File:                     z4cGcULZsck9H-3vUlfwtdd66oI.roa (raw, json)
Hash identifier:          Vs430j0VRkIVX2mIgSmTeQhqjYXVCtOmcBhEX3+mofE=
Subject key identifier:   CF:87:06:71:42:D9:B1:C9:3D:1F:ED:EF:52:57:F0:B5:D7:7A:EA:82
Certificate issuer:       /CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
Certificate serial:       01851C94D8B13319C43754A7EF09FB6AB667
Authority key identifier: 8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/z4cGcULZsck9H-3vUlfwtdd66oI.roa
Signing time:             Fri 16 Dec 2022 20:16:34 +0000
ROA not before:           Fri 16 Dec 2022 20:16:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207326
IP address blocks:        176.97.205.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:1c:94:d8:b1:33:19:c4:37:54:a7:ef:09:fb:6a:b6:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f3878e6b0f3b10e5f30f44aeb9d4553ed80823c
        Validity
            Not Before: Dec 16 20:16:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf87067142d9b1c93d1fedef5257f0b5d77aea82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2a:b0:74:ff:a3:23:b2:52:fd:fc:0f:3a:b5:
                    dd:62:d4:73:04:ff:90:2b:51:bf:36:14:59:48:b5:
                    42:14:c1:a4:e5:7b:a6:93:d3:d0:20:86:fc:21:f3:
                    1e:27:dd:5d:e5:10:90:24:37:06:2c:f0:ef:d4:73:
                    7e:3b:29:1d:b8:b1:2a:a0:90:a4:8c:2c:45:8b:bb:
                    54:1a:86:28:a9:ef:a8:9a:e5:b2:45:de:6b:c1:e1:
                    2f:a4:f9:e4:b8:98:35:6f:df:e4:ec:ea:ff:ab:a4:
                    9d:37:0d:65:94:78:61:8a:94:07:b1:e0:40:bc:e6:
                    85:52:19:7b:b1:da:34:9b:6c:d4:04:f8:bd:77:89:
                    9f:0e:c8:63:83:db:2c:67:bd:1b:7c:25:05:6f:9b:
                    54:fa:39:a8:c4:5e:17:03:cd:d6:43:c7:c1:c7:0a:
                    14:ea:0e:b8:e2:0f:5b:8f:11:34:60:cf:f6:eb:39:
                    54:ef:f6:e7:d4:fe:bb:d6:75:c7:2d:1c:3f:e7:b1:
                    06:cc:d9:f7:cf:10:93:cd:4c:45:7f:49:0e:87:c0:
                    1d:fe:af:4b:65:4d:16:5a:6e:36:63:4d:94:51:01:
                    39:e5:5b:35:9c:56:0d:5b:69:ca:79:e9:be:31:cf:
                    7f:ac:cb:b5:35:f8:a8:47:d0:b0:36:5f:c6:09:fb:
                    b5:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:87:06:71:42:D9:B1:C9:3D:1F:ED:EF:52:57:F0:B5:D7:7A:EA:82
            X509v3 Authority Key Identifier:
                keyid:8F:38:78:E6:B0:F3:B1:0E:5F:30:F4:4A:EB:9D:45:53:ED:80:82:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzh45rDzsQ5fMPRK651FU-2Agjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/z4cGcULZsck9H-3vUlfwtdd66oI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/be47b9-bd9f-4165-a871-4af0c4bdba6c/1/jzh45rDzsQ5fMPRK651FU-2Agjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:4b:29:d5:d0:05:05:d2:2f:25:06:c2:ae:30:4a:aa:77:c6:
         62:8a:b7:e1:6f:a3:5b:62:4c:c0:35:93:39:74:64:ab:0e:16:
         cb:de:45:28:0f:a1:60:99:87:9a:f9:66:e0:4b:42:66:35:7b:
         a4:58:7c:17:6d:e1:59:f3:52:81:13:ec:3f:fd:97:b5:33:9f:
         69:43:f0:93:61:dd:ff:c9:60:06:9d:e8:3b:00:f5:3c:e8:84:
         05:69:54:cb:57:36:53:4c:c7:e0:94:bd:e2:78:99:27:70:05:
         31:26:f6:d1:59:d2:b3:85:63:25:43:07:44:24:ff:59:b2:08:
         68:2f:58:db:d0:af:b8:5e:25:2c:cb:2d:95:43:59:b6:c6:77:
         f3:83:dc:04:04:27:34:fb:b9:ab:0c:b8:93:ee:0c:b0:57:4d:
         88:34:c5:20:50:b6:d7:23:99:46:cb:63:8c:3a:85:0c:3a:43:
         e9:e8:55:b4:bf:cd:43:05:78:3d:00:a4:8f:3c:03:4f:a4:9e:
         90:ef:ef:35:3f:42:48:24:bb:f9:4b:7c:62:fd:98:15:02:12:
         cf:46:a6:e7:c8:14:85:79:d4:27:6c:7b:ea:31:ab:84:11:f4:
         9c:42:d5:bc:89:d3:f8:07:35:b8:65:1d:6d:34:b8:bf:d4:5b:
         9e:49:f2:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUclNixMxnEN1Sn7wn7arZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzg3OGU2YjBmM2IxMGU1ZjMwZjQ0YWViOWQ0NTUzZWQ4
MDgyM2MwHhcNMjIxMjE2MjAxNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg3MDY3MTQyZDliMWM5M2QxZmVkZWY1MjU3ZjBiNWQ3N2FlYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyqwdP+jI7JS/fwPOrXdYtRzBP+Q
K1G/NhRZSLVCFMGk5Xumk9PQIIb8IfMeJ91d5RCQJDcGLPDv1HN+OykduLEqoJCk
jCxFi7tUGoYoqe+omuWyRd5rweEvpPnkuJg1b9/k7Or/q6SdNw1llHhhipQHseBA
vOaFUhl7sdo0m2zUBPi9d4mfDshjg9ssZ70bfCUFb5tU+jmoxF4XA83WQ8fBxwoU
6g644g9bjxE0YM/26zlU7/bn1P671nXHLRw/57EGzNn3zxCTzUxFf0kOh8Ad/q9L
ZU0WWm42Y02UUQE55Vs1nFYNW2nKeem+Mc9/rMu1NfioR9CwNl/GCfu1+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+HBnFC2bHJPR/t71JX8LXXeuqCMB8GA1UdIwQY
MBaAFI84eOaw87EOXzD0SuudRVPtgII8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpoNDVyRHpzUTVmTVBSSzY1MUZVLTJBZ2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iZTQ3YjktYmQ5Zi00MTY1LWE4NzEt
NGFmMGM0YmRiYTZjLzEvejRjR2NVTFpzY2s5SC0zdlVsZnd0ZGQ2Nm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iZTQ3YjktYmQ5Zi00MTY1LWE4NzEtNGFmMGM0YmRiYTZj
LzEvanpoNDVyRHpzUTVmTVBSSzY1MUZVLTJBZ2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHNMA0G
CSqGSIb3DQEBCwUAA4IBAQB+SynV0AUF0i8lBsKuMEqqd8Ziirfhb6NbYkzANZM5
dGSrDhbL3kUoD6FgmYea+WbgS0JmNXukWHwXbeFZ81KBE+w//Ze1M59pQ/CTYd3/
yWAGneg7APU86IQFaVTLVzZTTMfglL3ieJkncAUxJvbRWdKzhWMlQwdEJP9Zsgho
L1jb0K+4XiUsyy2VQ1m2xnfzg9wEBCc0+7mrDLiT7gywV02INMUgULbXI5lGy2OM
OoUMOkPp6FW0v81DBXg9AKSPPANPpJ6Q7+81P0JIJLv5S3xi/ZgVAhLPRqbnyBSF
edQnbHvqMauEEfScQtW8idP4BzW4ZR1tNLi/1FueSfIx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:13 2024 by rpki-client on console-ams.rpki-client.org