Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/labwCvkY0XpFqu1IZc81ZnrpVs0.roa
File:                     labwCvkY0XpFqu1IZc81ZnrpVs0.roa (raw, json)
Hash identifier:          Y6R48S9s4HLvZKpii3iNJPVPzZI0Wga+0TQPsZGD2L0=
Subject key identifier:   95:A6:F0:0A:F9:18:D1:7A:45:AA:ED:48:65:CF:35:66:7A:E9:56:CD
Certificate issuer:       /CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
Certificate serial:       DF0FA4
Authority key identifier: CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/labwCvkY0XpFqu1IZc81ZnrpVs0.roa
Signing time:             Thu 13 Jan 2022 12:53:37 +0000
ROA not before:           Thu 13 Jan 2022 12:53:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        185.251.19.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14618532 (0xdf0fa4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
        Validity
            Not Before: Jan 13 12:53:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95a6f00af918d17a45aaed4865cf35667ae956cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3e:01:83:2d:59:7d:31:1b:71:7d:6d:b9:27:
                    5e:1b:1a:70:6c:9d:d7:c0:87:7c:3f:2b:ca:7e:f9:
                    8f:21:84:ea:47:f1:e9:3c:9b:d7:cb:38:d1:d9:f9:
                    67:11:3e:50:cd:cd:f5:5e:80:9f:69:94:4f:d5:c3:
                    bd:b9:88:67:84:f8:e8:dd:01:96:aa:24:8f:a8:3d:
                    6c:74:e3:e8:92:87:49:c2:b7:e6:67:45:50:1f:62:
                    f9:bb:3b:93:64:ad:33:d7:9b:05:3c:d5:61:f3:43:
                    88:67:36:3a:a5:3b:61:15:0d:29:23:57:76:80:05:
                    c5:5e:54:c4:94:50:ee:b6:d7:cc:60:c1:0e:bd:0e:
                    a8:d4:34:3f:e5:ad:84:7b:2e:3f:9a:72:1a:15:27:
                    b6:e6:f8:ec:b8:8c:a4:df:25:8a:26:76:b3:d5:6e:
                    3f:cf:da:4e:28:37:38:2b:e5:89:54:36:4c:d2:c1:
                    aa:bd:ae:0f:b4:0f:d9:d7:8a:23:5a:0d:3b:0f:48:
                    03:35:64:a6:9f:85:0f:e6:23:9c:92:4c:1e:15:14:
                    fd:20:08:ef:dd:15:34:74:ef:5c:8b:3e:d1:e0:d8:
                    45:85:13:80:b0:d9:ed:d6:9a:43:fd:9f:f0:8a:e7:
                    71:9f:c6:f8:d3:4f:1f:42:ed:fc:3c:e5:23:bd:6c:
                    0f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:A6:F0:0A:F9:18:D1:7A:45:AA:ED:48:65:CF:35:66:7A:E9:56:CD
            X509v3 Authority Key Identifier:
                keyid:CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/labwCvkY0XpFqu1IZc81ZnrpVs0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/zgspjh4rMARpBw0cEMyupvH4CuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.251.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:88:83:78:8d:60:63:d3:e4:12:46:a0:b2:7a:3e:f8:b4:28:
         d6:3a:3d:88:11:4a:3e:58:c8:6c:13:bf:71:61:b3:99:4b:b6:
         78:4c:3a:74:45:9f:65:cb:8c:eb:98:b7:cc:4b:fd:08:29:cd:
         60:01:bd:b6:be:d1:21:40:5d:de:89:ee:14:79:71:6d:bd:b6:
         1c:15:dc:47:23:1a:6f:60:00:af:3f:a9:bf:77:c9:42:6a:30:
         6c:1b:94:e7:61:b4:da:65:30:22:52:af:c8:fd:4a:d0:f5:be:
         bc:df:bf:b2:1e:7b:56:55:a4:0f:60:52:ea:e3:9b:6a:3d:ef:
         56:76:e5:bd:94:a3:4c:1f:40:e6:ae:34:92:19:43:17:7d:ce:
         1d:e6:6d:5e:44:3f:eb:e1:d2:be:46:dc:3f:7c:4f:36:97:0e:
         b5:ea:4a:47:15:8e:ad:23:81:bf:45:c6:35:6d:de:23:7c:e0:
         05:c6:1e:f7:81:e0:25:af:84:18:ec:1c:60:3c:7e:b3:e1:e8:
         0d:3f:8d:b1:aa:5f:22:99:82:40:09:1d:df:82:45:c2:e4:60:
         58:86:cd:9a:bc:97:92:1f:60:ab:c9:ca:da:a7:b3:aa:04:51:
         0a:99:c0:4a:0c:68:1e:1f:9d:fc:7e:e5:00:b0:d6:7b:b4:fe:
         10:b0:dd:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAN8PpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTBiMjk4ZTFlMmIzMDA0NjkwNzBkMWMxMGNjYWVhNmYxZjgwYWUyMB4XDTIyMDEx
MzEyNTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVhNmYwMGFmOTE4
ZDE3YTQ1YWFlZDQ4NjVjZjM1NjY3YWU5NTZjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKs+AYMtWX0xG3F9bbknXhsacGyd18CHfD8ryn75jyGE6kfx
6Tyb18s40dn5ZxE+UM3N9V6An2mUT9XDvbmIZ4T46N0Blqokj6g9bHTj6JKHScK3
5mdFUB9i+bs7k2StM9ebBTzVYfNDiGc2OqU7YRUNKSNXdoAFxV5UxJRQ7rbXzGDB
Dr0OqNQ0P+WthHsuP5pyGhUntub47LiMpN8liiZ2s9VuP8/aTig3OCvliVQ2TNLB
qr2uD7QP2deKI1oNOw9IAzVkpp+FD+YjnJJMHhUU/SAI790VNHTvXIs+0eDYRYUT
gLDZ7daaQ/2f8IrncZ/G+NNPH0Lt/DzlI71sD3UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSVpvAK+RjRekWq7UhlzzVmeulWzTAfBgNVHSMEGDAWgBTOCymOHiswBGkH
DRwQzK6m8fgK4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pnc3BqaDRyTUFScEJ3MGNFTXl1cHZINEN1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYTMxNzY4LWQ0NGEtNDc0YS04NTE0LTBjNWQ3MDMxZmZhZC8x
L2xhYndDdmtZMFhwRnF1MUlaYzgxWm5ycFZzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
YTMxNzY4LWQ0NGEtNDc0YS04NTE0LTBjNWQ3MDMxZmZhZC8xL3pnc3BqaDRyTUFS
cEJ3MGNFTXl1cHZINEN1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn7EzANBgkqhkiG9w0BAQsFAAOC
AQEAt4iDeI1gY9PkEkagsno++LQo1jo9iBFKPljIbBO/cWGzmUu2eEw6dEWfZcuM
65i3zEv9CCnNYAG9tr7RIUBd3onuFHlxbb22HBXcRyMab2AArz+pv3fJQmowbBuU
52G02mUwIlKvyP1K0PW+vN+/sh57VlWkD2BS6uObaj3vVnblvZSjTB9A5q40khlD
F33OHeZtXkQ/6+HSvkbcP3xPNpcOtepKRxWOrSOBv0XGNW3eI3zgBcYe94HgJa+E
GOwcYDx+s+HoDT+NsapfIpmCQAkd34JFwuRgWIbNmryXkh9gq8nK2qezqgRRCpnA
SgxoHh+d/H7lALDWe7T+ELDdjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:56 2024 by rpki-client on console-ams.rpki-client.org