Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/CZRFsCV0olkwwNOnk3-Uvpwd3gE.roa
File:                     CZRFsCV0olkwwNOnk3-Uvpwd3gE.roa (raw, json)
Hash identifier:          pT+W+V5JyQcHDcc+DNHx7s4IthWjOsNJ5gJiyR9TlkM=
Subject key identifier:   09:94:45:B0:25:74:A2:59:30:C0:D3:A7:93:7F:94:BE:9C:1D:DE:01
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       01840B5DF39A442F2539F57CAD56508F6FA2
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/CZRFsCV0olkwwNOnk3-Uvpwd3gE.roa
Signing time:             Mon 24 Oct 2022 19:00:17 +0000
ROA not before:           Mon 24 Oct 2022 19:00:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29119
IP address blocks:        45.158.10.0/23 maxlen: 23
                          195.206.230.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:0b:5d:f3:9a:44:2f:25:39:f5:7c:ad:56:50:8f:6f:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Oct 24 19:00:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=099445b02574a25930c0d3a7937f94be9c1dde01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:93:52:12:89:be:f8:20:fa:ea:24:68:fa:ba:
                    0d:27:c2:42:bc:a6:7b:11:9c:66:38:66:7d:d4:6e:
                    57:e2:99:53:c2:d0:99:85:2c:c1:c8:31:58:78:52:
                    c5:a5:41:c3:9a:eb:59:9b:1f:c1:58:e0:f8:d0:75:
                    ed:f5:22:1f:9b:5e:a1:42:86:80:e1:53:83:7e:ac:
                    d3:05:01:be:f2:9c:58:dc:89:f2:8b:4e:f5:2d:8d:
                    b3:7d:75:ee:36:ed:8f:3b:bc:e5:4e:ff:36:0b:cd:
                    c7:ae:05:7c:b4:6b:eb:02:65:97:7c:18:7f:c2:81:
                    79:9c:31:66:73:eb:9d:01:d5:c0:fe:35:5f:00:0b:
                    36:4f:25:91:ad:40:8d:74:3a:b3:18:8c:be:89:d9:
                    b3:8c:a0:78:b2:ce:32:5c:17:92:69:75:e2:37:21:
                    48:00:e0:3e:20:46:f6:c0:eb:b5:2f:98:10:6e:58:
                    a3:0a:ff:36:9a:4a:44:97:47:1c:09:d9:0b:8f:b3:
                    9c:a6:d4:3f:fe:3c:3b:8d:04:a2:30:7a:7f:ff:53:
                    32:0d:80:ac:87:be:f8:d2:63:6c:63:c1:19:7b:5f:
                    e4:18:0b:fa:ed:18:60:ae:be:af:cc:66:9f:73:96:
                    27:fa:ce:14:f3:af:fb:9b:6a:ac:2b:ee:ed:d5:7e:
                    ad:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:94:45:B0:25:74:A2:59:30:C0:D3:A7:93:7F:94:BE:9C:1D:DE:01
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/CZRFsCV0olkwwNOnk3-Uvpwd3gE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.10.0/23
                  195.206.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:57:ab:0b:30:f1:3b:ac:e5:9c:4c:0d:df:d9:9d:d0:1e:1c:
         74:17:40:4d:a6:91:db:7b:af:4a:fd:f9:30:22:20:95:e9:21:
         e2:de:81:28:f3:09:cb:4b:87:bd:44:a9:29:9a:84:85:e3:64:
         7a:bc:2d:d9:3a:b3:7e:55:8b:98:74:c9:4a:1c:a4:de:e9:17:
         de:78:e6:4c:6e:24:89:0c:19:b9:5b:de:ef:16:f4:d8:59:56:
         bf:17:36:fa:e2:d4:52:a7:37:6c:f8:41:0d:e3:1e:a4:7c:80:
         d1:da:c7:64:a0:71:bb:cd:bb:af:2a:fb:5d:b1:10:eb:07:ac:
         0a:cd:a4:8b:30:ee:8b:6f:83:cd:e3:fe:87:54:8d:67:07:38:
         57:e8:e6:0f:58:6c:a9:4c:4a:7d:83:14:2e:30:72:2c:76:31:
         39:26:68:53:69:90:18:78:f6:b2:25:d1:49:ee:93:26:b6:25:
         1d:c4:be:f6:dd:1b:30:4a:cc:dc:dd:cd:5d:8b:0e:01:9a:b0:
         33:9d:fd:d7:51:4c:4b:d9:ff:d1:4e:ea:e3:91:c0:59:de:8e:
         84:aa:ce:16:24:4b:ce:2e:e7:35:6b:37:4d:40:aa:4f:d7:bd:
         62:e6:57:39:75:65:e7:fd:0b:90:2f:d4:84:29:3e:1a:11:82:
         bf:8f:db:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQLXfOaRC8lOfV8rVZQj2+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDI0MTkwMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk0NDViMDI1NzRhMjU5MzBjMGQzYTc5MzdmOTRiZTljMWRkZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJNSEom++CD66iRo+roNJ8JCvKZ7
EZxmOGZ91G5X4plTwtCZhSzByDFYeFLFpUHDmutZmx/BWOD40HXt9SIfm16hQoaA
4VODfqzTBQG+8pxY3Inyi071LY2zfXXuNu2PO7zlTv82C83HrgV8tGvrAmWXfBh/
woF5nDFmc+udAdXA/jVfAAs2TyWRrUCNdDqzGIy+idmzjKB4ss4yXBeSaXXiNyFI
AOA+IEb2wOu1L5gQblijCv82mkpEl0ccCdkLj7OcptQ//jw7jQSiMHp//1MyDYCs
h7740mNsY8EZe1/kGAv67Rhgrr6vzGafc5Yn+s4U86/7m2qsK+7t1X6tmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAmURbAldKJZMMDTp5N/lL6cHd4BMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvQ1pSRnNDVjBvbGt3d05PbmszLVV2cHdkM2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZ4KAwQA
w87mMA0GCSqGSIb3DQEBCwUAA4IBAQB5V6sLMPE7rOWcTA3f2Z3QHhx0F0BNppHb
e69K/fkwIiCV6SHi3oEo8wnLS4e9RKkpmoSF42R6vC3ZOrN+VYuYdMlKHKTe6Rfe
eOZMbiSJDBm5W97vFvTYWVa/Fzb64tRSpzds+EEN4x6kfIDR2sdkoHG7zbuvKvtd
sRDrB6wKzaSLMO6Lb4PN4/6HVI1nBzhX6OYPWGypTEp9gxQuMHIsdjE5JmhTaZAY
ePayJdFJ7pMmtiUdxL723RswSszc3c1diw4BmrAznf3XUUxL2f/RTurjkcBZ3o6E
qs4WJEvOLuc1azdNQKpP171i5lc5dWXn/QuQL9SEKT4aEYK/j9um
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:59 2024 by rpki-client on console-fra.rpki-client.org