Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/89d44d-4f43-4680-a0b2-949848375ada/1/U7WNyYyN9M8JeIR8Z7NQV5TYNFE.roa
File:                     U7WNyYyN9M8JeIR8Z7NQV5TYNFE.roa (raw, json)
Hash identifier:          urpLU4XrAYkntZGxdF0a0fJhfEcCJIR4f2tOf/wP7V4=
Subject key identifier:   53:B5:8D:C9:8C:8D:F4:CF:09:78:84:7C:67:B3:50:57:94:D8:34:51
Certificate issuer:       /CN=4a9df8099a4c1c42201da05678a3edf2be33ff24
Certificate serial:       0186EF18864E2032FF149803F3388C56486A
Authority key identifier: 4A:9D:F8:09:9A:4C:1C:42:20:1D:A0:56:78:A3:ED:F2:BE:33:FF:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sp34CZpMHEIgHaBWeKPt8r4z_yQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/89d44d-4f43-4680-a0b2-949848375ada/1/U7WNyYyN9M8JeIR8Z7NQV5TYNFE.roa
Signing time:             Fri 17 Mar 2023 10:23:27 +0000
ROA not before:           Fri 17 Mar 2023 10:23:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39486
IP address blocks:        185.39.8.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:18:86:4e:20:32:ff:14:98:03:f3:38:8c:56:48:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a9df8099a4c1c42201da05678a3edf2be33ff24
        Validity
            Not Before: Mar 17 10:23:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53b58dc98c8df4cf0978847c67b3505794d83451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:15:0c:3d:20:04:bb:20:ae:89:43:b4:bb:12:
                    2b:39:f2:93:6e:f2:4e:34:07:28:bf:c8:59:40:61:
                    8a:be:5c:c8:f0:ed:40:f5:e7:9a:67:91:d6:66:b1:
                    f3:64:77:7e:9c:e4:a4:c9:c7:ed:be:d5:93:96:86:
                    53:5a:90:49:ba:55:e6:38:8b:0b:56:32:5e:e3:ee:
                    86:34:68:e0:27:78:1c:2a:63:88:53:de:8b:82:7b:
                    16:c0:98:bc:91:49:f0:54:01:ce:b6:3a:9e:95:e8:
                    2a:2f:a2:42:20:3c:84:3c:82:3b:a9:08:f0:e9:f1:
                    0f:9b:7d:ba:53:ae:8c:85:ab:58:63:9d:26:32:ce:
                    e7:46:73:25:53:35:e5:80:33:38:e2:eb:5e:55:53:
                    76:18:f4:3c:69:21:20:03:5b:50:de:17:ee:7b:28:
                    15:14:78:f0:78:0a:1f:71:0c:31:59:a0:ee:2e:2b:
                    44:9d:21:92:8f:7d:da:e5:a2:f6:c0:7a:8b:f1:f4:
                    cb:5a:92:7e:91:4b:98:94:10:43:5d:35:98:bb:fa:
                    7d:49:29:dc:2e:27:6c:a2:ff:d4:95:6d:7b:ac:ce:
                    7d:ee:b7:75:e4:77:5b:81:51:a2:05:2a:9a:df:e4:
                    31:ad:3b:41:1f:d4:84:66:bf:a2:92:07:dc:9f:6b:
                    c2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:B5:8D:C9:8C:8D:F4:CF:09:78:84:7C:67:B3:50:57:94:D8:34:51
            X509v3 Authority Key Identifier:
                keyid:4A:9D:F8:09:9A:4C:1C:42:20:1D:A0:56:78:A3:ED:F2:BE:33:FF:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sp34CZpMHEIgHaBWeKPt8r4z_yQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/89d44d-4f43-4680-a0b2-949848375ada/1/U7WNyYyN9M8JeIR8Z7NQV5TYNFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/89d44d-4f43-4680-a0b2-949848375ada/1/Sp34CZpMHEIgHaBWeKPt8r4z_yQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:c2:c4:d4:0a:7c:2b:86:4a:5b:23:14:0c:c2:5e:2b:81:30:
         9a:bb:60:4f:ed:8b:70:55:cc:3c:f4:0c:93:3e:ea:a2:58:4c:
         98:60:29:11:ba:21:8a:a2:eb:c8:04:8e:34:f7:77:8c:43:be:
         12:fb:68:ea:72:08:e3:df:ba:d2:42:10:a4:41:47:a8:5a:97:
         f1:e9:3c:c0:25:12:e3:e4:c8:d0:5a:46:70:89:e1:67:e1:33:
         11:7f:e4:4e:43:7f:d0:0d:d6:d2:37:5b:e1:38:14:80:87:02:
         bb:b4:8e:88:08:82:e7:4a:ae:72:52:ae:d4:e9:e0:e2:98:64:
         33:2f:90:9d:c2:22:09:8f:b7:81:4b:72:13:ec:a3:00:cd:bd:
         19:79:4d:d7:e5:85:87:e4:d4:5e:13:6d:ae:8f:c3:b5:18:56:
         10:78:3c:6b:df:f6:e5:b4:55:4f:fe:a9:0d:25:ef:5a:63:46:
         c6:a5:12:c2:5d:e2:22:39:fc:c5:9a:ea:5c:a5:f8:c2:0e:47:
         5f:e0:c4:2c:01:35:27:c4:6b:f1:ac:af:9a:a2:42:32:6d:8c:
         86:36:6d:f9:90:36:fc:f2:86:2b:c0:7e:76:35:c3:08:bd:a3:
         c8:fa:21:7d:d5:d8:fa:09:eb:ac:eb:0e:51:69:85:32:62:42:
         f4:a4:2a:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbvGIZOIDL/FJgD8ziMVkhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWRmODA5OWE0YzFjNDIyMDFkYTA1Njc4YTNlZGYyYmUz
M2ZmMjQwHhcNMjMwMzE3MTAyMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I1OGRjOThjOGRmNGNmMDk3ODg0N2M2N2IzNTA1Nzk0ZDgzNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xUMPSAEuyCuiUO0uxIrOfKTbvJO
NAcov8hZQGGKvlzI8O1A9eeaZ5HWZrHzZHd+nOSkycftvtWTloZTWpBJulXmOIsL
VjJe4+6GNGjgJ3gcKmOIU96LgnsWwJi8kUnwVAHOtjqelegqL6JCIDyEPII7qQjw
6fEPm326U66MhatYY50mMs7nRnMlUzXlgDM44uteVVN2GPQ8aSEgA1tQ3hfueygV
FHjweAofcQwxWaDuLitEnSGSj33a5aL2wHqL8fTLWpJ+kUuYlBBDXTWYu/p9SSnc
Lidsov/UlW17rM597rd15HdbgVGiBSqa3+QxrTtBH9SEZr+ikgfcn2vC6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFO1jcmMjfTPCXiEfGezUFeU2DRRMB8GA1UdIwQY
MBaAFEqd+AmaTBxCIB2gVnij7fK+M/8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3AzNENacE1IRUlnSGFCV2VLUHQ4cjR6X3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84OWQ0NGQtNGY0My00NjgwLWEwYjIt
OTQ5ODQ4Mzc1YWRhLzEvVTdXTnlZeU45TThKZUlSOFo3TlFWNVRZTkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84OWQ0NGQtNGY0My00NjgwLWEwYjItOTQ5ODQ4Mzc1YWRh
LzEvU3AzNENacE1IRUlnSGFCV2VLUHQ4cjR6X3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuScIMA0G
CSqGSIb3DQEBCwUAA4IBAQBOwsTUCnwrhkpbIxQMwl4rgTCau2BP7YtwVcw89AyT
PuqiWEyYYCkRuiGKouvIBI4093eMQ74S+2jqcgjj37rSQhCkQUeoWpfx6TzAJRLj
5MjQWkZwieFn4TMRf+ROQ3/QDdbSN1vhOBSAhwK7tI6ICILnSq5yUq7U6eDimGQz
L5CdwiIJj7eBS3IT7KMAzb0ZeU3X5YWH5NReE22uj8O1GFYQeDxr3/bltFVP/qkN
Je9aY0bGpRLCXeIiOfzFmupcpfjCDkdf4MQsATUnxGvxrK+aokIybYyGNm35kDb8
8oYrwH52NcMIvaPI+iF91dj6Ceus6w5RaYUyYkL0pCpy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:59 2024 by rpki-client on console-fra.rpki-client.org