Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/d8cTkv5W-c_spy1UUDXHuBmKSw8.roa
File:                     d8cTkv5W-c_spy1UUDXHuBmKSw8.roa (raw, json)
Hash identifier:          5E/KJY9PHMI1anPLun865cg5r0cOMvJX3YCv8WTazn8=
Subject key identifier:   77:C7:13:92:FE:56:F9:CF:EC:A7:2D:54:50:35:C7:B8:19:8A:4B:0F
Certificate issuer:       /CN=c2c3b5e97c46a93bc3a35cc71055c4f0dfc6c451
Certificate serial:       0188716A5084017579C1F765D9B4888D6489
Authority key identifier: C2:C3:B5:E9:7C:46:A9:3B:C3:A3:5C:C7:10:55:C4:F0:DF:C6:C4:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wsO16XxGqTvDo1zHEFXE8N_GxFE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/d8cTkv5W-c_spy1UUDXHuBmKSw8.roa
Signing time:             Wed 31 May 2023 10:46:12 +0000
ROA not before:           Wed 31 May 2023 10:46:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200923
IP address blocks:        95.140.123.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:6a:50:84:01:75:79:c1:f7:65:d9:b4:88:8d:64:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2c3b5e97c46a93bc3a35cc71055c4f0dfc6c451
        Validity
            Not Before: May 31 10:46:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77c71392fe56f9cfeca72d545035c7b8198a4b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:09:ba:d5:07:6e:08:e9:31:d8:f2:1a:cf:01:
                    2a:ef:0e:ed:6b:19:6a:51:51:c0:64:8d:5b:36:82:
                    59:71:0a:9f:75:31:d1:c1:aa:27:19:5a:f9:55:e8:
                    29:19:50:a3:06:f4:18:80:e9:87:c4:07:ce:af:83:
                    68:52:8a:f9:a2:e4:b5:55:6c:90:c7:63:27:49:34:
                    fd:77:80:29:8c:c8:8e:c1:73:08:c6:0d:a8:e4:0c:
                    07:da:78:78:09:9a:e7:fa:ad:54:68:94:d1:d2:e8:
                    bc:63:55:8b:1d:eb:c0:ba:ab:e0:c8:ee:fe:c7:68:
                    ca:63:1a:08:0a:2b:06:36:9e:82:11:f5:a9:63:1e:
                    7a:3f:6d:12:dd:d1:2b:28:3e:37:8e:3e:0f:6f:ee:
                    16:93:91:86:7c:12:4e:b8:ec:f7:ab:ab:41:53:4e:
                    54:53:86:15:da:4c:88:c7:8f:04:67:88:8c:d5:89:
                    1f:ce:48:b4:47:7d:e0:ad:21:a2:15:5f:88:6e:bd:
                    7e:55:e6:27:17:1c:2f:4e:59:3a:fd:52:51:1c:c3:
                    86:46:7f:f8:2d:30:1d:1f:c4:68:0c:e3:a4:f5:59:
                    df:86:e7:23:80:bb:b3:3d:2d:c3:93:1b:20:df:df:
                    8d:9a:ce:64:55:54:be:bf:13:d1:6e:e6:2d:41:78:
                    ca:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:C7:13:92:FE:56:F9:CF:EC:A7:2D:54:50:35:C7:B8:19:8A:4B:0F
            X509v3 Authority Key Identifier:
                keyid:C2:C3:B5:E9:7C:46:A9:3B:C3:A3:5C:C7:10:55:C4:F0:DF:C6:C4:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsO16XxGqTvDo1zHEFXE8N_GxFE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/d8cTkv5W-c_spy1UUDXHuBmKSw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/wsO16XxGqTvDo1zHEFXE8N_GxFE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.140.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:65:56:ec:53:39:29:7e:43:ff:bb:ff:f8:1a:ec:7a:ba:90:
         6d:95:9c:11:1b:47:c9:e3:ad:06:b2:f8:b8:76:b8:f7:80:41:
         3b:54:ad:93:75:76:e9:3e:d2:4d:7c:a5:6c:a4:61:60:2b:bc:
         b5:36:00:36:89:76:31:2e:fb:99:f2:65:9f:d6:3c:c5:a7:49:
         c5:a7:73:0c:37:94:01:42:e7:65:28:0e:cc:ab:0f:42:11:20:
         8e:1a:dc:2d:c2:ce:71:20:d8:3c:28:80:3b:af:ea:fe:f9:32:
         3e:a9:5c:f1:42:13:fc:d7:48:73:22:75:b2:ac:91:15:e2:67:
         5c:f3:4e:15:fc:6e:a4:b0:4f:9d:9b:02:f4:33:db:b0:ca:2b:
         a3:2d:65:b9:dc:33:fc:fd:97:bf:b8:f0:ae:5b:89:ea:e1:f7:
         58:f3:e3:14:6d:e7:16:cb:ee:25:2b:49:48:2a:fb:5a:7a:6a:
         4c:87:e9:bc:2a:40:c5:f3:fa:58:19:7b:b3:9a:1c:20:86:46:
         d5:7f:fb:6b:29:18:bf:34:71:90:fc:f5:16:de:77:ae:ad:05:
         d8:9f:90:8f:2b:bc:71:e9:8a:35:3c:64:e6:52:3a:22:d8:2a:
         f7:a3:45:cb:49:b0:13:45:89:58:e0:bb:6a:c1:55:41:ca:56:
         52:08:c7:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhxalCEAXV5wfdl2bSIjWSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzNiNWU5N2M0NmE5M2JjM2EzNWNjNzEwNTVjNGYwZGZj
NmM0NTEwHhcNMjMwNTMxMTA0NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M3MTM5MmZlNTZmOWNmZWNhNzJkNTQ1MDM1YzdiODE5OGE0YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Am61QduCOkx2PIazwEq7w7taxlq
UVHAZI1bNoJZcQqfdTHRwaonGVr5VegpGVCjBvQYgOmHxAfOr4NoUor5ouS1VWyQ
x2MnSTT9d4ApjMiOwXMIxg2o5AwH2nh4CZrn+q1UaJTR0ui8Y1WLHevAuqvgyO7+
x2jKYxoICisGNp6CEfWpYx56P20S3dErKD43jj4Pb+4Wk5GGfBJOuOz3q6tBU05U
U4YV2kyIx48EZ4iM1Ykfzki0R33grSGiFV+Ibr1+VeYnFxwvTlk6/VJRHMOGRn/4
LTAdH8RoDOOk9VnfhucjgLuzPS3Dkxsg39+Nms5kVVS+vxPRbuYtQXjK8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfHE5L+VvnP7KctVFA1x7gZiksPMB8GA1UdIwQY
MBaAFMLDtel8Rqk7w6NcxxBVxPDfxsRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NPMTZYeEdxVHZEbzF6SEVGWEU4Tl9HeEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xNjUxYjUtY2RlNS00Y2RmLWEyOWYt
NDJiNGZiODM0ZjE1LzEvZDhjVGt2NVctY19zcHkxVVVEWEh1Qm1LU3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xNjUxYjUtY2RlNS00Y2RmLWEyOWYtNDJiNGZiODM0ZjE1
LzEvd3NPMTZYeEdxVHZEbzF6SEVGWEU4Tl9HeEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4x7MA0G
CSqGSIb3DQEBCwUAA4IBAQCXZVbsUzkpfkP/u//4Gux6upBtlZwRG0fJ460Gsvi4
drj3gEE7VK2TdXbpPtJNfKVspGFgK7y1NgA2iXYxLvuZ8mWf1jzFp0nFp3MMN5QB
QudlKA7Mqw9CESCOGtwtws5xINg8KIA7r+r++TI+qVzxQhP810hzInWyrJEV4mdc
804V/G6ksE+dmwL0M9uwyiujLWW53DP8/Ze/uPCuW4nq4fdY8+MUbecWy+4lK0lI
KvtaempMh+m8KkDF8/pYGXuzmhwghkbVf/trKRi/NHGQ/PUW3neurQXYn5CPK7xx
6Yo1PGTmUjoi2Cr3o0XLSbATRYlY4LtqwVVBylZSCMeF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:11 2024 by rpki-client on console-ams.rpki-client.org