Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/A0RYTN8IVXcMUJwsYVWRlBRcfVY.roa
File:                     A0RYTN8IVXcMUJwsYVWRlBRcfVY.roa (raw, json)
Hash identifier:          GuVH57r7QZ8cdbgnAJdYDW/dk0OHYppJG+8vddOaJEw=
Subject key identifier:   03:44:58:4C:DF:08:55:77:0C:50:9C:2C:61:55:91:94:14:5C:7D:56
Certificate issuer:       /CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
Certificate serial:       01856F0B3C6008C4BAFD15ABCC6C82C9A24A
Authority key identifier: 6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/A0RYTN8IVXcMUJwsYVWRlBRcfVY.roa
Signing time:             Sun 01 Jan 2023 20:34:45 +0000
ROA not before:           Sun 01 Jan 2023 20:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.99.20.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:3c:60:08:c4:ba:fd:15:ab:cc:6c:82:c9:a2:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f0d7a0eb5ca549590a406bc693df1e8d2cbae04
        Validity
            Not Before: Jan  1 20:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0344584cdf0855770c509c2c61559194145c7d56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:75:d8:9b:44:ac:82:41:9d:56:dd:dd:64:ae:
                    aa:24:f5:85:d8:dd:51:45:ed:1c:dd:6c:c4:09:40:
                    99:48:88:08:36:30:c3:38:d0:a1:33:f0:f7:d6:50:
                    80:62:a0:24:fb:9e:fe:84:6a:87:ef:ff:4f:f9:f5:
                    4e:2d:b2:0a:97:67:cf:ed:a5:a6:9c:5b:75:5e:54:
                    8c:a7:f9:aa:bb:c3:58:5e:1b:9f:bf:d6:dd:4f:b0:
                    33:66:e3:97:67:e2:49:b4:d3:84:f4:6c:3b:21:34:
                    9a:db:51:a4:ed:e1:3a:37:a1:71:ae:12:d2:d2:cd:
                    da:47:36:d4:d7:25:60:2b:26:75:34:88:ae:f9:f3:
                    ca:57:4b:36:94:e4:fa:6b:5a:39:51:15:93:29:fa:
                    ae:4c:e5:b1:9b:98:58:a6:16:cc:22:be:22:72:f4:
                    c0:76:2e:ab:3f:46:3f:6d:85:ac:b1:7d:7e:85:90:
                    1d:99:a6:df:71:1c:e5:dd:78:19:9c:a1:62:44:2d:
                    d4:cc:de:6a:cf:fb:4d:f2:be:b1:4f:48:a8:ce:bb:
                    90:5e:75:c8:e1:d1:c5:38:57:c4:1f:6d:20:22:4b:
                    a5:49:75:18:a7:30:3f:2c:c5:29:8d:e1:a8:ed:14:
                    04:f3:57:90:3f:b7:11:8e:27:29:3d:35:00:3b:cd:
                    22:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:44:58:4C:DF:08:55:77:0C:50:9C:2C:61:55:91:94:14:5C:7D:56
            X509v3 Authority Key Identifier:
                keyid:6F:0D:7A:0E:B5:CA:54:95:90:A4:06:BC:69:3D:F1:E8:D2:CB:AE:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bw16DrXKVJWQpAa8aT3x6NLLrgQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/A0RYTN8IVXcMUJwsYVWRlBRcfVY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b55c02-347b-42a8-96ae-d179053d8434/1/bw16DrXKVJWQpAa8aT3x6NLLrgQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.99.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:b5:2e:59:2c:41:46:93:88:98:fe:d2:41:ed:e1:40:d4:12:
         b0:ef:b5:c5:40:ee:91:47:c2:64:c4:72:23:a8:7f:a3:aa:0e:
         d2:3a:7e:6a:08:ec:92:5a:ec:07:ab:0e:fc:ba:c5:47:f2:30:
         50:30:b9:7a:ba:5e:b9:40:74:51:f6:52:50:a7:80:98:4c:73:
         82:4e:e2:76:08:b0:50:9e:a2:35:7c:d3:8c:50:6a:7b:e3:cc:
         d4:06:b9:ec:a1:7c:ae:d4:07:3b:04:b6:0d:56:f8:69:3a:72:
         da:62:c2:00:c1:0d:22:20:2d:db:f7:d6:cb:02:a9:de:f3:d8:
         af:c0:01:b0:21:95:c0:8e:44:c8:8e:08:6c:6f:a8:37:93:e0:
         81:37:16:44:70:a6:f8:0d:e6:38:82:db:2e:fb:3b:e3:42:9f:
         0c:26:0c:d2:78:fc:36:b2:15:95:ed:66:b0:17:73:b8:c2:0f:
         8f:01:d0:49:3f:8f:23:35:7b:9f:03:a7:57:16:48:e9:5b:04:
         5e:2d:d9:cc:e7:d9:e8:3b:e6:4a:d3:35:a8:b6:f0:7c:bf:86:
         fe:de:0d:a3:7c:ed:74:3d:c7:0d:f8:97:25:a6:89:64:d7:43:
         a7:da:5d:b5:42:4f:12:ca:32:db:0b:2e:a4:03:1b:bb:27:29:
         07:11:4d:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvCzxgCMS6/RWrzGyCyaJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGQ3YTBlYjVjYTU0OTU5MGE0MDZiYzY5M2RmMWU4ZDJj
YmFlMDQwHhcNMjMwMTAxMjAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ0NTg0Y2RmMDg1NTc3MGM1MDljMmM2MTU1OTE5NDE0NWM3ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnXYm0SsgkGdVt3dZK6qJPWF2N1R
Re0c3WzECUCZSIgINjDDONChM/D31lCAYqAk+57+hGqH7/9P+fVOLbIKl2fP7aWm
nFt1XlSMp/mqu8NYXhufv9bdT7AzZuOXZ+JJtNOE9Gw7ITSa21Gk7eE6N6FxrhLS
0s3aRzbU1yVgKyZ1NIiu+fPKV0s2lOT6a1o5URWTKfquTOWxm5hYphbMIr4icvTA
di6rP0Y/bYWssX1+hZAdmabfcRzl3XgZnKFiRC3UzN5qz/tN8r6xT0iozruQXnXI
4dHFOFfEH20gIkulSXUYpzA/LMUpjeGo7RQE81eQP7cRjicpPTUAO80iXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANEWEzfCFV3DFCcLGFVkZQUXH1WMB8GA1UdIwQY
MBaAFG8Neg61ylSVkKQGvGk98ejSy64EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUt
ZDE3OTA1M2Q4NDM0LzEvQTBSWVROOElWWGNNVUp3c1lWV1JsQlJjZlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iNTVjMDItMzQ3Yi00MmE4LTk2YWUtZDE3OTA1M2Q4NDM0
LzEvYncxNkRyWEtWSldRcEFhOGFUM3g2TkxMcmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMUMA0G
CSqGSIb3DQEBCwUAA4IBAQChtS5ZLEFGk4iY/tJB7eFA1BKw77XFQO6RR8JkxHIj
qH+jqg7SOn5qCOySWuwHqw78usVH8jBQMLl6ul65QHRR9lJQp4CYTHOCTuJ2CLBQ
nqI1fNOMUGp748zUBrnsoXyu1Ac7BLYNVvhpOnLaYsIAwQ0iIC3b99bLAqne89iv
wAGwIZXAjkTIjghsb6g3k+CBNxZEcKb4DeY4gtsu+zvjQp8MJgzSePw2shWV7Waw
F3O4wg+PAdBJP48jNXufA6dXFkjpWwReLdnM59noO+ZK0zWotvB8v4b+3g2jfO10
PccN+Jclpolk10On2l21Qk8SyjLbCy6kAxu7JykHEU11
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org