Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b64405-e6f6-422d-9037-cc15689e1fb1/1/37k8MmpAfDlnfmbXU21RMh2UuQ0.roa
File:                     37k8MmpAfDlnfmbXU21RMh2UuQ0.roa (raw, json)
Hash identifier:          El1oOwLO+gqvr5I/JGGNx0/LEhS1FkCKRCa07tWh31g=
Subject key identifier:   DF:B9:3C:32:6A:40:7C:39:67:7E:66:D7:53:6D:51:32:1D:94:B9:0D
Certificate issuer:       /CN=b2236dc4844b9e734a53a7034e8adc350cab950a
Certificate serial:       0C7DFF0C
Authority key identifier: B2:23:6D:C4:84:4B:9E:73:4A:53:A7:03:4E:8A:DC:35:0C:AB:95:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/siNtxIRLnnNKU6cDTorcNQyrlQo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b64405-e6f6-422d-9037-cc15689e1fb1/1/37k8MmpAfDlnfmbXU21RMh2UuQ0.roa
Signing time:             Thu 19 May 2022 08:23:01 +0000
ROA not before:           Thu 19 May 2022 08:23:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     59943
IP address blocks:        194.32.152.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 209583884 (0xc7dff0c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2236dc4844b9e734a53a7034e8adc350cab950a
        Validity
            Not Before: May 19 08:23:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dfb93c326a407c39677e66d7536d51321d94b90d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d1:f8:48:f2:48:33:cd:7e:1a:e9:9d:d8:13:
                    88:8a:52:3d:59:b1:7e:8b:5e:e1:e2:16:13:78:38:
                    37:a4:c9:f4:7d:44:64:b7:5d:57:88:2a:fe:76:98:
                    44:4c:b1:26:eb:db:87:9f:7c:6c:6b:ce:51:73:c2:
                    ab:90:3c:c8:ac:b4:75:b2:0c:7f:d9:2b:c0:d2:df:
                    38:ed:12:2c:7e:7c:20:cb:11:17:b6:bf:c5:67:78:
                    1f:ef:d9:8b:5b:22:2e:04:31:ae:c9:81:38:a9:e5:
                    4b:6e:bb:dd:f1:73:65:80:0a:91:ec:80:2c:1a:fe:
                    ad:35:78:8d:c8:f8:cf:c3:47:93:82:29:8a:30:bd:
                    d2:b4:25:4f:6a:d2:b2:f3:97:e0:e1:43:27:a6:cf:
                    5b:e8:ef:69:70:38:ec:90:19:20:e5:4b:92:97:b7:
                    45:e8:8a:b5:32:c0:b4:2f:7d:b1:f2:42:55:25:03:
                    b3:2a:e7:12:f5:68:dd:31:9b:3c:be:06:c0:21:7b:
                    b6:e8:0d:53:7d:a4:0f:9c:27:dd:e4:c8:7a:85:63:
                    2f:22:26:82:60:7e:b9:d4:8a:7c:31:66:1c:63:46:
                    5c:11:2a:40:11:a5:f6:9d:d7:2a:bb:b0:7f:e0:7c:
                    a6:a2:d0:df:31:ab:cb:61:ea:61:4a:ac:65:7c:60:
                    af:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:B9:3C:32:6A:40:7C:39:67:7E:66:D7:53:6D:51:32:1D:94:B9:0D
            X509v3 Authority Key Identifier:
                keyid:B2:23:6D:C4:84:4B:9E:73:4A:53:A7:03:4E:8A:DC:35:0C:AB:95:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siNtxIRLnnNKU6cDTorcNQyrlQo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b64405-e6f6-422d-9037-cc15689e1fb1/1/37k8MmpAfDlnfmbXU21RMh2UuQ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b64405-e6f6-422d-9037-cc15689e1fb1/1/siNtxIRLnnNKU6cDTorcNQyrlQo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:22:de:18:c4:df:d2:18:99:fc:a1:ca:63:9c:12:05:e3:b7:
         21:0a:39:13:ff:f7:cb:a0:20:b0:89:20:51:37:0b:0c:c0:bb:
         b8:93:c5:f0:d9:cd:30:1d:65:c0:aa:33:41:f0:18:b1:a5:70:
         6e:c6:e6:b9:09:1d:60:44:77:08:b6:4d:95:01:2a:b6:8c:57:
         f5:43:91:03:4c:19:6e:14:06:49:a4:fa:df:bc:90:83:bd:0f:
         cc:ad:05:d6:52:6d:e5:9d:5e:59:9b:19:54:88:bb:35:d2:0a:
         16:13:da:ed:f4:53:8f:d7:e2:46:31:97:54:d3:2c:03:f7:01:
         92:4a:42:a4:57:b8:21:fc:0f:87:ba:28:27:7d:10:2c:60:fe:
         9f:0a:76:b6:a2:ca:0e:8a:7b:8d:c6:55:e8:9f:22:b1:78:7d:
         a9:df:72:25:07:32:52:f0:8a:f8:b2:27:a2:e9:6f:d7:f4:f7:
         d0:f7:a3:5f:ba:8b:12:bd:ce:7d:47:e0:50:c3:6c:f1:d6:54:
         be:a5:d2:89:0a:2a:9f:ee:de:71:8e:82:3d:60:8e:76:e8:18:
         0a:c9:ee:c1:3b:20:ca:6d:76:77:2d:1e:95:14:84:9c:cf:3c:
         24:1e:45:fa:7d:1c:e3:17:3f:55:16:de:2c:c4:7c:50:12:9a:
         93:07:b0:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDH3/DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjIzNmRjNDg0NGI5ZTczNGE1M2E3MDM0ZThhZGMzNTBjYWI5NTBhMB4XDTIyMDUx
OTA4MjMwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZiOTNjMzI2YTQw
N2MzOTY3N2U2NmQ3NTM2ZDUxMzIxZDk0YjkwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbR+EjySDPNfhrpndgTiIpSPVmxfote4eIWE3g4N6TJ9H1E
ZLddV4gq/naYREyxJuvbh598bGvOUXPCq5A8yKy0dbIMf9krwNLfOO0SLH58IMsR
F7a/xWd4H+/Zi1siLgQxrsmBOKnlS2673fFzZYAKkeyALBr+rTV4jcj4z8NHk4Ip
ijC90rQlT2rSsvOX4OFDJ6bPW+jvaXA47JAZIOVLkpe3ReiKtTLAtC99sfJCVSUD
syrnEvVo3TGbPL4GwCF7tugNU32kD5wn3eTIeoVjLyImgmB+udSKfDFmHGNGXBEq
QBGl9p3XKruwf+B8pqLQ3zGry2HqYUqsZXxgr2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfuTwyakB8OWd+ZtdTbVEyHZS5DTAfBgNVHSMEGDAWgBSyI23EhEuec0pT
pwNOitw1DKuVCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NpTnR4SVJMbm5OS1U2Y0RUb3JjTlF5cmxRby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjY0NDA1LWU2ZjYtNDIyZC05MDM3LWNjMTU2ODllMWZiMS8x
LzM3azhNbXBBZkRsbmZtYlhVMjFSTWgyVXVRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjY0NDA1LWU2ZjYtNDIyZC05MDM3LWNjMTU2ODllMWZiMS8xL3NpTnR4SVJMbm5O
S1U2Y0RUb3JjTlF5cmxRby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIgmDANBgkqhkiG9w0BAQsFAAOC
AQEAmSLeGMTf0hiZ/KHKY5wSBeO3IQo5E//3y6AgsIkgUTcLDMC7uJPF8NnNMB1l
wKozQfAYsaVwbsbmuQkdYER3CLZNlQEqtoxX9UORA0wZbhQGSaT637yQg70PzK0F
1lJt5Z1eWZsZVIi7NdIKFhPa7fRTj9fiRjGXVNMsA/cBkkpCpFe4IfwPh7ooJ30Q
LGD+nwp2tqLKDop7jcZV6J8isXh9qd9yJQcyUvCK+LInoulv1/T30PejX7qLEr3O
fUfgUMNs8dZUvqXSiQoqn+7ecY6CPWCOdugYCsnuwTsgym12dy0elRSEnM88JB5F
+n0c4xc/VRbeLMR8UBKakwew/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:39 2024 by rpki-client on console-ams.rpki-client.org