Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/Fsa3viA7w2TvGVp76U9A17OExjc.roa
File:                     Fsa3viA7w2TvGVp76U9A17OExjc.roa (raw, json)
Hash identifier:          2qMKCu02Wz2XzfAVSgyySKy8W6tZBElH8xWprWypSqw=
Subject key identifier:   16:C6:B7:BE:20:3B:C3:64:EF:19:5A:7B:E9:4F:40:D7:B3:84:C6:37
Certificate issuer:       /CN=d251a73c2a9bb6f9d5c88e0b39888c8a95c57f82
Certificate serial:       01534E78
Authority key identifier: D2:51:A7:3C:2A:9B:B6:F9:D5:C8:8E:0B:39:88:8C:8A:95:C5:7F:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0lGnPCqbtvnVyI4LOYiMipXFf4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/Fsa3viA7w2TvGVp76U9A17OExjc.roa
Signing time:             Tue 08 Mar 2022 22:34:53 +0000
ROA not before:           Tue 08 Mar 2022 22:34:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396356
IP address blocks:        178.23.188.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22236792 (0x1534e78)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d251a73c2a9bb6f9d5c88e0b39888c8a95c57f82
        Validity
            Not Before: Mar  8 22:34:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=16c6b7be203bc364ef195a7be94f40d7b384c637
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:72:32:89:88:2d:04:5a:2c:38:f8:a7:f3:8b:
                    cd:39:c7:7b:61:89:0a:00:ee:d0:95:57:86:96:59:
                    8c:b6:6b:4d:62:cc:01:fc:59:e8:2a:0f:c2:cd:f2:
                    6c:24:f6:0b:ff:1d:84:30:45:95:e2:bd:eb:89:8c:
                    92:2c:dc:62:89:8c:e4:7b:1e:40:91:8a:db:af:09:
                    39:0c:cf:2f:d8:54:56:4e:3e:97:d4:5e:ab:b6:48:
                    6e:56:a0:d7:06:d2:1e:f2:56:b6:26:ad:27:c0:10:
                    62:49:2f:2c:69:ed:c3:d9:49:ea:dc:3a:4d:e9:e3:
                    b4:c4:8f:8d:c6:52:96:c5:df:1e:ca:15:c9:25:92:
                    ff:a7:36:2b:6a:44:a9:66:f4:f9:2b:9c:0c:1c:43:
                    fc:d0:2d:68:94:8a:ff:a4:4b:ad:f8:4d:49:f3:10:
                    43:dd:15:cc:bf:4d:41:b2:e3:41:ae:32:92:03:5d:
                    d9:8e:96:e3:c4:bc:f3:c2:c9:41:6f:47:f5:4d:50:
                    03:a8:39:ae:4b:8c:32:fd:18:aa:8e:4f:73:61:47:
                    1c:60:ec:c9:4e:c7:ba:5d:4e:79:c6:66:0b:71:fe:
                    45:e2:da:a7:2b:27:dd:03:cf:5c:9d:5c:7a:16:d9:
                    72:00:fd:a3:d1:04:9d:b9:d5:5a:17:d0:4e:d2:35:
                    2c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:C6:B7:BE:20:3B:C3:64:EF:19:5A:7B:E9:4F:40:D7:B3:84:C6:37
            X509v3 Authority Key Identifier:
                keyid:D2:51:A7:3C:2A:9B:B6:F9:D5:C8:8E:0B:39:88:8C:8A:95:C5:7F:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lGnPCqbtvnVyI4LOYiMipXFf4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/Fsa3viA7w2TvGVp76U9A17OExjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/0lGnPCqbtvnVyI4LOYiMipXFf4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.23.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:81:bd:0e:57:db:47:7e:a9:39:83:52:7b:4b:88:84:38:a9:
         cb:70:cf:73:54:bf:b6:62:3d:e3:e3:63:2d:c0:c8:ff:ca:59:
         b8:d8:11:c4:46:5b:3e:ae:64:f5:e1:08:a7:db:39:b8:c2:e0:
         2b:a3:75:00:af:86:b7:60:d0:56:05:11:94:f0:7e:80:87:fc:
         c0:cd:ae:c0:4f:1a:11:f0:71:44:08:c2:14:a9:4f:a7:c6:ab:
         45:41:2f:ba:75:c3:0c:c1:19:1a:7f:fe:55:08:d9:e9:2b:a5:
         a7:31:74:7b:c5:e8:7c:7c:11:fd:f9:ec:35:d6:9b:e3:93:e2:
         05:1a:ad:7a:74:af:2f:84:7c:c7:6a:05:5d:7f:04:cf:78:92:
         aa:85:50:18:c5:4e:04:96:63:1b:8a:0c:09:79:a4:4c:d2:66:
         b7:7d:13:e3:b6:51:22:06:28:59:ec:e7:b4:3e:42:8a:61:66:
         6b:3b:9e:ed:b9:47:33:34:ff:8e:28:21:66:96:ae:ba:6b:68:
         29:f4:86:14:8c:a4:92:75:c1:75:c7:e5:09:7d:c3:0e:19:0d:
         82:fc:87:87:78:36:34:8e:0c:87:0d:9f:a7:7c:c5:e8:ee:30:
         38:2d:73:76:f8:78:b8:cd:ee:b3:c5:b6:ee:3e:68:91:cb:12:
         8d:b2:cf:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVNOeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjUxYTczYzJhOWJiNmY5ZDVjODhlMGIzOTg4OGM4YTk1YzU3ZjgyMB4XDTIyMDMw
ODIyMzQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZjNmI3YmUyMDNi
YzM2NGVmMTk1YTdiZTk0ZjQwZDdiMzg0YzYzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVyMomILQRaLDj4p/OLzTnHe2GJCgDu0JVXhpZZjLZrTWLM
AfxZ6CoPws3ybCT2C/8dhDBFleK964mMkizcYomM5HseQJGK268JOQzPL9hUVk4+
l9Req7ZIblag1wbSHvJWtiatJ8AQYkkvLGntw9lJ6tw6TenjtMSPjcZSlsXfHsoV
ySWS/6c2K2pEqWb0+SucDBxD/NAtaJSK/6RLrfhNSfMQQ90VzL9NQbLjQa4ykgNd
2Y6W48S888LJQW9H9U1QA6g5rkuMMv0Yqo5Pc2FHHGDsyU7Hul1OecZmC3H+ReLa
pysn3QPPXJ1cehbZcgD9o9EEnbnVWhfQTtI1LF0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQWxre+IDvDZO8ZWnvpT0DXs4TGNzAfBgNVHSMEGDAWgBTSUac8Kpu2+dXI
jgs5iIyKlcV/gjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBsR25QQ3FidHZuVnlJNExPWWlNaXBYRmY0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvZGUwOGExLWYwODMtNDM0MC1hZjNlLWJmZTgwMWE0NWYxZS8x
L0ZzYTN2aUE3dzJUdkdWcDc2VTlBMTdPRXhqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ZGUwOGExLWYwODMtNDM0MC1hZjNlLWJmZTgwMWE0NWYxZS8xLzBsR25QQ3FidHZu
VnlJNExPWWlNaXBYRmY0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIXvDANBgkqhkiG9w0BAQsFAAOC
AQEAd4G9DlfbR36pOYNSe0uIhDipy3DPc1S/tmI94+NjLcDI/8pZuNgRxEZbPq5k
9eEIp9s5uMLgK6N1AK+Gt2DQVgURlPB+gIf8wM2uwE8aEfBxRAjCFKlPp8arRUEv
unXDDMEZGn/+VQjZ6SulpzF0e8XofHwR/fnsNdab45PiBRqtenSvL4R8x2oFXX8E
z3iSqoVQGMVOBJZjG4oMCXmkTNJmt30T47ZRIgYoWezntD5CimFmazue7blHMzT/
jighZpauumtoKfSGFIykknXBdcflCX3DDhkNgvyHh3g2NI4Mhw2fp3zF6O4wOC1z
dvh4uM3us8W27j5okcsSjbLPKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:29 2024 by rpki-client on console-ams.rpki-client.org