Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/YEH8_hTzmfSZXx2FODRtbj2vz6Y.roa
File:                     YEH8_hTzmfSZXx2FODRtbj2vz6Y.roa (raw, json)
Hash identifier:          QWf+jCc867TFV/d8cugAmVs+DiRH+BIdL3+8V+c9hys=
Subject key identifier:   60:41:FC:FE:14:F3:99:F4:99:5F:1D:85:38:34:6D:6E:3D:AF:CF:A6
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       0183AC63ECD6B7669D49708EBA07F1C50B24
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/YEH8_hTzmfSZXx2FODRtbj2vz6Y.roa
Signing time:             Thu 06 Oct 2022 08:22:53 +0000
ROA not before:           Thu 06 Oct 2022 08:22:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207326
IP address blocks:        193.161.245.0/24 maxlen: 24
                          91.199.168.0/24 maxlen: 24
                          91.206.2.0/24 maxlen: 24
                          193.151.182.0/24 maxlen: 24
                          45.142.238.0/23 maxlen: 24
                          194.104.158.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:ac:63:ec:d6:b7:66:9d:49:70:8e:ba:07:f1:c5:0b:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Oct  6 08:22:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6041fcfe14f399f4995f1d8538346d6e3dafcfa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a8:7c:9d:bd:1e:fd:d6:d0:a4:9f:e6:58:a9:
                    ed:99:ed:03:78:12:a4:19:7b:f0:01:32:90:e0:01:
                    ec:fe:c1:8d:d3:52:24:cd:9d:5c:f0:5f:98:1a:46:
                    6a:d8:89:9f:b6:13:85:62:3e:58:5c:8c:33:2a:b1:
                    63:90:a1:3e:fa:59:bb:61:34:af:ad:a8:49:38:39:
                    2c:92:db:53:65:c5:04:39:b2:dd:91:5c:83:19:f0:
                    14:af:61:51:20:be:87:1f:08:a4:ec:83:6a:4b:80:
                    a6:c2:15:73:c4:cf:34:f7:78:4f:9e:7f:45:74:38:
                    d9:d9:07:dc:6e:1e:e5:de:ce:df:e4:73:f6:23:f2:
                    f8:d7:ee:4d:f5:1e:d5:29:f2:e1:a7:85:a4:fe:0c:
                    37:d5:1b:89:ca:79:3a:41:36:5a:f9:aa:a5:f3:3b:
                    5b:7a:61:9b:04:bd:80:49:0c:f3:d5:eb:9a:72:50:
                    95:b9:10:09:ec:a4:fc:9a:ce:2c:2a:5e:cf:76:4f:
                    58:8e:dd:da:db:59:d3:e8:07:17:b6:0f:fd:6b:03:
                    82:00:0b:5c:93:94:6f:91:0e:27:a0:c3:96:ab:b3:
                    2b:5b:25:db:77:68:a1:37:29:02:70:8a:e1:7a:2c:
                    08:56:78:c7:49:c9:60:15:6d:e6:0e:77:a8:c9:af:
                    29:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:41:FC:FE:14:F3:99:F4:99:5F:1D:85:38:34:6D:6E:3D:AF:CF:A6
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/YEH8_hTzmfSZXx2FODRtbj2vz6Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.238.0/23
                  91.199.168.0/24
                  91.206.2.0/24
                  193.151.182.0/24
                  193.161.245.0/24
                  194.104.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:04:cc:6b:ec:93:30:e6:39:a7:95:e3:76:9f:db:52:80:7e:
         c1:e6:5d:4b:ff:6c:15:5a:40:4e:04:70:de:63:41:c0:40:f4:
         5a:8d:72:88:e0:4d:f3:95:e1:74:5c:a7:a4:85:4e:58:e5:15:
         a0:2e:32:15:b1:69:f4:6b:2f:f1:a1:03:c9:d0:7d:be:41:69:
         70:4a:85:e2:65:4b:b4:6a:f6:16:8d:98:47:2a:ba:a0:b0:29:
         18:32:7b:ee:a3:18:7a:71:b0:37:1d:ff:c1:f8:03:a3:ea:ac:
         df:be:40:dc:cb:3b:37:79:87:eb:85:5b:eb:a2:06:71:9e:d4:
         64:39:54:86:21:86:9f:2a:cb:a1:75:69:0e:25:8b:60:82:46:
         e0:96:e6:9d:c2:99:f0:df:af:a0:9d:6b:dc:20:31:89:79:03:
         0a:92:de:96:db:4d:47:25:d6:0c:e1:bb:2d:be:99:e0:f1:77:
         6d:35:82:ce:e5:97:e0:7a:94:0d:ad:1c:b0:38:df:b0:d8:a4:
         62:2f:db:fd:7c:b4:79:5c:fe:54:d0:35:d3:42:6c:a7:f5:42:
         24:b8:58:0c:a8:c7:f7:7b:bd:18:e8:f9:f2:0a:46:74:c5:04:
         fb:f2:63:70:ec:cb:ce:44:22:a9:5a:de:4b:ff:04:5d:4b:61:
         39:09:7c:78
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYOsY+zWt2adSXCOugfxxQskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDA2MDgyMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQxZmNmZTE0ZjM5OWY0OTk1ZjFkODUzODM0NmQ2ZTNkYWZjZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqh8nb0e/dbQpJ/mWKntme0DeBKk
GXvwATKQ4AHs/sGN01IkzZ1c8F+YGkZq2ImfthOFYj5YXIwzKrFjkKE++lm7YTSv
rahJODkskttTZcUEObLdkVyDGfAUr2FRIL6HHwik7INqS4CmwhVzxM8093hPnn9F
dDjZ2Qfcbh7l3s7f5HP2I/L41+5N9R7VKfLhp4Wk/gw31RuJynk6QTZa+aql8ztb
emGbBL2ASQzz1euaclCVuRAJ7KT8ms4sKl7Pdk9Yjt3a21nT6AcXtg/9awOCAAtc
k5RvkQ4noMOWq7MrWyXbd2ihNykCcIrheiwIVnjHSclgFW3mDneoya8pPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGBB/P4U85n0mV8dhTg0bW49r8+mMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvWUVIOF9oVHptZlNaWHgyRk9EUnRiajJ2ejZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLY7uAwQA
W8eoAwQAW84CAwQAwZe2AwQAwaH1AwQAwmieMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
BMxr7JMw5jmnleN2n9tSgH7B5l1L/2wVWkBOBHDeY0HAQPRajXKI4E3zleF0XKek
hU5Y5RWgLjIVsWn0ay/xoQPJ0H2+QWlwSoXiZUu0avYWjZhHKrqgsCkYMnvuoxh6
cbA3Hf/B+AOj6qzfvkDcyzs3eYfrhVvrogZxntRkOVSGIYafKsuhdWkOJYtggkbg
luadwpnw36+gnWvcIDGJeQMKkt6W201HJdYM4bstvpng8XdtNYLO5ZfgepQNrRyw
ON+w2KRiL9v9fLR5XP5U0DXTQmyn9UIkuFgMqMf3e70Y6PnyCkZ0xQT78mNw7MvO
RCKpWt5L/wRdS2E5CXx4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:59 2024 by rpki-client on console-fra.rpki-client.org