Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/680922-ec15-4435-8b2f-b22130cccc8a/1/GN3WNa1KPa1c9T26r6KAvJvAYiE.roa
File:                     GN3WNa1KPa1c9T26r6KAvJvAYiE.roa (raw, json)
Hash identifier:          +ALWTD/HKC6jB65e4OpisuWe7eyEx27q1eW5FAODFC4=
Subject key identifier:   18:DD:D6:35:AD:4A:3D:AD:5C:F5:3D:BA:AF:A2:80:BC:9B:C0:62:21
Certificate issuer:       /CN=52f2b1b3a98e83c06162550f791f4bcaa313903a
Certificate serial:       0183A880BF5882653647262EF41FA3C85BDA
Authority key identifier: 52:F2:B1:B3:A9:8E:83:C0:61:62:55:0F:79:1F:4B:CA:A3:13:90:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UvKxs6mOg8BhYlUPeR9LyqMTkDo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/680922-ec15-4435-8b2f-b22130cccc8a/1/GN3WNa1KPa1c9T26r6KAvJvAYiE.roa
Signing time:             Wed 05 Oct 2022 14:15:53 +0000
ROA not before:           Wed 05 Oct 2022 14:15:53 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43278
IP address blocks:        185.207.214.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:a8:80:bf:58:82:65:36:47:26:2e:f4:1f:a3:c8:5b:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52f2b1b3a98e83c06162550f791f4bcaa313903a
        Validity
            Not Before: Oct  5 14:15:53 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=18ddd635ad4a3dad5cf53dbaafa280bc9bc06221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d7:b4:c7:1a:b2:64:53:22:e6:ab:10:23:db:
                    fb:38:d5:cb:73:63:19:a6:02:c4:0e:21:4e:54:5b:
                    3a:b5:e1:05:8e:4a:4b:d8:06:0f:89:3d:38:98:3f:
                    65:67:8a:be:9f:ea:9a:f7:c4:3a:bf:51:b7:34:91:
                    fd:52:87:7b:00:dd:7d:41:96:46:8e:9f:d9:19:1f:
                    a1:22:5d:37:1b:e6:4c:2e:bc:b6:2c:5e:6e:25:ca:
                    c1:70:2d:0a:50:c4:42:33:05:aa:e9:9c:59:6f:4f:
                    a4:62:e5:ac:d9:65:14:11:e2:c0:87:53:e5:15:b6:
                    4a:29:c2:a4:33:94:4c:a8:f8:f2:2b:5c:63:ec:3e:
                    33:1c:22:f0:3a:03:55:b1:f6:8f:b5:c2:6d:19:98:
                    f1:ec:1b:77:75:9d:72:15:5d:ed:bd:7c:26:1d:99:
                    82:c8:48:21:84:17:4d:05:89:37:38:76:37:97:a3:
                    71:95:e1:0f:e8:f6:a5:79:de:4f:71:d6:1c:04:b7:
                    7f:e5:4c:ce:ce:75:e4:2f:b7:ba:27:91:14:49:8e:
                    d8:25:10:3f:b3:1b:23:ef:72:8c:93:99:d3:7c:94:
                    04:0c:2c:58:cb:e6:1e:78:6f:d0:4d:62:54:5b:da:
                    ba:5c:4a:54:cf:b4:43:39:23:cf:58:6d:b2:23:d7:
                    17:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:DD:D6:35:AD:4A:3D:AD:5C:F5:3D:BA:AF:A2:80:BC:9B:C0:62:21
            X509v3 Authority Key Identifier:
                keyid:52:F2:B1:B3:A9:8E:83:C0:61:62:55:0F:79:1F:4B:CA:A3:13:90:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvKxs6mOg8BhYlUPeR9LyqMTkDo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/680922-ec15-4435-8b2f-b22130cccc8a/1/GN3WNa1KPa1c9T26r6KAvJvAYiE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/680922-ec15-4435-8b2f-b22130cccc8a/1/UvKxs6mOg8BhYlUPeR9LyqMTkDo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:0e:4c:79:11:40:23:00:6e:f7:7e:c1:ca:8e:4b:e4:4e:c4:
         5e:ab:66:9e:67:b9:9c:04:ae:8b:f9:58:2c:5f:8b:0c:ca:62:
         73:2a:c1:87:8b:dd:0c:48:85:32:ad:07:51:3b:cd:d5:ca:54:
         8c:bd:45:f9:16:a8:01:88:cc:6f:c3:69:93:cd:76:6a:85:86:
         4b:2a:e8:7b:af:56:e1:1a:68:4b:fb:a6:e4:96:14:8f:60:14:
         a1:78:89:ff:97:00:ac:0a:e0:a7:42:fc:8d:2d:38:86:83:ee:
         0d:3a:32:55:9b:0a:07:09:91:3c:59:ed:6d:b5:72:90:9e:e6:
         6e:18:2b:7b:08:08:b2:99:bf:de:83:fc:8b:1c:77:60:62:3a:
         65:78:56:ca:ed:34:20:d0:bd:74:b0:60:52:6e:f2:30:3b:0c:
         82:e9:e8:06:60:29:f6:a3:82:bd:19:9a:86:26:01:2b:ab:ea:
         00:79:83:68:47:f5:3c:49:e3:32:9a:57:ae:ea:6f:25:42:5b:
         13:20:ef:32:cc:a5:c2:21:e8:08:70:30:04:ef:a2:1d:39:97:
         43:4e:06:51:cd:8e:48:f1:a1:de:4c:35:11:9b:14:b5:1a:16:
         6c:82:6b:cd:06:17:16:84:91:3c:35:85:37:1f:61:c1:d8:8b:
         39:56:da:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOogL9YgmU2RyYu9B+jyFvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZjJiMWIzYTk4ZTgzYzA2MTYyNTUwZjc5MWY0YmNhYTMx
MzkwM2EwHhcNMjIxMDA1MTQxNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRkZDYzNWFkNGEzZGFkNWNmNTNkYmFhZmEyODBiYzliYzA2MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkde0xxqyZFMi5qsQI9v7ONXLc2MZ
pgLEDiFOVFs6teEFjkpL2AYPiT04mD9lZ4q+n+qa98Q6v1G3NJH9Uod7AN19QZZG
jp/ZGR+hIl03G+ZMLry2LF5uJcrBcC0KUMRCMwWq6ZxZb0+kYuWs2WUUEeLAh1Pl
FbZKKcKkM5RMqPjyK1xj7D4zHCLwOgNVsfaPtcJtGZjx7Bt3dZ1yFV3tvXwmHZmC
yEghhBdNBYk3OHY3l6NxleEP6Paled5PcdYcBLd/5UzOznXkL7e6J5EUSY7YJRA/
sxsj73KMk5nTfJQEDCxYy+YeeG/QTWJUW9q6XEpUz7RDOSPPWG2yI9cXvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjd1jWtSj2tXPU9uq+igLybwGIhMB8GA1UdIwQY
MBaAFFLysbOpjoPAYWJVD3kfS8qjE5A6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXZLeHM2bU9nOEJoWWxVUGVSOUx5cU1Ua0RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82ODA5MjItZWMxNS00NDM1LThiMmYt
YjIyMTMwY2NjYzhhLzEvR04zV05hMUtQYTFjOVQyNnI2S0F2SnZBWWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82ODA5MjItZWMxNS00NDM1LThiMmYtYjIyMTMwY2NjYzhh
LzEvVXZLeHM2bU9nOEJoWWxVUGVSOUx5cU1Ua0RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc/WMA0G
CSqGSIb3DQEBCwUAA4IBAQBpDkx5EUAjAG73fsHKjkvkTsReq2aeZ7mcBK6L+Vgs
X4sMymJzKsGHi90MSIUyrQdRO83VylSMvUX5FqgBiMxvw2mTzXZqhYZLKuh7r1bh
GmhL+6bklhSPYBSheIn/lwCsCuCnQvyNLTiGg+4NOjJVmwoHCZE8We1ttXKQnuZu
GCt7CAiymb/eg/yLHHdgYjpleFbK7TQg0L10sGBSbvIwOwyC6egGYCn2o4K9GZqG
JgErq+oAeYNoR/U8SeMymleu6m8lQlsTIO8yzKXCIegIcDAE76IdOZdDTgZRzY5I
8aHeTDURmxS1GhZsgmvNBhcWhJE8NYU3H2HB2Is5Vtpv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:46 2024 by rpki-client on console-ams.rpki-client.org