Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/GxyFBXAkc5ePAtqFXmAboqLotHw.roa
File:                     GxyFBXAkc5ePAtqFXmAboqLotHw.roa (raw, json)
Hash identifier:          uYaUvx+HBAiJned0NRfNwpWoGBKpS3GTXLI0jqOyRCU=
Subject key identifier:   1B:1C:85:05:70:24:73:97:8F:02:DA:85:5E:60:1B:A2:A2:E8:B4:7C
Certificate issuer:       /CN=b3b3db924602be529903dfc65663b7eaad78571d
Certificate serial:       06B76C19
Authority key identifier: B3:B3:DB:92:46:02:BE:52:99:03:DF:C6:56:63:B7:EA:AD:78:57:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s7PbkkYCvlKZA9_GVmO36q14Vx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/GxyFBXAkc5ePAtqFXmAboqLotHw.roa
Signing time:             Fri 20 May 2022 06:42:28 +0000
ROA not before:           Fri 20 May 2022 06:42:28 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     47119
IP address blocks:        188.191.112.0/22 maxlen: 22
                          188.191.112.0/23 maxlen: 23
                          188.191.118.0/23 maxlen: 23
                          188.191.116.0/22 maxlen: 22
                          188.191.116.0/23 maxlen: 23
                          188.191.114.0/23 maxlen: 23
                          188.191.112.0/21 maxlen: 21
                          188.191.112.0/20 maxlen: 20
                          188.191.124.0/23 maxlen: 23
                          188.191.124.0/22 maxlen: 22
                          188.191.122.0/23 maxlen: 23
                          188.191.120.0/23 maxlen: 23
                          188.191.120.0/22 maxlen: 22
                          188.191.126.0/23 maxlen: 23
                          79.174.36.0/23 maxlen: 23
                          79.174.32.0/23 maxlen: 23
                          79.174.32.0/22 maxlen: 22
                          79.174.32.0/24 maxlen: 24
                          79.174.34.0/24 maxlen: 24
                          79.174.33.0/24 maxlen: 24
                          79.174.34.0/23 maxlen: 23
                          79.174.32.0/20 maxlen: 20
                          79.174.32.0/19 maxlen: 19
                          79.174.38.0/24 maxlen: 24
                          79.174.37.0/24 maxlen: 24
                          79.174.36.0/22 maxlen: 22
                          79.174.36.0/24 maxlen: 24
                          79.174.35.0/24 maxlen: 24
                          79.174.42.0/24 maxlen: 24
                          79.174.39.0/24 maxlen: 24
                          79.174.38.0/23 maxlen: 23
                          79.174.44.0/23 maxlen: 23
                          79.174.44.0/22 maxlen: 22
                          79.174.44.0/24 maxlen: 24
                          79.174.43.0/24 maxlen: 24
                          79.174.42.0/23 maxlen: 23
                          79.174.41.0/24 maxlen: 24
                          79.174.40.0/23 maxlen: 23
                          79.174.40.0/24 maxlen: 24
                          79.174.40.0/22 maxlen: 22
                          79.174.48.0/20 maxlen: 20
                          79.174.51.0/24 maxlen: 24
                          79.174.50.0/23 maxlen: 23
                          79.174.50.0/24 maxlen: 24
                          79.174.49.0/24 maxlen: 24
                          79.174.48.0/24 maxlen: 24
                          79.174.48.0/23 maxlen: 23
                          79.174.48.0/22 maxlen: 22
                          79.174.46.0/24 maxlen: 24
                          79.174.46.0/23 maxlen: 23
                          79.174.45.0/24 maxlen: 24
                          79.174.52.0/24 maxlen: 24
                          79.174.53.0/24 maxlen: 24
                          79.174.52.0/23 maxlen: 23
                          79.174.52.0/22 maxlen: 22
                          79.174.58.0/23 maxlen: 23
                          79.174.56.0/24 maxlen: 24
                          79.174.55.0/24 maxlen: 24
                          79.174.58.0/24 maxlen: 24
                          79.174.57.0/24 maxlen: 24
                          79.174.56.0/22 maxlen: 22
                          79.174.56.0/23 maxlen: 23
                          79.174.54.0/24 maxlen: 24
                          79.174.54.0/23 maxlen: 23
                          79.174.60.0/24 maxlen: 24
                          79.174.60.0/22 maxlen: 22
                          79.174.60.0/23 maxlen: 23
                          79.174.59.0/24 maxlen: 24
                          79.174.63.0/24 maxlen: 24
                          79.174.62.0/24 maxlen: 24
                          79.174.62.0/23 maxlen: 23
                          79.174.61.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112684057 (0x6b76c19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3b3db924602be529903dfc65663b7eaad78571d
        Validity
            Not Before: May 20 06:42:28 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1b1c8505702473978f02da855e601ba2a2e8b47c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:d5:e0:53:e1:21:9c:05:7d:6d:ba:21:dc:c1:
                    10:02:77:15:66:b0:01:d2:67:1e:c0:ae:60:fd:e9:
                    45:ef:33:75:a5:9b:1b:9c:1f:06:7d:18:18:dc:de:
                    30:2d:d1:62:b1:9c:78:95:04:5f:4f:2d:61:13:65:
                    10:6d:c9:05:ac:3b:58:76:ca:7d:62:9f:23:26:13:
                    69:2d:b0:d8:b4:9b:b1:4a:a5:6f:7d:ca:00:36:c2:
                    d4:c2:83:4f:aa:b8:fa:e6:32:ca:72:27:0d:2e:81:
                    a0:22:b1:5f:61:08:91:2a:26:0e:61:4a:66:74:6c:
                    58:c4:f3:45:74:f1:ec:07:c7:03:44:bc:66:69:80:
                    59:2a:55:08:04:be:9c:61:01:f8:30:74:04:10:34:
                    2b:34:a3:0e:bc:40:7a:10:4b:75:b1:66:4f:9b:fc:
                    26:b1:b9:05:00:54:8a:59:b5:2d:01:fb:00:13:df:
                    d1:83:83:d2:af:39:28:9d:37:37:5e:07:1a:cd:80:
                    1e:dc:07:c3:c8:83:62:98:bb:18:ec:ce:8c:ea:7a:
                    a1:32:07:4a:50:49:90:4d:3e:14:5c:fc:c0:c5:42:
                    e6:f0:fa:8d:cf:94:04:e4:95:d2:4c:7c:b7:08:8f:
                    69:bf:76:ae:46:c7:88:83:1d:7c:09:55:d6:d0:51:
                    94:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:1C:85:05:70:24:73:97:8F:02:DA:85:5E:60:1B:A2:A2:E8:B4:7C
            X509v3 Authority Key Identifier:
                keyid:B3:B3:DB:92:46:02:BE:52:99:03:DF:C6:56:63:B7:EA:AD:78:57:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7PbkkYCvlKZA9_GVmO36q14Vx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/GxyFBXAkc5ePAtqFXmAboqLotHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/s7PbkkYCvlKZA9_GVmO36q14Vx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.174.32.0/19
                  188.191.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1c:9e:b3:57:34:45:7e:76:49:77:28:49:06:32:ad:29:f8:d4:
         db:1e:6e:c7:ce:f3:37:c0:a6:e1:84:ae:10:6c:ce:b9:e3:18:
         b0:9a:1a:00:78:3f:26:e6:06:11:18:35:8b:ce:08:cb:52:16:
         33:6f:e0:58:11:13:83:08:f4:6b:24:f2:92:36:f1:e7:74:38:
         af:28:2d:8e:f2:d2:ca:d2:e2:09:84:07:f8:f4:bc:89:b5:fb:
         1c:b2:e7:12:bf:84:33:c1:87:e7:33:70:61:38:96:b2:6b:71:
         11:3f:2c:a0:46:7d:ec:8b:15:76:fc:66:83:17:e0:43:98:36:
         17:26:d5:fd:37:4a:b4:ff:30:ac:d7:3a:a1:4c:48:58:5e:ef:
         ba:c9:90:b1:9f:e5:24:b2:1c:49:2c:28:eb:96:f0:e1:e4:61:
         8a:39:02:84:a0:34:83:63:97:2e:f9:be:4f:5e:4a:10:5d:21:
         46:b7:a8:32:cb:18:18:b5:01:db:b6:2e:f5:0f:d8:75:95:c5:
         57:87:44:3d:bc:87:dd:6e:99:a7:ff:47:0e:2a:dd:f7:25:c0:
         bd:01:ac:3c:1a:9c:13:47:65:a3:f2:eb:3c:be:29:88:42:ce:
         c9:72:c7:8b:dd:df:cc:17:cd:4d:02:0b:67:52:87:2f:3e:9e:
         ee:8f:51:b2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBrdsGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2IzZGI5MjQ2MDJiZTUyOTkwM2RmYzY1NjYzYjdlYWFkNzg1NzFkMB4XDTIyMDUy
MDA2NDIyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWIxYzg1MDU3MDI0
NzM5NzhmMDJkYTg1NWU2MDFiYTJhMmU4YjQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO/V4FPhIZwFfW26IdzBEAJ3FWawAdJnHsCuYP3pRe8zdaWb
G5wfBn0YGNzeMC3RYrGceJUEX08tYRNlEG3JBaw7WHbKfWKfIyYTaS2w2LSbsUql
b33KADbC1MKDT6q4+uYyynInDS6BoCKxX2EIkSomDmFKZnRsWMTzRXTx7AfHA0S8
ZmmAWSpVCAS+nGEB+DB0BBA0KzSjDrxAehBLdbFmT5v8JrG5BQBUilm1LQH7ABPf
0YOD0q85KJ03N14HGs2AHtwHw8iDYpi7GOzOjOp6oTIHSlBJkE0+FFz8wMVC5vD6
jc+UBOSV0kx8twiPab92rkbHiIMdfAlV1tBRlBUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQbHIUFcCRzl48C2oVeYBuioui0fDAfBgNVHSMEGDAWgBSzs9uSRgK+UpkD
38ZWY7fqrXhXHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M3UGJra1lDdmxLWkE5X0dWbU8zNnExNFZ4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvZmU0M2JjLTc1ZTEtNDhkYS04Y2RlLTY4MjIyZmFiMWJmYi8x
L0d4eUZCWEFrYzVlUEF0cUZYbUFib3FMb3RIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
ZmU0M2JjLTc1ZTEtNDhkYS04Y2RlLTY4MjIyZmFiMWJmYi8xL3M3UGJra1lDdmxL
WkE5X0dWbU8zNnExNFZ4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBU+uIAMEBLy/cDANBgkqhkiG9w0B
AQsFAAOCAQEAHJ6zVzRFfnZJdyhJBjKtKfjU2x5ux87zN8Cm4YSuEGzOueMYsJoa
AHg/JuYGERg1i84Iy1IWM2/gWBETgwj0ayTykjbx53Q4rygtjvLSytLiCYQH+PS8
ibX7HLLnEr+EM8GH5zNwYTiWsmtxET8soEZ97IsVdvxmgxfgQ5g2FybV/TdKtP8w
rNc6oUxIWF7vusmQsZ/lJLIcSSwo65bw4eRhijkChKA0g2OXLvm+T15KEF0hRreo
MssYGLUB27Yu9Q/YdZXFV4dEPbyH3W6Zp/9HDird9yXAvQGsPBqcE0dlo/LrPL4p
iELOyXLHi93fzBfNTQILZ1KHLz6e7o9Rsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:53 2024 by rpki-client on console-ams.rpki-client.org