Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ehtjPd4uiy91e1ovRQnAOqhHBZo.roa
File:                     ehtjPd4uiy91e1ovRQnAOqhHBZo.roa (raw, json)
Hash identifier:          bbxtzjR1S1gqAbjoBBIB5O8VRsLxexNYA7QxoD3G3fc=
Subject key identifier:   7A:1B:63:3D:DE:2E:8B:2F:75:7B:5A:2F:45:09:C0:3A:A8:47:05:9A
Certificate issuer:       /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial:       018C7E4F783823B0D9CF613D8CDDE826693C
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ehtjPd4uiy91e1ovRQnAOqhHBZo.roa
Signing time:             Mon 18 Dec 2023 19:03:06 +0000
ROA not before:           Mon 18 Dec 2023 19:03:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203061
IP address blocks:        185.239.244.0/24 maxlen: 24
                          185.239.246.0/23 maxlen: 24
                          185.254.17.0/24 maxlen: 24
                          185.254.16.0/24 maxlen: 24
                          185.244.105.0/24 maxlen: 24
                          185.246.236.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7e:4f:78:38:23:b0:d9:cf:61:3d:8c:dd:e8:26:69:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
        Validity
            Not Before: Dec 18 19:03:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7a1b633dde2e8b2f757b5a2f4509c03aa847059a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:d5:b7:3e:4b:e6:4d:08:7a:4d:c8:50:7b:b1:
                    06:89:2c:93:5a:63:fe:ac:ed:70:5c:72:c8:e9:bf:
                    db:4b:e0:e8:23:1f:b1:9f:61:78:91:a9:2d:02:ba:
                    53:c5:18:7a:26:24:bc:d4:64:18:b3:88:8c:c3:db:
                    f6:ef:68:99:09:d9:3b:1c:fc:8a:8c:85:61:8d:5d:
                    2d:4b:53:36:e3:54:9b:26:74:8a:82:f3:f3:90:0c:
                    c4:48:dc:20:12:51:e5:a5:e4:ea:ca:5c:44:9a:67:
                    46:2a:4a:51:f1:6b:ef:69:07:59:1e:48:33:17:9e:
                    8f:f1:92:e1:29:57:67:7f:e6:56:80:99:3c:40:55:
                    72:e5:e4:68:7a:1a:89:49:34:0e:3e:cc:f8:72:28:
                    29:bf:0f:a5:ff:2d:77:41:2a:ab:aa:eb:ad:66:a9:
                    c6:0d:8e:62:1c:46:50:bc:bc:14:d2:c9:19:ba:cc:
                    7b:4e:f0:e5:ca:05:46:24:55:12:40:11:06:61:94:
                    4c:87:13:1e:f5:d1:d9:84:58:b6:05:fd:16:5b:4d:
                    45:71:a0:65:a3:48:91:6f:6e:08:0a:76:00:66:b4:
                    6b:fa:ed:7f:86:82:16:21:0c:3d:78:b1:99:e8:ea:
                    8a:b4:70:4e:c4:50:63:b8:4f:c3:c0:62:ae:e9:fc:
                    30:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:1B:63:3D:DE:2E:8B:2F:75:7B:5A:2F:45:09:C0:3A:A8:47:05:9A
            X509v3 Authority Key Identifier:
                keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ehtjPd4uiy91e1ovRQnAOqhHBZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.239.244.0/24
                  185.239.246.0/23
                  185.244.105.0/24
                  185.246.236.0/22
                  185.254.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:3a:93:ff:10:7f:8c:3a:52:2f:4a:15:49:f1:a5:62:ed:ef:
         a6:b2:0a:a8:e2:f6:7f:ac:65:b4:f8:59:1b:58:f7:c8:09:bd:
         d5:c0:2a:d5:a3:a9:e8:98:e8:6b:b1:69:b0:fb:c2:a0:84:7f:
         c0:cf:f9:50:d5:c9:99:6a:1e:4c:60:a7:f5:93:be:1d:db:7f:
         38:01:38:03:2d:a5:40:0e:3f:dc:cd:ed:f0:f9:8b:f1:ca:db:
         1e:68:48:ec:3f:2a:70:a4:62:5a:44:54:82:72:60:d2:59:65:
         d6:5a:4c:53:9a:2c:ee:3e:81:39:79:0a:22:41:22:be:c0:cd:
         1f:b5:8a:b3:0f:19:bd:af:4f:ad:17:cc:5b:ee:5c:f8:19:17:
         b2:18:cf:03:32:e4:9d:17:5a:20:fb:40:62:9e:57:44:1f:0b:
         a9:04:5b:8a:49:9b:67:d0:90:24:01:7e:79:92:3c:36:a4:c7:
         3c:8a:79:48:39:ca:a6:44:d7:31:30:6a:48:8b:be:dd:bc:71:
         ce:b3:f9:61:df:0d:a3:9c:55:84:9d:0c:7c:1b:4a:8d:ef:fd:
         59:a1:4f:87:f4:28:41:54:27:44:39:19:03:c2:5e:7b:3f:df:
         aa:ce:74:c4:b4:e1:d1:94:ac:19:ab:51:9f:73:98:83:9c:c9:
         2f:8a:40:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx+T3g4I7DZz2E9jN3oJmk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMxMjE4MTkwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFiNjMzZGRlMmU4YjJmNzU3YjVhMmY0NTA5YzAzYWE4NDcwNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdW3PkvmTQh6TchQe7EGiSyTWmP+
rO1wXHLI6b/bS+DoIx+xn2F4kaktArpTxRh6JiS81GQYs4iMw9v272iZCdk7HPyK
jIVhjV0tS1M241SbJnSKgvPzkAzESNwgElHlpeTqylxEmmdGKkpR8WvvaQdZHkgz
F56P8ZLhKVdnf+ZWgJk8QFVy5eRoehqJSTQOPsz4cigpvw+l/y13QSqrquutZqnG
DY5iHEZQvLwU0skZusx7TvDlygVGJFUSQBEGYZRMhxMe9dHZhFi2Bf0WW01FcaBl
o0iRb24ICnYAZrRr+u1/hoIWIQw9eLGZ6OqKtHBOxFBjuE/DwGKu6fwwQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHobYz3eLosvdXtaL0UJwDqoRwWaMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvZWh0alBkNHVpeTkxZTFvdlJRbkFPcWhIQlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAue/0AwQB
ue/2AwQAufRpAwQCufbsAwQBuf4QMA0GCSqGSIb3DQEBCwUAA4IBAQAuOpP/EH+M
OlIvShVJ8aVi7e+msgqo4vZ/rGW0+FkbWPfICb3VwCrVo6nomOhrsWmw+8KghH/A
z/lQ1cmZah5MYKf1k74d2384ATgDLaVADj/cze3w+YvxytseaEjsPypwpGJaRFSC
cmDSWWXWWkxTmizuPoE5eQoiQSK+wM0ftYqzDxm9r0+tF8xb7lz4GReyGM8DMuSd
F1og+0BinldEHwupBFuKSZtn0JAkAX55kjw2pMc8inlIOcqmRNcxMGpIi77dvHHO
s/lh3w2jnFWEnQx8G0qN7/1ZoU+H9ChBVCdEORkDwl57P9+qznTEtOHRlKwZq1Gf
c5iDnMkvikDD
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:48 2024 by rpki-client on console-ams.rpki-client.org