Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa
File:                     ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa (raw, json)
Hash identifier:          SHKwnaRe/appNbcVWvQlAJculHJjzlHZPzKL+wqnct8=
Subject key identifier:   89:F1:2D:4A:D2:CF:78:00:3C:8C:A2:78:32:1C:69:66:FF:31:C2:ED
Certificate issuer:       /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial:       01941F8C734908574891CDA799D0208D4714
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa
Signing time:             Wed 01 Jan 2025 01:48:05 +0000
ROA not before:           Wed 01 Jan 2025 01:48:05 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     209303
IP address blocks:        5.3.90.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:8c:73:49:08:57:48:91:cd:a7:99:d0:20:8d:47:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
        Validity
            Not Before: Jan  1 01:48:05 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=89f12d4ad2cf78003c8ca278321c6966ff31c2ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cf:24:b8:df:d1:cf:4c:7a:78:b9:24:93:70:
                    3b:ba:39:eb:cd:23:87:58:3d:8d:ea:cb:5f:0c:81:
                    6d:10:ba:60:f6:2c:39:ec:f7:b1:00:29:41:06:ba:
                    9a:9e:bd:41:1f:aa:24:4e:64:33:b3:a7:d8:af:64:
                    3f:8a:72:9a:68:5b:56:62:5c:3b:d0:4b:d4:4c:7a:
                    a2:da:ff:50:6b:2b:88:1f:51:73:ea:38:94:b3:74:
                    c2:36:63:24:3a:99:74:34:8e:fe:d8:88:6d:93:d1:
                    41:c0:5a:f7:c2:03:6b:ba:cb:6a:32:ab:7e:f2:f7:
                    0f:71:ac:df:45:b3:9a:e7:ff:7f:88:58:87:f8:60:
                    21:89:13:8c:fc:a2:9d:8f:2b:0a:57:cf:90:17:32:
                    4b:bd:de:e7:e8:34:05:0f:9a:c9:02:04:a0:0b:7c:
                    2e:18:49:07:af:85:4b:5f:66:5f:2b:5e:2b:25:29:
                    2d:79:92:ca:eb:84:75:48:d8:60:08:bf:ca:24:cb:
                    d8:7e:0d:11:f6:af:1c:d7:eb:7d:73:26:a9:75:4b:
                    44:de:f3:e6:60:08:b1:71:2b:76:d8:d4:af:66:88:
                    03:e7:2d:4e:b7:0a:1b:d3:17:41:f1:a3:1e:e2:db:
                    b4:db:ac:22:c5:be:6e:9b:39:7a:de:ad:9d:70:3a:
                    ac:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F1:2D:4A:D2:CF:78:00:3C:8C:A2:78:32:1C:69:66:FF:31:C2:ED
            X509v3 Authority Key Identifier:
                keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.3.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:15:96:9c:68:c5:b2:76:bd:40:83:42:5a:4f:64:d6:2d:9e:
         5d:b3:73:1b:3a:8f:11:f6:3c:8d:bf:d6:22:c2:2f:2c:dd:9a:
         5d:be:f1:5a:94:b9:32:fc:9d:a9:45:33:f6:f6:6e:3d:88:7e:
         d6:e6:79:dc:3f:22:b0:05:48:70:23:7f:8c:79:e7:65:8d:f5:
         e5:3d:02:8b:04:f2:2d:4b:a5:d9:6f:95:9b:ee:b0:e2:5e:12:
         18:a9:39:60:63:43:c0:4e:f6:a6:91:84:21:d1:90:13:b6:75:
         66:d3:ca:b3:de:50:cf:8c:3d:6e:f7:a1:9c:1f:a9:f9:82:ed:
         b7:d4:a2:33:b0:ab:67:bb:17:7c:50:3f:9e:7c:1a:18:e3:20:
         50:c6:6f:95:12:ed:dc:97:6b:dd:da:15:f5:a4:27:5a:01:03:
         68:bc:d5:4f:26:d8:14:a8:1c:5b:e3:57:84:dc:c5:37:cd:96:
         ca:04:85:65:da:af:53:12:60:28:d2:e1:58:cc:3d:bb:b9:3b:
         9d:98:c8:d1:4d:25:48:a6:9f:5e:6c:22:89:64:26:73:58:0e:
         38:60:b6:db:a1:8e:31:fc:fa:a7:37:00:8d:b8:7f:7d:a2:34:
         fa:16:5b:37:60:7f:1a:b1:bb:d5:dc:36:fd:a2:6c:5f:86:17:
         3b:10:9f:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHNJCFdIkc2nmdAgjUcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWYxMmQ0YWQyY2Y3ODAwM2M4Y2EyNzgzMjFjNjk2NmZmMzFjMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs8kuN/Rz0x6eLkkk3A7ujnrzSOH
WD2N6stfDIFtELpg9iw57PexAClBBrqanr1BH6okTmQzs6fYr2Q/inKaaFtWYlw7
0EvUTHqi2v9QayuIH1Fz6jiUs3TCNmMkOpl0NI7+2Ihtk9FBwFr3wgNrustqMqt+
8vcPcazfRbOa5/9/iFiH+GAhiROM/KKdjysKV8+QFzJLvd7n6DQFD5rJAgSgC3wu
GEkHr4VLX2ZfK14rJSkteZLK64R1SNhgCL/KJMvYfg0R9q8c1+t9cyapdUtE3vPm
YAixcSt22NSvZogD5y1Otwob0xdB8aMe4tu026wixb5umzl63q2dcDqsvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInxLUrSz3gAPIyieDIcaWb/McLtMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvaWZFdFN0TFBlQUE4aktKNE1oeHBadjh4d3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBbFZacaMWydr1Ag0JaT2TWLZ5ds3MbOo8R9jyNv9Yi
wi8s3ZpdvvFalLky/J2pRTP29m49iH7W5nncPyKwBUhwI3+MeedljfXlPQKLBPIt
S6XZb5Wb7rDiXhIYqTlgY0PATvamkYQh0ZATtnVm08qz3lDPjD1u96GcH6n5gu23
1KIzsKtnuxd8UD+efBoY4yBQxm+VEu3cl2vd2hX1pCdaAQNovNVPJtgUqBxb41eE
3MU3zZbKBIVl2q9TEmAo0uFYzD27uTudmMjRTSVIpp9ebCKJZCZzWA44YLbboY4x
/PqnNwCNuH99ojT6Fls3YH8asbvV3Db9omxfhhc7EJ/7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:29 2025 by rpki-client