Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0658f4-ae21-40ca-a3dc-c230519482e3/1/vQUQzqlVq_BCRjchmjDYof_AL1s.roa
File:                     vQUQzqlVq_BCRjchmjDYof_AL1s.roa (raw, json)
Hash identifier:          lo/BSg0Vvg17T2c0nECYjK3B72dHCiU4eNP5IdJo96s=
Subject key identifier:   BD:05:10:CE:A9:55:AB:F0:42:46:37:21:9A:30:D8:A1:FF:C0:2F:5B
Certificate issuer:       /CN=b2c1d428cdee1eb3ffbf6df2318f9954dd885ff0
Certificate serial:       0149EA68
Authority key identifier: B2:C1:D4:28:CD:EE:1E:B3:FF:BF:6D:F2:31:8F:99:54:DD:88:5F:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ssHUKM3uHrP_v23yMY-ZVN2IX_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/0658f4-ae21-40ca-a3dc-c230519482e3/1/vQUQzqlVq_BCRjchmjDYof_AL1s.roa
Signing time:             Sat 01 Jan 2022 11:04:17 +0000
ROA not before:           Sat 01 Jan 2022 11:04:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        194.150.79.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21621352 (0x149ea68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2c1d428cdee1eb3ffbf6df2318f9954dd885ff0
        Validity
            Not Before: Jan  1 11:04:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bd0510cea955abf0424637219a30d8a1ffc02f5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:58:6d:b9:10:af:ee:79:9f:45:72:d3:a1:e0:
                    81:ba:c8:b8:c4:8f:0e:15:8b:66:aa:5c:ed:10:fb:
                    a7:46:ca:51:f7:d0:6b:e5:9d:9a:ee:1f:4b:76:f5:
                    5d:89:df:17:89:72:03:e0:32:b9:a4:d4:bc:94:a5:
                    98:88:58:3c:66:33:f5:cb:42:54:26:7f:e6:ca:06:
                    80:4a:79:6d:09:3f:4f:e8:dc:98:22:12:67:2a:11:
                    25:1e:54:67:8c:dc:3e:cf:51:e7:6c:23:77:36:e8:
                    f6:db:76:b0:53:a0:77:39:25:3b:7a:32:50:80:f0:
                    28:76:4f:d2:7f:8e:b1:f8:e9:a5:23:b2:9c:ca:ac:
                    f6:e2:e5:d4:bb:ad:d6:d7:23:a0:aa:16:b3:41:8f:
                    de:9e:b3:bc:f5:39:d7:91:e2:8c:3b:4d:94:82:87:
                    dd:eb:2d:cb:f8:ba:c8:f8:52:8b:d8:80:ed:2f:50:
                    54:3b:61:12:79:54:78:20:4f:29:45:0c:c0:b6:68:
                    df:00:7d:3e:0c:d8:94:0d:1f:e4:c4:17:da:32:ff:
                    2a:b7:bd:12:e2:fa:bc:c6:c7:52:e0:6b:44:37:9b:
                    c8:7f:f9:50:e2:56:9e:51:32:29:a0:07:59:cd:34:
                    1d:6f:4e:14:80:4f:8a:96:f0:af:c4:85:e1:7b:5f:
                    63:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:05:10:CE:A9:55:AB:F0:42:46:37:21:9A:30:D8:A1:FF:C0:2F:5B
            X509v3 Authority Key Identifier:
                keyid:B2:C1:D4:28:CD:EE:1E:B3:FF:BF:6D:F2:31:8F:99:54:DD:88:5F:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssHUKM3uHrP_v23yMY-ZVN2IX_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0658f4-ae21-40ca-a3dc-c230519482e3/1/vQUQzqlVq_BCRjchmjDYof_AL1s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0658f4-ae21-40ca-a3dc-c230519482e3/1/ssHUKM3uHrP_v23yMY-ZVN2IX_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.150.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:a3:10:3d:92:80:80:66:d8:e4:34:fe:c5:c4:1c:02:d6:5d:
         7f:c0:e3:d3:ae:6f:9f:14:33:32:e3:09:3a:bc:59:87:e4:bb:
         c5:03:c8:a4:c6:07:4c:6c:6b:c4:fc:d5:e5:52:64:95:54:6c:
         c1:70:ca:de:fd:57:8a:5e:7b:cb:05:61:98:1d:ba:53:ea:c2:
         a8:93:a5:70:55:9b:81:44:12:c0:10:88:0f:c2:c3:16:07:1a:
         a0:2c:5e:b5:69:61:86:b3:4b:2b:3e:0f:29:9b:df:e8:4d:76:
         50:11:37:14:81:78:a1:ee:19:80:e8:02:75:2a:12:e6:c2:0b:
         7f:09:7e:be:73:49:5a:ce:e9:5e:33:16:85:e1:95:45:56:15:
         3b:96:47:31:1c:df:94:44:16:21:b6:a6:9a:81:ee:33:fa:ec:
         a0:6e:89:ad:8f:b1:e2:b3:25:bd:13:31:34:6a:7a:b3:a1:80:
         e8:49:fd:69:37:40:7f:41:33:7b:8b:f5:71:f9:bf:29:74:7b:
         03:b9:0c:b7:0f:fa:2c:75:ea:b8:ad:6e:de:67:b8:aa:16:54:
         be:c9:05:fe:e1:ef:d7:a7:65:3d:4d:29:e7:9a:fd:da:af:5c:
         99:16:cd:63:d4:b0:ad:8e:a0:d8:91:bb:3f:f1:b5:1f:f6:56:
         91:03:38:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUnqaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmMxZDQyOGNkZWUxZWIzZmZiZjZkZjIzMThmOTk1NGRkODg1ZmYwMB4XDTIyMDEw
MTExMDQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQwNTEwY2VhOTU1
YWJmMDQyNDYzNzIxOWEzMGQ4YTFmZmMwMmY1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpYbbkQr+55n0Vy06HggbrIuMSPDhWLZqpc7RD7p0bKUffQ
a+Wdmu4fS3b1XYnfF4lyA+AyuaTUvJSlmIhYPGYz9ctCVCZ/5soGgEp5bQk/T+jc
mCISZyoRJR5UZ4zcPs9R52wjdzbo9tt2sFOgdzklO3oyUIDwKHZP0n+OsfjppSOy
nMqs9uLl1Lut1tcjoKoWs0GP3p6zvPU515HijDtNlIKH3esty/i6yPhSi9iA7S9Q
VDthEnlUeCBPKUUMwLZo3wB9PgzYlA0f5MQX2jL/Kre9EuL6vMbHUuBrRDebyH/5
UOJWnlEyKaAHWc00HW9OFIBPipbwr8SF4XtfY6MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9BRDOqVWr8EJGNyGaMNih/8AvWzAfBgNVHSMEGDAWgBSywdQoze4es/+/
bfIxj5lU3Yhf8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NzSFVLTTN1SHJQX3YyM3lNWS1aVk4ySVhfQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMDY1OGY0LWFlMjEtNDBjYS1hM2RjLWMyMzA1MTk0ODJlMy8x
L3ZRVVF6cWxWcV9CQ1JqY2htakRZb2ZfQUwxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MDY1OGY0LWFlMjEtNDBjYS1hM2RjLWMyMzA1MTk0ODJlMy8xL3NzSFVLTTN1SHJQ
X3YyM3lNWS1aVk4ySVhfQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKWTzANBgkqhkiG9w0BAQsFAAOC
AQEAh6MQPZKAgGbY5DT+xcQcAtZdf8Dj065vnxQzMuMJOrxZh+S7xQPIpMYHTGxr
xPzV5VJklVRswXDK3v1Xil57ywVhmB26U+rCqJOlcFWbgUQSwBCID8LDFgcaoCxe
tWlhhrNLKz4PKZvf6E12UBE3FIF4oe4ZgOgCdSoS5sILfwl+vnNJWs7pXjMWheGV
RVYVO5ZHMRzflEQWIbammoHuM/rsoG6JrY+x4rMlvRMxNGp6s6GA6En9aTdAf0Ez
e4v1cfm/KXR7A7kMtw/6LHXquK1u3me4qhZUvskF/uHv16dlPU0p55r92q9cmRbN
Y9SwrY6g2JG7P/G1H/ZWkQM4oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:17 2024 by rpki-client on console-fra.rpki-client.org