Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/6ee0de-06cb-4550-99da-23bf08171175/1/tVZijhSEeJC7hW8suVmdEMSx508.roa
File:                     tVZijhSEeJC7hW8suVmdEMSx508.roa (raw, json)
Hash identifier:          4Vbq1GWDwhFUMnqTOy/qBxHZ22OfXYURoyjtoxXbLtM=
Subject key identifier:   B5:56:62:8E:14:84:78:90:BB:85:6F:2C:B9:59:9D:10:C4:B1:E7:4F
Certificate issuer:       /CN=72552f3e87bd411356562244f2fb50efa526d203
Certificate serial:       25B901
Authority key identifier: 72:55:2F:3E:87:BD:41:13:56:56:22:44:F2:FB:50:EF:A5:26:D2:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clUvPoe9QRNWViJE8vtQ76Um0gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/6ee0de-06cb-4550-99da-23bf08171175/1/tVZijhSEeJC7hW8suVmdEMSx508.roa
Signing time:             Sat 01 Jan 2022 02:02:13 +0000
ROA not before:           Sat 01 Jan 2022 02:02:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     394814
IP address blocks:        185.235.142.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2472193 (0x25b901)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72552f3e87bd411356562244f2fb50efa526d203
        Validity
            Not Before: Jan  1 02:02:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b556628e14847890bb856f2cb9599d10c4b1e74f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6b:7c:92:96:cc:b1:8d:25:52:08:25:0b:2e:
                    eb:ab:3a:1b:0b:13:54:f3:46:a3:dd:42:d5:e7:b4:
                    17:30:b2:3d:c5:43:c6:27:dd:c6:e3:49:d1:b6:78:
                    54:87:7a:ca:dc:96:83:26:27:39:b0:f2:95:98:f4:
                    57:83:e2:42:bb:2f:ba:41:04:e1:d5:b3:2c:e0:41:
                    97:b8:a4:77:e5:4e:00:63:61:e3:be:f2:50:e4:30:
                    40:74:3a:62:60:bf:e7:75:e4:bc:87:e7:50:fb:24:
                    36:aa:b1:49:95:d7:69:fe:b8:0e:38:f0:7f:a3:f3:
                    b7:f1:e1:fb:65:37:28:47:c2:c6:36:9b:c0:ae:18:
                    e0:df:79:23:77:a8:00:b4:99:b7:c2:f4:b2:50:d9:
                    01:49:dc:2a:bd:51:72:af:07:c1:0b:8b:dd:c9:b8:
                    ac:03:a3:b5:d7:9d:68:fd:51:f3:c2:88:af:7e:86:
                    3f:e6:ab:8a:83:e0:b5:14:ea:45:e4:42:2e:96:29:
                    f1:b8:77:e8:2c:87:4f:85:90:9a:a3:63:6e:91:9d:
                    1c:a3:cd:24:c8:55:54:b9:b4:af:1a:4b:96:04:37:
                    e2:26:31:f6:5c:8e:2f:74:10:37:6e:8f:6a:85:d8:
                    40:c5:8e:31:c6:de:1e:e5:87:82:fe:3b:65:10:67:
                    33:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:56:62:8E:14:84:78:90:BB:85:6F:2C:B9:59:9D:10:C4:B1:E7:4F
            X509v3 Authority Key Identifier:
                keyid:72:55:2F:3E:87:BD:41:13:56:56:22:44:F2:FB:50:EF:A5:26:D2:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clUvPoe9QRNWViJE8vtQ76Um0gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/6ee0de-06cb-4550-99da-23bf08171175/1/tVZijhSEeJC7hW8suVmdEMSx508.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/6ee0de-06cb-4550-99da-23bf08171175/1/clUvPoe9QRNWViJE8vtQ76Um0gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:5f:27:41:51:56:6a:77:22:28:68:5b:a2:21:67:04:f6:23:
         a7:84:26:cb:87:bf:97:ef:e5:87:e8:17:ef:6d:61:99:69:31:
         f0:80:d4:74:b7:ee:20:a3:c2:ce:27:78:1a:d4:ca:83:eb:8a:
         ba:e2:17:4f:87:9d:db:83:07:86:0b:44:0b:14:7d:79:6e:52:
         a5:30:9c:34:7c:70:bc:cf:ae:5d:00:ea:36:f6:90:23:a1:ba:
         fc:c9:e4:5f:e4:9d:4a:f4:1e:cb:bf:2b:04:41:b2:e8:27:f7:
         e2:2e:15:1e:a3:fb:47:50:ea:f1:5c:83:79:7c:49:43:9b:1d:
         11:72:6e:55:9e:ed:3b:8f:e9:e0:de:7b:77:a6:8c:b5:bd:3c:
         aa:25:1c:e2:a2:ad:10:7d:69:09:95:fb:26:8c:8e:1d:72:6b:
         a0:74:bf:93:92:7d:7c:0a:79:68:d0:6a:2a:65:7c:62:ee:db:
         f8:6d:1a:6d:60:90:87:5c:c9:28:1b:7a:61:d1:3a:e3:34:e3:
         81:22:4f:3c:16:37:b5:5d:ae:91:47:72:b0:48:0d:9a:27:5b:
         48:27:e5:51:69:53:32:80:64:8f:c1:de:cd:5b:07:78:1c:f7:
         d6:7d:fa:7c:2a:c3:92:90:90:02:be:eb:a5:a5:72:77:63:be:
         46:0c:6a:41
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDJbkBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
NTUyZjNlODdiZDQxMTM1NjU2MjI0NGYyZmI1MGVmYTUyNmQyMDMwHhcNMjIwMTAx
MDIwMjEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTU2NjI4ZTE0ODQ3
ODkwYmI4NTZmMmNiOTU5OWQxMGM0YjFlNzRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxWt8kpbMsY0lUgglCy7rqzobCxNU80aj3ULV57QXMLI9xUPG
J93G40nRtnhUh3rK3JaDJic5sPKVmPRXg+JCuy+6QQTh1bMs4EGXuKR35U4AY2Hj
vvJQ5DBAdDpiYL/ndeS8h+dQ+yQ2qrFJlddp/rgOOPB/o/O38eH7ZTcoR8LGNpvA
rhjg33kjd6gAtJm3wvSyUNkBSdwqvVFyrwfBC4vdybisA6O1151o/VHzwoivfoY/
5quKg+C1FOpF5EIulinxuHfoLIdPhZCao2NukZ0co80kyFVUubSvGkuWBDfiJjH2
XI4vdBA3bo9qhdhAxY4xxt4e5YeC/jtlEGcz7wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLVWYo4UhHiQu4VvLLlZnRDEsedPMB8GA1UdIwQYMBaAFHJVLz6HvUETVlYi
RPL7UO+lJtIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Y2xVdlBvZTlRUk5XVmlKRTh2dFE3NlVtMGdNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC82ZWUwZGUtMDZjYi00NTUwLTk5ZGEtMjNiZjA4MTcxMTc1LzEv
dFZaaWpoU0VlSkM3aFc4c3VWbWRFTVN4NTA4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82
ZWUwZGUtMDZjYi00NTUwLTk5ZGEtMjNiZjA4MTcxMTc1LzEvY2xVdlBvZTlRUk5X
VmlKRTh2dFE3NlVtMGdNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueuOMA0GCSqGSIb3DQEBCwUAA4IB
AQBrXydBUVZqdyIoaFuiIWcE9iOnhCbLh7+X7+WH6BfvbWGZaTHwgNR0t+4go8LO
J3ga1MqD64q64hdPh53bgweGC0QLFH15blKlMJw0fHC8z65dAOo29pAjobr8yeRf
5J1K9B7LvysEQbLoJ/fiLhUeo/tHUOrxXIN5fElDmx0Rcm5Vnu07j+ng3nt3poy1
vTyqJRzioq0QfWkJlfsmjI4dcmugdL+Tkn18Cnlo0GoqZXxi7tv4bRptYJCHXMko
G3ph0TrjNOOBIk88Fje1Xa6RR3KwSA2aJ1tIJ+VRaVMygGSPwd7NWwd4HPfWffp8
KsOSkJACvuulpXJ3Y75GDGpB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:53 2024 by rpki-client on console-ams.rpki-client.org