Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/536758-6ba5-4fce-b774-5c45a4ac2f46/1/k2ArtXmOLp8f3kkqQpmcoTIND4c.roa
File:                     k2ArtXmOLp8f3kkqQpmcoTIND4c.roa (raw, json)
Hash identifier:          R4D5qMLlWQ68ip6WwfqzW3AXTsvUhqViU3OSA2DuTdw=
Subject key identifier:   93:60:2B:B5:79:8E:2E:9F:1F:DE:49:2A:42:99:9C:A1:32:0D:0F:87
Certificate issuer:       /CN=7630eee64d6c18b84f9c8b7f38525e62c15da18c
Certificate serial:       018CC79343FAC7FC1DDE2A60C09F32FD0E60
Authority key identifier: 76:30:EE:E6:4D:6C:18:B8:4F:9C:8B:7F:38:52:5E:62:C1:5D:A1:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/djDu5k1sGLhPnIt_OFJeYsFdoYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/536758-6ba5-4fce-b774-5c45a4ac2f46/1/k2ArtXmOLp8f3kkqQpmcoTIND4c.roa
Signing time:             Tue 02 Jan 2024 00:29:26 +0000
ROA not before:           Tue 02 Jan 2024 00:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29684
IP address blocks:        77.95.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:43:fa:c7:fc:1d:de:2a:60:c0:9f:32:fd:0e:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7630eee64d6c18b84f9c8b7f38525e62c15da18c
        Validity
            Not Before: Jan  2 00:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=93602bb5798e2e9f1fde492a42999ca1320d0f87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3f:3c:ff:d5:ce:65:34:7a:e5:d6:ec:64:e7:
                    0c:07:94:a3:8e:0c:8c:96:4c:27:de:ab:84:cb:9c:
                    fc:70:fa:4a:e6:3d:c4:e4:0a:e5:10:3e:c3:72:bc:
                    8c:f1:a2:cd:93:09:bd:7b:02:2a:98:31:35:6b:90:
                    62:d9:6e:3d:31:82:37:75:db:fc:d8:a3:f1:9d:e8:
                    3e:c2:df:f3:94:00:97:c5:47:1b:02:8e:0e:33:1a:
                    fe:0b:7a:bc:54:f7:18:1f:aa:83:a4:ef:3b:ee:b3:
                    ad:9e:8e:a9:57:c8:1a:11:27:1b:d1:6a:5b:23:8d:
                    7b:93:f8:20:1a:46:1b:0e:a8:39:ed:20:8a:71:d8:
                    4b:d4:db:d5:20:40:5b:84:2e:de:63:03:43:58:fe:
                    ab:dd:25:7d:d5:d7:0c:99:3b:f0:51:9c:4e:fe:37:
                    5b:52:05:25:88:47:e2:92:fe:9b:08:d6:0c:1d:8a:
                    69:62:0d:95:ed:e4:86:75:44:fd:ee:db:f7:f0:e9:
                    d4:98:1e:be:1f:4a:d8:bb:23:53:bd:f0:0d:9e:40:
                    88:05:2e:65:9e:5a:f2:d4:e2:df:21:b5:3b:fd:e8:
                    88:a6:fe:d7:5f:73:0b:94:be:64:27:8e:c0:79:18:
                    a3:71:b6:f3:e3:3b:e3:25:a5:a9:02:be:88:90:a0:
                    4b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:60:2B:B5:79:8E:2E:9F:1F:DE:49:2A:42:99:9C:A1:32:0D:0F:87
            X509v3 Authority Key Identifier:
                keyid:76:30:EE:E6:4D:6C:18:B8:4F:9C:8B:7F:38:52:5E:62:C1:5D:A1:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/djDu5k1sGLhPnIt_OFJeYsFdoYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/536758-6ba5-4fce-b774-5c45a4ac2f46/1/k2ArtXmOLp8f3kkqQpmcoTIND4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/536758-6ba5-4fce-b774-5c45a4ac2f46/1/djDu5k1sGLhPnIt_OFJeYsFdoYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.95.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:46:dc:a1:8d:64:25:d2:fb:1d:c4:14:07:dd:5d:27:b6:44:
         bc:bd:d6:98:fc:fb:f4:03:ae:59:e0:6c:1b:09:d7:a3:fa:bc:
         f8:f7:a6:2e:6c:ff:14:fa:2b:9c:1d:69:f1:a3:7c:36:c7:07:
         a5:d3:e4:1a:2b:00:8e:df:fa:b2:55:a7:16:dc:0d:b8:20:30:
         81:89:2b:0c:ec:e7:65:75:76:76:c0:1f:83:ab:c7:b5:78:75:
         9c:a5:09:f5:44:7d:77:8e:27:40:eb:1c:6e:76:2c:56:b5:57:
         83:78:eb:cd:99:53:48:21:c5:18:15:08:34:72:e9:ac:e5:7f:
         d9:58:5b:24:e4:23:cf:75:e6:5d:38:0f:7e:df:6f:1c:68:d0:
         6a:5d:11:2a:c2:ed:d1:43:09:ab:34:3a:a4:84:f0:00:c1:48:
         26:08:91:87:e8:e4:8e:1f:15:9d:7a:4e:ca:1a:06:4e:82:5d:
         42:80:01:4f:e3:8f:bf:b5:c2:ee:05:d6:fa:d4:1e:36:7f:94:
         d6:40:aa:76:16:15:91:e5:82:17:0b:08:17:ea:eb:8d:83:76:
         57:f6:1f:6c:67:60:90:9f:1e:54:4d:ba:c0:78:6a:9c:62:8c:
         38:d5:18:56:86:f4:9e:69:6c:46:e5:8e:ec:dd:71:ba:85:fe:
         a9:f1:34:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk0P6x/wd3ipgwJ8y/Q5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MzBlZWU2NGQ2YzE4Yjg0ZjljOGI3ZjM4NTI1ZTYyYzE1
ZGExOGMwHhcNMjQwMTAyMDAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYwMmJiNTc5OGUyZTlmMWZkZTQ5MmE0Mjk5OWNhMTMyMGQwZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz88/9XOZTR65dbsZOcMB5SjjgyM
lkwn3quEy5z8cPpK5j3E5ArlED7DcryM8aLNkwm9ewIqmDE1a5Bi2W49MYI3ddv8
2KPxneg+wt/zlACXxUcbAo4OMxr+C3q8VPcYH6qDpO877rOtno6pV8gaEScb0Wpb
I417k/ggGkYbDqg57SCKcdhL1NvVIEBbhC7eYwNDWP6r3SV91dcMmTvwUZxO/jdb
UgUliEfikv6bCNYMHYppYg2V7eSGdUT97tv38OnUmB6+H0rYuyNTvfANnkCIBS5l
nlry1OLfIbU7/eiIpv7XX3MLlL5kJ47AeRijcbbz4zvjJaWpAr6IkKBLUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNgK7V5ji6fH95JKkKZnKEyDQ+HMB8GA1UdIwQY
MBaAFHYw7uZNbBi4T5yLfzhSXmLBXaGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGpEdTVrMXNHTGhQbkl0X09GSmVZc0Zkb1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81MzY3NTgtNmJhNS00ZmNlLWI3NzQt
NWM0NWE0YWMyZjQ2LzEvazJBcnRYbU9McDhmM2trcVFwbWNvVElORDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81MzY3NTgtNmJhNS00ZmNlLWI3NzQtNWM0NWE0YWMyZjQ2
LzEvZGpEdTVrMXNHTGhQbkl0X09GSmVZc0Zkb1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATV/bMA0G
CSqGSIb3DQEBCwUAA4IBAQAZRtyhjWQl0vsdxBQH3V0ntkS8vdaY/Pv0A65Z4Gwb
Cdej+rz496YubP8U+iucHWnxo3w2xwel0+QaKwCO3/qyVacW3A24IDCBiSsM7Odl
dXZ2wB+Dq8e1eHWcpQn1RH13jidA6xxudixWtVeDeOvNmVNIIcUYFQg0cums5X/Z
WFsk5CPPdeZdOA9+328caNBqXREqwu3RQwmrNDqkhPAAwUgmCJGH6OSOHxWdek7K
GgZOgl1CgAFP44+/tcLuBdb61B42f5TWQKp2FhWR5YIXCwgX6uuNg3ZX9h9sZ2CQ
nx5UTbrAeGqcYow41RhWhvSeaWxG5Y7s3XG6hf6p8TQm
-----END CERTIFICATE-----
Generated at Mon Aug 19 14:03:26 2024 by rpki-client on console-fra.rpki-client.org