Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/038a04-4661-4bed-8a17-b5260b44a7bd/1/65yNYxymJ6IvNb-xJcqXAak0WDc.roa
File:                     65yNYxymJ6IvNb-xJcqXAak0WDc.roa (raw, json)
Hash identifier:          2jhuXjTeUBnQ4YDEGaFpLNL0zZ1O5q/xGYufcFxm6yY=
Subject key identifier:   EB:9C:8D:63:1C:A6:27:A2:2F:35:BF:B1:25:CA:97:01:A9:34:58:37
Certificate issuer:       /CN=eb75c0ab5df4dbad8a7a44397dfd6b957972fef1
Certificate serial:       01CFF76A
Authority key identifier: EB:75:C0:AB:5D:F4:DB:AD:8A:7A:44:39:7D:FD:6B:95:79:72:FE:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/63XAq130262KekQ5ff1rlXly_vE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/038a04-4661-4bed-8a17-b5260b44a7bd/1/65yNYxymJ6IvNb-xJcqXAak0WDc.roa
Signing time:             Sat 01 Jan 2022 14:06:29 +0000
ROA not before:           Sat 01 Jan 2022 14:06:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211183
IP address blocks:        193.187.96.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30406506 (0x1cff76a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb75c0ab5df4dbad8a7a44397dfd6b957972fef1
        Validity
            Not Before: Jan  1 14:06:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=eb9c8d631ca627a22f35bfb125ca9701a9345837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:48:9c:e7:c1:96:c6:17:a9:2c:71:40:ae:f4:
                    c4:fe:fd:9e:0a:25:e6:4a:73:3e:49:81:7e:72:95:
                    b6:fe:2f:71:74:79:83:31:1c:d4:f6:c3:69:73:ca:
                    d3:fe:a0:3f:bb:2f:7c:a2:8f:07:b7:21:19:17:34:
                    cb:04:93:8c:99:88:e9:e4:e8:88:09:05:81:e8:8e:
                    3f:d5:1b:8c:7a:7a:ce:8c:64:50:a6:c3:e4:72:07:
                    9b:83:41:da:92:0f:5d:35:a6:5f:75:31:62:cc:b6:
                    4c:87:e7:c2:c4:99:87:39:0b:ea:a0:53:39:08:14:
                    6a:4a:ce:d9:ea:67:d5:7f:d3:71:cd:b9:0d:af:88:
                    fb:7f:4c:91:7c:a2:1d:1e:33:d6:88:61:0b:4c:e8:
                    7f:ed:d0:7a:71:19:80:20:d3:34:06:d7:76:36:42:
                    79:e1:07:3a:2b:e9:4c:40:db:83:56:cc:f1:a8:f7:
                    3c:7e:48:92:62:f3:e8:2f:6d:1a:b4:13:af:cf:10:
                    c2:66:e8:8c:d8:08:2a:83:ab:8d:b8:62:2d:3a:9f:
                    5e:d3:8f:b7:4a:44:87:b9:10:b5:67:12:0c:9f:3f:
                    a4:01:f5:86:e8:d9:f7:a3:da:07:1e:22:86:a5:b5:
                    04:9b:79:5c:a9:2b:14:01:5b:c7:48:8f:bc:d0:cb:
                    ed:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:9C:8D:63:1C:A6:27:A2:2F:35:BF:B1:25:CA:97:01:A9:34:58:37
            X509v3 Authority Key Identifier:
                keyid:EB:75:C0:AB:5D:F4:DB:AD:8A:7A:44:39:7D:FD:6B:95:79:72:FE:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63XAq130262KekQ5ff1rlXly_vE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/038a04-4661-4bed-8a17-b5260b44a7bd/1/65yNYxymJ6IvNb-xJcqXAak0WDc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/038a04-4661-4bed-8a17-b5260b44a7bd/1/63XAq130262KekQ5ff1rlXly_vE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.187.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:55:e3:48:19:87:8b:92:59:f0:98:9b:7b:42:d5:44:7a:53:
         71:e4:af:5b:7d:47:71:f1:e2:ad:cb:c5:f4:17:c5:8e:d6:7f:
         e5:46:b3:91:24:19:65:55:f5:2f:98:1c:b0:3b:37:c7:a2:6b:
         4f:1c:43:7b:14:78:98:0d:16:c3:db:17:86:35:62:20:a9:68:
         68:be:60:c3:09:e1:09:de:1c:f1:f9:77:16:67:af:74:2a:e4:
         aa:a2:85:09:88:c5:dc:27:9b:9e:90:4f:c5:1e:9f:a2:aa:d3:
         ac:33:8f:45:8e:d6:f1:d3:37:09:05:d8:cb:9f:d3:06:ed:d0:
         0a:7d:b3:29:5e:1f:01:e6:84:2f:5a:e1:65:69:cb:ff:e5:39:
         8e:b7:11:43:ff:fe:e1:25:8f:1e:f6:a5:82:6a:d5:4c:65:2b:
         9d:a0:3b:83:af:39:04:2c:fa:be:d7:fa:2c:44:5a:a8:e4:8a:
         94:b6:3e:b3:e3:fa:c4:13:2e:6b:f1:f1:11:b0:70:1b:23:12:
         b4:7e:c7:f7:84:63:36:2c:d6:32:20:a8:84:5d:c3:ae:ed:1e:
         5b:1b:09:2a:df:0a:f0:91:86:01:08:56:74:c1:fb:2b:41:20:
         54:8d:ef:6f:15:bc:a4:f1:3a:e8:e7:0e:2a:57:f2:db:1c:d5:
         d3:43:f2:f3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAc/3ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Yjc1YzBhYjVkZjRkYmFkOGE3YTQ0Mzk3ZGZkNmI5NTc5NzJmZWYxMB4XDTIyMDEw
MTE0MDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI5YzhkNjMxY2E2
MjdhMjJmMzViZmIxMjVjYTk3MDFhOTM0NTgzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtInOfBlsYXqSxxQK70xP79ngol5kpzPkmBfnKVtv4vcXR5
gzEc1PbDaXPK0/6gP7svfKKPB7chGRc0ywSTjJmI6eToiAkFgeiOP9UbjHp6zoxk
UKbD5HIHm4NB2pIPXTWmX3UxYsy2TIfnwsSZhzkL6qBTOQgUakrO2epn1X/Tcc25
Da+I+39MkXyiHR4z1ohhC0zof+3QenEZgCDTNAbXdjZCeeEHOivpTEDbg1bM8aj3
PH5IkmLz6C9tGrQTr88QwmbojNgIKoOrjbhiLTqfXtOPt0pEh7kQtWcSDJ8/pAH1
hujZ96PaBx4ihqW1BJt5XKkrFAFbx0iPvNDL7d8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTrnI1jHKYnoi81v7ElypcBqTRYNzAfBgNVHSMEGDAWgBTrdcCrXfTbrYp6
RDl9/WuVeXL+8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYzWEFxMTMwMjYyS2VrUTVmZjFybFhseV92RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMDM4YTA0LTQ2NjEtNGJlZC04YTE3LWI1MjYwYjQ0YTdiZC8x
LzY1eU5ZeHltSjZJdk5iLXhKY3FYQWFrMFdEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MDM4YTA0LTQ2NjEtNGJlZC04YTE3LWI1MjYwYjQ0YTdiZC8xLzYzWEFxMTMwMjYy
S2VrUTVmZjFybFhseV92RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG7YDANBgkqhkiG9w0BAQsFAAOC
AQEAEFXjSBmHi5JZ8Jibe0LVRHpTceSvW31HcfHircvF9BfFjtZ/5UazkSQZZVX1
L5gcsDs3x6JrTxxDexR4mA0Ww9sXhjViIKloaL5gwwnhCd4c8fl3FmevdCrkqqKF
CYjF3CebnpBPxR6foqrTrDOPRY7W8dM3CQXYy5/TBu3QCn2zKV4fAeaEL1rhZWnL
/+U5jrcRQ//+4SWPHvalgmrVTGUrnaA7g685BCz6vtf6LERaqOSKlLY+s+P6xBMu
a/HxEbBwGyMStH7H94RjNizWMiCohF3Dru0eWxsJKt8K8JGGAQhWdMH7K0EgVI3v
bxW8pPE66OcOKlfy2xzV00Py8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:19 2024 by rpki-client on console-ams.rpki-client.org