Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/30ad34-874e-4b62-a96f-988d6ae0c69b/1/mKj7UVpg_Or9NprYX5bK-_qVgo0.roa
File:                     mKj7UVpg_Or9NprYX5bK-_qVgo0.roa (raw, json)
Hash identifier:          JIHDiEIiPJIvSf/VqTaB+Sz6QfFN86chmuI7k6uyzqU=
Subject key identifier:   98:A8:FB:51:5A:60:FC:EA:FD:36:9A:D8:5F:96:CA:FB:FA:95:82:8D
Certificate issuer:       /CN=c2075ef63bf652fdbd05af61743e1bc29396a2f7
Certificate serial:       01856D13E5B56CCAC02D62D7399434F03478
Authority key identifier: C2:07:5E:F6:3B:F6:52:FD:BD:05:AF:61:74:3E:1B:C2:93:96:A2:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wgde9jv2Uv29Ba9hdD4bwpOWovc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/30ad34-874e-4b62-a96f-988d6ae0c69b/1/mKj7UVpg_Or9NprYX5bK-_qVgo0.roa
Signing time:             Sun 01 Jan 2023 11:24:58 +0000
ROA not before:           Sun 01 Jan 2023 11:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212667
IP address blocks:        31.222.243.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:e5:b5:6c:ca:c0:2d:62:d7:39:94:34:f0:34:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2075ef63bf652fdbd05af61743e1bc29396a2f7
        Validity
            Not Before: Jan  1 11:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98a8fb515a60fceafd369ad85f96cafbfa95828d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e0:f8:e2:0d:e3:93:f6:bd:2f:18:64:0d:1b:
                    93:f8:fc:50:7d:f6:d5:3c:96:ab:a9:22:76:ca:c0:
                    57:db:53:5e:8d:3c:7a:e5:a2:35:3b:94:81:76:19:
                    c0:b7:6d:9a:2b:cf:e9:ab:d3:6d:32:41:ac:d5:79:
                    e7:f0:2f:9f:c7:e8:c1:7c:70:d7:d8:78:7e:6e:38:
                    08:95:68:44:fb:33:e1:77:a3:eb:00:67:f9:4a:50:
                    5b:87:3e:c1:51:76:4d:dc:79:0a:03:5c:88:9e:95:
                    70:00:53:ce:27:9d:50:fe:af:0a:10:57:e6:ef:8a:
                    b3:d3:08:6b:43:2e:da:8c:55:e9:2b:f4:40:de:27:
                    73:ea:00:95:a0:ae:64:1b:62:ba:83:00:9b:69:fe:
                    85:7c:5b:2b:9f:77:29:84:f7:0e:ac:fa:88:5a:8a:
                    77:66:40:d6:a9:ff:da:de:46:e1:90:3d:84:c7:30:
                    53:ad:00:c1:74:08:37:44:3e:62:62:4b:31:a8:11:
                    39:6f:55:29:2a:f9:83:bc:91:ec:a0:e8:e8:da:67:
                    65:2e:af:64:f8:7d:77:21:05:2a:ef:44:40:d0:ae:
                    aa:ae:f4:8c:34:22:00:a7:07:fb:a1:65:b6:8f:30:
                    4a:6b:20:12:d6:4c:1e:58:0e:c3:11:a7:ee:81:8d:
                    e4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A8:FB:51:5A:60:FC:EA:FD:36:9A:D8:5F:96:CA:FB:FA:95:82:8D
            X509v3 Authority Key Identifier:
                keyid:C2:07:5E:F6:3B:F6:52:FD:BD:05:AF:61:74:3E:1B:C2:93:96:A2:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wgde9jv2Uv29Ba9hdD4bwpOWovc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/30ad34-874e-4b62-a96f-988d6ae0c69b/1/mKj7UVpg_Or9NprYX5bK-_qVgo0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/30ad34-874e-4b62-a96f-988d6ae0c69b/1/wgde9jv2Uv29Ba9hdD4bwpOWovc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:69:17:1c:29:fe:1d:c4:f7:bb:9d:78:fb:e8:9c:68:a4:46:
         b4:76:21:a6:e6:7e:35:c7:f9:75:53:23:69:c1:e4:03:51:5f:
         b0:8f:5e:0c:a1:fa:e4:77:37:20:65:3f:98:14:74:36:e9:f8:
         93:48:80:4f:0d:9c:4e:0a:80:b7:2e:92:bd:2d:a2:59:50:7d:
         b9:de:31:54:bb:77:19:47:d7:77:31:d5:75:77:01:ee:12:1e:
         26:b8:0a:79:a8:b1:f7:22:d5:63:b2:0d:71:c0:62:cb:cc:78:
         7e:e6:75:2b:ea:e4:3e:c2:eb:bf:f6:48:42:78:14:d6:02:6f:
         19:2e:33:5e:1c:0e:70:19:52:4a:cf:52:33:d2:d0:0b:3f:71:
         1a:66:04:dc:c6:61:22:93:89:de:44:b8:0d:1a:ed:b9:e5:7f:
         de:d4:08:fb:df:54:f8:6d:29:fe:b5:56:15:41:65:de:16:8d:
         11:82:b7:d0:85:a6:db:8d:69:26:96:dc:9c:1d:53:02:2f:23:
         50:0a:b7:c7:8f:35:d9:35:69:98:ab:c8:9f:df:f6:9e:9d:58:
         2a:de:3e:b4:7e:91:f5:15:2c:69:16:88:27:8b:2f:ca:0a:31:
         f4:ab:2f:db:37:6c:b2:37:f1:0e:1f:2b:bb:2d:14:e0:88:f0:
         b9:13:49:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE+W1bMrALWLXOZQ08DR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMDc1ZWY2M2JmNjUyZmRiZDA1YWY2MTc0M2UxYmMyOTM5
NmEyZjcwHhcNMjMwMTAxMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE4ZmI1MTVhNjBmY2VhZmQzNjlhZDg1Zjk2Y2FmYmZhOTU4MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOD44g3jk/a9LxhkDRuT+PxQffbV
PJarqSJ2ysBX21NejTx65aI1O5SBdhnAt22aK8/pq9NtMkGs1Xnn8C+fx+jBfHDX
2Hh+bjgIlWhE+zPhd6PrAGf5SlBbhz7BUXZN3HkKA1yInpVwAFPOJ51Q/q8KEFfm
74qz0whrQy7ajFXpK/RA3idz6gCVoK5kG2K6gwCbaf6FfFsrn3cphPcOrPqIWop3
ZkDWqf/a3kbhkD2ExzBTrQDBdAg3RD5iYksxqBE5b1UpKvmDvJHsoOjo2mdlLq9k
+H13IQUq70RA0K6qrvSMNCIApwf7oWW2jzBKayAS1kweWA7DEafugY3kEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJio+1FaYPzq/Taa2F+Wyvv6lYKNMB8GA1UdIwQY
MBaAFMIHXvY79lL9vQWvYXQ+G8KTlqL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2dkZTlqdjJVdjI5QmE5aGRENGJ3cE9Xb3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zMGFkMzQtODc0ZS00YjYyLWE5NmYt
OTg4ZDZhZTBjNjliLzEvbUtqN1VWcGdfT3I5TnByWVg1YkstX3FWZ28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zMGFkMzQtODc0ZS00YjYyLWE5NmYtOTg4ZDZhZTBjNjli
LzEvd2dkZTlqdjJVdjI5QmE5aGRENGJ3cE9Xb3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH97zMA0G
CSqGSIb3DQEBCwUAA4IBAQACaRccKf4dxPe7nXj76JxopEa0diGm5n41x/l1UyNp
weQDUV+wj14MofrkdzcgZT+YFHQ26fiTSIBPDZxOCoC3LpK9LaJZUH253jFUu3cZ
R9d3MdV1dwHuEh4muAp5qLH3ItVjsg1xwGLLzHh+5nUr6uQ+wuu/9khCeBTWAm8Z
LjNeHA5wGVJKz1Iz0tALP3EaZgTcxmEik4neRLgNGu255X/e1Aj731T4bSn+tVYV
QWXeFo0RgrfQhabbjWkmltycHVMCLyNQCrfHjzXZNWmYq8if3/aenVgq3j60fpH1
FSxpFogniy/KCjH0qy/bN2yyN/EOHyu7LRTgiPC5E0nR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:24 2024 by rpki-client on console-fra.rpki-client.org