Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa
File:                     HBY-M_ian-YSI5lwHC0EiUHrs0o.roa (raw, json)
Hash identifier:          ZI7egCNMEE3B8mkfLf/FS+KENhIx9VFrCinR8XTDQL4=
Subject key identifier:   1C:16:3E:33:F8:9A:9F:E6:12:23:99:70:1C:2D:04:89:41:EB:B3:4A
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       019422FBC711DE08DC95B65790151EF4B781
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa
Signing time:             Wed 01 Jan 2025 17:48:33 +0000
ROA not before:           Wed 01 Jan 2025 17:48:33 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     29262
IP address blocks:        77.241.72.0/24 maxlen: 24
                          77.241.73.0/24 maxlen: 24
                          77.241.74.0/24 maxlen: 24
                          77.241.75.0/24 maxlen: 24
                          185.254.55.0/24 maxlen: 24
                          194.56.186.0/23 maxlen: 23
                          194.169.92.0/23 maxlen: 23
                          194.169.92.0/24 maxlen: 24
                          194.169.93.0/24 maxlen: 24
                          194.169.94.0/23 maxlen: 23
                          194.169.94.0/24 maxlen: 24
                          194.169.95.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:22:fb:c7:11:de:08:dc:95:b6:57:90:15:1e:f4:b7:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Jan  1 17:48:33 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=1c163e33f89a9fe6122399701c2d048941ebb34a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:48:67:3d:b8:16:a2:62:47:20:df:e2:c5:cb:
                    d9:d2:f6:9b:e8:31:21:b9:f1:47:9a:c8:72:d9:44:
                    95:4d:60:4e:f8:f7:82:43:c0:cc:93:92:a4:48:8e:
                    51:7a:f2:69:84:31:a2:36:f2:28:27:06:41:d9:8b:
                    b3:0c:c7:52:15:d9:47:6a:75:88:c3:7a:c0:52:81:
                    c9:04:b2:e0:17:c5:a8:2b:10:c9:96:e5:a9:aa:c5:
                    07:c9:2b:d3:a3:2f:bb:ff:4f:08:72:31:7e:80:93:
                    43:34:9c:27:eb:c2:bb:99:48:be:cf:66:15:98:15:
                    2e:08:c2:6d:77:ae:d2:da:31:d7:f0:3e:91:e7:0f:
                    ab:5b:ed:89:06:97:9b:c5:8b:95:c7:0c:f2:02:48:
                    fc:6c:95:ef:24:e4:41:fd:b6:c3:be:58:53:cb:08:
                    97:d1:7b:6a:c2:a0:fc:16:ed:00:2a:16:a1:42:57:
                    6d:57:a0:0c:f5:cd:1f:ad:90:75:3b:70:95:b3:a5:
                    3c:c4:5f:a3:3f:a9:57:ca:b2:93:50:49:79:fb:62:
                    6c:60:bf:f9:7f:e2:9a:9e:37:b5:86:59:09:d2:58:
                    bc:58:97:0c:5a:56:b1:7e:73:3c:ae:42:ee:80:04:
                    d7:e7:fb:25:30:e8:8a:0b:fa:31:0b:96:7a:6d:2c:
                    07:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:16:3E:33:F8:9A:9F:E6:12:23:99:70:1C:2D:04:89:41:EB:B3:4A
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.241.72.0/22
                  185.254.55.0/24
                  194.56.186.0/23
                  194.169.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:05:2a:a8:2f:36:30:d6:76:88:c3:af:19:d5:d5:47:b5:62:
         84:2b:19:b3:b3:64:a8:32:f5:17:0e:b4:45:d4:cc:36:4f:f6:
         58:97:29:8a:7e:08:9f:bd:e2:a4:bf:d4:a9:87:d2:15:d8:d1:
         9f:00:96:3b:41:16:b5:86:f2:ee:9c:bb:0b:fe:4e:3c:f3:d7:
         09:3f:99:46:b8:24:31:3f:93:f5:d4:b3:83:9f:21:19:50:35:
         57:84:c5:52:54:d1:fd:c6:70:53:e6:c7:63:14:32:89:cd:f0:
         ed:c3:7b:89:87:79:22:f2:79:1b:cd:a3:76:ea:b5:0f:3f:0a:
         34:71:1f:c0:86:22:95:b7:db:a1:a1:b1:75:59:41:b0:04:12:
         48:75:b0:54:90:71:8b:0f:e2:dc:93:c4:03:d6:c5:92:03:70:
         d0:72:99:b8:a6:d2:1f:9c:14:d4:50:00:14:bf:4f:f7:9c:43:
         b5:97:35:37:60:a5:94:ee:e5:6b:83:ba:5d:26:3d:4f:0d:d2:
         f4:94:2d:85:0f:f9:25:dd:17:bf:88:c6:70:70:93:49:25:88:
         f0:81:c4:90:54:ab:a4:04:1d:07:ce:ca:71:dc:1d:6f:da:2c:
         ce:6a:63:92:51:a7:5d:1d:3e:07:d0:c5:73:86:ca:30:7a:ab:
         48:39:c5:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+8cR3gjclbZXkBUe9LeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE2M2UzM2Y4OWE5ZmU2MTIyMzk5NzAxYzJkMDQ4OTQxZWJiMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9khnPbgWomJHIN/ixcvZ0vab6DEh
ufFHmshy2USVTWBO+PeCQ8DMk5KkSI5RevJphDGiNvIoJwZB2YuzDMdSFdlHanWI
w3rAUoHJBLLgF8WoKxDJluWpqsUHySvToy+7/08IcjF+gJNDNJwn68K7mUi+z2YV
mBUuCMJtd67S2jHX8D6R5w+rW+2JBpebxYuVxwzyAkj8bJXvJORB/bbDvlhTywiX
0XtqwqD8Fu0AKhahQldtV6AM9c0frZB1O3CVs6U8xF+jP6lXyrKTUEl5+2JsYL/5
f+Kanje1hlkJ0li8WJcMWlaxfnM8rkLugATX5/slMOiKC/oxC5Z6bSwHbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBwWPjP4mp/mEiOZcBwtBIlB67NKMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvSEJZLU1faWFuLVlTSTVsd0hDMEVpVUhyczBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTfFIAwQA
uf43AwQBwji6AwQCwqlcMA0GCSqGSIb3DQEBCwUAA4IBAQC0BSqoLzYw1naIw68Z
1dVHtWKEKxmzs2SoMvUXDrRF1Mw2T/ZYlymKfgifveKkv9Sph9IV2NGfAJY7QRa1
hvLunLsL/k4889cJP5lGuCQxP5P11LODnyEZUDVXhMVSVNH9xnBT5sdjFDKJzfDt
w3uJh3ki8nkbzaN26rUPPwo0cR/AhiKVt9uhobF1WUGwBBJIdbBUkHGLD+Lck8QD
1sWSA3DQcpm4ptIfnBTUUAAUv0/3nEO1lzU3YKWU7uVrg7pdJj1PDdL0lC2FD/kl
3Re/iMZwcJNJJYjwgcSQVKukBB0Hzspx3B1v2izOamOSUaddHT4H0MVzhsoweqtI
OcXR
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:24:13 2025 by rpki-client