Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/a6fa7d-1285-44c2-8e64-f5453f6e31af/1/zIAkljB5TXwDm3LX6blUR76E1cM.roa
File:                     zIAkljB5TXwDm3LX6blUR76E1cM.roa (raw, json)
Hash identifier:          wRjbpGvhPGm4F6HKMim4dqg2G1D+22hkrm2Ex5ViOL4=
Subject key identifier:   CC:80:24:96:30:79:4D:7C:03:9B:72:D7:E9:B9:54:47:BE:84:D5:C3
Certificate issuer:       /CN=743f16710bac6a3bceeb5e4bb175c4482aa50a42
Certificate serial:       0183C98EB550A7A44BCEA40FD6DEA1D84578
Authority key identifier: 74:3F:16:71:0B:AC:6A:3B:CE:EB:5E:4B:B1:75:C4:48:2A:A5:0A:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dD8WcQusajvO615LsXXESCqlCkI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/a6fa7d-1285-44c2-8e64-f5453f6e31af/1/zIAkljB5TXwDm3LX6blUR76E1cM.roa
Signing time:             Wed 12 Oct 2022 00:18:36 +0000
ROA not before:           Wed 12 Oct 2022 00:18:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209529
IP address blocks:        185.228.220.0/22 maxlen: 22
                          185.248.72.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c9:8e:b5:50:a7:a4:4b:ce:a4:0f:d6:de:a1:d8:45:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=743f16710bac6a3bceeb5e4bb175c4482aa50a42
        Validity
            Not Before: Oct 12 00:18:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cc80249630794d7c039b72d7e9b95447be84d5c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7a:d0:35:97:dd:51:8c:ce:67:c4:fc:fb:b8:
                    2f:97:d2:47:42:a2:81:4c:7d:56:d2:f6:13:28:61:
                    a4:fb:7e:5d:7e:56:ba:22:e7:26:5d:ef:ac:f2:79:
                    fc:e6:cd:29:a5:d4:7a:cc:c2:13:b2:cc:6c:9d:2a:
                    d3:2a:c2:ea:47:37:95:33:26:0a:17:37:d3:fa:5d:
                    71:95:39:63:02:00:d6:b6:bc:5e:ab:ea:89:30:6b:
                    48:f7:2a:12:19:de:af:a0:49:1c:1c:dc:2f:f8:ab:
                    67:52:88:31:a9:5c:1d:d8:e2:8b:03:0e:eb:b5:20:
                    52:65:9f:93:c3:29:77:f1:5e:a6:71:12:b7:ca:cb:
                    82:a9:30:10:99:85:69:7f:05:7e:0b:98:be:83:c5:
                    a0:78:59:23:61:8f:bd:5f:8b:c2:b7:e9:29:22:3f:
                    d3:ed:de:0a:ba:f2:fa:e6:6e:69:ee:ae:8f:e3:f8:
                    14:54:c1:3f:57:75:6d:c5:cd:8e:4c:cc:1b:b3:1f:
                    f9:00:b6:bc:12:0f:0d:7a:19:e2:68:b6:0c:67:d9:
                    d7:38:86:50:9d:bd:79:3d:5f:56:ee:42:f6:59:ee:
                    54:57:f5:b8:2d:fa:47:c0:14:77:08:39:74:87:03:
                    84:bf:6f:39:99:a7:97:65:3a:ff:24:e2:5d:20:5c:
                    65:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:80:24:96:30:79:4D:7C:03:9B:72:D7:E9:B9:54:47:BE:84:D5:C3
            X509v3 Authority Key Identifier:
                keyid:74:3F:16:71:0B:AC:6A:3B:CE:EB:5E:4B:B1:75:C4:48:2A:A5:0A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD8WcQusajvO615LsXXESCqlCkI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/a6fa7d-1285-44c2-8e64-f5453f6e31af/1/zIAkljB5TXwDm3LX6blUR76E1cM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/a6fa7d-1285-44c2-8e64-f5453f6e31af/1/dD8WcQusajvO615LsXXESCqlCkI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.220.0/22
                  185.248.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:98:30:06:4f:be:08:0c:af:85:c6:c4:86:9b:99:f3:6f:e1:
         a8:e1:d6:db:4f:a3:5e:2d:bf:ec:29:78:97:3c:cd:c4:b5:6a:
         01:ab:16:98:d4:d6:4e:10:90:83:93:bb:47:0f:95:80:65:31:
         a6:4d:ab:b9:4e:e3:d5:1c:70:9c:eb:c6:06:15:20:70:b5:fd:
         b2:52:2b:a1:c4:6d:01:38:58:ab:4b:2b:47:d1:e3:3a:75:e1:
         f5:30:b0:10:d0:88:ae:91:da:83:c7:0c:a4:a3:f9:96:b8:f1:
         df:5b:50:4e:d8:08:aa:28:72:e3:6a:d8:ee:e8:97:64:af:4e:
         45:5c:c3:8b:e2:e4:e8:10:ae:50:46:ad:9a:95:09:b6:5d:c4:
         6d:ed:e3:c5:f6:f9:91:6b:8e:fc:1e:1b:bd:4c:63:6d:18:c5:
         0f:37:4b:3d:21:7d:c7:28:3b:9f:d5:44:35:62:8f:82:0b:64:
         26:a6:9c:a8:36:b8:75:06:b5:f4:cf:99:46:0d:e3:72:91:41:
         68:64:93:8c:6a:a2:0c:56:81:84:a6:c4:66:8b:10:db:fc:80:
         44:24:3d:a7:e1:04:70:17:10:31:d5:dc:97:ab:4a:25:f6:e7:
         87:3e:74:04:19:65:ee:5c:1f:c2:38:e1:b6:fa:bc:d5:bf:6a:
         e4:21:b8:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPJjrVQp6RLzqQP1t6h2EV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2YxNjcxMGJhYzZhM2JjZWViNWU0YmIxNzVjNDQ4MmFh
NTBhNDIwHhcNMjIxMDEyMDAxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzgwMjQ5NjMwNzk0ZDdjMDM5YjcyZDdlOWI5NTQ0N2JlODRkNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHrQNZfdUYzOZ8T8+7gvl9JHQqKB
TH1W0vYTKGGk+35dfla6IucmXe+s8nn85s0ppdR6zMITssxsnSrTKsLqRzeVMyYK
FzfT+l1xlTljAgDWtrxeq+qJMGtI9yoSGd6voEkcHNwv+KtnUogxqVwd2OKLAw7r
tSBSZZ+Twyl38V6mcRK3ysuCqTAQmYVpfwV+C5i+g8WgeFkjYY+9X4vCt+kpIj/T
7d4KuvL65m5p7q6P4/gUVME/V3Vtxc2OTMwbsx/5ALa8Eg8NehniaLYMZ9nXOIZQ
nb15PV9W7kL2We5UV/W4LfpHwBR3CDl0hwOEv285maeXZTr/JOJdIFxluwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyAJJYweU18A5ty1+m5VEe+hNXDMB8GA1UdIwQY
MBaAFHQ/FnELrGo7zuteS7F1xEgqpQpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ4V2NRdXNhanZPNjE1THNYWEVTQ3FsQ2tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hNmZhN2QtMTI4NS00NGMyLThlNjQt
ZjU0NTNmNmUzMWFmLzEveklBa2xqQjVUWHdEbTNMWDZibFVSNzZFMWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hNmZhN2QtMTI4NS00NGMyLThlNjQtZjU0NTNmNmUzMWFm
LzEvZEQ4V2NRdXNhanZPNjE1THNYWEVTQ3FsQ2tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCueTcAwQC
ufhIMA0GCSqGSIb3DQEBCwUAA4IBAQAMmDAGT74IDK+FxsSGm5nzb+Go4dbbT6Ne
Lb/sKXiXPM3EtWoBqxaY1NZOEJCDk7tHD5WAZTGmTau5TuPVHHCc68YGFSBwtf2y
UiuhxG0BOFirSytH0eM6deH1MLAQ0IiukdqDxwyko/mWuPHfW1BO2AiqKHLjatju
6Jdkr05FXMOL4uToEK5QRq2alQm2XcRt7ePF9vmRa478Hhu9TGNtGMUPN0s9IX3H
KDuf1UQ1Yo+CC2QmppyoNrh1BrX0z5lGDeNykUFoZJOMaqIMVoGEpsRmixDb/IBE
JD2n4QRwFxAx1dyXq0ol9ueHPnQEGWXuXB/COOG2+rzVv2rkIbht
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:14 2024 by rpki-client on console-fra.rpki-client.org