Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/D9KzO_nBs7qnYkvnAeCiPB9l8yc.roa
File:                     D9KzO_nBs7qnYkvnAeCiPB9l8yc.roa (raw, json)
Hash identifier:          GNHjIivgK151DOUUHVcvAKGgaxCXAUVtC4PDir3jE20=
Subject key identifier:   0F:D2:B3:3B:F9:C1:B3:BA:A7:62:4B:E7:01:E0:A2:3C:1F:65:F3:27
Certificate issuer:       /CN=094875f406795db42a0179df1fbfc5d69ae712ee
Certificate serial:       01856D1CCFCB5E53228F66206D5C1E25E647
Authority key identifier: 09:48:75:F4:06:79:5D:B4:2A:01:79:DF:1F:BF:C5:D6:9A:E7:12:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUh19AZ5XbQqAXnfH7_F1prnEu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/D9KzO_nBs7qnYkvnAeCiPB9l8yc.roa
Signing time:             Sun 01 Jan 2023 11:34:42 +0000
ROA not before:           Sun 01 Jan 2023 11:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209737
IP address blocks:        213.139.84.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:1c:cf:cb:5e:53:22:8f:66:20:6d:5c:1e:25:e6:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094875f406795db42a0179df1fbfc5d69ae712ee
        Validity
            Not Before: Jan  1 11:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fd2b33bf9c1b3baa7624be701e0a23c1f65f327
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:34:89:ef:eb:24:02:d1:00:8d:a5:8e:df:2f:
                    d7:07:6c:b2:bb:a2:a6:3d:8b:a9:a7:77:1c:e4:d2:
                    b4:b5:52:4e:e1:8d:be:0a:73:f4:22:08:15:da:c7:
                    e4:04:3a:bf:a2:dd:3e:e6:7d:bf:dc:24:e5:ab:4a:
                    1a:23:04:80:4a:de:7c:da:03:cb:f1:8b:25:20:ce:
                    71:bc:e7:0c:ce:45:21:d7:af:b9:45:fb:0e:e8:37:
                    4f:33:0a:58:94:f2:25:84:d2:99:01:67:f2:a1:06:
                    4d:f9:0b:32:ce:5a:01:7f:d5:0f:d2:d6:52:d9:e7:
                    c9:f5:ad:93:cf:64:c7:98:b6:ef:ca:7b:86:5a:fc:
                    88:b8:be:bb:25:21:16:6d:d9:f8:bc:6a:47:34:c3:
                    eb:07:10:70:da:40:e4:c1:d3:30:e8:ea:ea:1a:a3:
                    91:c3:07:6b:14:ce:6c:21:07:51:a3:45:67:0e:92:
                    7d:e1:b7:08:45:7a:d6:3f:61:2b:9d:9b:85:d5:d8:
                    0f:25:64:39:5e:f9:ac:f7:a5:1a:50:b3:4b:67:fa:
                    de:55:02:cf:20:78:1b:b5:6a:fa:2f:9c:26:72:f5:
                    56:1a:c9:48:93:a0:92:65:c3:ab:e5:cd:d3:8f:22:
                    3a:f9:4d:e6:5a:34:4b:34:7a:dd:ed:0b:13:0c:ca:
                    9c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:D2:B3:3B:F9:C1:B3:BA:A7:62:4B:E7:01:E0:A2:3C:1F:65:F3:27
            X509v3 Authority Key Identifier:
                keyid:09:48:75:F4:06:79:5D:B4:2A:01:79:DF:1F:BF:C5:D6:9A:E7:12:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUh19AZ5XbQqAXnfH7_F1prnEu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/D9KzO_nBs7qnYkvnAeCiPB9l8yc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/CUh19AZ5XbQqAXnfH7_F1prnEu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.139.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:8a:5b:08:72:cd:50:59:d3:03:e5:df:92:61:d1:10:5a:9b:
         59:e1:72:de:bb:7e:ae:a9:7e:65:9c:1d:ea:ee:9d:8a:c1:70:
         75:6d:07:aa:d8:c0:09:65:53:63:b1:77:5a:af:b0:61:72:8e:
         a9:7b:8c:66:d7:bf:55:3b:c0:32:a4:62:fe:49:4e:8a:2e:14:
         7d:3e:bc:97:14:16:84:2e:8f:2a:af:ca:3c:cb:16:11:42:8f:
         97:55:c6:7c:32:0a:c4:92:e5:f2:63:2e:6c:8f:7e:1f:5b:95:
         35:a6:ac:85:14:6d:6e:9b:bf:93:4f:e9:72:fe:27:9e:bd:09:
         d9:b5:d8:27:46:35:26:49:13:6e:84:de:04:16:0e:ed:9b:13:
         75:a9:f2:31:f1:9f:f3:68:9b:9d:95:53:5c:0b:a7:55:f2:96:
         d0:41:c7:da:ed:52:50:ca:a4:d0:a9:12:c0:57:fd:51:a2:07:
         a0:e0:32:38:d1:07:c0:80:fb:cf:71:99:36:d2:02:46:fb:a5:
         7d:44:71:00:17:ec:2d:5b:98:3f:ed:c2:61:97:81:7e:19:34:
         58:c8:14:49:4c:6f:95:49:97:55:f6:36:8b:f6:cd:8d:07:93:
         ce:7f:76:43:d8:ba:59:1b:88:fb:81:ea:69:9b:88:b8:6a:23:
         60:fb:56:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtHM/LXlMij2YgbVweJeZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDg3NWY0MDY3OTVkYjQyYTAxNzlkZjFmYmZjNWQ2OWFl
NzEyZWUwHhcNMjMwMTAxMTEzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQyYjMzYmY5YzFiM2JhYTc2MjRiZTcwMWUwYTIzYzFmNjVmMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzSJ7+skAtEAjaWO3y/XB2yyu6Km
PYupp3cc5NK0tVJO4Y2+CnP0IggV2sfkBDq/ot0+5n2/3CTlq0oaIwSASt582gPL
8YslIM5xvOcMzkUh16+5RfsO6DdPMwpYlPIlhNKZAWfyoQZN+QsyzloBf9UP0tZS
2efJ9a2Tz2THmLbvynuGWvyIuL67JSEWbdn4vGpHNMPrBxBw2kDkwdMw6OrqGqOR
wwdrFM5sIQdRo0VnDpJ94bcIRXrWP2ErnZuF1dgPJWQ5Xvms96UaULNLZ/reVQLP
IHgbtWr6L5wmcvVWGslIk6CSZcOr5c3TjyI6+U3mWjRLNHrd7QsTDMqcmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/Sszv5wbO6p2JL5wHgojwfZfMnMB8GA1UdIwQY
MBaAFAlIdfQGeV20KgF53x+/xdaa5xLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VoMTlBWjVYYlFxQVhuZkg3X0YxcHJuRXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zMzZhYWItNGU4Ny00ZDI3LWI0NzUt
ODY0NTgwZDAyZjgxLzEvRDlLek9fbkJzN3FuWWt2bkFlQ2lQQjlsOHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zMzZhYWItNGU4Ny00ZDI3LWI0NzUtODY0NTgwZDAyZjgx
LzEvQ1VoMTlBWjVYYlFxQVhuZkg3X0YxcHJuRXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1YtUMA0G
CSqGSIb3DQEBCwUAA4IBAQAiilsIcs1QWdMD5d+SYdEQWptZ4XLeu36uqX5lnB3q
7p2KwXB1bQeq2MAJZVNjsXdar7Bhco6pe4xm179VO8AypGL+SU6KLhR9PryXFBaE
Lo8qr8o8yxYRQo+XVcZ8MgrEkuXyYy5sj34fW5U1pqyFFG1um7+TT+ly/ieevQnZ
tdgnRjUmSRNuhN4EFg7tmxN1qfIx8Z/zaJudlVNcC6dV8pbQQcfa7VJQyqTQqRLA
V/1Rogeg4DI40QfAgPvPcZk20gJG+6V9RHEAF+wtW5g/7cJhl4F+GTRYyBRJTG+V
SZdV9jaL9s2NB5POf3ZD2LpZG4j7geppm4i4aiNg+1ZE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org