Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/LK4EMbhFvMOwOGHsCK-zzy9tQkI.roa
File:                     LK4EMbhFvMOwOGHsCK-zzy9tQkI.roa (raw, json)
Hash identifier:          y32nH2q6KqQu3nQCj/kIy1avReWe8ojVBsN0kC97Xmc=
Subject key identifier:   2C:AE:04:31:B8:45:BC:C3:B0:38:61:EC:08:AF:B3:CF:2F:6D:42:42
Certificate issuer:       /CN=60d3ac4825dca7eec97005dba3b0bff27904f58a
Certificate serial:       12D2BB7A
Authority key identifier: 60:D3:AC:48:25:DC:A7:EE:C9:70:05:DB:A3:B0:BF:F2:79:04:F5:8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/LK4EMbhFvMOwOGHsCK-zzy9tQkI.roa
Signing time:             Sat 01 Jan 2022 03:53:08 +0000
ROA not before:           Sat 01 Jan 2022 03:53:08 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     31727
IP address blocks:        185.144.110.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 315800442 (0x12d2bb7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d3ac4825dca7eec97005dba3b0bff27904f58a
        Validity
            Not Before: Jan  1 03:53:08 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2cae0431b845bcc3b03861ec08afb3cf2f6d4242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:78:97:2f:79:a8:98:56:12:d4:3c:f1:9a:bf:
                    e2:92:dc:43:72:16:72:49:ed:b0:8a:cc:ee:de:c8:
                    18:be:70:b1:60:85:58:b6:24:e8:dd:93:29:4f:97:
                    0d:08:7e:7b:b2:a3:0e:41:93:30:07:e1:6e:94:64:
                    ab:a5:78:78:e4:47:be:fd:8d:20:60:d2:a5:e3:25:
                    09:45:96:9f:a5:97:0a:66:de:72:ad:dc:1b:57:6f:
                    29:5f:8e:f7:00:34:19:a9:b8:02:13:92:29:0c:33:
                    56:31:2d:a2:7e:55:fb:4d:f7:ce:94:48:33:a2:f2:
                    a9:42:ca:1d:99:22:21:83:8d:5c:f8:56:e7:79:49:
                    42:83:4e:3b:6a:54:97:2e:16:4e:63:2b:45:29:94:
                    96:c4:b2:05:2d:45:a3:6a:db:aa:c7:05:4c:c2:4a:
                    72:6a:b1:60:e8:13:85:56:80:15:23:4f:ed:9f:1f:
                    1b:80:fc:e7:33:08:47:01:90:f7:7f:a4:51:f1:30:
                    b7:46:7b:ab:ad:4b:3b:ed:84:61:65:f3:86:24:b6:
                    aa:95:26:65:65:50:e9:24:d0:48:77:86:81:30:e4:
                    0b:3f:d3:c0:16:6c:ee:a9:7d:e8:20:c9:ab:b8:72:
                    90:ee:f0:47:7e:c1:10:5d:46:a2:58:a1:05:03:31:
                    2e:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:AE:04:31:B8:45:BC:C3:B0:38:61:EC:08:AF:B3:CF:2F:6D:42:42
            X509v3 Authority Key Identifier:
                keyid:60:D3:AC:48:25:DC:A7:EE:C9:70:05:DB:A3:B0:BF:F2:79:04:F5:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/LK4EMbhFvMOwOGHsCK-zzy9tQkI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:38:e0:91:ef:f9:e6:93:60:51:fe:9f:2d:55:67:c8:91:40:
         97:79:f5:e4:2c:dd:6c:99:bf:8b:f1:ad:84:42:0e:7d:d1:a9:
         db:f6:bd:1d:de:20:d5:06:65:14:74:f4:df:71:10:a7:3f:c3:
         d9:0f:3a:92:0f:37:cb:7b:20:36:10:63:6f:fe:53:e8:bb:08:
         ec:00:6d:e1:dd:0d:d2:0b:94:bf:b5:6d:80:43:20:7d:dc:96:
         f7:85:87:64:ac:1c:24:8d:34:ec:e6:df:35:f8:64:57:b7:05:
         bf:ce:ea:7a:9c:c5:17:98:93:b4:1e:a7:47:cd:9a:2d:02:a1:
         c3:03:1d:b9:e8:be:b7:ec:a0:0b:73:fa:08:db:be:ac:e6:3b:
         03:73:66:29:74:79:61:6b:79:90:c0:db:ee:e2:a9:36:98:3c:
         64:0f:32:0c:4b:4c:c1:eb:61:18:26:66:aa:db:15:7d:f6:cb:
         53:cd:d0:d3:f7:2a:ed:37:80:0d:41:44:66:ee:8d:95:72:b5:
         7a:35:2b:b3:ed:ca:68:a0:25:8c:8d:64:1e:01:fd:4d:1d:20:
         ba:04:88:ee:78:a9:56:70:de:3e:42:fb:37:04:02:d8:b5:7a:
         f2:d4:ff:b6:aa:3b:83:01:05:fb:62:8f:37:7f:79:d2:90:07:
         fc:cb:5c:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEtK7ejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGQzYWM0ODI1ZGNhN2VlYzk3MDA1ZGJhM2IwYmZmMjc5MDRmNThhMB4XDTIyMDEw
MTAzNTMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNhZTA0MzFiODQ1
YmNjM2IwMzg2MWVjMDhhZmIzY2YyZjZkNDI0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK14ly95qJhWEtQ88Zq/4pLcQ3IWckntsIrM7t7IGL5wsWCF
WLYk6N2TKU+XDQh+e7KjDkGTMAfhbpRkq6V4eORHvv2NIGDSpeMlCUWWn6WXCmbe
cq3cG1dvKV+O9wA0Gam4AhOSKQwzVjEton5V+033zpRIM6LyqULKHZkiIYONXPhW
53lJQoNOO2pUly4WTmMrRSmUlsSyBS1Fo2rbqscFTMJKcmqxYOgThVaAFSNP7Z8f
G4D85zMIRwGQ93+kUfEwt0Z7q61LO+2EYWXzhiS2qpUmZWVQ6STQSHeGgTDkCz/T
wBZs7ql96CDJq7hykO7wR37BEF1GolihBQMxLnkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsrgQxuEW8w7A4YewIr7PPL21CQjAfBgNVHSMEGDAWgBRg06xIJdyn7slw
BdujsL/yeQT1ijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lOT3NTQ1hjcC03SmNBWGJvN0NfOG5rRTlZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjQ3NjVmLWE2MGYtNDM1Ni05ODJhLTFhZmQyNjQ5YjI5OS8x
L0xLNEVNYmhGdk1Pd09HSHNDSy16enk5dFFrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
YjQ3NjVmLWE2MGYtNDM1Ni05ODJhLTFhZmQyNjQ5YjI5OS8xL1lOT3NTQ1hjcC03
SmNBWGJvN0NfOG5rRTlZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmQbjANBgkqhkiG9w0BAQsFAAOC
AQEACzjgke/55pNgUf6fLVVnyJFAl3n15CzdbJm/i/GthEIOfdGp2/a9Hd4g1QZl
FHT033EQpz/D2Q86kg83y3sgNhBjb/5T6LsI7ABt4d0N0guUv7VtgEMgfdyW94WH
ZKwcJI007ObfNfhkV7cFv87qepzFF5iTtB6nR82aLQKhwwMduei+t+ygC3P6CNu+
rOY7A3NmKXR5YWt5kMDb7uKpNpg8ZA8yDEtMwethGCZmqtsVffbLU83Q0/cq7TeA
DUFEZu6NlXK1ejUrs+3KaKAljI1kHgH9TR0gugSI7nipVnDePkL7NwQC2LV68tT/
tqo7gwEF+2KPN3950pAH/Mtcag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:40 2024 by rpki-client on console-fra.rpki-client.org