Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/bf8b40-ab74-4d42-8404-4cd444462781/1/MLhUyuZDRDP7rFp6vqUg_ZN5g3k.roa
File:                     MLhUyuZDRDP7rFp6vqUg_ZN5g3k.roa (raw, json)
Hash identifier:          qXbsVahKpw3UFX2+8qfwRMrTRf2tt2WvSk6+AB4PG7M=
Subject key identifier:   30:B8:54:CA:E6:43:44:33:FB:AC:5A:7A:BE:A5:20:FD:93:79:83:79
Certificate issuer:       /CN=7551e4eaeb60072154ea7f2c88f0f551845d2736
Certificate serial:       0C466350
Authority key identifier: 75:51:E4:EA:EB:60:07:21:54:EA:7F:2C:88:F0:F5:51:84:5D:27:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dVHk6utgByFU6n8siPD1UYRdJzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/bf8b40-ab74-4d42-8404-4cd444462781/1/MLhUyuZDRDP7rFp6vqUg_ZN5g3k.roa
Signing time:             Sat 01 Jan 2022 04:01:41 +0000
ROA not before:           Sat 01 Jan 2022 04:01:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209529
IP address blocks:        185.228.220.0/22 maxlen: 22
                          185.248.72.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 205939536 (0xc466350)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7551e4eaeb60072154ea7f2c88f0f551845d2736
        Validity
            Not Before: Jan  1 04:01:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=30b854cae6434433fbac5a7abea520fd93798379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f7:5c:3f:3e:c7:36:af:09:33:8b:3a:85:da:
                    53:81:f0:b7:59:c7:32:65:61:9e:ba:0e:46:98:97:
                    4a:d1:e8:61:f0:30:88:b6:31:80:e7:c7:5f:7c:3a:
                    2f:33:80:64:75:e6:cb:63:dd:c4:37:3f:62:a1:3a:
                    af:4c:52:27:d3:63:f0:42:5c:8a:d4:d3:25:5d:73:
                    5e:45:f3:52:32:95:cd:1a:7f:99:ff:9a:c7:d2:7b:
                    37:7b:56:85:a1:b8:52:c4:48:ce:a2:e8:81:c5:2b:
                    0c:66:5c:fa:ef:46:f2:03:a5:e6:24:15:23:90:b9:
                    ba:4a:20:4b:35:67:21:90:e8:a7:64:d7:89:8e:95:
                    62:6e:66:ea:d0:50:da:1b:e5:96:8b:6b:88:86:09:
                    80:64:7b:20:24:c4:57:0c:75:e1:1d:d9:34:3a:a4:
                    cf:08:92:13:21:43:4d:f6:ce:da:3d:c5:4a:4a:a7:
                    52:05:e9:a9:ac:fd:24:4b:47:df:af:c2:9e:bf:67:
                    b8:c5:ae:6a:6a:d6:43:70:ff:ed:be:4f:97:9a:3e:
                    2c:5d:d5:ea:a1:30:93:5e:28:69:26:0a:72:d5:d8:
                    52:22:24:0f:fa:cd:ce:27:88:8b:d5:d9:f6:91:13:
                    4d:62:d2:92:94:0a:28:48:3e:cd:89:34:ac:80:15:
                    ee:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B8:54:CA:E6:43:44:33:FB:AC:5A:7A:BE:A5:20:FD:93:79:83:79
            X509v3 Authority Key Identifier:
                keyid:75:51:E4:EA:EB:60:07:21:54:EA:7F:2C:88:F0:F5:51:84:5D:27:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVHk6utgByFU6n8siPD1UYRdJzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bf8b40-ab74-4d42-8404-4cd444462781/1/MLhUyuZDRDP7rFp6vqUg_ZN5g3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bf8b40-ab74-4d42-8404-4cd444462781/1/dVHk6utgByFU6n8siPD1UYRdJzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.220.0/22
                  185.248.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:f4:5a:a0:e2:b6:55:d4:08:ae:11:9f:a2:dd:c2:cc:d8:1f:
         c5:80:1b:d9:49:c0:cd:1e:47:22:19:22:9b:6a:63:81:22:b6:
         cb:ce:ed:cb:8e:ed:7d:26:18:63:cf:c4:bf:18:0b:9c:ad:01:
         e0:e0:64:e6:51:19:15:42:3f:9c:2e:e9:eb:5f:27:f9:d6:86:
         f6:7b:cd:0f:14:09:92:19:ab:b9:86:87:35:a0:62:0a:66:80:
         a6:0b:38:40:d7:2c:6a:d2:5a:59:20:e4:fb:f2:fb:1d:dd:38:
         82:05:04:79:72:07:cd:50:41:9a:d1:1c:86:fb:80:b5:17:ea:
         f6:1c:4a:16:48:22:3b:5e:b6:63:a9:95:39:84:a5:8a:c4:da:
         e1:1f:a4:08:c7:07:c9:08:04:63:31:ef:97:e2:74:88:2e:a1:
         49:b6:c0:8c:15:96:85:e0:95:46:39:64:c2:ea:e2:d7:3a:07:
         ce:a5:71:82:3b:8f:f1:aa:2e:12:33:7a:c0:f2:5e:08:7c:48:
         94:d4:ed:5b:d2:9f:99:ff:e2:32:5b:1e:4b:cf:b5:74:a0:8a:
         c9:2c:bd:1b:12:fe:ba:ac:7f:fb:e1:7f:3f:98:b0:3b:3a:13:
         42:c2:e1:15:57:80:0f:81:90:8a:68:af:cb:67:08:27:2e:9b:
         62:a4:c1:b5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDEZjUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTUxZTRlYWViNjAwNzIxNTRlYTdmMmM4OGYwZjU1MTg0NWQyNzM2MB4XDTIyMDEw
MTA0MDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBiODU0Y2FlNjQz
NDQzM2ZiYWM1YTdhYmVhNTIwZmQ5Mzc5ODM3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz3XD8+xzavCTOLOoXaU4Hwt1nHMmVhnroORpiXStHoYfAw
iLYxgOfHX3w6LzOAZHXmy2PdxDc/YqE6r0xSJ9Nj8EJcitTTJV1zXkXzUjKVzRp/
mf+ax9J7N3tWhaG4UsRIzqLogcUrDGZc+u9G8gOl5iQVI5C5ukogSzVnIZDop2TX
iY6VYm5m6tBQ2hvllotriIYJgGR7ICTEVwx14R3ZNDqkzwiSEyFDTfbO2j3FSkqn
UgXpqaz9JEtH36/Cnr9nuMWuamrWQ3D/7b5Pl5o+LF3V6qEwk14oaSYKctXYUiIk
D/rNzieIi9XZ9pETTWLSkpQKKEg+zYk0rIAV7tECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQwuFTK5kNEM/usWnq+pSD9k3mDeTAfBgNVHSMEGDAWgBR1UeTq62AHIVTq
fyyI8PVRhF0nNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RWSGs2dXRnQnlGVTZuOHNpUEQxVVlSZEp6WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvYmY4YjQwLWFiNzQtNGQ0Mi04NDA0LTRjZDQ0NDQ2Mjc4MS8x
L01MaFV5dVpEUkRQN3JGcDZ2cVVnX1pONWczay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
YmY4YjQwLWFiNzQtNGQ0Mi04NDA0LTRjZDQ0NDQ2Mjc4MS8xL2RWSGs2dXRnQnlG
VTZuOHNpUEQxVVlSZEp6WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArnk3AMEArn4SDANBgkqhkiG9w0B
AQsFAAOCAQEAiPRaoOK2VdQIrhGfot3CzNgfxYAb2UnAzR5HIhkim2pjgSK2y87t
y47tfSYYY8/EvxgLnK0B4OBk5lEZFUI/nC7p618n+daG9nvNDxQJkhmruYaHNaBi
CmaApgs4QNcsatJaWSDk+/L7Hd04ggUEeXIHzVBBmtEchvuAtRfq9hxKFkgiO162
Y6mVOYSlisTa4R+kCMcHyQgEYzHvl+J0iC6hSbbAjBWWheCVRjlkwuri1zoHzqVx
gjuP8aouEjN6wPJeCHxIlNTtW9Kfmf/iMlseS8+1dKCKySy9GxL+uqx/++F/P5iw
OzoTQsLhFVeAD4GQimivy2cIJy6bYqTBtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:56 2024 by rpki-client on console-ams.rpki-client.org