Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/1931cd-d77c-42d0-8022-c779e14dd089/1/noXd4qakdf4Skc_ew0AWMH5NUAQ.roa
File:                     noXd4qakdf4Skc_ew0AWMH5NUAQ.roa (raw, json)
Hash identifier:          bvvLzhXpJrgf4agLTBS94U8A4nuT8pBgGQ5ZLqJbnoM=
Subject key identifier:   9E:85:DD:E2:A6:A4:75:FE:12:91:CF:DE:C3:40:16:30:7E:4D:50:04
Certificate issuer:       /CN=5d0c9500834dd9e5c7bdc1f31ac58d7c1b2497f3
Certificate serial:       0D9CEB79
Authority key identifier: 5D:0C:95:00:83:4D:D9:E5:C7:BD:C1:F3:1A:C5:8D:7C:1B:24:97:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XQyVAINN2eXHvcHzGsWNfBskl_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/1931cd-d77c-42d0-8022-c779e14dd089/1/noXd4qakdf4Skc_ew0AWMH5NUAQ.roa
Signing time:             Sat 01 Jan 2022 02:53:23 +0000
ROA not before:           Sat 01 Jan 2022 02:53:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60787
IP address blocks:        185.25.190.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 228387705 (0xd9ceb79)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d0c9500834dd9e5c7bdc1f31ac58d7c1b2497f3
        Validity
            Not Before: Jan  1 02:53:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9e85dde2a6a475fe1291cfdec34016307e4d5004
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:7f:64:61:5e:71:fd:4c:aa:4d:5a:c9:65:3c:
                    1a:8f:35:30:d1:b8:a0:68:40:ec:1b:56:82:d2:71:
                    91:b8:1a:05:a9:be:9a:a7:ec:44:f9:9d:65:00:49:
                    04:e6:4a:35:05:f1:bc:a8:49:23:0d:85:f3:3b:16:
                    77:48:14:31:dc:fa:56:a3:4b:c6:55:1b:0f:c5:8d:
                    2e:28:12:69:de:c9:0f:49:4f:cc:eb:fb:f0:e0:01:
                    59:d9:5b:8e:30:33:6c:39:50:2e:e9:12:5e:84:3c:
                    b5:50:90:4f:3b:0e:3c:db:fe:9a:14:cd:1c:eb:aa:
                    2c:eb:85:b8:51:85:d0:fd:f6:f5:0b:ea:c5:e4:5f:
                    c7:ec:85:2a:78:05:bb:e6:d7:d1:57:0c:d9:f4:e6:
                    a4:bc:3a:3d:74:ba:48:39:22:14:1b:3e:76:18:5b:
                    f7:59:a2:c5:dd:82:59:1f:08:3a:43:61:72:51:f0:
                    d5:97:25:11:d3:2e:f9:29:3f:46:e1:1e:e1:90:e6:
                    09:27:fa:e0:38:2a:53:d6:87:e6:fc:84:8c:8a:86:
                    b9:e8:93:4e:5f:b2:4e:15:06:d3:37:94:c1:eb:31:
                    16:6e:f4:ff:5f:7c:74:aa:d0:cd:c3:2d:db:d2:52:
                    7a:ac:dd:de:1b:c2:e5:26:88:ca:3a:7d:70:00:46:
                    26:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:85:DD:E2:A6:A4:75:FE:12:91:CF:DE:C3:40:16:30:7E:4D:50:04
            X509v3 Authority Key Identifier:
                keyid:5D:0C:95:00:83:4D:D9:E5:C7:BD:C1:F3:1A:C5:8D:7C:1B:24:97:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQyVAINN2eXHvcHzGsWNfBskl_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/1931cd-d77c-42d0-8022-c779e14dd089/1/noXd4qakdf4Skc_ew0AWMH5NUAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/1931cd-d77c-42d0-8022-c779e14dd089/1/XQyVAINN2eXHvcHzGsWNfBskl_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.25.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         80:1e:82:f6:06:ed:19:4b:37:8d:3b:40:31:cb:15:12:49:47:
         67:e9:1d:e6:4f:48:a3:5c:fa:67:f1:9b:66:44:54:14:4b:e5:
         4c:88:c2:cc:5d:ba:ce:fb:2d:86:13:03:2b:77:a2:29:dd:b1:
         a2:80:bc:69:b9:63:63:d3:91:89:c4:8f:69:6e:d6:e5:9a:bb:
         04:8d:46:32:5a:e5:96:aa:44:3f:10:45:0d:87:c7:64:c9:96:
         04:f8:48:87:7c:b6:ca:71:55:dd:ff:00:9f:a6:42:a0:69:b5:
         98:72:36:bb:af:87:19:bc:ef:30:36:1f:2f:4a:4a:3d:fd:bb:
         c1:d5:a8:47:f9:2a:0d:0d:ed:c1:f2:4d:41:d0:4d:5d:10:60:
         90:c8:80:d3:2d:8b:83:c5:01:51:88:c2:e9:33:e0:5a:7d:ae:
         c9:d0:7d:d9:0e:1a:ae:a2:76:9d:8a:e8:e4:36:67:66:93:f3:
         d8:0a:84:69:df:b9:f0:77:11:a3:5f:da:d3:f0:00:61:c2:29:
         1a:5b:c0:6c:06:6c:7a:2e:cd:af:de:44:88:ce:fb:a9:c0:eb:
         d2:c4:0e:ab:61:36:2f:10:32:b0:27:9c:6e:52:dd:86:7d:a1:
         e4:c4:30:af:1b:0b:1f:9d:87:55:f6:dd:52:6b:fb:a5:c9:d3:
         26:a0:22:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDZzreTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDBjOTUwMDgzNGRkOWU1YzdiZGMxZjMxYWM1OGQ3YzFiMjQ5N2YzMB4XDTIyMDEw
MTAyNTMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU4NWRkZTJhNmE0
NzVmZTEyOTFjZmRlYzM0MDE2MzA3ZTRkNTAwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANl/ZGFecf1Mqk1ayWU8Go81MNG4oGhA7BtWgtJxkbgaBam+
mqfsRPmdZQBJBOZKNQXxvKhJIw2F8zsWd0gUMdz6VqNLxlUbD8WNLigSad7JD0lP
zOv78OABWdlbjjAzbDlQLukSXoQ8tVCQTzsOPNv+mhTNHOuqLOuFuFGF0P329Qvq
xeRfx+yFKngFu+bX0VcM2fTmpLw6PXS6SDkiFBs+dhhb91mixd2CWR8IOkNhclHw
1ZclEdMu+Sk/RuEe4ZDmCSf64DgqU9aH5vyEjIqGueiTTl+yThUG0zeUwesxFm70
/198dKrQzcMt29JSeqzd3hvC5SaIyjp9cABGJjsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSehd3ipqR1/hKRz97DQBYwfk1QBDAfBgNVHSMEGDAWgBRdDJUAg03Z5ce9
wfMaxY18GySX8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hReVZBSU5OMmVYSHZjSHpHc1dOZkJza2xfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvMTkzMWNkLWQ3N2MtNDJkMC04MDIyLWM3NzllMTRkZDA4OS8x
L25vWGQ0cWFrZGY0U2tjX2V3MEFXTUg1TlVBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
MTkzMWNkLWQ3N2MtNDJkMC04MDIyLWM3NzllMTRkZDA4OS8xL1hReVZBSU5OMmVY
SHZjSHpHc1dOZkJza2xfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkZvjANBgkqhkiG9w0BAQsFAAOC
AQEAgB6C9gbtGUs3jTtAMcsVEklHZ+kd5k9Io1z6Z/GbZkRUFEvlTIjCzF26zvst
hhMDK3eiKd2xooC8abljY9ORicSPaW7W5Zq7BI1GMlrllqpEPxBFDYfHZMmWBPhI
h3y2ynFV3f8An6ZCoGm1mHI2u6+HGbzvMDYfL0pKPf27wdWoR/kqDQ3twfJNQdBN
XRBgkMiA0y2Lg8UBUYjC6TPgWn2uydB92Q4arqJ2nYro5DZnZpPz2AqEad+58HcR
o1/a0/AAYcIpGlvAbAZsei7Nr95EiM77qcDr0sQOq2E2LxAysCecblLdhn2h5MQw
rxsLH52HVfbdUmv7pcnTJqAiRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:43 2024 by rpki-client on console-fra.rpki-client.org