Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cd1a24-67b1-4b4e-931e-4994fa74dfdd/1/32WnAscrtOPxpL6ZmMmgUShpLxQ.roa
File:                     32WnAscrtOPxpL6ZmMmgUShpLxQ.roa (raw, json)
Hash identifier:          dOIf0B0BvC7lA2NitCNsHDJCMXJNbRd00aziVLsYU2Q=
Subject key identifier:   DF:65:A7:02:C7:2B:B4:E3:F1:A4:BE:99:98:C9:A0:51:28:69:2F:14
Certificate issuer:       /CN=63d5b775375496e63d79edb42b7d7cf40bb6c1f8
Certificate serial:       02340B30
Authority key identifier: 63:D5:B7:75:37:54:96:E6:3D:79:ED:B4:2B:7D:7C:F4:0B:B6:C1:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y9W3dTdUluY9ee20K3189Au2wfg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/cd1a24-67b1-4b4e-931e-4994fa74dfdd/1/32WnAscrtOPxpL6ZmMmgUShpLxQ.roa
Signing time:             Sat 01 Jan 2022 11:04:59 +0000
ROA not before:           Sat 01 Jan 2022 11:04:59 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     63473
IP address blocks:        194.29.101.0/24 maxlen: 24
                          194.29.100.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36965168 (0x2340b30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63d5b775375496e63d79edb42b7d7cf40bb6c1f8
        Validity
            Not Before: Jan  1 11:04:59 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=df65a702c72bb4e3f1a4be9998c9a05128692f14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:63:e0:25:cf:60:95:6d:7b:03:d4:71:5f:b6:
                    f4:f7:bb:5a:d5:f0:4c:c7:31:f2:5c:71:3b:86:8a:
                    74:72:eb:11:1b:15:c8:c4:67:01:18:6d:c3:fb:db:
                    88:a9:8a:e0:b0:7a:d2:51:50:d4:c4:c0:63:5a:c8:
                    1f:19:12:8c:c3:9a:a5:f7:d4:e1:c7:63:f5:d5:e3:
                    d1:61:a0:e2:a1:b3:2b:84:42:77:41:ee:44:1e:27:
                    06:a0:73:29:b4:63:74:0c:36:17:35:b5:df:62:80:
                    4d:71:4c:07:5f:36:d9:45:61:db:7a:bd:dd:1a:c0:
                    4b:7a:2c:2e:f2:1c:0e:40:b2:73:89:2b:6f:99:29:
                    4b:92:d4:e5:12:3c:ed:75:9b:67:78:f0:9a:44:ca:
                    65:2a:22:3e:d6:02:19:2a:a0:13:c8:d0:45:1f:32:
                    22:09:b6:65:ee:65:23:05:7c:65:81:be:c4:f7:71:
                    65:75:b9:0e:4f:fd:fe:16:ff:42:fd:d4:20:0e:87:
                    ca:d6:ee:ec:6f:9f:2e:db:7e:8e:8f:a1:d8:94:92:
                    b0:61:6b:73:e5:3b:86:bf:e1:13:df:bf:f4:1e:07:
                    20:0d:d0:e2:0c:76:ba:3f:60:5a:a5:e0:3e:0c:80:
                    72:fa:50:64:5c:74:c8:ba:22:34:1c:f5:b4:f7:58:
                    37:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:65:A7:02:C7:2B:B4:E3:F1:A4:BE:99:98:C9:A0:51:28:69:2F:14
            X509v3 Authority Key Identifier:
                keyid:63:D5:B7:75:37:54:96:E6:3D:79:ED:B4:2B:7D:7C:F4:0B:B6:C1:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9W3dTdUluY9ee20K3189Au2wfg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cd1a24-67b1-4b4e-931e-4994fa74dfdd/1/32WnAscrtOPxpL6ZmMmgUShpLxQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cd1a24-67b1-4b4e-931e-4994fa74dfdd/1/Y9W3dTdUluY9ee20K3189Au2wfg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.29.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         42:e1:11:24:80:22:96:86:2b:18:e0:e7:5c:fa:5f:38:84:e3:
         78:ab:18:46:99:a3:17:57:1b:b3:33:33:aa:5f:1e:3c:ac:c5:
         2d:30:c7:13:16:ba:31:e4:8c:04:d6:30:f3:92:1c:f7:be:aa:
         a0:25:ad:ae:f7:79:17:b2:13:52:07:a8:16:c3:9b:2d:2c:00:
         2c:ff:f8:93:ef:d0:56:a0:cc:90:be:07:dd:cc:88:ad:9a:ed:
         70:3b:5e:0f:74:a3:c1:b2:0d:f6:ee:16:f7:bf:3d:db:ac:d5:
         f7:28:fd:ce:dc:25:10:74:94:84:13:2b:c9:da:2a:fb:a3:88:
         5d:30:32:6e:90:86:d5:76:47:8f:97:94:ff:5f:9f:b8:e6:02:
         20:e5:2c:14:f5:9f:87:5d:ed:9c:c2:a9:aa:36:90:db:cc:4d:
         12:eb:87:85:e6:e8:fb:03:27:41:31:af:54:15:2b:b7:7c:67:
         1a:00:34:4b:73:01:86:a4:ad:80:c1:f1:7f:3e:55:25:0d:61:
         23:14:5a:03:7b:eb:1f:60:26:0d:81:30:39:c8:f8:08:2d:8f:
         16:23:44:df:a8:7b:80:f5:78:8a:e4:c2:77:6d:69:4e:99:43:
         8c:b5:31:91:72:66:6d:d7:86:a2:4d:29:d2:97:86:d5:eb:13:
         c6:7f:08:c1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAjQLMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2Q1Yjc3NTM3NTQ5NmU2M2Q3OWVkYjQyYjdkN2NmNDBiYjZjMWY4MB4XDTIyMDEw
MTExMDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY2NWE3MDJjNzJi
YjRlM2YxYTRiZTk5OThjOWEwNTEyODY5MmYxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOdj4CXPYJVtewPUcV+29Pe7WtXwTMcx8lxxO4aKdHLrERsV
yMRnARhtw/vbiKmK4LB60lFQ1MTAY1rIHxkSjMOapffU4cdj9dXj0WGg4qGzK4RC
d0HuRB4nBqBzKbRjdAw2FzW132KATXFMB1822UVh23q93RrAS3osLvIcDkCyc4kr
b5kpS5LU5RI87XWbZ3jwmkTKZSoiPtYCGSqgE8jQRR8yIgm2Ze5lIwV8ZYG+xPdx
ZXW5Dk/9/hb/Qv3UIA6Hytbu7G+fLtt+jo+h2JSSsGFrc+U7hr/hE9+/9B4HIA3Q
4gx2uj9gWqXgPgyAcvpQZFx0yLoiNBz1tPdYN9MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfZacCxyu04/GkvpmYyaBRKGkvFDAfBgNVHSMEGDAWgBRj1bd1N1SW5j15
7bQrfXz0C7bB+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1k5VzNkVGRVbHVZOWVlMjBLMzE4OUF1MndmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvY2QxYTI0LTY3YjEtNGI0ZS05MzFlLTQ5OTRmYTc0ZGZkZC8x
LzMyV25Bc2NydE9QeHBMNlptTW1nVVNocEx4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
Y2QxYTI0LTY3YjEtNGI0ZS05MzFlLTQ5OTRmYTc0ZGZkZC8xL1k5VzNkVGRVbHVZ
OWVlMjBLMzE4OUF1MndmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIdZDANBgkqhkiG9w0BAQsFAAOC
AQEAQuERJIAiloYrGODnXPpfOITjeKsYRpmjF1cbszMzql8ePKzFLTDHExa6MeSM
BNYw85Ic976qoCWtrvd5F7ITUgeoFsObLSwALP/4k+/QVqDMkL4H3cyIrZrtcDte
D3SjwbIN9u4W978926zV9yj9ztwlEHSUhBMrydoq+6OIXTAybpCG1XZHj5eU/1+f
uOYCIOUsFPWfh13tnMKpqjaQ28xNEuuHhebo+wMnQTGvVBUrt3xnGgA0S3MBhqSt
gMHxfz5VJQ1hIxRaA3vrH2AmDYEwOcj4CC2PFiNE36h7gPV4iuTCd21pTplDjLUx
kXJmbdeGok0p0peG1esTxn8IwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:51 2024 by rpki-client on console-ams.rpki-client.org