Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/0V9Xaw5HVQarVfHCQH4iTV2RbQ4.roa
File:                     0V9Xaw5HVQarVfHCQH4iTV2RbQ4.roa (raw, json)
Hash identifier:          osLl4j5iA57iWW3+AJ6ynGXCSQcgjPvZF7oohxMphyQ=
Subject key identifier:   D1:5F:57:6B:0E:47:55:06:AB:55:F1:C2:40:7E:22:4D:5D:91:6D:0E
Certificate issuer:       /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial:       01856F0B3D3D0535E518635DDBB11E540E71
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/0V9Xaw5HVQarVfHCQH4iTV2RbQ4.roa
Signing time:             Sun 01 Jan 2023 20:34:45 +0000
ROA not before:           Sun 01 Jan 2023 20:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212953
IP address blocks:        185.99.20.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:3d:3d:05:35:e5:18:63:5d:db:b1:1e:54:0e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
        Validity
            Not Before: Jan  1 20:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d15f576b0e475506ab55f1c2407e224d5d916d0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:45:5c:8c:64:13:2c:0f:9b:f8:7f:2d:e4:74:
                    d0:58:4d:50:69:17:f9:3f:b9:35:5b:c9:63:89:b0:
                    94:c6:33:e1:56:7a:98:f7:72:03:36:4e:30:29:ae:
                    19:c8:b1:18:47:13:c3:37:f3:c3:af:04:9a:46:d3:
                    fa:61:fe:51:03:ad:98:a3:aa:39:c5:ac:66:4e:39:
                    36:ff:40:54:c5:76:7e:f8:59:d7:9d:af:b6:ac:04:
                    e6:35:ce:c5:93:ff:58:be:cb:7e:e2:63:e3:d8:16:
                    b2:db:65:df:c1:b3:11:83:d0:06:08:2a:85:6d:69:
                    5e:3c:aa:f1:b4:64:1f:93:fd:f5:f8:ec:26:f5:b0:
                    a0:15:25:f8:27:1c:69:e7:93:b1:12:12:8c:22:73:
                    7c:74:a8:67:38:72:f4:8a:6f:e5:57:c2:17:cc:e4:
                    a0:47:92:3d:95:22:09:9e:c1:8b:ff:3d:4c:48:94:
                    75:74:b2:29:48:f6:d0:bc:44:09:c5:f5:73:d1:3f:
                    54:bc:87:e8:44:29:04:07:8b:9d:e4:6c:a4:1e:73:
                    e1:b2:33:1f:05:24:86:5c:93:8e:92:96:0f:93:9a:
                    7c:7b:51:4d:44:27:8a:f4:98:45:b4:b2:47:5e:a8:
                    4f:8f:6c:70:34:5c:29:b4:28:20:75:a6:f5:cb:aa:
                    4a:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:5F:57:6B:0E:47:55:06:AB:55:F1:C2:40:7E:22:4D:5D:91:6D:0E
            X509v3 Authority Key Identifier:
                keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/0V9Xaw5HVQarVfHCQH4iTV2RbQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.99.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:c6:7e:42:f2:1d:0d:f3:12:6c:66:b6:74:ff:33:f9:4a:0e:
         ae:a2:55:b6:90:ff:d5:03:e3:32:5f:7a:18:fa:a6:9f:2f:2b:
         01:2f:3f:f6:0a:73:a3:76:f6:8f:98:b3:f8:7c:67:b6:d8:cb:
         02:5e:b2:9a:05:73:d9:6c:9b:e5:cd:46:2f:25:69:2e:b4:6e:
         28:dd:04:c9:5c:24:96:77:75:10:fb:80:f2:a8:7c:74:a4:3c:
         e4:c9:79:31:9e:9b:b0:ff:ed:3c:7f:44:1d:25:85:8d:93:fd:
         30:fe:a4:c7:4f:f6:d2:6a:c2:3b:38:ad:c3:c1:9b:62:47:76:
         4a:19:b6:33:e9:d0:69:1b:1a:f0:d4:48:47:be:c2:0e:d2:bc:
         6d:6d:18:87:d6:df:6e:c4:61:9c:c4:29:e1:f4:df:a7:74:7f:
         7f:d9:05:ad:29:31:45:f7:35:ab:7b:cc:66:49:84:b7:e5:f8:
         b7:a2:bb:bc:07:01:45:e9:4a:e1:24:8b:f7:23:0b:af:38:ae:
         ea:09:75:97:91:cc:9e:e1:4e:f2:84:2e:68:65:f0:92:82:9a:
         e2:62:39:94:15:89:9d:c2:b5:c5:db:7f:ce:14:75:44:07:5e:
         0e:84:da:97:08:cc:59:23:09:9c:a8:65:ec:2f:6d:7c:af:6e:
         f5:cc:2b:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvCz09BTXlGGNd27EeVA5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjMwMTAxMjAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTVmNTc2YjBlNDc1NTA2YWI1NWYxYzI0MDdlMjI0ZDVkOTE2ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEVcjGQTLA+b+H8t5HTQWE1QaRf5
P7k1W8ljibCUxjPhVnqY93IDNk4wKa4ZyLEYRxPDN/PDrwSaRtP6Yf5RA62Yo6o5
xaxmTjk2/0BUxXZ++FnXna+2rATmNc7Fk/9Yvst+4mPj2Bay22XfwbMRg9AGCCqF
bWlePKrxtGQfk/31+Owm9bCgFSX4Jxxp55OxEhKMInN8dKhnOHL0im/lV8IXzOSg
R5I9lSIJnsGL/z1MSJR1dLIpSPbQvEQJxfVz0T9UvIfoRCkEB4ud5GykHnPhsjMf
BSSGXJOOkpYPk5p8e1FNRCeK9JhFtLJHXqhPj2xwNFwptCggdab1y6pKawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFfV2sOR1UGq1XxwkB+Ik1dkW0OMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvMFY5WGF3NUhWUWFyVmZIQ1FINGlUVjJSYlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBoxn5C8h0N8xJsZrZ0/zP5Sg6uolW2kP/VA+MyX3oY
+qafLysBLz/2CnOjdvaPmLP4fGe22MsCXrKaBXPZbJvlzUYvJWkutG4o3QTJXCSW
d3UQ+4DyqHx0pDzkyXkxnpuw/+08f0QdJYWNk/0w/qTHT/bSasI7OK3DwZtiR3ZK
GbYz6dBpGxrw1EhHvsIO0rxtbRiH1t9uxGGcxCnh9N+ndH9/2QWtKTFF9zWre8xm
SYS35fi3oru8BwFF6UrhJIv3IwuvOK7qCXWXkcye4U7yhC5oZfCSgpriYjmUFYmd
wrXF23/OFHVEB14OhNqXCMxZIwmcqGXsL218r271zCvU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org