Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/zclqokYvnrmvdOZ8XDeL1kTmsoc.roa
File:                     zclqokYvnrmvdOZ8XDeL1kTmsoc.roa (raw, json)
Hash identifier:          30MSGJZ2+W+uRJIEI0Z4dxGrFwliwMiapWRnSOtJTLo=
Subject key identifier:   CD:C9:6A:A2:46:2F:9E:B9:AF:74:E6:7C:5C:37:8B:D6:44:E6:B2:87
Certificate issuer:       /CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
Certificate serial:       018D8430EF2FE4E773D4137436564483DB06
Authority key identifier: 61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/zclqokYvnrmvdOZ8XDeL1kTmsoc.roa
Signing time:             Wed 07 Feb 2024 15:30:15 +0000
ROA not before:           Wed 07 Feb 2024 15:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        185.92.211.0/24 maxlen: 24
                          194.26.134.0/24 maxlen: 24
                          213.217.11.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:84:30:ef:2f:e4:e7:73:d4:13:74:36:56:44:83:db:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
        Validity
            Not Before: Feb  7 15:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cdc96aa2462f9eb9af74e67c5c378bd644e6b287
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1f:ce:cd:70:a4:c6:04:5c:94:af:97:37:c0:
                    a1:c1:e9:71:5c:d1:7b:2c:ff:54:37:cc:56:0d:85:
                    54:66:b9:2c:a0:b5:f1:94:4b:7e:07:ec:3c:4c:44:
                    8b:53:2b:a4:b4:b9:77:b2:ff:bd:d6:d2:3f:25:f9:
                    6a:77:7e:2a:14:33:f5:bc:26:f7:66:49:c9:70:90:
                    6f:42:b1:a4:71:fe:55:2d:29:18:49:31:c6:c3:8c:
                    42:01:38:f0:00:a6:d0:0b:e4:c8:48:12:d4:24:c0:
                    8d:2d:a0:b0:44:8e:f2:b7:f5:e7:b1:fa:7e:56:80:
                    20:06:e1:b7:2d:a8:3f:e2:99:d2:84:d6:96:f5:ce:
                    c9:fe:65:e8:3b:27:2f:30:10:b4:b4:2c:e8:99:17:
                    62:bb:a9:21:d5:6b:5d:51:2a:45:e6:9a:f3:93:0f:
                    b9:2b:e6:12:49:39:86:94:c4:d4:e4:93:14:09:20:
                    f8:b8:fd:d5:1f:44:46:45:5e:ab:78:ec:e6:ba:7a:
                    79:bd:ae:20:50:59:c5:1a:77:82:0f:8c:29:73:51:
                    3b:3e:f4:4e:66:e6:39:e4:3a:f0:4b:6e:e8:1b:91:
                    de:ea:ef:d8:4f:61:7d:bd:d0:d8:25:ac:73:43:08:
                    78:63:38:85:d2:66:20:82:b6:6b:85:4c:23:99:72:
                    5a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:C9:6A:A2:46:2F:9E:B9:AF:74:E6:7C:5C:37:8B:D6:44:E6:B2:87
            X509v3 Authority Key Identifier:
                keyid:61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/zclqokYvnrmvdOZ8XDeL1kTmsoc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/YVREgdO-f8pegKVkrZPBuKL2Nvg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.211.0/24
                  194.26.134.0/24
                  213.217.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:ad:67:db:e0:c2:76:b5:4f:e5:8a:2d:a3:76:0f:a7:70:10:
         ea:33:2c:3f:83:aa:ce:bc:97:70:21:9c:1a:4c:f8:ce:79:df:
         30:1b:e5:58:29:6b:e0:3f:4d:c6:b0:6f:72:30:67:c4:73:6f:
         14:bd:d1:09:17:36:b8:61:4c:c4:4a:19:2d:d1:bf:8a:10:b6:
         b2:f8:6e:90:59:ac:2a:76:7e:54:cc:01:11:05:56:92:04:a8:
         f0:af:74:ba:52:a8:32:91:8b:ad:7e:b6:f7:8f:03:94:10:dd:
         06:67:fb:cc:0e:1f:cd:de:e1:9a:66:c7:03:57:b7:2e:d0:38:
         6e:70:4e:23:4e:1d:19:27:43:c7:5f:fc:50:7a:cc:e0:18:89:
         3c:60:31:39:9d:24:06:a8:9b:f0:af:57:b2:16:e7:a0:ac:92:
         f3:88:29:e5:e2:b2:10:ff:af:7a:89:f7:eb:87:5f:e9:a4:26:
         72:24:77:fb:b2:f7:92:4d:89:f4:4d:58:05:17:2b:62:b6:e7:
         af:e2:fe:08:02:93:0c:54:81:bf:c6:24:1c:0f:f9:0f:f8:f4:
         5c:77:b4:43:53:46:f4:be:8a:f4:0e:89:8a:39:39:c5:3d:5a:
         55:70:d0:a2:37:18:c7:8d:93:53:57:39:86:f8:41:18:6b:40:
         4d:7e:13:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2EMO8v5Odz1BN0NlZEg9sGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNTQ0NDgxZDNiZTdmY2E1ZTgwYTU2NGFkOTNjMWI4YTJm
NjM2ZjgwHhcNMjQwMjA3MTUzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM5NmFhMjQ2MmY5ZWI5YWY3NGU2N2M1YzM3OGJkNjQ0ZTZiMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx/OzXCkxgRclK+XN8ChwelxXNF7
LP9UN8xWDYVUZrksoLXxlEt+B+w8TESLUyuktLl3sv+91tI/Jflqd34qFDP1vCb3
ZknJcJBvQrGkcf5VLSkYSTHGw4xCATjwAKbQC+TISBLUJMCNLaCwRI7yt/Xnsfp+
VoAgBuG3Lag/4pnShNaW9c7J/mXoOycvMBC0tCzomRdiu6kh1WtdUSpF5przkw+5
K+YSSTmGlMTU5JMUCSD4uP3VH0RGRV6reOzmunp5va4gUFnFGneCD4wpc1E7PvRO
ZuY55DrwS27oG5He6u/YT2F9vdDYJaxzQwh4YziF0mYggrZrhUwjmXJaFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM3JaqJGL565r3TmfFw3i9ZE5rKHMB8GA1UdIwQY
MBaAFGFURIHTvn/KXoClZK2Twbii9jb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjIt
ZjY3ZTE3NWQ0YmE3LzEvemNscW9rWXZucm12ZE9aOFhEZUwxa1Rtc29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjItZjY3ZTE3NWQ0YmE3
LzEvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVzTAwQA
whqGAwQA1dkLMA0GCSqGSIb3DQEBCwUAA4IBAQAIrWfb4MJ2tU/lii2jdg+ncBDq
Myw/g6rOvJdwIZwaTPjOed8wG+VYKWvgP03GsG9yMGfEc28UvdEJFza4YUzEShkt
0b+KELay+G6QWawqdn5UzAERBVaSBKjwr3S6UqgykYutfrb3jwOUEN0GZ/vMDh/N
3uGaZscDV7cu0DhucE4jTh0ZJ0PHX/xQeszgGIk8YDE5nSQGqJvwr1eyFuegrJLz
iCnl4rIQ/696iffrh1/ppCZyJHf7sveSTYn0TVgFFytituev4v4IApMMVIG/xiQc
D/kP+PRcd7RDU0b0vor0DomKOTnFPVpVcNCiNxjHjZNTVzmG+EEYa0BNfhMT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:49 2024 by rpki-client on console-fra.rpki-client.org