Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/9bbf75-30d8-4bcc-bc51-1b21765172b6/1/C_zemCfjgEBVf0ngZs3xX6tq8vA.roa
File:                     C_zemCfjgEBVf0ngZs3xX6tq8vA.roa (raw, json)
Hash identifier:          xoU8COdTXHHKfy/QsmbOIWMD72n1yDXMKs1ydNfL8y4=
Subject key identifier:   0B:FC:DE:98:27:E3:80:40:55:7F:49:E0:66:CD:F1:5F:AB:6A:F2:F0
Certificate issuer:       /CN=02e2b228b50cdc90ee498e51bfc915997ca6c590
Certificate serial:       0177A6DB
Authority key identifier: 02:E2:B2:28:B5:0C:DC:90:EE:49:8E:51:BF:C9:15:99:7C:A6:C5:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AuKyKLUM3JDuSY5Rv8kVmXymxZA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/9bbf75-30d8-4bcc-bc51-1b21765172b6/1/C_zemCfjgEBVf0ngZs3xX6tq8vA.roa
Signing time:             Sun 20 Feb 2022 13:53:58 +0000
ROA not before:           Sun 20 Feb 2022 13:53:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     10103
IP address blocks:        188.64.142.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24618715 (0x177a6db)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02e2b228b50cdc90ee498e51bfc915997ca6c590
        Validity
            Not Before: Feb 20 13:53:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0bfcde9827e38040557f49e066cdf15fab6af2f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:72:36:a0:cf:15:eb:36:0b:a8:e2:c7:2b:f5:
                    83:35:ba:58:6a:f6:7c:78:60:a1:97:67:8e:91:57:
                    4e:08:43:69:23:35:02:08:5d:4c:27:36:d3:a3:5b:
                    4a:b1:b3:bd:46:bf:0d:88:54:96:76:e4:70:5e:44:
                    06:61:90:03:36:8c:0e:05:2d:c4:0a:83:4a:37:85:
                    b1:39:b1:7e:0d:4d:6e:2d:52:ea:95:ac:cc:e5:80:
                    01:15:5d:2b:17:e6:d9:e9:59:1f:e6:b7:a8:20:d3:
                    f4:2a:1d:65:36:fd:a2:bf:ef:0f:e4:51:cc:8a:c3:
                    33:92:52:f0:9a:1c:df:f5:9a:52:71:2c:80:20:8e:
                    83:1b:ac:dd:b5:78:88:04:48:5f:50:30:ee:ee:05:
                    3a:e2:7a:2c:e7:7d:87:07:d8:4f:b2:e2:74:f7:b9:
                    37:42:d0:3f:fb:00:aa:0b:43:e4:4a:3c:ab:2b:0a:
                    da:f6:f6:b8:11:0b:95:4f:77:56:ab:72:35:f9:b9:
                    b8:6a:82:05:0b:1c:97:57:41:4f:02:80:a6:c1:80:
                    2c:69:fa:ef:2f:e1:81:fe:55:35:0f:24:6b:4e:dc:
                    4e:a2:c1:e6:8f:6a:f5:02:38:bd:12:6e:1d:31:32:
                    76:78:3c:4b:c1:fa:cc:6a:1c:c2:cd:27:19:23:a1:
                    7f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:FC:DE:98:27:E3:80:40:55:7F:49:E0:66:CD:F1:5F:AB:6A:F2:F0
            X509v3 Authority Key Identifier:
                keyid:02:E2:B2:28:B5:0C:DC:90:EE:49:8E:51:BF:C9:15:99:7C:A6:C5:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AuKyKLUM3JDuSY5Rv8kVmXymxZA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9bbf75-30d8-4bcc-bc51-1b21765172b6/1/C_zemCfjgEBVf0ngZs3xX6tq8vA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9bbf75-30d8-4bcc-bc51-1b21765172b6/1/AuKyKLUM3JDuSY5Rv8kVmXymxZA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:d7:60:0b:ff:21:ab:ed:20:93:30:4b:f9:10:8b:98:bd:00:
         e6:fd:5c:69:83:f7:7c:ae:b0:ae:15:78:8d:8b:55:43:0a:19:
         5e:bb:46:1e:ba:4d:19:e7:48:40:64:eb:ff:e4:71:67:a6:87:
         7f:dc:85:b7:a8:76:50:40:ba:b9:73:71:5e:b1:ba:60:5c:16:
         a8:37:69:1e:af:d6:37:43:3c:fe:bb:48:dd:d6:2a:2a:e4:f8:
         89:b6:65:36:6e:df:89:4b:cc:cb:fc:c2:39:6b:a9:c2:b2:8f:
         76:59:17:06:a3:cf:ae:c1:8d:31:dd:9a:d6:c6:95:8d:7e:4f:
         63:3e:f7:de:36:16:a9:85:bc:62:6e:28:63:e9:32:ac:96:e8:
         ef:a9:9d:e9:1a:78:16:d0:6f:6f:9c:bf:31:bf:14:05:84:bf:
         39:7f:40:03:92:61:51:4d:5f:82:28:aa:6a:37:be:be:16:82:
         e6:12:d8:1e:e2:d8:5a:52:c1:6d:b3:3c:d3:0f:73:21:3b:cc:
         ac:b1:71:11:9c:d3:97:1a:d4:e8:db:33:70:26:cf:4d:48:f4:
         80:0a:44:75:93:83:4b:48:f9:b7:87:56:99:9a:bb:bb:a8:56:
         09:25:5a:f2:de:7a:3b:62:31:a3:23:6d:aa:ff:37:00:87:fc:
         30:5c:dc:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXem2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmUyYjIyOGI1MGNkYzkwZWU0OThlNTFiZmM5MTU5OTdjYTZjNTkwMB4XDTIyMDIy
MDEzNTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJmY2RlOTgyN2Uz
ODA0MDU1N2Y0OWUwNjZjZGYxNWZhYjZhZjJmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1yNqDPFes2C6jixyv1gzW6WGr2fHhgoZdnjpFXTghDaSM1
AghdTCc206NbSrGzvUa/DYhUlnbkcF5EBmGQAzaMDgUtxAqDSjeFsTmxfg1Nbi1S
6pWszOWAARVdKxfm2elZH+a3qCDT9CodZTb9or/vD+RRzIrDM5JS8Joc3/WaUnEs
gCCOgxus3bV4iARIX1Aw7u4FOuJ6LOd9hwfYT7LidPe5N0LQP/sAqgtD5Eo8qysK
2vb2uBELlU93VqtyNfm5uGqCBQscl1dBTwKApsGALGn67y/hgf5VNQ8ka07cTqLB
5o9q9QI4vRJuHTEydng8S8H6zGocws0nGSOhf18CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQL/N6YJ+OAQFV/SeBmzfFfq2ry8DAfBgNVHSMEGDAWgBQC4rIotQzckO5J
jlG/yRWZfKbFkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F1S3lLTFVNM0pEdVNZNVJ2OGtWbVh5bXhaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvOWJiZjc1LTMwZDgtNGJjYy1iYzUxLTFiMjE3NjUxNzJiNi8x
L0NfemVtQ2ZqZ0VCVmYwbmdaczN4WDZ0cTh2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
OWJiZjc1LTMwZDgtNGJjYy1iYzUxLTFiMjE3NjUxNzJiNi8xL0F1S3lLTFVNM0pE
dVNZNVJ2OGtWbVh5bXhaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxAjjANBgkqhkiG9w0BAQsFAAOC
AQEAmtdgC/8hq+0gkzBL+RCLmL0A5v1caYP3fK6wrhV4jYtVQwoZXrtGHrpNGedI
QGTr/+RxZ6aHf9yFt6h2UEC6uXNxXrG6YFwWqDdpHq/WN0M8/rtI3dYqKuT4ibZl
Nm7fiUvMy/zCOWupwrKPdlkXBqPPrsGNMd2a1saVjX5PYz733jYWqYW8Ym4oY+ky
rJbo76md6Rp4FtBvb5y/Mb8UBYS/OX9AA5JhUU1fgiiqaje+vhaC5hLYHuLYWlLB
bbM80w9zITvMrLFxEZzTlxrU6NszcCbPTUj0gApEdZODS0j5t4dWmZq7u6hWCSVa
8t56O2IxoyNtqv83AIf8MFzcXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:51 2024 by rpki-client on console-fra.rpki-client.org