Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa
File:                     Wf9uP77TaY5c04oTfA41-VKsryI.roa (raw, json)
Hash identifier:          W9opM0RUf/eIKwPN+ONOorimfOXiRirDJEiAp+6VpI4=
Subject key identifier:   59:FF:6E:3F:BE:D3:69:8E:5C:D3:8A:13:7C:0E:35:F9:52:AC:AF:22
Certificate issuer:       /CN=62c4300ec34d6c8df50b18196e6fca58b1393126
Certificate serial:       01843748369A18D11DD4B940529A0AEA5870
Authority key identifier: 62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa
Signing time:             Wed 02 Nov 2022 07:39:50 +0000
ROA not before:           Wed 02 Nov 2022 07:39:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20454
IP address blocks:        85.208.138.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:37:48:36:9a:18:d1:1d:d4:b9:40:52:9a:0a:ea:58:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62c4300ec34d6c8df50b18196e6fca58b1393126
        Validity
            Not Before: Nov  2 07:39:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=59ff6e3fbed3698e5cd38a137c0e35f952acaf22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f7:cb:02:c6:fa:45:6a:bc:47:26:d4:a6:11:
                    b8:bd:9c:92:ed:8f:3e:bf:99:5a:58:df:2a:b6:c3:
                    2a:a4:43:73:05:61:b0:e6:47:41:aa:63:cd:f3:f5:
                    b9:3e:18:41:ad:a8:66:f8:d7:44:c1:cb:c0:53:8a:
                    52:e1:7d:c1:aa:c3:d4:0f:c2:2d:19:ef:47:26:98:
                    e8:f9:19:f3:c4:8e:49:49:ca:92:9e:da:7f:e8:54:
                    d6:90:22:f0:d2:69:c6:81:6c:f3:33:52:bf:c2:07:
                    44:ce:fb:0d:f5:ad:9c:20:71:3c:ed:e5:ef:be:fe:
                    a1:46:dc:7c:6e:e8:76:43:21:e6:3c:2b:96:77:2f:
                    6e:26:4e:39:ce:93:92:46:ff:f8:8f:fd:b6:af:93:
                    4a:de:66:e8:98:ae:75:a2:13:2d:61:28:c1:9c:75:
                    b7:dc:62:dc:62:89:37:d6:b1:1b:ec:f2:df:c9:81:
                    b9:38:04:3f:65:55:ce:d3:62:67:9f:5a:6c:82:30:
                    a7:e7:7a:7a:7f:89:7d:29:72:21:da:d9:7a:1e:18:
                    a5:80:1e:0f:f6:43:aa:40:ea:ba:2d:19:5c:69:26:
                    90:63:fa:27:03:2c:f6:da:28:b9:a9:3c:de:bb:c1:
                    0d:cb:4a:02:d2:a7:6c:df:81:1c:9e:c3:3f:40:02:
                    6f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FF:6E:3F:BE:D3:69:8E:5C:D3:8A:13:7C:0E:35:F9:52:AC:AF:22
            X509v3 Authority Key Identifier:
                keyid:62:C4:30:0E:C3:4D:6C:8D:F5:0B:18:19:6E:6F:CA:58:B1:39:31:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsQwDsNNbI31CxgZbm_KWLE5MSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/Wf9uP77TaY5c04oTfA41-VKsryI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/68a895-6021-4ffc-b13b-c673c5093567/1/YsQwDsNNbI31CxgZbm_KWLE5MSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:f6:e7:52:58:a7:3f:44:3f:41:dd:84:a5:47:3d:fc:bd:30:
         72:58:66:6f:48:0d:50:88:e1:44:15:dd:38:13:c7:c9:cf:77:
         68:6b:14:4a:5a:5c:4e:ce:b3:06:c2:3e:2c:7f:2d:ef:ad:23:
         6e:df:1d:cd:88:e2:d0:57:b6:9a:f1:a4:dd:6a:7f:29:4c:6d:
         13:3c:fc:3c:36:34:1c:b0:95:6a:4f:ca:d1:1e:88:09:ba:c3:
         32:6d:f7:82:68:af:66:a1:07:a1:cc:fc:e3:5c:42:f5:dc:f1:
         f3:05:44:97:8d:e3:31:80:05:9a:81:97:fc:65:14:80:63:4d:
         b3:40:5f:54:05:88:be:8a:ad:bb:1c:e1:81:e3:fe:45:c6:7f:
         26:e4:51:28:05:ea:9e:66:39:c1:d5:fc:1b:c6:a4:9f:01:00:
         62:28:48:06:5d:02:bd:af:be:87:57:1d:8f:e0:e8:de:b0:91:
         da:1e:82:08:e1:fa:33:0f:36:c0:fa:d1:87:23:3b:f9:8f:3c:
         78:69:e7:f3:da:4e:57:9c:38:2a:d8:81:b7:07:c1:97:41:f9:
         2e:6e:6d:02:bd:14:02:6d:74:d2:30:e3:31:04:b5:e8:51:e4:
         74:ed:5c:52:46:cc:f7:0c:01:40:8e:86:fe:33:17:5e:85:75:
         cd:e0:0a:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3SDaaGNEd1LlAUpoK6lhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYzQzMDBlYzM0ZDZjOGRmNTBiMTgxOTZlNmZjYTU4YjEz
OTMxMjYwHhcNMjIxMTAyMDczOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWZmNmUzZmJlZDM2OThlNWNkMzhhMTM3YzBlMzVmOTUyYWNhZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvfLAsb6RWq8RybUphG4vZyS7Y8+
v5laWN8qtsMqpENzBWGw5kdBqmPN8/W5PhhBrahm+NdEwcvAU4pS4X3BqsPUD8It
Ge9HJpjo+RnzxI5JScqSntp/6FTWkCLw0mnGgWzzM1K/wgdEzvsN9a2cIHE87eXv
vv6hRtx8buh2QyHmPCuWdy9uJk45zpOSRv/4j/22r5NK3mbomK51ohMtYSjBnHW3
3GLcYok31rEb7PLfyYG5OAQ/ZVXO02Jnn1psgjCn53p6f4l9KXIh2tl6HhilgB4P
9kOqQOq6LRlcaSaQY/onAyz22ii5qTzeu8ENy0oC0qds34EcnsM/QAJvlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFn/bj++02mOXNOKE3wONflSrK8iMB8GA1UdIwQY
MBaAFGLEMA7DTWyN9QsYGW5vylixOTEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2It
YzY3M2M1MDkzNTY3LzEvV2Y5dVA3N1RhWTVjMDRvVGZBNDEtVktzcnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82OGE4OTUtNjAyMS00ZmZjLWIxM2ItYzY3M2M1MDkzNTY3
LzEvWXNRd0RzTk5iSTMxQ3hnWmJtX0tXTEU1TVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdCKMA0G
CSqGSIb3DQEBCwUAA4IBAQB99udSWKc/RD9B3YSlRz38vTByWGZvSA1QiOFEFd04
E8fJz3doaxRKWlxOzrMGwj4sfy3vrSNu3x3NiOLQV7aa8aTdan8pTG0TPPw8NjQc
sJVqT8rRHogJusMybfeCaK9moQehzPzjXEL13PHzBUSXjeMxgAWagZf8ZRSAY02z
QF9UBYi+iq27HOGB4/5Fxn8m5FEoBeqeZjnB1fwbxqSfAQBiKEgGXQK9r76HVx2P
4OjesJHaHoII4fozDzbA+tGHIzv5jzx4aefz2k5XnDgq2IG3B8GXQfkubm0CvRQC
bXTSMOMxBLXoUeR07VxSRsz3DAFAjob+MxdehXXN4Ary
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:36 2024 by rpki-client on console-fra.rpki-client.org