Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/iaGQt8T0nHKuW0eM_M0qYO6giAw.roa
File:                     iaGQt8T0nHKuW0eM_M0qYO6giAw.roa (raw, json)
Hash identifier:          NP0pFTnYlLXD/kKRPLi5DpGfoM+3OPsooQYjGwam1WI=
Subject key identifier:   89:A1:90:B7:C4:F4:9C:72:AE:5B:47:8C:FC:CD:2A:60:EE:A0:88:0C
Certificate issuer:       /CN=094875f406795db42a0179df1fbfc5d69ae712ee
Certificate serial:       01857314CFB796A75B88F12A933E7A066F84
Authority key identifier: 09:48:75:F4:06:79:5D:B4:2A:01:79:DF:1F:BF:C5:D6:9A:E7:12:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUh19AZ5XbQqAXnfH7_F1prnEu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/iaGQt8T0nHKuW0eM_M0qYO6giAw.roa
Signing time:             Mon 02 Jan 2023 15:23:41 +0000
ROA not before:           Mon 02 Jan 2023 15:23:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58212
IP address blocks:        213.139.66.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:14:cf:b7:96:a7:5b:88:f1:2a:93:3e:7a:06:6f:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094875f406795db42a0179df1fbfc5d69ae712ee
        Validity
            Not Before: Jan  2 15:23:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89a190b7c4f49c72ae5b478cfccd2a60eea0880c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e9:ce:97:11:2e:4f:8e:22:f9:79:34:35:11:
                    60:c9:c8:fd:d2:7a:29:d6:b8:7d:55:b6:8c:dd:0a:
                    12:e0:35:4e:62:3f:42:0d:d8:19:ec:33:2a:86:88:
                    aa:85:b8:25:15:98:33:fe:d1:fb:b2:a4:b3:fc:59:
                    79:54:ad:89:ce:cc:46:f4:b1:aa:ca:da:ef:ed:42:
                    55:6c:f2:8a:9c:31:35:8a:62:b4:4c:87:4a:16:f2:
                    f8:e6:4a:94:12:c1:42:1a:be:7e:3f:ae:72:c6:95:
                    60:0f:7b:1d:24:fb:b7:43:cd:43:ab:e7:c9:b4:a3:
                    05:4d:cc:e8:84:2d:d4:ec:60:02:df:a3:f5:ad:f4:
                    2b:44:18:0a:dc:9d:a9:96:ac:5a:7e:fa:ae:7b:5b:
                    63:e5:ec:24:d8:7a:df:12:78:41:0b:16:6f:7e:ac:
                    bc:b3:eb:e3:94:d7:a4:90:33:1b:42:87:28:38:1b:
                    25:cc:29:a1:28:33:2d:d9:60:4b:25:f7:e0:85:a0:
                    1f:94:4a:42:7a:0f:6a:89:2f:1f:17:98:07:c8:8c:
                    89:04:9e:21:a3:50:7d:d7:ab:2d:2c:11:1c:92:89:
                    75:28:f6:27:aa:95:c6:15:9d:70:c6:a7:88:58:a3:
                    f8:d8:0a:30:03:bb:70:a8:a7:d6:46:85:08:42:8c:
                    52:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:A1:90:B7:C4:F4:9C:72:AE:5B:47:8C:FC:CD:2A:60:EE:A0:88:0C
            X509v3 Authority Key Identifier:
                keyid:09:48:75:F4:06:79:5D:B4:2A:01:79:DF:1F:BF:C5:D6:9A:E7:12:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUh19AZ5XbQqAXnfH7_F1prnEu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/iaGQt8T0nHKuW0eM_M0qYO6giAw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/336aab-4e87-4d27-b475-864580d02f81/1/CUh19AZ5XbQqAXnfH7_F1prnEu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.139.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:ce:dd:13:ee:7c:d0:c1:3a:73:12:77:25:84:f6:f8:06:4d:
         14:d1:4c:de:aa:92:60:c9:a8:64:ca:0d:92:95:70:5e:60:4d:
         be:7f:9b:8a:27:89:93:8b:ea:2f:be:e4:cb:9f:5b:02:ec:6e:
         e1:32:cc:a5:f4:56:50:9e:cc:6b:09:9c:93:3a:6f:3b:07:f2:
         b5:41:4c:76:61:44:9e:1d:e1:82:c7:0a:84:68:72:87:0d:c2:
         10:95:6d:06:30:cf:27:1b:fe:0d:9f:86:6d:3a:80:4b:14:19:
         8c:15:c4:b7:7d:5a:e4:04:b9:ad:1c:94:e3:6b:0b:77:46:fb:
         e1:54:bf:63:8d:bd:cf:da:80:b1:5f:f0:a6:fb:0e:64:54:45:
         c0:ca:78:bc:47:e8:d7:55:ec:15:e3:99:d7:72:e2:78:3b:8e:
         d1:94:7f:7f:72:35:3d:09:63:e3:e2:70:05:0f:a3:9f:9b:8e:
         c8:28:07:44:0f:a1:83:b8:4a:8a:eb:62:fc:6d:86:90:66:2d:
         75:ea:a7:5b:02:39:3e:8c:be:ba:fb:24:fd:3d:d5:75:7f:51:
         7f:7e:17:3f:b2:30:c2:69:76:6f:cc:0f:df:6a:6a:e4:44:d3:
         85:37:23:bf:d2:54:7b:d1:7f:66:91:96:5e:ac:75:28:8a:be:
         2f:77:06:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFM+3lqdbiPEqkz56Bm+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDg3NWY0MDY3OTVkYjQyYTAxNzlkZjFmYmZjNWQ2OWFl
NzEyZWUwHhcNMjMwMTAyMTUyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWExOTBiN2M0ZjQ5YzcyYWU1YjQ3OGNmY2NkMmE2MGVlYTA4ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+nOlxEuT44i+Xk0NRFgycj90nop
1rh9VbaM3QoS4DVOYj9CDdgZ7DMqhoiqhbglFZgz/tH7sqSz/Fl5VK2JzsxG9LGq
ytrv7UJVbPKKnDE1imK0TIdKFvL45kqUEsFCGr5+P65yxpVgD3sdJPu3Q81Dq+fJ
tKMFTczohC3U7GAC36P1rfQrRBgK3J2plqxafvque1tj5ewk2HrfEnhBCxZvfqy8
s+vjlNekkDMbQocoOBslzCmhKDMt2WBLJffghaAflEpCeg9qiS8fF5gHyIyJBJ4h
o1B916stLBEckol1KPYnqpXGFZ1wxqeIWKP42AowA7twqKfWRoUIQoxSNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImhkLfE9JxyrltHjPzNKmDuoIgMMB8GA1UdIwQY
MBaAFAlIdfQGeV20KgF53x+/xdaa5xLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VoMTlBWjVYYlFxQVhuZkg3X0YxcHJuRXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zMzZhYWItNGU4Ny00ZDI3LWI0NzUt
ODY0NTgwZDAyZjgxLzEvaWFHUXQ4VDBuSEt1VzBlTV9NMHFZTzZnaUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zMzZhYWItNGU4Ny00ZDI3LWI0NzUtODY0NTgwZDAyZjgx
LzEvQ1VoMTlBWjVYYlFxQVhuZkg3X0YxcHJuRXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YtCMA0G
CSqGSIb3DQEBCwUAA4IBAQAQzt0T7nzQwTpzEnclhPb4Bk0U0UzeqpJgyahkyg2S
lXBeYE2+f5uKJ4mTi+ovvuTLn1sC7G7hMsyl9FZQnsxrCZyTOm87B/K1QUx2YUSe
HeGCxwqEaHKHDcIQlW0GMM8nG/4Nn4ZtOoBLFBmMFcS3fVrkBLmtHJTjawt3Rvvh
VL9jjb3P2oCxX/Cm+w5kVEXAyni8R+jXVewV45nXcuJ4O47RlH9/cjU9CWPj4nAF
D6Ofm47IKAdED6GDuEqK62L8bYaQZi116qdbAjk+jL66+yT9PdV1f1F/fhc/sjDC
aXZvzA/famrkRNOFNyO/0lR70X9mkZZerHUoir4vdwaF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org