Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/cf0488-498f-4554-976d-19aa8fb82da3/1/eZT7i7pBG3eYOx-vHukbLb7xycc.roa
File:                     eZT7i7pBG3eYOx-vHukbLb7xycc.roa (raw, json)
Hash identifier:          ff6nvpo821wZqL0V0fwJ9gVuiwThmLenwW7TDacJxuM=
Subject key identifier:   79:94:FB:8B:BA:41:1B:77:98:3B:1F:AF:1E:E9:1B:2D:BE:F1:C9:C7
Certificate issuer:       /CN=04725e10669a8f7bee3bbc104dae82570598006d
Certificate serial:       D6E210
Authority key identifier: 04:72:5E:10:66:9A:8F:7B:EE:3B:BC:10:4D:AE:82:57:05:98:00:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BHJeEGaaj3vuO7wQTa6CVwWYAG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/cf0488-498f-4554-976d-19aa8fb82da3/1/eZT7i7pBG3eYOx-vHukbLb7xycc.roa
Signing time:             Sat 01 Jan 2022 05:04:42 +0000
ROA not before:           Sat 01 Jan 2022 05:04:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        188.244.119.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14082576 (0xd6e210)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04725e10669a8f7bee3bbc104dae82570598006d
        Validity
            Not Before: Jan  1 05:04:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7994fb8bba411b77983b1faf1ee91b2dbef1c9c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:45:3a:5a:14:68:e1:71:24:37:5b:15:93:ea:
                    16:9b:f7:4c:71:05:fd:78:42:2b:6d:87:5c:3b:a5:
                    d2:2d:6e:46:bc:1e:fe:aa:f3:7a:42:51:c8:d2:06:
                    5e:58:ff:20:56:61:9a:f9:58:80:9c:02:68:84:ed:
                    7a:ec:74:c1:37:68:b6:64:62:f8:54:2e:f7:f4:11:
                    a8:c5:1f:f7:4c:11:70:3f:74:fe:1b:4c:14:51:44:
                    16:bc:5e:40:f0:11:98:0d:1b:44:18:dc:ac:e7:ab:
                    30:24:7d:73:15:ab:d1:8a:b3:2b:7e:73:a3:83:95:
                    72:72:0b:3c:4e:0b:8f:ae:59:43:f1:7e:2f:94:08:
                    52:c1:16:7b:8f:0d:40:87:fa:d6:98:86:73:48:50:
                    8d:99:42:64:47:0d:e5:3e:ab:98:a3:00:2a:34:ca:
                    fa:de:2b:b6:0f:7f:58:d0:76:21:10:03:08:1f:48:
                    b1:af:28:03:fa:ed:56:7e:58:c3:6e:71:21:69:8d:
                    6a:06:a1:59:93:6c:11:dd:ac:bd:ab:62:35:15:34:
                    4e:a5:19:bf:a3:e0:63:b2:ec:7a:fb:50:ad:71:d2:
                    52:96:cc:6a:11:45:32:3c:21:12:a5:3c:3c:40:17:
                    76:98:de:83:b9:18:91:32:68:78:7c:20:96:97:84:
                    03:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:94:FB:8B:BA:41:1B:77:98:3B:1F:AF:1E:E9:1B:2D:BE:F1:C9:C7
            X509v3 Authority Key Identifier:
                keyid:04:72:5E:10:66:9A:8F:7B:EE:3B:BC:10:4D:AE:82:57:05:98:00:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHJeEGaaj3vuO7wQTa6CVwWYAG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/cf0488-498f-4554-976d-19aa8fb82da3/1/eZT7i7pBG3eYOx-vHukbLb7xycc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/cf0488-498f-4554-976d-19aa8fb82da3/1/BHJeEGaaj3vuO7wQTa6CVwWYAG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:b9:c0:cb:8a:b2:ec:76:69:e7:ea:c7:15:39:ce:6a:98:6a:
         6f:7b:07:6f:6b:7a:fc:2b:77:15:1a:bb:7d:b7:28:ef:b1:f8:
         22:99:c0:92:4f:aa:fb:97:2e:4b:d5:70:26:18:17:10:18:27:
         ea:3f:e8:12:70:ea:f1:8f:b5:8d:16:75:f7:2f:70:fc:52:36:
         e0:0c:2e:63:89:06:cd:14:86:e8:08:6f:32:05:0e:32:63:ef:
         82:2d:d8:44:22:3e:10:bd:cc:66:5a:5a:6e:6d:a0:cd:0b:12:
         e2:a7:26:ba:fc:e9:d7:52:26:f6:50:22:90:96:09:8e:c4:95:
         cb:05:34:88:63:20:98:a7:42:96:0e:87:0b:5f:ed:8b:60:51:
         10:a7:f0:cf:0b:08:82:65:d3:b3:e4:78:49:83:cd:67:e6:38:
         0a:8f:2a:9b:27:9f:b3:87:3a:f6:40:f2:c1:ec:e6:3c:1b:03:
         8d:9d:26:6c:92:9d:5d:b2:30:4e:c8:65:94:19:1b:85:56:84:
         f7:a7:27:e9:1f:1e:34:85:ff:f1:de:e1:36:88:e8:0d:c4:7c:
         8d:ac:0a:dc:19:b3:61:aa:00:bb:77:fb:61:8e:01:42:5b:c3:
         89:c7:2f:ed:07:6c:ba:8b:39:40:7c:9a:06:62:32:86:69:2e:
         89:1f:cf:e8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANbiEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDcyNWUxMDY2OWE4ZjdiZWUzYmJjMTA0ZGFlODI1NzA1OTgwMDZkMB4XDTIyMDEw
MTA1MDQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzk5NGZiOGJiYTQx
MWI3Nzk4M2IxZmFmMWVlOTFiMmRiZWYxYzljNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtFOloUaOFxJDdbFZPqFpv3THEF/XhCK22HXDul0i1uRrwe
/qrzekJRyNIGXlj/IFZhmvlYgJwCaITteux0wTdotmRi+FQu9/QRqMUf90wRcD90
/htMFFFEFrxeQPARmA0bRBjcrOerMCR9cxWr0YqzK35zo4OVcnILPE4Lj65ZQ/F+
L5QIUsEWe48NQIf61piGc0hQjZlCZEcN5T6rmKMAKjTK+t4rtg9/WNB2IRADCB9I
sa8oA/rtVn5Yw25xIWmNagahWZNsEd2svatiNRU0TqUZv6PgY7LsevtQrXHSUpbM
ahFFMjwhEqU8PEAXdpjeg7kYkTJoeHwglpeEA08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5lPuLukEbd5g7H68e6RstvvHJxzAfBgNVHSMEGDAWgBQEcl4QZpqPe+47
vBBNroJXBZgAbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JISmVFR2FhajN2dU83d1FUYTZDVndXWUFHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvY2YwNDg4LTQ5OGYtNDU1NC05NzZkLTE5YWE4ZmI4MmRhMy8x
L2VaVDdpN3BCRzNlWU94LXZIdWtiTGI3eHljYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
Y2YwNDg4LTQ5OGYtNDU1NC05NzZkLTE5YWE4ZmI4MmRhMy8xL0JISmVFR2FhajN2
dU83d1FUYTZDVndXWUFHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALz0dzANBgkqhkiG9w0BAQsFAAOC
AQEAe7nAy4qy7HZp5+rHFTnOaphqb3sHb2t6/Ct3FRq7fbco77H4IpnAkk+q+5cu
S9VwJhgXEBgn6j/oEnDq8Y+1jRZ19y9w/FI24AwuY4kGzRSG6AhvMgUOMmPvgi3Y
RCI+EL3MZlpabm2gzQsS4qcmuvzp11Im9lAikJYJjsSVywU0iGMgmKdClg6HC1/t
i2BREKfwzwsIgmXTs+R4SYPNZ+Y4Co8qmyefs4c69kDywezmPBsDjZ0mbJKdXbIw
TshllBkbhVaE96cn6R8eNIX/8d7hNojoDcR8jawK3BmzYaoAu3f7YY4BQlvDiccv
7Qdsuos5QHyaBmIyhmkuiR/P6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:04 2024 by rpki-client on console-ams.rpki-client.org