Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d12538-2b32-464e-b517-708ecf91c657/1/bBqKH9pXy6leKEeknB5A31m8sj0.roa
File:                     bBqKH9pXy6leKEeknB5A31m8sj0.roa (raw, json)
Hash identifier:          1ZhmqyuMulGCUNWbfGKw7zMAplapUPxzlPDJb3ssoBI=
Subject key identifier:   6C:1A:8A:1F:DA:57:CB:A9:5E:28:47:A4:9C:1E:40:DF:59:BC:B2:3D
Certificate issuer:       /CN=7d9a0a5b6861e3eece6e56e18ca4ba605de656f1
Certificate serial:       01879FBD9EE114592517F37C07A6A3A61F54
Authority key identifier: 7D:9A:0A:5B:68:61:E3:EE:CE:6E:56:E1:8C:A4:BA:60:5D:E6:56:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fZoKW2hh4-7OblbhjKS6YF3mVvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d12538-2b32-464e-b517-708ecf91c657/1/bBqKH9pXy6leKEeknB5A31m8sj0.roa
Signing time:             Thu 20 Apr 2023 17:36:56 +0000
ROA not before:           Thu 20 Apr 2023 17:36:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47584
IP address blocks:        185.225.9.0/24 maxlen: 24
                          2a10:9e80::/29 maxlen: 29

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:bd:9e:e1:14:59:25:17:f3:7c:07:a6:a3:a6:1f:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d9a0a5b6861e3eece6e56e18ca4ba605de656f1
        Validity
            Not Before: Apr 20 17:36:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c1a8a1fda57cba95e2847a49c1e40df59bcb23d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:78:d5:78:e6:95:bf:d0:7e:90:7d:ff:ac:f7:
                    2b:e4:99:ac:25:bd:8c:ca:7c:c4:ff:83:b8:49:e9:
                    5b:53:e5:14:cf:d1:a2:03:d8:f5:2c:9b:8e:41:cc:
                    06:c8:62:6c:f3:a3:45:3a:eb:92:af:61:83:36:fc:
                    2d:a1:8d:1c:13:77:46:01:56:52:60:ae:1d:78:49:
                    2b:c8:17:40:fd:22:28:86:19:59:98:e8:e0:61:45:
                    c5:6e:5f:d7:9f:63:7c:d6:59:c1:bf:f2:b5:7d:4a:
                    a6:fa:a7:5c:a6:d1:d0:f7:1a:d5:cc:3f:97:f3:98:
                    67:1f:13:9e:e5:f5:7d:b5:d5:65:27:49:9b:a1:a5:
                    76:b9:af:e9:ec:07:96:6a:81:cf:88:35:12:bf:9e:
                    79:cf:b1:5f:28:8b:01:ad:b0:cf:18:8c:a3:f1:69:
                    29:58:ae:9f:16:4f:50:7c:80:2a:b3:82:29:f0:e4:
                    68:7e:aa:4c:65:36:2a:b1:14:a7:13:88:09:13:6a:
                    7c:ee:83:0a:6c:0d:3b:c6:d6:83:51:d1:bb:29:41:
                    f3:24:60:8d:28:84:0f:93:9b:9e:74:9f:44:08:14:
                    11:2f:7d:58:ae:56:da:54:33:b1:b2:47:31:0e:38:
                    fc:30:25:dd:db:c7:95:8d:e9:bb:09:e9:b3:d6:77:
                    08:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:1A:8A:1F:DA:57:CB:A9:5E:28:47:A4:9C:1E:40:DF:59:BC:B2:3D
            X509v3 Authority Key Identifier:
                keyid:7D:9A:0A:5B:68:61:E3:EE:CE:6E:56:E1:8C:A4:BA:60:5D:E6:56:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZoKW2hh4-7OblbhjKS6YF3mVvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d12538-2b32-464e-b517-708ecf91c657/1/bBqKH9pXy6leKEeknB5A31m8sj0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d12538-2b32-464e-b517-708ecf91c657/1/fZoKW2hh4-7OblbhjKS6YF3mVvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.9.0/24
                IPv6:
                  2a10:9e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         58:49:20:a9:b8:96:99:a7:36:1f:1f:e0:fb:fe:50:2e:49:ee:
         d8:5b:18:29:16:7a:cf:50:ee:e7:b6:1e:11:15:61:94:b6:13:
         30:b9:60:aa:91:a1:d0:5b:5d:1f:80:98:40:7e:ff:6d:8d:0a:
         bc:7b:db:26:4e:c6:6c:d8:a3:cf:2d:90:a5:66:7e:80:9b:54:
         bc:e5:a1:c4:e5:40:5e:12:66:5b:aa:c7:48:ba:1a:f2:1f:b2:
         df:f4:bb:54:b5:19:25:84:e5:7c:0f:a9:51:65:37:c3:7d:ca:
         1f:b6:6d:d3:d9:cb:74:e2:3b:ab:aa:13:8c:81:b7:c9:3b:a8:
         36:2c:23:2f:47:8b:26:78:cc:c2:27:b8:f0:05:6d:e8:90:d1:
         6c:d6:5b:02:e7:ec:30:29:8d:df:ed:8b:08:cf:48:e7:9a:43:
         ff:0e:38:33:40:ee:a4:4d:91:07:b4:ea:bd:3d:29:58:af:e4:
         3a:cd:87:26:06:fb:5e:df:8f:7c:32:96:34:f3:c8:56:0b:7e:
         93:df:ec:a8:f2:a5:7d:0a:69:24:fe:00:f7:7b:5a:78:19:02:
         36:79:f6:cb:d8:6e:44:29:e2:d0:14:ce:0b:2d:b9:0f:7c:b2:
         71:7c:6b:08:0d:91:24:e8:55:8e:fd:9c:fd:45:91:27:38:f5:
         07:89:7c:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYefvZ7hFFklF/N8B6ajph9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOWEwYTViNjg2MWUzZWVjZTZlNTZlMThjYTRiYTYwNWRl
NjU2ZjEwHhcNMjMwNDIwMTczNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFhOGExZmRhNTdjYmE5NWUyODQ3YTQ5YzFlNDBkZjU5YmNiMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3jVeOaVv9B+kH3/rPcr5JmsJb2M
ynzE/4O4SelbU+UUz9GiA9j1LJuOQcwGyGJs86NFOuuSr2GDNvwtoY0cE3dGAVZS
YK4deEkryBdA/SIohhlZmOjgYUXFbl/Xn2N81lnBv/K1fUqm+qdcptHQ9xrVzD+X
85hnHxOe5fV9tdVlJ0mboaV2ua/p7AeWaoHPiDUSv555z7FfKIsBrbDPGIyj8Wkp
WK6fFk9QfIAqs4Ip8ORofqpMZTYqsRSnE4gJE2p87oMKbA07xtaDUdG7KUHzJGCN
KIQPk5uedJ9ECBQRL31YrlbaVDOxskcxDjj8MCXd28eVjem7Cemz1ncIBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGwaih/aV8upXihHpJweQN9ZvLI9MB8GA1UdIwQY
MBaAFH2aCltoYePuzm5W4YykumBd5lbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpvS1cyaGg0LTdPYmxiaGpLUzZZRjNtVnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTI1MzgtMmIzMi00NjRlLWI1MTct
NzA4ZWNmOTFjNjU3LzEvYkJxS0g5cFh5NmxlS0Vla25CNUEzMW04c2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTI1MzgtMmIzMi00NjRlLWI1MTctNzA4ZWNmOTFjNjU3
LzEvZlpvS1cyaGg0LTdPYmxiaGpLUzZZRjNtVnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueEJMA0E
AgACMAcDBQMqEJ6AMA0GCSqGSIb3DQEBCwUAA4IBAQBYSSCpuJaZpzYfH+D7/lAu
Se7YWxgpFnrPUO7nth4RFWGUthMwuWCqkaHQW10fgJhAfv9tjQq8e9smTsZs2KPP
LZClZn6Am1S85aHE5UBeEmZbqsdIuhryH7Lf9LtUtRklhOV8D6lRZTfDfcoftm3T
2ct04jurqhOMgbfJO6g2LCMvR4smeMzCJ7jwBW3okNFs1lsC5+wwKY3f7YsIz0jn
mkP/DjgzQO6kTZEHtOq9PSlYr+Q6zYcmBvte3498MpY088hWC36T3+yo8qV9Cmkk
/gD3e1p4GQI2efbL2G5EKeLQFM4LLbkPfLJxfGsIDZEk6FWO/Zz9RZEnOPUHiXz2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:44 2024 by rpki-client on console-fra.rpki-client.org