Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ZrwHnbp0cmRv-8Aq-3dTrUs96b8.roa
File:                     ZrwHnbp0cmRv-8Aq-3dTrUs96b8.roa (raw, json)
Hash identifier:          laG521bBX3KOp9w13a5/N7g1SD2gsHS2KdTqelNAv1g=
Subject key identifier:   66:BC:07:9D:BA:74:72:64:6F:FB:C0:2A:FB:77:53:AD:4B:3D:E9:BF
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       019423D6F4EF584F53C665109AF45A591F39
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ZrwHnbp0cmRv-8Aq-3dTrUs96b8.roa
Signing time:             Wed 01 Jan 2025 21:47:57 +0000
ROA not before:           Wed 01 Jan 2025 21:47:57 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     199218
IP address blocks:        83.229.23.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:23:d6:f4:ef:58:4f:53:c6:65:10:9a:f4:5a:59:1f:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Jan  1 21:47:57 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=66bc079dba7472646ffbc02afb7753ad4b3de9bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:5a:29:72:b4:1c:e9:e6:40:00:a6:a1:a2:e2:
                    0e:c8:1a:d7:72:cd:68:52:d6:30:60:a8:fa:1c:20:
                    7f:1b:8d:9e:80:ea:52:4e:03:6d:86:ec:7b:00:45:
                    29:61:2c:34:8b:78:23:f0:c5:9b:cc:b0:09:79:e3:
                    6a:24:fb:20:05:99:94:27:09:a6:65:f8:5c:5b:d1:
                    50:12:a5:9f:29:f6:f5:1e:43:a5:e1:9e:fc:36:8e:
                    de:25:b7:9c:36:90:e1:45:ea:0c:6e:6b:2b:98:58:
                    e8:ad:78:be:f9:88:5d:6a:0f:d4:3b:8d:9d:1c:0c:
                    e0:c0:ba:3b:e9:b7:3a:4e:92:ca:9d:94:d6:91:75:
                    a2:bd:0c:01:7f:45:a1:07:05:0a:54:5e:d0:5e:9e:
                    d8:e1:a0:72:e4:50:e1:3c:71:f9:aa:17:9e:8d:b9:
                    63:7c:07:f1:20:4a:a5:98:0d:50:37:17:88:ed:8a:
                    89:80:8a:06:58:db:d1:f8:fe:55:39:c0:06:28:d3:
                    a4:36:1e:4d:32:95:c4:a9:c3:29:f0:2f:08:6e:c7:
                    ce:f7:43:81:20:ef:b7:65:47:ef:a6:81:f0:9c:e4:
                    b8:46:60:75:68:fb:91:35:f9:3b:ff:52:ca:67:19:
                    7d:93:99:2c:71:9d:63:79:bc:3a:4a:fb:e5:9a:eb:
                    65:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:BC:07:9D:BA:74:72:64:6F:FB:C0:2A:FB:77:53:AD:4B:3D:E9:BF
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ZrwHnbp0cmRv-8Aq-3dTrUs96b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.229.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:cb:4e:71:5e:f8:56:86:60:44:4d:5c:40:df:7c:f3:0c:f7:
         c3:19:38:e9:b6:0f:a1:78:a7:f0:a9:c8:3c:26:19:a0:34:2d:
         5f:26:1e:b4:69:a9:cb:6c:e1:09:56:cc:da:a4:ad:92:50:22:
         9d:8e:96:38:21:0e:fc:ec:ee:de:e4:f2:59:ff:e9:65:e1:ef:
         5a:45:ce:15:16:9e:70:26:ce:8c:da:d8:f7:38:94:de:84:d5:
         cc:bd:71:82:24:11:38:c8:42:7a:ec:81:a0:4c:f9:62:71:f1:
         ed:51:4c:72:00:79:87:fc:fe:91:5d:c6:b9:8d:b7:8c:36:77:
         9c:68:14:f6:5b:b3:de:6d:87:7e:ac:34:37:00:a1:b0:bf:7c:
         61:c2:34:14:f4:ed:ed:b4:11:ad:6e:ef:fd:34:7f:e6:13:6d:
         3c:09:0c:5c:f2:3a:7c:2c:06:97:eb:55:e4:85:97:ad:0b:86:
         e6:61:ce:63:54:df:02:92:06:dc:1b:30:a3:ee:78:61:f2:39:
         34:96:40:94:13:44:50:40:79:ec:e8:4b:a5:21:a4:c1:5b:58:
         46:37:b9:92:b1:7e:a0:36:8a:bb:33:76:06:4c:b3:32:08:b3:
         6a:95:1e:c9:fc:ba:5b:a7:16:bb:8e:4d:26:92:78:70:5e:70:
         50:f5:cd:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1vTvWE9TxmUQmvRaWR85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJjMDc5ZGJhNzQ3MjY0NmZmYmMwMmFmYjc3NTNhZDRiM2RlOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVopcrQc6eZAAKahouIOyBrXcs1o
UtYwYKj6HCB/G42egOpSTgNthux7AEUpYSw0i3gj8MWbzLAJeeNqJPsgBZmUJwmm
ZfhcW9FQEqWfKfb1HkOl4Z78No7eJbecNpDhReoMbmsrmFjorXi++Yhdag/UO42d
HAzgwLo76bc6TpLKnZTWkXWivQwBf0WhBwUKVF7QXp7Y4aBy5FDhPHH5qheejblj
fAfxIEqlmA1QNxeI7YqJgIoGWNvR+P5VOcAGKNOkNh5NMpXEqcMp8C8IbsfO90OB
IO+3ZUfvpoHwnOS4RmB1aPuRNfk7/1LKZxl9k5kscZ1jebw6Svvlmutl4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGa8B526dHJkb/vAKvt3U61LPem/MB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvWnJ3SG5icDBjbVJ2LThBcS0zZFRyVXM5NmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU+UXMA0G
CSqGSIb3DQEBCwUAA4IBAQCLy05xXvhWhmBETVxA33zzDPfDGTjptg+heKfwqcg8
JhmgNC1fJh60aanLbOEJVszapK2SUCKdjpY4IQ787O7e5PJZ/+ll4e9aRc4VFp5w
Js6M2tj3OJTehNXMvXGCJBE4yEJ67IGgTPlicfHtUUxyAHmH/P6RXca5jbeMNnec
aBT2W7PebYd+rDQ3AKGwv3xhwjQU9O3ttBGtbu/9NH/mE208CQxc8jp8LAaX61Xk
hZetC4bmYc5jVN8CkgbcGzCj7nhh8jk0lkCUE0RQQHns6EulIaTBW1hGN7mSsX6g
Noq7M3YGTLMyCLNqlR7J/Lpbpxa7jk0mknhwXnBQ9c1P
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:27 2025 by rpki-client