Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/be8cae-d922-4682-b52e-e04040c2bdb1/1/YZohNA4oeoWnkhvcsNOh081q-E8.roa
File:                     YZohNA4oeoWnkhvcsNOh081q-E8.roa (raw, json)
Hash identifier:          p9wupX/Z5q478/eOlmwcoONIcRYDbRs0MFjzw6I/pwM=
Subject key identifier:   61:9A:21:34:0E:28:7A:85:A7:92:1B:DC:B0:D3:A1:D3:CD:6A:F8:4F
Certificate issuer:       /CN=d0047cf021df7bea3cef007f8961518383446fe7
Certificate serial:       01856E8B344EC7837E7AD8CC9EFD16CD1531
Authority key identifier: D0:04:7C:F0:21:DF:7B:EA:3C:EF:00:7F:89:61:51:83:83:44:6F:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AR88CHfe-o87wB_iWFRg4NEb-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/be8cae-d922-4682-b52e-e04040c2bdb1/1/YZohNA4oeoWnkhvcsNOh081q-E8.roa
Signing time:             Sun 01 Jan 2023 18:14:54 +0000
ROA not before:           Sun 01 Jan 2023 18:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3257
IP address blocks:        185.155.164.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:34:4e:c7:83:7e:7a:d8:cc:9e:fd:16:cd:15:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0047cf021df7bea3cef007f8961518383446fe7
        Validity
            Not Before: Jan  1 18:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=619a21340e287a85a7921bdcb0d3a1d3cd6af84f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0c:b7:94:26:e0:09:15:8c:83:b2:0b:ed:ef:
                    87:9c:3c:98:ed:31:dc:b0:13:94:30:7c:70:df:b6:
                    f3:2e:c0:80:ef:70:cb:43:2c:db:cf:67:5e:f8:12:
                    4a:8d:76:e4:5f:4e:71:9e:ad:73:0f:6d:16:54:a9:
                    09:8d:7e:ea:f0:74:13:38:3d:9e:dd:70:48:e6:d2:
                    27:33:7e:eb:a8:f7:c7:ca:51:bd:80:ca:d6:d3:09:
                    03:8d:17:d0:d1:bb:e9:72:4e:b3:33:f6:d0:1d:dd:
                    6a:f7:1c:0d:2c:41:0b:c8:39:9a:03:a0:13:3b:99:
                    66:c5:6c:fc:ce:8b:3c:2d:61:82:74:3d:9a:f8:f4:
                    f0:f6:7a:ab:fa:14:1a:c8:3f:1f:5e:bc:38:0d:90:
                    71:05:a3:c9:c1:60:3b:69:d7:e2:27:ac:35:5f:d0:
                    d2:72:f1:a0:85:0c:10:38:ca:0b:ed:8a:9a:2d:46:
                    1d:af:c3:7d:c6:b6:d4:42:f8:b6:e3:7c:75:2f:f6:
                    d2:f6:d2:6f:b9:f3:13:24:0d:13:9a:84:f5:1f:3f:
                    fb:ab:b5:1b:50:70:0d:70:46:84:1b:15:0b:e4:f5:
                    5b:a7:b2:ca:d3:ab:40:d5:e7:1e:1b:fa:39:c3:bf:
                    58:35:4e:4d:1b:e8:5f:fe:8d:df:e2:bc:b4:e7:46:
                    b1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:9A:21:34:0E:28:7A:85:A7:92:1B:DC:B0:D3:A1:D3:CD:6A:F8:4F
            X509v3 Authority Key Identifier:
                keyid:D0:04:7C:F0:21:DF:7B:EA:3C:EF:00:7F:89:61:51:83:83:44:6F:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AR88CHfe-o87wB_iWFRg4NEb-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/be8cae-d922-4682-b52e-e04040c2bdb1/1/YZohNA4oeoWnkhvcsNOh081q-E8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/be8cae-d922-4682-b52e-e04040c2bdb1/1/0AR88CHfe-o87wB_iWFRg4NEb-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6a:18:17:66:b9:18:b7:48:d8:33:34:4d:bd:e2:6b:1d:46:85:
         f5:f6:dc:e9:4c:e9:ce:ba:7f:e9:5b:19:0c:a2:7b:55:f9:43:
         a3:ee:da:52:fe:73:d7:1f:5b:06:a5:14:1b:77:7b:0e:f5:78:
         cb:ba:45:f3:64:22:84:0d:ea:20:64:77:2b:e4:de:81:70:26:
         2c:92:e4:55:69:41:05:85:49:72:e3:63:29:5c:97:fa:ea:6f:
         fc:34:10:1f:13:7d:eb:bc:81:70:7f:2b:a5:08:c3:4c:a8:f2:
         5b:51:2d:5a:5f:d2:d8:07:a0:44:2d:2d:c4:cb:f6:25:1e:26:
         f8:b8:89:23:77:7f:e8:5a:7f:47:13:8c:f1:3f:e2:58:1c:d9:
         fe:ab:9c:e6:bd:04:a3:00:0c:42:50:77:22:2f:c5:aa:28:4e:
         b1:21:d6:8e:57:de:91:e8:a3:94:4b:a1:4f:bc:6e:1f:f9:46:
         1b:b3:2b:d1:26:d7:00:3e:49:3f:7e:4f:dc:4e:34:7f:be:a2:
         31:3f:39:36:1f:d6:55:27:9d:74:be:3f:9e:87:93:38:41:f3:
         d4:fe:b2:fa:5b:47:39:50:6b:ca:d5:bb:34:d0:ab:2b:d1:28:
         22:79:d0:24:9d:bf:5e:df:47:20:6a:b7:07:07:ab:ae:8b:c2:
         6e:21:63:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuizROx4N+etjMnv0WzRUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMDQ3Y2YwMjFkZjdiZWEzY2VmMDA3Zjg5NjE1MTgzODM0
NDZmZTcwHhcNMjMwMTAxMTgxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlhMjEzNDBlMjg3YTg1YTc5MjFiZGNiMGQzYTFkM2NkNmFmODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wy3lCbgCRWMg7IL7e+HnDyY7THc
sBOUMHxw37bzLsCA73DLQyzbz2de+BJKjXbkX05xnq1zD20WVKkJjX7q8HQTOD2e
3XBI5tInM37rqPfHylG9gMrW0wkDjRfQ0bvpck6zM/bQHd1q9xwNLEELyDmaA6AT
O5lmxWz8zos8LWGCdD2a+PTw9nqr+hQayD8fXrw4DZBxBaPJwWA7adfiJ6w1X9DS
cvGghQwQOMoL7YqaLUYdr8N9xrbUQvi243x1L/bS9tJvufMTJA0TmoT1Hz/7q7Ub
UHANcEaEGxUL5PVbp7LK06tA1eceG/o5w79YNU5NG+hf/o3f4ry050ax5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGaITQOKHqFp5Ib3LDTodPNavhPMB8GA1UdIwQY
MBaAFNAEfPAh33vqPO8Af4lhUYODRG/nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFSODhDSGZlLW84N3dCX2lXRlJnNE5FYi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZThjYWUtZDkyMi00NjgyLWI1MmUt
ZTA0MDQwYzJiZGIxLzEvWVpvaE5BNG9lb1dua2h2Y3NOT2gwODFxLUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZThjYWUtZDkyMi00NjgyLWI1MmUtZTA0MDQwYzJiZGIx
LzEvMEFSODhDSGZlLW84N3dCX2lXRlJnNE5FYi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZukMA0G
CSqGSIb3DQEBCwUAA4IBAQBqGBdmuRi3SNgzNE294msdRoX19tzpTOnOun/pWxkM
ontV+UOj7tpS/nPXH1sGpRQbd3sO9XjLukXzZCKEDeogZHcr5N6BcCYskuRVaUEF
hUly42MpXJf66m/8NBAfE33rvIFwfyulCMNMqPJbUS1aX9LYB6BELS3Ey/YlHib4
uIkjd3/oWn9HE4zxP+JYHNn+q5zmvQSjAAxCUHciL8WqKE6xIdaOV96R6KOUS6FP
vG4f+UYbsyvRJtcAPkk/fk/cTjR/vqIxPzk2H9ZVJ510vj+eh5M4QfPU/rL6W0c5
UGvK1bs00Ksr0SgiedAknb9e30cgarcHB6uui8JuIWPe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org