Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/10cc2c-7ea1-4cbb-84d5-e0ca4d166f1f/1/HgcPRqH980ikmBbLnfUxU6-1ROc.roa
File:                     HgcPRqH980ikmBbLnfUxU6-1ROc.roa (raw, json)
Hash identifier:          sDU0PHlkbXYGXaceDIf4UYuKdpyRc2TgWBL8fIz35ow=
Subject key identifier:   1E:07:0F:46:A1:FD:F3:48:A4:98:16:CB:9D:F5:31:53:AF:B5:44:E7
Certificate issuer:       /CN=71e0b873cc1a78d43bb70319ffa5495057901a64
Certificate serial:       01860E3AFEAAA0DEDA759C7A8E4264BE076E
Authority key identifier: 71:E0:B8:73:CC:1A:78:D4:3B:B7:03:19:FF:A5:49:50:57:90:1A:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ceC4c8waeNQ7twMZ_6VJUFeQGmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/10cc2c-7ea1-4cbb-84d5-e0ca4d166f1f/1/HgcPRqH980ikmBbLnfUxU6-1ROc.roa
Signing time:             Wed 01 Feb 2023 18:26:32 +0000
ROA not before:           Wed 01 Feb 2023 18:26:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        195.184.92.0/23 maxlen: 24
                          193.37.236.0/24 maxlen: 24
                          185.2.162.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0e:3a:fe:aa:a0:de:da:75:9c:7a:8e:42:64:be:07:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71e0b873cc1a78d43bb70319ffa5495057901a64
        Validity
            Not Before: Feb  1 18:26:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1e070f46a1fdf348a49816cb9df53153afb544e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:4a:58:da:cb:c4:7c:67:1b:b3:25:61:ed:1b:
                    b1:b6:dc:af:6b:26:15:74:da:bd:6a:98:8a:31:6d:
                    4d:b2:60:f6:32:c4:c0:a1:e8:1c:77:af:1c:4a:67:
                    85:e4:79:c0:10:16:e7:18:9a:2b:bb:57:97:71:3d:
                    cc:23:62:73:fa:62:6e:04:d4:a2:16:11:18:fb:b3:
                    31:7c:d1:78:e0:58:f9:89:29:17:56:32:e0:35:e9:
                    f5:59:ad:ee:ba:e2:5e:f1:1c:91:44:26:f4:08:68:
                    45:78:7f:ef:17:60:34:94:bc:85:a7:63:fe:e4:67:
                    28:d3:58:91:dd:23:4b:0c:39:3e:78:5c:96:07:e6:
                    23:61:b1:c1:03:53:4a:98:8b:9a:4e:87:46:c9:e0:
                    e4:ca:93:07:6f:e6:80:b9:83:51:1f:9e:43:eb:dc:
                    d1:ba:e0:2f:78:fe:a6:10:cb:d9:35:75:ea:a0:8a:
                    e2:e6:98:5c:5a:c1:d9:d9:17:d9:fa:d5:f2:41:1a:
                    86:55:a1:18:26:a0:de:5f:5f:31:e5:78:8d:fc:b3:
                    83:2a:a0:0b:c7:f6:85:47:9c:b9:bb:71:47:93:c2:
                    c1:d0:a0:6e:b9:71:fa:80:60:c6:b7:59:fb:a7:ec:
                    59:0b:3a:fc:9b:2e:5f:a7:ae:68:dd:9b:4a:16:c4:
                    8a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:07:0F:46:A1:FD:F3:48:A4:98:16:CB:9D:F5:31:53:AF:B5:44:E7
            X509v3 Authority Key Identifier:
                keyid:71:E0:B8:73:CC:1A:78:D4:3B:B7:03:19:FF:A5:49:50:57:90:1A:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ceC4c8waeNQ7twMZ_6VJUFeQGmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/10cc2c-7ea1-4cbb-84d5-e0ca4d166f1f/1/HgcPRqH980ikmBbLnfUxU6-1ROc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/10cc2c-7ea1-4cbb-84d5-e0ca4d166f1f/1/ceC4c8waeNQ7twMZ_6VJUFeQGmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.2.162.0/23
                  193.37.236.0/24
                  195.184.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:56:38:58:27:7f:07:5f:d2:d1:c6:0e:ac:8b:58:2c:d5:2e:
         31:81:da:01:20:64:51:50:65:a5:c4:4d:3f:b9:72:c4:f3:30:
         e1:16:f6:f1:45:c8:3d:c4:61:4f:8c:a2:d3:a0:dd:28:75:8f:
         1b:84:fc:7c:da:d1:22:af:52:d7:61:14:b1:1a:77:10:65:92:
         d1:f2:59:b9:c0:b8:96:11:c7:cb:f0:68:54:40:39:0d:76:27:
         f0:c9:2b:41:ab:18:a4:aa:17:7b:83:ee:6f:25:d1:58:61:9f:
         ef:bb:8f:8e:4f:dc:8a:3c:b8:5d:4f:56:1a:4d:2e:dd:3d:31:
         5b:3e:4e:02:59:47:07:56:c9:81:06:f3:66:b2:af:42:82:36:
         07:fa:74:93:f9:10:cf:d6:9b:c6:31:82:ca:41:c3:da:41:56:
         a7:40:cd:83:a9:9a:22:ce:fb:1a:cb:dc:9d:51:35:75:3a:eb:
         ed:26:71:bf:b8:67:fd:ce:e9:66:32:c9:b3:20:6c:60:f2:24:
         13:ad:7d:c9:4d:a2:49:70:0a:77:b5:f7:11:5c:03:2a:91:f0:
         b8:aa:9e:63:76:ea:41:2b:0b:03:63:ac:6d:da:01:e1:79:12:
         0d:d1:9e:a2:c0:5c:80:bf:0e:7c:8e:bd:06:d8:75:9f:e5:d8:
         e6:fd:c3:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYOOv6qoN7adZx6jkJkvgduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZTBiODczY2MxYTc4ZDQzYmI3MDMxOWZmYTU0OTUwNTc5
MDFhNjQwHhcNMjMwMjAxMTgyNjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA3MGY0NmExZmRmMzQ4YTQ5ODE2Y2I5ZGY1MzE1M2FmYjU0NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEpY2svEfGcbsyVh7RuxttyvayYV
dNq9apiKMW1NsmD2MsTAoegcd68cSmeF5HnAEBbnGJoru1eXcT3MI2Jz+mJuBNSi
FhEY+7MxfNF44Fj5iSkXVjLgNen1Wa3uuuJe8RyRRCb0CGhFeH/vF2A0lLyFp2P+
5Gco01iR3SNLDDk+eFyWB+YjYbHBA1NKmIuaTodGyeDkypMHb+aAuYNRH55D69zR
uuAveP6mEMvZNXXqoIri5phcWsHZ2RfZ+tXyQRqGVaEYJqDeX18x5XiN/LODKqAL
x/aFR5y5u3FHk8LB0KBuuXH6gGDGt1n7p+xZCzr8my5fp65o3ZtKFsSKowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB4HD0ah/fNIpJgWy531MVOvtUTnMB8GA1UdIwQY
MBaAFHHguHPMGnjUO7cDGf+lSVBXkBpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2VDNGM4d2FlTlE3dHdNWl82VkpVRmVRR21RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xMGNjMmMtN2VhMS00Y2JiLTg0ZDUt
ZTBjYTRkMTY2ZjFmLzEvSGdjUFJxSDk4MGlrbUJiTG5mVXhVNi0xUk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xMGNjMmMtN2VhMS00Y2JiLTg0ZDUtZTBjYTRkMTY2ZjFm
LzEvY2VDNGM4d2FlTlE3dHdNWl82VkpVRmVRR21RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuQKiAwQA
wSXsAwQBw7hcMA0GCSqGSIb3DQEBCwUAA4IBAQARVjhYJ38HX9LRxg6si1gs1S4x
gdoBIGRRUGWlxE0/uXLE8zDhFvbxRcg9xGFPjKLToN0odY8bhPx82tEir1LXYRSx
GncQZZLR8lm5wLiWEcfL8GhUQDkNdifwyStBqxikqhd7g+5vJdFYYZ/vu4+OT9yK
PLhdT1YaTS7dPTFbPk4CWUcHVsmBBvNmsq9CgjYH+nST+RDP1pvGMYLKQcPaQVan
QM2DqZoizvsay9ydUTV1OuvtJnG/uGf9zulmMsmzIGxg8iQTrX3JTaJJcAp3tfcR
XAMqkfC4qp5jdupBKwsDY6xt2gHheRIN0Z6iwFyAvw58jr0G2HWf5djm/cNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:46 2024 by rpki-client on console-fra.rpki-client.org