Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/JHOu64EYtQL8L7O2LT2DxZygRKc.roa
File:                     JHOu64EYtQL8L7O2LT2DxZygRKc.roa (raw, json)
Hash identifier:          xn1JpDm2jDBLOHzV/D5K1gyKy9BqsZkrrW1J+Esr5jo=
Subject key identifier:   24:73:AE:EB:81:18:B5:02:FC:2F:B3:B6:2D:3D:83:C5:9C:A0:44:A7
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       0183DA88B825B6A22F26E7AE267480812B65
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/JHOu64EYtQL8L7O2LT2DxZygRKc.roa
Signing time:             Sat 15 Oct 2022 07:25:36 +0000
ROA not before:           Sat 15 Oct 2022 07:25:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     40676
IP address blocks:        193.176.128.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:da:88:b8:25:b6:a2:2f:26:e7:ae:26:74:80:81:2b:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Oct 15 07:25:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2473aeeb8118b502fc2fb3b62d3d83c59ca044a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ee:e8:23:ba:8e:05:19:32:18:23:8c:fb:10:
                    ff:a5:3a:e4:a4:67:3f:45:12:02:00:09:b6:a3:87:
                    a0:51:92:84:b8:ba:4c:09:e7:29:91:ea:a0:fe:c9:
                    91:dd:d8:05:fa:86:5e:d4:48:03:27:67:1d:ee:e8:
                    ed:8f:c4:4b:e0:e2:ca:76:17:f6:80:af:de:f9:4e:
                    02:7b:54:43:1c:2b:b1:f4:a4:cc:58:71:59:e4:eb:
                    7b:a8:9d:ef:c0:1c:84:3f:10:68:dc:a0:eb:1c:e2:
                    1c:f0:3d:cb:28:fd:13:ed:70:14:d6:c4:89:15:b6:
                    ac:f2:36:ae:b4:ac:e1:a2:69:a6:e2:5a:a7:d9:6f:
                    ac:78:36:e0:e8:6e:c6:34:40:95:7f:f4:e9:76:26:
                    29:e7:9c:de:77:7a:36:91:c7:ad:b9:73:de:04:87:
                    4a:11:bf:f4:97:a5:7c:ea:50:90:17:c8:92:81:88:
                    dc:5e:72:87:6e:55:2f:fe:db:ed:33:0c:40:87:3d:
                    07:8e:54:d3:b5:16:77:a6:23:07:44:c5:cf:45:fb:
                    f4:c8:63:a1:d9:99:c4:53:2f:ef:ea:26:bb:29:75:
                    a7:4c:1b:b5:f5:2d:e1:ee:6f:c8:71:12:08:d7:11:
                    a6:c7:d5:94:43:50:60:f9:5f:2b:7e:78:51:08:2f:
                    3d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:73:AE:EB:81:18:B5:02:FC:2F:B3:B6:2D:3D:83:C5:9C:A0:44:A7
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/JHOu64EYtQL8L7O2LT2DxZygRKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.176.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:08:07:eb:1f:ea:2a:be:30:64:ca:09:86:e2:cf:86:09:24:
         86:ce:7e:60:41:38:da:1f:85:34:d0:51:d8:9e:96:68:3f:a4:
         2e:d1:7a:4a:25:02:f7:37:da:b9:d0:b7:20:99:1d:4b:eb:2a:
         af:1f:34:56:35:e1:5d:34:65:38:15:8d:45:5e:14:d4:8c:e5:
         8c:36:81:2d:bc:5c:0f:90:e1:3f:1c:c5:24:46:2d:fe:9a:cc:
         3a:b8:f4:82:de:59:65:d2:fa:e5:55:97:e4:bb:7e:66:39:af:
         04:3a:f3:16:c8:b0:b4:bc:51:df:64:4e:a4:3f:21:6b:76:43:
         10:52:43:66:f5:b3:83:bd:8a:c6:17:12:01:42:1f:99:be:32:
         87:02:ba:81:ae:fe:a8:45:48:ff:74:84:b5:a0:d8:3c:f6:6b:
         7e:7d:17:cf:f5:50:75:1c:82:15:eb:8e:79:02:a7:ae:8a:76:
         a9:54:6c:1f:b9:bd:9c:0f:9d:e4:23:54:f5:72:a0:4e:c4:d2:
         30:4a:b4:ee:88:e5:6b:8c:e8:9b:6c:6f:25:66:78:0a:28:54:
         18:94:dd:13:5f:76:de:ec:af:82:33:49:1f:7c:3a:f8:1a:f2:
         02:d8:61:d1:49:4b:4d:af:0d:ba:65:90:21:8c:c5:20:1e:1b:
         4c:fd:4e:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPaiLgltqIvJueuJnSAgStlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDE1MDcyNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDczYWVlYjgxMThiNTAyZmMyZmIzYjYyZDNkODNjNTljYTA0NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+7oI7qOBRkyGCOM+xD/pTrkpGc/
RRICAAm2o4egUZKEuLpMCecpkeqg/smR3dgF+oZe1EgDJ2cd7ujtj8RL4OLKdhf2
gK/e+U4Ce1RDHCux9KTMWHFZ5Ot7qJ3vwByEPxBo3KDrHOIc8D3LKP0T7XAU1sSJ
Fbas8jautKzhommm4lqn2W+seDbg6G7GNECVf/TpdiYp55zed3o2kcetuXPeBIdK
Eb/0l6V86lCQF8iSgYjcXnKHblUv/tvtMwxAhz0HjlTTtRZ3piMHRMXPRfv0yGOh
2ZnEUy/v6ia7KXWnTBu19S3h7m/IcRII1xGmx9WUQ1Bg+V8rfnhRCC89mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRzruuBGLUC/C+zti09g8WcoESnMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvSkhPdTY0RVl0UUw4TDdPMkxUMkR4WnlnUktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbCAMA0G
CSqGSIb3DQEBCwUAA4IBAQBeCAfrH+oqvjBkygmG4s+GCSSGzn5gQTjaH4U00FHY
npZoP6Qu0XpKJQL3N9q50LcgmR1L6yqvHzRWNeFdNGU4FY1FXhTUjOWMNoEtvFwP
kOE/HMUkRi3+msw6uPSC3lll0vrlVZfku35mOa8EOvMWyLC0vFHfZE6kPyFrdkMQ
UkNm9bODvYrGFxIBQh+ZvjKHArqBrv6oRUj/dIS1oNg89mt+fRfP9VB1HIIV6455
AqeuinapVGwfub2cD53kI1T1cqBOxNIwSrTuiOVrjOibbG8lZngKKFQYlN0TX3be
7K+CM0kffDr4GvIC2GHRSUtNrw26ZZAhjMUgHhtM/U7V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:59 2024 by rpki-client on console-fra.rpki-client.org