Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/wwBuoL0hvN7woPcSi5mWFUKL2z0.roa
File:                     wwBuoL0hvN7woPcSi5mWFUKL2z0.roa (raw, json)
Hash identifier:          wVTx7s/9lsPSStIt8EVmP1F88n4gMMOFPBZ3+3SuXUk=
Subject key identifier:   C3:00:6E:A0:BD:21:BC:DE:F0:A0:F7:12:8B:99:96:15:42:8B:DB:3D
Certificate issuer:       /CN=d251a73c2a9bb6f9d5c88e0b39888c8a95c57f82
Certificate serial:       D70B2F
Authority key identifier: D2:51:A7:3C:2A:9B:B6:F9:D5:C8:8E:0B:39:88:8C:8A:95:C5:7F:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0lGnPCqbtvnVyI4LOYiMipXFf4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/wwBuoL0hvN7woPcSi5mWFUKL2z0.roa
Signing time:             Thu 13 Jan 2022 12:47:33 +0000
ROA not before:           Thu 13 Jan 2022 12:47:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        178.23.188.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14093103 (0xd70b2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d251a73c2a9bb6f9d5c88e0b39888c8a95c57f82
        Validity
            Not Before: Jan 13 12:47:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c3006ea0bd21bcdef0a0f7128b999615428bdb3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:bf:73:80:e3:76:bc:f6:bf:85:6a:f9:dd:40:
                    03:b4:11:eb:88:d8:16:0c:d3:9b:b5:46:4e:38:d5:
                    e1:06:e2:4e:64:1f:06:52:56:37:bf:20:45:a4:eb:
                    8b:b3:57:1a:9c:68:14:18:67:0b:fe:a4:f4:78:9e:
                    49:27:bd:ac:f4:4c:1e:88:98:9c:48:64:b6:0c:3f:
                    ef:bb:be:b4:c1:9a:fe:f6:01:fa:b5:53:bc:02:c5:
                    c3:74:44:59:de:08:9a:4f:f2:43:16:09:21:c7:0f:
                    65:2f:35:0f:ff:15:53:cf:8a:75:e5:af:97:e9:99:
                    06:c5:6e:5b:6a:db:5b:1f:4b:b7:d2:02:61:6b:de:
                    dc:eb:7d:e6:b4:a8:e9:f7:63:84:f0:bd:c8:04:5f:
                    11:97:57:a0:32:49:92:f4:f4:e4:57:71:7e:0a:b5:
                    36:dd:ad:a5:8d:35:b7:f7:ab:01:b1:f2:62:99:1f:
                    25:d0:ad:0e:cd:a0:03:75:bb:f2:79:aa:54:1e:af:
                    bb:c9:12:d6:13:b4:d9:9c:4d:dd:94:e7:7e:95:ae:
                    8c:25:25:98:36:bc:87:e3:29:77:0f:33:8b:5f:0a:
                    4e:75:05:70:6f:9e:f7:2f:d5:8a:78:44:bb:e6:b2:
                    66:44:ae:83:51:49:e2:13:ab:55:c0:f4:b4:c1:ba:
                    73:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:00:6E:A0:BD:21:BC:DE:F0:A0:F7:12:8B:99:96:15:42:8B:DB:3D
            X509v3 Authority Key Identifier:
                keyid:D2:51:A7:3C:2A:9B:B6:F9:D5:C8:8E:0B:39:88:8C:8A:95:C5:7F:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lGnPCqbtvnVyI4LOYiMipXFf4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/wwBuoL0hvN7woPcSi5mWFUKL2z0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/de08a1-f083-4340-af3e-bfe801a45f1e/1/0lGnPCqbtvnVyI4LOYiMipXFf4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.23.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:79:d9:b5:14:79:0d:b1:af:4b:5f:ea:83:ba:94:4b:7d:ec:
         6d:f8:6f:c2:76:62:07:09:74:d4:05:f1:a7:62:73:26:99:27:
         e6:e5:d7:46:ab:a2:c5:b6:01:9c:34:f4:2b:ef:d7:37:a3:85:
         b4:60:64:67:36:d6:c5:7d:5e:fb:f9:06:1f:c7:47:99:d8:c6:
         1c:f9:62:88:57:98:d5:6d:4c:c1:1f:00:cb:9d:77:97:0d:57:
         22:fc:6d:2f:d2:7a:65:12:af:b4:6a:70:67:81:f4:66:f0:3b:
         34:4b:8d:ef:64:99:8d:db:ea:4d:43:8d:34:5d:f3:07:6f:7b:
         60:79:3c:ba:1e:ff:ee:eb:58:a9:01:2c:77:07:8e:b3:16:08:
         f1:66:eb:d4:5d:b5:83:4b:88:95:dc:65:d7:5d:b4:a8:08:60:
         26:9a:bf:5d:bd:f3:d6:d3:83:a5:0b:f5:93:cc:b6:f7:c8:79:
         70:ed:1b:d3:07:be:33:3f:fc:41:36:a8:9e:14:93:85:7f:a3:
         99:79:63:9d:09:a4:32:d4:52:eb:68:7c:e5:b5:98:bc:7b:e0:
         0c:a3:14:a7:11:44:ba:00:da:4a:cb:ce:9a:22:c7:c3:0f:56:
         c2:02:be:0a:04:58:ce:ac:8e:c5:4c:e1:ec:45:93:e2:2c:d2:
         a6:13:ab:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANcLLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjUxYTczYzJhOWJiNmY5ZDVjODhlMGIzOTg4OGM4YTk1YzU3ZjgyMB4XDTIyMDEx
MzEyNDczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzMwMDZlYTBiZDIx
YmNkZWYwYTBmNzEyOGI5OTk2MTU0MjhiZGIzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu/c4Djdrz2v4Vq+d1AA7QR64jYFgzTm7VGTjjV4QbiTmQf
BlJWN78gRaTri7NXGpxoFBhnC/6k9HieSSe9rPRMHoiYnEhktgw/77u+tMGa/vYB
+rVTvALFw3REWd4Imk/yQxYJIccPZS81D/8VU8+KdeWvl+mZBsVuW2rbWx9Lt9IC
YWve3Ot95rSo6fdjhPC9yARfEZdXoDJJkvT05Fdxfgq1Nt2tpY01t/erAbHyYpkf
JdCtDs2gA3W78nmqVB6vu8kS1hO02ZxN3ZTnfpWujCUlmDa8h+Mpdw8zi18KTnUF
cG+e9y/VinhEu+ayZkSug1FJ4hOrVcD0tMG6c70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTDAG6gvSG83vCg9xKLmZYVQovbPTAfBgNVHSMEGDAWgBTSUac8Kpu2+dXI
jgs5iIyKlcV/gjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBsR25QQ3FidHZuVnlJNExPWWlNaXBYRmY0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvZGUwOGExLWYwODMtNDM0MC1hZjNlLWJmZTgwMWE0NWYxZS8x
L3d3QnVvTDBodk43d29QY1NpNW1XRlVLTDJ6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ZGUwOGExLWYwODMtNDM0MC1hZjNlLWJmZTgwMWE0NWYxZS8xLzBsR25QQ3FidHZu
VnlJNExPWWlNaXBYRmY0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALIXvDANBgkqhkiG9w0BAQsFAAOC
AQEAI3nZtRR5DbGvS1/qg7qUS33sbfhvwnZiBwl01AXxp2JzJpkn5uXXRquixbYB
nDT0K+/XN6OFtGBkZzbWxX1e+/kGH8dHmdjGHPliiFeY1W1MwR8Ay513lw1XIvxt
L9J6ZRKvtGpwZ4H0ZvA7NEuN72SZjdvqTUONNF3zB297YHk8uh7/7utYqQEsdweO
sxYI8Wbr1F21g0uIldxl1120qAhgJpq/Xb3z1tODpQv1k8y298h5cO0b0we+Mz/8
QTaonhSThX+jmXljnQmkMtRS62h85bWYvHvgDKMUpxFEugDaSsvOmiLHww9WwgK+
CgRYzqyOxUzh7EWT4izSphOrZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:37 2024 by rpki-client on console-fra.rpki-client.org