Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/ktiPkgW5LHj5JSYA53i_r00-3tY.roa
File:                     ktiPkgW5LHj5JSYA53i_r00-3tY.roa (raw, json)
Hash identifier:          ImAK6GMednqdIO/+yOEvrtkCPZiewM2Kzk+og/d4ic8=
Subject key identifier:   92:D8:8F:92:05:B9:2C:78:F9:25:26:00:E7:78:BF:AF:4D:3E:DE:D6
Certificate issuer:       /CN=24c64272b0b3aeb812549dee7ec58a3eaf6fa576
Certificate serial:       04C877CB
Authority key identifier: 24:C6:42:72:B0:B3:AE:B8:12:54:9D:EE:7E:C5:8A:3E:AF:6F:A5:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/ktiPkgW5LHj5JSYA53i_r00-3tY.roa
Signing time:             Thu 12 May 2022 08:32:02 +0000
ROA not before:           Thu 12 May 2022 08:32:02 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     44188
IP address blocks:        185.165.4.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 80246731 (0x4c877cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24c64272b0b3aeb812549dee7ec58a3eaf6fa576
        Validity
            Not Before: May 12 08:32:02 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=92d88f9205b92c78f9252600e778bfaf4d3eded6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7f:8b:20:6b:54:3b:8a:bf:3c:99:b7:2c:7b:
                    de:f6:6a:60:bd:ff:2c:d5:cd:78:10:95:85:f7:b7:
                    57:6e:97:70:1a:78:9a:dd:77:6b:b1:5d:5b:89:71:
                    0a:bc:e2:e2:b5:50:7e:f1:8d:74:51:29:08:70:a3:
                    f2:00:44:38:6e:56:00:0f:b9:5d:33:07:40:18:69:
                    20:5f:2c:66:a0:3c:02:fc:f6:aa:6f:31:e0:c2:a9:
                    5d:ad:59:38:31:83:aa:73:74:5e:48:fb:8f:e6:80:
                    21:ee:d7:05:e2:46:f6:03:5d:53:92:78:90:75:54:
                    0a:c5:af:9b:4c:b0:5c:33:21:22:28:7c:28:cf:03:
                    fb:d0:5b:14:97:fa:f7:77:7e:85:e6:d1:b3:36:68:
                    cf:9a:e0:df:90:c0:5c:e1:a2:43:2f:b4:cb:72:20:
                    4e:c0:10:aa:f1:80:8c:4c:03:7c:0b:ac:ee:27:dc:
                    c8:7f:5e:1f:9d:86:7b:61:8a:22:65:2c:e8:99:a9:
                    c6:bc:e4:2e:54:36:d0:0a:5a:bd:c1:d3:cf:57:12:
                    d9:d5:53:0d:12:16:23:ee:ec:a1:0f:b7:4f:2f:14:
                    94:e3:4b:dd:b7:33:c9:fe:3c:fd:70:a6:02:21:59:
                    83:ed:ee:81:0d:e0:b1:53:36:11:c8:a9:fd:94:66:
                    db:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:D8:8F:92:05:B9:2C:78:F9:25:26:00:E7:78:BF:AF:4D:3E:DE:D6
            X509v3 Authority Key Identifier:
                keyid:24:C6:42:72:B0:B3:AE:B8:12:54:9D:EE:7E:C5:8A:3E:AF:6F:A5:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/ktiPkgW5LHj5JSYA53i_r00-3tY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:7f:a6:b0:93:4f:b7:40:ec:68:af:d1:90:40:25:f1:df:48:
         41:f0:e5:c3:6d:24:98:58:93:67:dc:96:53:c8:4a:69:6b:9c:
         1d:a0:68:0b:bb:4c:03:6a:18:b0:b3:b1:7e:78:31:5f:27:90:
         cc:60:a0:bd:e9:6e:e2:b6:38:78:31:8e:ea:21:bc:69:0f:74:
         38:03:cd:98:62:ac:b5:d7:92:ea:91:e1:1d:84:61:b5:87:95:
         be:78:61:93:f7:c8:32:ac:fa:10:fe:67:2f:7c:b7:3c:ac:20:
         cf:f7:75:6a:88:8f:07:0c:02:01:7c:10:78:9a:9e:a0:f2:fe:
         4b:3b:f4:da:e5:a3:33:ca:e9:e5:a5:30:96:24:64:d5:34:f8:
         e9:36:87:91:4b:3f:c2:06:9a:4a:76:4b:1e:41:74:cc:df:45:
         f3:89:1f:c8:64:df:6c:1e:74:ac:62:65:0b:09:34:b7:1a:6f:
         68:51:aa:f8:80:cd:b9:49:3d:c3:a1:8b:02:15:c4:75:02:25:
         e6:bd:bd:8d:dd:d2:9a:18:7f:2e:61:a7:85:f3:06:18:b7:16:
         ea:c7:d2:85:d9:01:0e:23:f8:14:64:b3:42:76:08:11:32:0d:
         2d:cd:00:ce:b0:4c:b0:c7:07:40:6c:87:d1:e3:e5:29:1e:9e:
         f6:2d:f1:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBMh3yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGM2NDI3MmIwYjNhZWI4MTI1NDlkZWU3ZWM1OGEzZWFmNmZhNTc2MB4XDTIyMDUx
MjA4MzIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTJkODhmOTIwNWI5
MmM3OGY5MjUyNjAwZTc3OGJmYWY0ZDNlZGVkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMp/iyBrVDuKvzyZtyx73vZqYL3/LNXNeBCVhfe3V26XcBp4
mt13a7FdW4lxCrzi4rVQfvGNdFEpCHCj8gBEOG5WAA+5XTMHQBhpIF8sZqA8Avz2
qm8x4MKpXa1ZODGDqnN0Xkj7j+aAIe7XBeJG9gNdU5J4kHVUCsWvm0ywXDMhIih8
KM8D+9BbFJf693d+hebRszZoz5rg35DAXOGiQy+0y3IgTsAQqvGAjEwDfAus7ifc
yH9eH52Ge2GKImUs6JmpxrzkLlQ20ApavcHTz1cS2dVTDRIWI+7soQ+3Ty8UlONL
3bczyf48/XCmAiFZg+3ugQ3gsVM2Ecip/ZRm25kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSS2I+SBbksePklJgDneL+vTT7e1jAfBgNVHSMEGDAWgBQkxkJysLOuuBJU
ne5+xYo+r2+ldjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pNWkNjckN6cnJnU1ZKM3Vmc1dLUHE5dnBYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTBkMGIyLTliOWEtNDdmOC04NGVjLTE0NjBjNzhlYTc1ZC8x
L2t0aVBrZ1c1TEhqNUpTWUE1M2lfcjAwLTN0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTBkMGIyLTliOWEtNDdmOC04NGVjLTE0NjBjNzhlYTc1ZC8xL0pNWkNjckN6cnJn
U1ZKM3Vmc1dLUHE5dnBYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmlBDANBgkqhkiG9w0BAQsFAAOC
AQEAIX+msJNPt0DsaK/RkEAl8d9IQfDlw20kmFiTZ9yWU8hKaWucHaBoC7tMA2oY
sLOxfngxXyeQzGCgvelu4rY4eDGO6iG8aQ90OAPNmGKstdeS6pHhHYRhtYeVvnhh
k/fIMqz6EP5nL3y3PKwgz/d1aoiPBwwCAXwQeJqeoPL+Szv02uWjM8rp5aUwliRk
1TT46TaHkUs/wgaaSnZLHkF0zN9F84kfyGTfbB50rGJlCwk0txpvaFGq+IDNuUk9
w6GLAhXEdQIl5r29jd3Smhh/LmGnhfMGGLcW6sfShdkBDiP4FGSzQnYIETINLc0A
zrBMsMcHQGyH0ePlKR6e9i3xxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org