Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/odyxNzSiW-FAZv_ah7kR0AWVisw.roa
File:                     odyxNzSiW-FAZv_ah7kR0AWVisw.roa (raw, json)
Hash identifier:          WB0XRkaX4dOltCeQyWBPAQd6fU96q2Ixwun2fFcSz7s=
Subject key identifier:   A1:DC:B1:37:34:A2:5B:E1:40:66:FF:DA:87:B9:11:D0:05:95:8A:CC
Certificate issuer:       /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial:       01823E5D00737F88AF5A90783E72D8FDC80F
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/odyxNzSiW-FAZv_ah7kR0AWVisw.roa
Signing time:             Wed 27 Jul 2022 06:34:18 +0000
ROA not before:           Wed 27 Jul 2022 06:34:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        193.176.54.0/24 maxlen: 24
                          193.176.55.0/24 maxlen: 24
                          91.199.168.0/24 maxlen: 24
                          141.98.156.0/23 maxlen: 24
                          141.98.158.0/23 maxlen: 24
                          147.78.122.0/23 maxlen: 24
                          147.78.120.0/23 maxlen: 24
                          45.153.4.0/23 maxlen: 23
                          195.206.230.0/24 maxlen: 24
                          195.206.231.0/24 maxlen: 24
                          176.105.226.0/23 maxlen: 24
                          176.105.224.0/23 maxlen: 24
                          195.206.234.0/24 maxlen: 24
                          45.153.6.0/23 maxlen: 24
                          195.206.235.0/24 maxlen: 24
                          45.142.236.0/23 maxlen: 24
                          45.142.238.0/23 maxlen: 24
                          193.111.116.0/24 maxlen: 24
                          193.111.117.0/24 maxlen: 24
                          45.158.170.0/23 maxlen: 24
                          45.158.168.0/23 maxlen: 24
                          195.20.98.0/24 maxlen: 24
                          194.104.156.0/24 maxlen: 24
                          194.104.158.0/24 maxlen: 24
                          195.20.105.0/24 maxlen: 24
                          195.20.99.0/24 maxlen: 24
                          194.105.21.0/24 maxlen: 24
                          152.89.248.0/23 maxlen: 24
                          152.89.250.0/23 maxlen: 24
                          193.29.96.0/23 maxlen: 24
                          193.29.98.0/23 maxlen: 24
                          194.5.146.0/23 maxlen: 24
                          193.142.22.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:3e:5d:00:73:7f:88:af:5a:90:78:3e:72:d8:fd:c8:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
        Validity
            Not Before: Jul 27 06:34:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a1dcb13734a25be14066ffda87b911d005958acc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:3e:80:66:a9:de:9f:10:c3:1f:8c:84:36:78:
                    da:be:8f:0a:36:fb:7a:6a:33:c1:ef:ad:0a:c8:b9:
                    38:0f:2b:4c:43:44:2e:9c:7e:e8:66:03:7d:a6:f0:
                    db:6a:1d:bd:da:75:1f:07:56:d3:64:43:14:81:e7:
                    f2:fc:c9:79:8e:7a:ad:3b:8b:41:18:dd:3b:1b:ba:
                    af:54:62:c8:27:13:ab:dd:b4:4e:5b:30:f0:a1:ed:
                    77:90:ce:10:47:8b:c9:66:0d:32:d8:13:c6:d2:1f:
                    7b:2d:c0:d4:43:50:be:6f:01:b6:7e:fd:8a:84:f5:
                    cb:4f:6d:b2:05:58:66:1a:a8:38:f4:ff:d0:22:ab:
                    63:d7:85:b5:df:45:2c:2c:bc:9b:e6:d2:fb:cb:b2:
                    2a:85:be:bb:a3:d8:99:64:ca:d2:51:3c:70:8a:3b:
                    a3:5a:a9:4b:1c:97:e3:da:12:ee:14:e2:cd:44:e7:
                    b6:41:46:72:b8:4d:08:70:2b:ad:04:75:7f:cb:54:
                    7c:c6:4f:40:5f:a4:04:58:b9:a4:17:3b:e8:02:ec:
                    73:92:6e:0f:dc:af:80:47:4e:cf:f7:46:1b:5a:b9:
                    e8:a6:2d:b0:2d:33:e7:5b:a0:ca:d7:c2:9e:0f:d3:
                    04:98:11:24:0c:9c:7e:b2:72:40:ad:a9:77:95:e9:
                    89:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:DC:B1:37:34:A2:5B:E1:40:66:FF:DA:87:B9:11:D0:05:95:8A:CC
            X509v3 Authority Key Identifier:
                keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/odyxNzSiW-FAZv_ah7kR0AWVisw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.236.0/22
                  45.153.4.0/22
                  45.158.168.0/22
                  91.199.168.0/24
                  141.98.156.0/22
                  147.78.120.0/22
                  152.89.248.0/22
                  176.105.224.0/22
                  193.29.96.0/22
                  193.111.116.0/23
                  193.142.22.0/24
                  193.176.54.0/23
                  194.5.146.0/23
                  194.104.156.0/24
                  194.104.158.0/24
                  194.105.21.0/24
                  195.20.98.0/23
                  195.20.105.0/24
                  195.206.230.0/23
                  195.206.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:f9:da:01:4f:e8:d9:12:b5:64:76:a1:4e:53:28:9f:b3:8c:
         4c:2f:f4:07:a7:73:8c:72:4e:81:c0:95:56:04:aa:10:c3:a7:
         d5:a1:1c:51:bc:c8:c3:f1:9b:49:c2:36:dd:b0:7e:c2:be:d9:
         17:c4:53:38:0c:f3:ee:ab:ca:8f:20:61:d7:5a:15:72:53:ee:
         b5:34:c5:c7:6e:11:d8:90:0e:46:ae:42:74:e4:58:ce:a7:b3:
         0c:b2:6d:8d:ed:6d:b5:b0:67:bb:a8:04:72:4d:b8:85:98:3a:
         f1:5c:58:85:ef:c0:2e:23:b6:ea:3f:0f:ba:49:62:ab:98:df:
         01:75:b0:ee:0a:10:19:5c:02:c2:52:06:60:11:78:41:4d:2c:
         90:41:4d:86:26:48:53:b6:17:d2:9e:3e:1e:ac:08:10:fe:0b:
         1a:dc:aa:f6:ed:84:43:71:09:a8:cd:2f:fa:f5:56:9e:0a:3e:
         f6:09:e8:ab:65:d1:31:c8:de:31:ec:08:30:14:ea:0b:5d:80:
         a3:95:e5:45:53:d5:7e:02:5b:00:41:68:f9:d5:58:70:c5:f1:
         8f:dd:b2:8e:19:c6:ac:c8:7c:93:50:5a:53:28:da:c7:bc:4c:
         91:d6:d1:cb:14:4c:ee:19:30:84:df:1a:a4:de:2c:3d:cb:e3:
         25:7c:d2:9b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYI+XQBzf4ivWpB4PnLY/cgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIwNzI3MDYzNDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRjYjEzNzM0YTI1YmUxNDA2NmZmZGE4N2I5MTFkMDA1OTU4YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz6AZqnenxDDH4yENnjavo8KNvt6
ajPB760KyLk4DytMQ0QunH7oZgN9pvDbah292nUfB1bTZEMUgefy/Ml5jnqtO4tB
GN07G7qvVGLIJxOr3bROWzDwoe13kM4QR4vJZg0y2BPG0h97LcDUQ1C+bwG2fv2K
hPXLT22yBVhmGqg49P/QIqtj14W130UsLLyb5tL7y7Iqhb67o9iZZMrSUTxwijuj
WqlLHJfj2hLuFOLNROe2QUZyuE0IcCutBHV/y1R8xk9AX6QEWLmkFzvoAuxzkm4P
3K+AR07P90YbWrnopi2wLTPnW6DK18KeD9MEmBEkDJx+snJAral3lemJFQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFKHcsTc0olvhQGb/2oe5EdAFlYrMMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvb2R5eE56U2lXLUZBWnZfYWg3a1IwQVdWaXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCLY7s
AwQCLZkEAwQCLZ6oAwQAW8eoAwQCjWKcAwQCk054AwQCmFn4AwQCsGngAwQCwR1g
AwQBwW90AwQAwY4WAwQBwbA2AwQBwgWSAwQAwmicAwQAwmieAwQAwmkVAwQBwxRi
AwQAwxRpAwQBw87mAwQBw87qMA0GCSqGSIb3DQEBCwUAA4IBAQA4+doBT+jZErVk
dqFOUyifs4xML/QHp3OMck6BwJVWBKoQw6fVoRxRvMjD8ZtJwjbdsH7CvtkXxFM4
DPPuq8qPIGHXWhVyU+61NMXHbhHYkA5GrkJ05FjOp7MMsm2N7W21sGe7qARyTbiF
mDrxXFiF78AuI7bqPw+6SWKrmN8BdbDuChAZXALCUgZgEXhBTSyQQU2GJkhTthfS
nj4erAgQ/gsa3Kr27YRDcQmozS/69VaeCj72CeirZdExyN4x7AgwFOoLXYCjleVF
U9V+AlsAQWj51VhwxfGP3bKOGcasyHyTUFpTKNrHvEyR1tHLFEzuGTCE3xqk3iw9
y+MlfNKb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:52 2024 by rpki-client on console-ams.rpki-client.org