Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/1abX8sMMUUVCu7DXuzb6crrprco.roa
File:                     1abX8sMMUUVCu7DXuzb6crrprco.roa (raw, json)
Hash identifier:          AvizixK9yTeZ3f2CLy6cs37ye3at9SySwAHOfSg37u0=
Subject key identifier:   D5:A6:D7:F2:C3:0C:51:45:42:BB:B0:D7:BB:36:FA:72:BA:E9:AD:CA
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       01825EE68A6D383AFD8958F67D5B8BC0CCF1
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/1abX8sMMUUVCu7DXuzb6crrprco.roa
Signing time:             Tue 02 Aug 2022 14:12:23 +0000
ROA not before:           Tue 02 Aug 2022 14:12:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400377
IP address blocks:        152.89.250.0/24 maxlen: 24
                          152.89.248.0/24 maxlen: 24
                          152.89.249.0/24 maxlen: 24
                          195.206.235.0/24 maxlen: 24
                          176.105.224.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:5e:e6:8a:6d:38:3a:fd:89:58:f6:7d:5b:8b:c0:cc:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Aug  2 14:12:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d5a6d7f2c30c514542bbb0d7bb36fa72bae9adca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f8:3f:cc:c5:32:1b:65:23:2c:85:63:57:7c:
                    48:38:f5:a7:6d:e5:b8:68:b4:ce:04:70:7a:27:3c:
                    04:c5:58:00:76:83:18:38:62:ff:b4:de:b5:d8:30:
                    d4:41:11:eb:c8:13:30:88:83:1f:d9:0b:f2:6e:df:
                    86:eb:e1:7c:50:fa:77:b7:39:f9:ab:3a:ec:4d:3f:
                    94:ca:88:5c:1f:40:57:56:62:53:70:60:d3:aa:31:
                    64:cf:67:11:d7:25:87:1c:fb:7e:4b:ab:87:00:21:
                    0c:06:f4:a3:19:19:30:b4:35:9f:ba:c6:bc:f7:12:
                    06:2a:3d:e1:c1:65:4a:ab:e2:8f:3a:d7:95:94:bb:
                    98:6f:d8:e6:6b:24:4a:97:e9:50:9b:54:45:8b:17:
                    e4:31:32:9b:49:a2:fc:9a:d3:22:3c:a0:96:1a:6c:
                    51:e0:ba:d6:39:3d:54:6e:17:6c:b6:92:61:1c:83:
                    2b:70:86:2b:29:97:42:00:fc:35:b2:f6:05:aa:3c:
                    20:ea:85:a5:bb:8f:27:e3:e3:11:fa:50:b1:8f:c3:
                    42:f3:5b:b8:ea:01:76:bc:1e:94:a5:c7:7e:f1:78:
                    01:7d:99:07:24:fd:77:bc:cd:d8:e7:b1:56:76:d0:
                    b9:94:25:c7:31:ab:9d:37:0f:2c:d6:6e:bf:bf:b6:
                    aa:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:A6:D7:F2:C3:0C:51:45:42:BB:B0:D7:BB:36:FA:72:BA:E9:AD:CA
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/1abX8sMMUUVCu7DXuzb6crrprco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.248.0-152.89.250.255
                  176.105.224.0/24
                  195.206.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:6c:cd:0b:32:e7:e4:4f:33:3e:ab:72:25:d1:8c:d0:31:e9:
         21:33:19:ee:6a:8a:7f:57:60:a8:91:91:e4:98:4c:ec:5e:14:
         c2:6a:66:dc:19:b0:8a:9b:23:7a:b2:5a:01:97:8e:07:7f:1d:
         29:65:94:5f:d8:28:1d:d3:61:c4:78:30:fc:2b:89:56:70:0b:
         90:2e:f1:e5:7c:05:de:54:b7:4b:16:70:e2:ab:01:9f:e0:f6:
         a6:5a:c3:5b:04:36:05:d1:83:ac:13:24:e8:98:62:66:7a:16:
         4a:db:62:82:9a:a3:58:2e:23:61:17:6d:06:7e:df:4f:83:49:
         1e:06:21:6e:cd:f2:94:ea:8e:05:f2:99:70:c7:57:73:66:08:
         d3:b5:7c:c3:5f:9e:82:ba:6e:ba:73:5f:2d:c1:ac:36:f2:b1:
         a5:a6:09:d5:6b:46:31:6c:71:51:59:31:3d:b2:57:66:86:94:
         12:78:a3:11:ec:d1:b2:a5:93:b9:c3:96:cd:d5:fd:ce:a2:38:
         f4:c0:c9:e9:a9:11:44:8f:47:dc:eb:09:5e:39:80:29:98:a7:
         b4:25:0e:67:5d:0c:7f:1b:23:f1:5a:1a:24:7e:a1:b8:7b:a2:
         6a:25:aa:f0:12:62:3f:f6:7c:6d:a6:af:4b:be:3e:9d:71:c4:
         3c:af:df:2d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYJe5optODr9iVj2fVuLwMzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIwODAyMTQxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE2ZDdmMmMzMGM1MTQ1NDJiYmIwZDdiYjM2ZmE3MmJhZTlhZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPg/zMUyG2UjLIVjV3xIOPWnbeW4
aLTOBHB6JzwExVgAdoMYOGL/tN612DDUQRHryBMwiIMf2Qvybt+G6+F8UPp3tzn5
qzrsTT+UyohcH0BXVmJTcGDTqjFkz2cR1yWHHPt+S6uHACEMBvSjGRkwtDWfusa8
9xIGKj3hwWVKq+KPOteVlLuYb9jmayRKl+lQm1RFixfkMTKbSaL8mtMiPKCWGmxR
4LrWOT1UbhdstpJhHIMrcIYrKZdCAPw1svYFqjwg6oWlu48n4+MR+lCxj8NC81u4
6gF2vB6Upcd+8XgBfZkHJP13vM3Y57FWdtC5lCXHMaudNw8s1m6/v7aq2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNWm1/LDDFFFQruw17s2+nK66a3KMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvMWFiWDhzTU1VVVZDdTdEWHV6YjZjcnJwcmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAOYWfgD
BACYWfoDBACwaeADBADDzuswDQYJKoZIhvcNAQELBQADggEBAJNszQsy5+RPMz6r
ciXRjNAx6SEzGe5qin9XYKiRkeSYTOxeFMJqZtwZsIqbI3qyWgGXjgd/HSlllF/Y
KB3TYcR4MPwriVZwC5Au8eV8Bd5Ut0sWcOKrAZ/g9qZaw1sENgXRg6wTJOiYYmZ6
FkrbYoKao1guI2EXbQZ+30+DSR4GIW7N8pTqjgXymXDHV3NmCNO1fMNfnoK6brpz
Xy3BrDbysaWmCdVrRjFscVFZMT2yV2aGlBJ4oxHs0bKlk7nDls3V/c6iOPTAyemp
EUSPR9zrCV45gCmYp7QlDmddDH8bI/FaGiR+obh7omolqvASYj/2fG2mr0u+Pp1x
xDyv3y0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:44 2023 by rpki-client on console-ams.rpki-client.org