Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/VU67J-I1JDofFyB28tPW5Bjje4Q.roa
File:                     VU67J-I1JDofFyB28tPW5Bjje4Q.roa (raw, json)
Hash identifier:          cYsPnZHekyfg3npX5SSB5j1BX7p3e2KS2MdoZHsVAr4=
Subject key identifier:   55:4E:BB:27:E2:35:24:3A:1F:17:20:76:F2:D3:D6:E4:18:E3:7B:84
Certificate issuer:       /CN=3109f5695a89111d0f3bd6b5d2b18779aac102de
Certificate serial:       01842E87E94B1BD03A37063A78AFAF9580DF
Authority key identifier: 31:09:F5:69:5A:89:11:1D:0F:3B:D6:B5:D2:B1:87:79:AA:C1:02:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MQn1aVqJER0PO9a10rGHearBAt4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/VU67J-I1JDofFyB28tPW5Bjje4Q.roa
Signing time:             Mon 31 Oct 2022 14:52:49 +0000
ROA not before:           Mon 31 Oct 2022 14:52:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209363
IP address blocks:        185.253.124.0/22 maxlen: 22
                          193.34.148.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2e:87:e9:4b:1b:d0:3a:37:06:3a:78:af:af:95:80:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3109f5695a89111d0f3bd6b5d2b18779aac102de
        Validity
            Not Before: Oct 31 14:52:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=554ebb27e235243a1f172076f2d3d6e418e37b84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:4f:32:d8:0b:7a:b5:5b:b9:f8:48:dd:e2:e3:
                    f4:aa:e1:b6:37:a5:51:6b:44:e5:7f:24:ad:bd:c7:
                    fb:d4:bf:1f:2f:c5:8a:f0:3d:7d:01:c2:58:8b:34:
                    ab:94:88:04:db:99:4a:08:ad:5b:4f:a9:25:85:f5:
                    6b:14:00:47:65:9f:73:93:a9:4d:45:0d:4d:b1:41:
                    b3:0e:e6:f5:f7:94:d5:6e:60:0a:84:83:f9:a8:5f:
                    12:61:06:fd:17:91:ee:09:18:21:85:6e:11:45:09:
                    78:30:50:21:05:dc:84:43:cf:52:32:c6:be:3f:c1:
                    6d:75:9a:58:4b:99:6f:78:8e:d8:cc:b5:0b:f2:93:
                    f1:32:a3:fd:ce:12:94:7f:70:cf:64:cf:d9:10:73:
                    1f:72:3f:63:e2:ed:2f:14:b8:b6:6c:af:6c:01:40:
                    7d:03:ec:0e:4b:b8:99:b7:21:51:89:9a:ac:fe:5e:
                    4c:e3:eb:10:08:79:1e:81:e0:2c:58:ec:0b:8d:d5:
                    56:e1:1c:f5:4a:f8:16:68:f5:85:ff:30:5b:e1:99:
                    8a:54:3e:f9:d1:73:aa:bb:9d:0b:b4:65:83:22:64:
                    fe:a9:6e:ba:89:7e:59:79:d6:2c:1b:99:02:ea:2d:
                    7f:ce:60:07:ab:a0:49:d6:cd:12:21:dd:f1:6d:b1:
                    74:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:4E:BB:27:E2:35:24:3A:1F:17:20:76:F2:D3:D6:E4:18:E3:7B:84
            X509v3 Authority Key Identifier:
                keyid:31:09:F5:69:5A:89:11:1D:0F:3B:D6:B5:D2:B1:87:79:AA:C1:02:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQn1aVqJER0PO9a10rGHearBAt4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/VU67J-I1JDofFyB28tPW5Bjje4Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/899344-87c5-4aa2-b1a3-204d2587d81f/1/MQn1aVqJER0PO9a10rGHearBAt4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.124.0/22
                  193.34.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:09:4c:ff:b1:eb:06:16:da:d9:9e:a2:a9:9d:6e:93:b1:b8:
         1c:eb:30:13:30:4d:17:38:d1:cb:73:20:74:95:85:bf:d8:b7:
         d1:37:73:b3:8d:15:d6:97:b8:67:25:ba:cd:9a:52:9a:be:b5:
         d3:31:90:ad:70:80:e0:7f:0a:c1:86:c1:d0:e5:78:47:6f:7e:
         63:71:7e:04:33:87:2d:7c:5f:eb:58:a3:97:8c:b5:d7:0a:a7:
         b1:e7:8d:10:bb:b3:eb:0b:b7:f8:8b:d2:ad:1d:6e:4e:fe:2d:
         ce:73:76:02:b9:64:b6:85:08:8e:aa:de:9e:43:92:18:8e:d3:
         cc:52:1b:69:67:6e:93:95:b5:e2:47:a7:cb:76:24:3a:3a:d4:
         9a:a4:49:7e:38:21:61:61:ac:22:ba:e7:56:75:57:e9:df:b0:
         8e:9e:aa:ff:e6:86:62:6c:a7:52:72:cc:79:f8:12:e6:d7:80:
         79:0f:2a:c0:13:00:bb:96:9f:d5:c0:11:0a:52:70:fb:c7:14:
         7f:d7:0d:7c:c3:33:29:1e:a8:d2:36:cd:cf:1b:b1:9a:b1:01:
         94:85:9f:4c:b4:86:20:d4:9a:66:dc:af:4d:58:bd:06:45:db:
         6f:36:67:f6:79:5a:30:41:b9:1a:0b:91:d3:b4:7d:da:b3:e0:
         1d:d8:da:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQuh+lLG9A6NwY6eK+vlYDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDlmNTY5NWE4OTExMWQwZjNiZDZiNWQyYjE4Nzc5YWFj
MTAyZGUwHhcNMjIxMDMxMTQ1MjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTRlYmIyN2UyMzUyNDNhMWYxNzIwNzZmMmQzZDZlNDE4ZTM3Yjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgE8y2At6tVu5+Ejd4uP0quG2N6VR
a0TlfyStvcf71L8fL8WK8D19AcJYizSrlIgE25lKCK1bT6klhfVrFABHZZ9zk6lN
RQ1NsUGzDub195TVbmAKhIP5qF8SYQb9F5HuCRghhW4RRQl4MFAhBdyEQ89SMsa+
P8FtdZpYS5lveI7YzLUL8pPxMqP9zhKUf3DPZM/ZEHMfcj9j4u0vFLi2bK9sAUB9
A+wOS7iZtyFRiZqs/l5M4+sQCHkegeAsWOwLjdVW4Rz1SvgWaPWF/zBb4ZmKVD75
0XOqu50LtGWDImT+qW66iX5ZedYsG5kC6i1/zmAHq6BJ1s0SId3xbbF0jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVOuyfiNSQ6HxcgdvLT1uQY43uEMB8GA1UdIwQY
MBaAFDEJ9WlaiREdDzvWtdKxh3mqwQLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFuMWFWcUpFUjBQTzlhMTByR0hlYXJCQXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84OTkzNDQtODdjNS00YWEyLWIxYTMt
MjA0ZDI1ODdkODFmLzEvVlU2N0otSTFKRG9mRnlCMjh0UFc1QmpqZTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84OTkzNDQtODdjNS00YWEyLWIxYTMtMjA0ZDI1ODdkODFm
LzEvTVFuMWFWcUpFUjBQTzlhMTByR0hlYXJCQXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuf18AwQB
wSKUMA0GCSqGSIb3DQEBCwUAA4IBAQCCCUz/sesGFtrZnqKpnW6Tsbgc6zATME0X
ONHLcyB0lYW/2LfRN3OzjRXWl7hnJbrNmlKavrXTMZCtcIDgfwrBhsHQ5XhHb35j
cX4EM4ctfF/rWKOXjLXXCqex540Qu7PrC7f4i9KtHW5O/i3Oc3YCuWS2hQiOqt6e
Q5IYjtPMUhtpZ26TlbXiR6fLdiQ6OtSapEl+OCFhYawiuudWdVfp37COnqr/5oZi
bKdScsx5+BLm14B5DyrAEwC7lp/VwBEKUnD7xxR/1w18wzMpHqjSNs3PG7GasQGU
hZ9MtIYg1Jpm3K9NWL0GRdtvNmf2eVowQbkaC5HTtH3as+Ad2Nrb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:52 2024 by rpki-client on console-ams.rpki-client.org