Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rOT5gqRXSmVrKpSXNWtDEAS51-o.roa
File:                     rOT5gqRXSmVrKpSXNWtDEAS51-o.roa (raw, json)
Hash identifier:          nwB31A8RvqVqzOfVkDKQHdtdCdWO3ZLt9Fu6H8Oeuto=
Subject key identifier:   AC:E4:F9:82:A4:57:4A:65:6B:2A:94:97:35:6B:43:10:04:B9:D7:EA
Certificate issuer:       /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial:       018FA602F474B028B7F50FD231F649249628
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rOT5gqRXSmVrKpSXNWtDEAS51-o.roa
Signing time:             Thu 23 May 2024 15:12:42 +0000
ROA not before:           Thu 23 May 2024 15:12:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a6:02:f4:74:b0:28:b7:f5:0f:d2:31:f6:49:24:96:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
        Validity
            Not Before: May 23 15:12:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ace4f982a4574a656b2a9497356b431004b9d7ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:65:d5:79:8e:2f:37:7e:2e:cf:f0:20:36:0c:
                    e7:91:84:c8:c2:23:d9:f8:17:e9:6d:99:d3:44:96:
                    58:7c:a1:5e:b0:7a:89:6c:04:a4:55:dd:12:53:af:
                    0b:97:e0:8d:c2:c9:ec:23:ce:07:4a:82:9c:e9:05:
                    f1:1a:ec:dc:98:37:51:74:36:e4:c0:89:7f:c5:32:
                    7d:a7:02:74:39:33:cd:66:65:73:66:da:80:58:ff:
                    6d:53:4a:8b:bb:7f:69:fb:3a:08:f4:54:09:fe:16:
                    90:c1:c7:8b:25:bd:de:37:98:05:49:0a:b8:c0:dc:
                    70:de:b2:51:66:cc:26:25:6e:da:3d:9f:75:0e:b9:
                    d1:27:46:58:b0:b8:f0:23:2f:3f:be:6f:2d:5a:60:
                    4a:15:c9:15:98:49:8d:ec:9f:36:34:38:0b:76:8c:
                    ed:87:e7:fd:54:f2:fa:92:a0:d6:8c:01:ec:58:f8:
                    9c:c4:db:6b:8a:47:a5:b4:f5:ec:7b:71:a5:03:0d:
                    d7:ca:f1:70:b9:6d:ef:6c:d4:fb:05:65:d2:c8:f7:
                    e6:72:2c:54:dc:34:78:12:90:83:d9:8c:eb:16:59:
                    2d:89:fb:b8:25:03:5c:ca:44:a0:b2:93:e7:ea:bf:
                    48:c9:85:ad:44:16:c1:ec:25:69:fa:b7:3b:a1:4d:
                    75:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E4:F9:82:A4:57:4A:65:6B:2A:94:97:35:6B:43:10:04:B9:D7:EA
            X509v3 Authority Key Identifier:
                keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/rOT5gqRXSmVrKpSXNWtDEAS51-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:4d:4c:6a:ab:d5:f3:c6:32:f0:0a:93:42:b6:a7:06:5d:99:
         e4:fe:39:d4:33:63:4a:f3:82:76:b6:2c:5f:84:28:b3:39:d5:
         40:21:06:aa:1e:28:8a:46:87:d3:7f:7e:b5:c8:c3:85:b8:44:
         96:80:a3:2e:8e:db:19:62:d5:a5:d8:82:89:c4:ba:07:7c:65:
         05:66:76:5d:46:8f:aa:ec:b8:6b:2a:60:92:13:20:ec:43:17:
         d6:15:63:f4:af:14:6c:94:83:12:23:38:7b:68:d2:f3:bf:ff:
         e0:1c:a1:66:42:ba:90:fb:23:dc:48:c2:e4:ad:b3:1f:69:98:
         7d:b6:b3:72:16:80:90:4a:af:38:bc:ad:98:51:08:8d:7d:be:
         71:4c:d3:ea:a0:78:ff:95:f3:d2:59:04:fd:44:14:3e:69:18:
         0e:c5:6e:ff:af:a3:90:b8:4d:e4:ad:01:7f:d8:6f:4b:65:83:
         7a:f7:57:14:6d:a6:ae:21:80:de:12:5a:29:fc:3b:0d:ab:28:
         a5:66:d4:15:ea:ab:99:f4:14:70:b1:7e:0e:22:7f:7c:d4:05:
         33:44:34:f9:55:91:79:7c:a9:79:1a:7e:85:82:da:6c:25:52:
         e3:fc:88:49:fc:2f:84:37:c3:a7:c6:ff:68:63:a6:86:14:4f:
         f8:36:5e:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+mAvR0sCi39Q/SMfZJJJYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIzMTUxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U0Zjk4MmE0NTc0YTY1NmIyYTk0OTczNTZiNDMxMDA0YjlkN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmXVeY4vN34uz/AgNgznkYTIwiPZ
+BfpbZnTRJZYfKFesHqJbASkVd0SU68Ll+CNwsnsI84HSoKc6QXxGuzcmDdRdDbk
wIl/xTJ9pwJ0OTPNZmVzZtqAWP9tU0qLu39p+zoI9FQJ/haQwceLJb3eN5gFSQq4
wNxw3rJRZswmJW7aPZ91DrnRJ0ZYsLjwIy8/vm8tWmBKFckVmEmN7J82NDgLdozt
h+f9VPL6kqDWjAHsWPicxNtrikeltPXse3GlAw3XyvFwuW3vbNT7BWXSyPfmcixU
3DR4EpCD2YzrFlktifu4JQNcykSgspPn6r9IyYWtRBbB7CVp+rc7oU11WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzk+YKkV0playqUlzVrQxAEudfqMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvck9UNWdxUlhTbVZyS3BTWE5XdERFQVM1MS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAtNTGqr1fPGMvAKk0K2
pwZdmeT+OdQzY0rzgna2LF+EKLM51UAhBqoeKIpGh9N/frXIw4W4RJaAoy6O2xli
1aXYgonEugd8ZQVmdl1Gj6rsuGsqYJITIOxDF9YVY/SvFGyUgxIjOHto0vO//+Ac
oWZCupD7I9xIwuStsx9pmH22s3IWgJBKrzi8rZhRCI19vnFM0+qgeP+V89JZBP1E
FD5pGA7Fbv+vo5C4TeStAX/Yb0tlg3r3VxRtpq4hgN4SWin8Ow2rKKVm1BXqq5n0
FHCxfg4if3zUBTNENPlVkXl8qXkafoWC2mwlUuP8iEn8L4Q3w6fG/2hjpoYUT/g2
XsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org