Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/41XXVIa_2AEnOOugp6rWw2LZmBM.roa
File:                     41XXVIa_2AEnOOugp6rWw2LZmBM.roa (raw, json)
Hash identifier:          mD34LG8XYPRhLep26D2SFU3AWiMjH0COpDet2Ewt4bg=
Subject key identifier:   E3:55:D7:54:86:BF:D8:01:27:38:EB:A0:A7:AA:D6:C3:62:D9:98:13
Certificate issuer:       /CN=62c4300ec34d6c8df50b18196e6fca58b1393126
Certificate serial:       0184752E5AC074ADD2AD1CB032450C68C060
Authority key identifier: 62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/41XXVIa_2AEnOOugp6rWw2LZmBM.roa
Signing time:             Mon 14 Nov 2022 08:08:02 +0000
ROA not before:           Mon 14 Nov 2022 08:08:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211252
IP address blocks:        85.208.136.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:75:2e:5a:c0:74:ad:d2:ad:1c:b0:32:45:0c:68:c0:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62c4300ec34d6c8df50b18196e6fca58b1393126
        Validity
            Not Before: Nov 14 08:08:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e355d75486bfd8012738eba0a7aad6c362d99813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:02:db:b0:b3:af:29:90:72:17:d8:61:3d:0f:
                    6b:1a:d6:a7:c3:d0:24:02:bd:6f:d6:36:27:38:89:
                    a5:14:17:47:63:23:82:4d:f8:03:3f:9b:26:fa:6a:
                    ba:a5:c6:24:6b:93:1f:5c:63:dd:90:cf:00:61:59:
                    df:dd:98:f2:b7:0c:e5:29:7c:3b:cb:c3:b3:e3:10:
                    c6:70:c5:db:2b:34:67:0c:15:44:99:c9:e3:e3:be:
                    c4:d1:41:fe:51:8c:d1:32:38:c1:a2:d4:45:3b:f8:
                    db:e4:a7:8e:83:80:55:1c:21:7a:63:db:40:38:ea:
                    9d:cb:3e:a1:55:43:54:d3:83:3a:97:42:69:92:e5:
                    69:c4:1c:d5:02:24:48:be:b6:ff:cb:26:34:ae:6b:
                    f8:42:a0:67:62:2b:34:4f:01:03:ab:de:92:40:fc:
                    a4:e4:c0:2a:33:37:70:ea:41:ec:09:53:14:ab:20:
                    7b:4a:db:be:01:98:3c:ab:76:51:22:eb:f7:e5:c9:
                    25:32:27:40:78:ab:93:dc:80:4e:3a:2e:70:5b:b2:
                    5a:04:46:bd:a4:7b:aa:f5:19:29:78:3b:53:81:79:
                    76:7a:b3:df:fe:f6:9c:42:42:ee:cc:71:f1:15:f9:
                    b3:c3:0d:6d:af:6f:b4:21:05:5e:7e:8a:5a:d1:4e:
                    67:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:55:D7:54:86:BF:D8:01:27:38:EB:A0:A7:AA:D6:C3:62:D9:98:13
            X509v3 Authority Key Identifier:
                keyid:62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/41XXVIa_2AEnOOugp6rWw2LZmBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/YsQwDsNNbI31CxgZbm_KWLE5MSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:b2:57:1b:e0:ab:a0:b1:1b:ca:43:e3:c9:a0:ce:c5:8e:46:
         c8:0c:dc:d3:66:59:b3:2c:fe:f5:81:64:7e:47:59:89:98:d4:
         fd:70:3e:da:57:fc:9e:c6:a3:5e:eb:95:ad:eb:13:66:95:f3:
         76:16:b0:9c:30:20:3d:4d:7d:22:7d:58:d5:8e:24:54:4b:6c:
         ec:40:75:93:78:06:0c:7c:4f:0f:d9:92:95:26:47:b2:0f:4c:
         fd:14:2b:12:b6:d1:ce:3e:cf:ed:ce:fc:e4:7d:ec:2d:d8:52:
         d6:a9:94:86:06:d3:e5:17:bf:9c:d9:bb:22:77:06:f5:ab:da:
         b9:2b:a5:ab:25:e5:d7:fd:3e:63:2b:40:2d:bb:19:f0:b9:d3:
         44:44:8f:a0:44:79:ca:64:5b:ba:97:5f:a4:ca:ef:da:e5:64:
         bd:94:98:cf:da:99:82:0d:c1:51:61:3e:8a:ab:13:6a:f0:60:
         6a:aa:ef:07:7d:54:42:1c:21:a8:2c:c4:12:71:92:ab:79:24:
         05:a0:af:f9:c4:a0:32:f8:70:d5:5c:79:43:21:a2:b2:0c:cc:
         6f:59:5d:3c:c8:05:85:b9:62:82:4c:ea:08:99:dd:4e:f7:66:
         82:70:1e:6a:98:78:8c:ef:8c:ad:f9:f1:d0:7a:4f:4f:5c:68:
         a7:96:d7:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR1LlrAdK3SrRywMkUMaMBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzQzMDBlYzM0ZDZjOGRmNTBiMTgxOTZlNmZjYTU4YjEz
OTMxMjYwHhcNMjIxMTE0MDgwODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU1ZDc1NDg2YmZkODAxMjczOGViYTBhN2FhZDZjMzYyZDk5ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsALbsLOvKZByF9hhPQ9rGtanw9Ak
Ar1v1jYnOImlFBdHYyOCTfgDP5sm+mq6pcYka5MfXGPdkM8AYVnf3ZjytwzlKXw7
y8Oz4xDGcMXbKzRnDBVEmcnj477E0UH+UYzRMjjBotRFO/jb5KeOg4BVHCF6Y9tA
OOqdyz6hVUNU04M6l0JpkuVpxBzVAiRIvrb/yyY0rmv4QqBnYis0TwEDq96SQPyk
5MAqMzdw6kHsCVMUqyB7Stu+AZg8q3ZRIuv35cklMidAeKuT3IBOOi5wW7JaBEa9
pHuq9RkpeDtTgXl2erPf/vacQkLuzHHxFfmzww1tr2+0IQVefopa0U5nawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONV11SGv9gBJzjroKeq1sNi2ZgTMB8GA1UdIwQY
MBaAFGLEMA7DTWyN9QsYGW5vylixOTEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2It
YzY3M2M1MDkzNTY3LzEvNDFYWFZJYV8yQUVuT091Z3A2cld3MkxabUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2ItYzY3M2M1MDkzNTY3
LzEvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdCIMA0G
CSqGSIb3DQEBCwUAA4IBAQCJslcb4KugsRvKQ+PJoM7FjkbIDNzTZlmzLP71gWR+
R1mJmNT9cD7aV/yexqNe65Wt6xNmlfN2FrCcMCA9TX0ifVjVjiRUS2zsQHWTeAYM
fE8P2ZKVJkeyD0z9FCsSttHOPs/tzvzkfewt2FLWqZSGBtPlF7+c2bsidwb1q9q5
K6WrJeXX/T5jK0AtuxnwudNERI+gRHnKZFu6l1+kyu/a5WS9lJjP2pmCDcFRYT6K
qxNq8GBqqu8HfVRCHCGoLMQScZKreSQFoK/5xKAy+HDVXHlDIaKyDMxvWV08yAWF
uWKCTOoImd1O92aCcB5qmHiM74yt+fHQek9PXGinltfc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:36 2024 by rpki-client on console-fra.rpki-client.org