Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/78277b-3567-4e7f-9c69-d39bdfed9fbd/1/won8w-BAIbp5ozvL2hud37aOiRs.roa
File:                     won8w-BAIbp5ozvL2hud37aOiRs.roa (raw, json)
Hash identifier:          Iies7qm4WfQZ/VVF9xuPWjs/gHCQj6mgPspGxZCllms=
Subject key identifier:   C2:89:FC:C3:E0:40:21:BA:79:A3:3B:CB:DA:1B:9D:DF:B6:8E:89:1B
Certificate issuer:       /CN=1d6dabc3628f271f8c5b0cdb184d18bcde5b9900
Certificate serial:       0476A7AE
Authority key identifier: 1D:6D:AB:C3:62:8F:27:1F:8C:5B:0C:DB:18:4D:18:BC:DE:5B:99:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HW2rw2KPJx-MWwzbGE0YvN5bmQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/78277b-3567-4e7f-9c69-d39bdfed9fbd/1/won8w-BAIbp5ozvL2hud37aOiRs.roa
Signing time:             Fri 22 Apr 2022 09:28:30 +0000
ROA not before:           Fri 22 Apr 2022 09:28:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210574
IP address blocks:        141.98.112.0/24 maxlen: 24
                          141.98.115.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74885038 (0x476a7ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d6dabc3628f271f8c5b0cdb184d18bcde5b9900
        Validity
            Not Before: Apr 22 09:28:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c289fcc3e04021ba79a33bcbda1b9ddfb68e891b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ab:b4:54:6a:9d:2f:c7:92:5f:20:b7:86:93:
                    f3:5a:49:15:72:17:05:b3:e9:10:5c:31:81:d7:ac:
                    56:fc:32:a1:4e:e3:43:69:b6:3f:6d:8b:58:3c:ea:
                    d6:ee:6a:56:ce:90:42:7c:08:af:f2:24:b4:08:0f:
                    b7:ab:21:0c:aa:15:2b:4b:4c:9a:19:8c:8c:28:a4:
                    02:e7:26:6e:10:84:d4:40:de:a6:e3:4c:35:1e:2d:
                    1f:7c:a8:a5:73:54:0c:e9:ef:0b:a2:08:ab:59:92:
                    94:27:c7:0e:a2:76:2a:27:b0:91:6a:42:b8:5f:26:
                    bd:84:38:dc:6f:4a:18:8e:f6:22:25:66:f0:a3:4c:
                    23:98:a6:72:8c:76:1f:a9:9d:38:44:bc:b3:02:d9:
                    1f:02:8e:cf:b7:59:a3:ed:98:c6:f9:0b:92:25:cc:
                    96:ef:64:30:30:7e:44:df:6d:36:1a:af:57:70:cb:
                    7c:4e:3c:f2:50:4d:20:e8:07:bb:c8:ea:d0:24:b8:
                    9e:52:80:8a:31:00:37:3a:a7:9a:cf:90:43:42:b4:
                    08:f3:3d:64:db:db:92:3e:b1:9e:78:9d:d2:2b:a9:
                    9b:63:3e:ec:81:3c:df:fc:b6:67:16:68:ef:11:72:
                    0a:a6:05:fd:38:c7:25:ca:a0:40:0b:6e:ee:33:7c:
                    92:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:89:FC:C3:E0:40:21:BA:79:A3:3B:CB:DA:1B:9D:DF:B6:8E:89:1B
            X509v3 Authority Key Identifier:
                keyid:1D:6D:AB:C3:62:8F:27:1F:8C:5B:0C:DB:18:4D:18:BC:DE:5B:99:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HW2rw2KPJx-MWwzbGE0YvN5bmQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/78277b-3567-4e7f-9c69-d39bdfed9fbd/1/won8w-BAIbp5ozvL2hud37aOiRs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/78277b-3567-4e7f-9c69-d39bdfed9fbd/1/HW2rw2KPJx-MWwzbGE0YvN5bmQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.112.0/24
                  141.98.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:b0:3a:25:04:fa:c6:ae:bf:d9:9a:36:08:63:66:6f:c2:e4:
         5e:05:11:a6:8c:17:6c:cb:08:94:4b:b3:e9:94:f6:b9:ce:2c:
         b2:fd:69:51:f5:85:c4:32:76:c9:70:fe:f1:23:dd:dc:23:40:
         9b:f4:36:3b:f1:41:8b:ac:1e:30:32:29:06:cf:6a:3e:5a:55:
         28:2d:20:e3:e0:43:17:bd:18:2f:87:57:42:f0:c4:c4:e6:43:
         c2:ba:58:6f:c5:8c:30:fa:2c:b1:54:18:cd:1e:dd:d4:e9:f9:
         2d:d5:c0:4a:e3:ac:db:15:79:e5:74:e4:78:16:33:b1:cc:76:
         ec:55:bb:db:62:d1:a0:4d:d5:d6:1d:85:d2:7c:02:73:26:50:
         fe:bd:98:19:18:b8:49:6f:34:60:fb:1d:01:51:12:f4:8c:c8:
         a4:81:7f:92:79:e5:b2:bf:6b:22:09:40:6d:e8:55:5b:48:a8:
         d2:ca:a0:88:e0:7d:78:64:72:af:83:88:8b:fa:c2:7a:e1:97:
         1e:c2:80:94:57:a1:4a:e4:ec:4c:42:cc:cf:0f:59:f0:74:e8:
         6d:66:fa:32:44:0c:bb:00:f8:ed:b4:54:58:e9:21:29:da:92:
         b4:e3:06:20:af:af:c6:0c:da:c0:12:4f:48:e9:df:47:d9:37:
         7a:97:4a:d0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBHanrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDZkYWJjMzYyOGYyNzFmOGM1YjBjZGIxODRkMThiY2RlNWI5OTAwMB4XDTIyMDQy
MjA5MjgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI4OWZjYzNlMDQw
MjFiYTc5YTMzYmNiZGExYjlkZGZiNjhlODkxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCrtFRqnS/Hkl8gt4aT81pJFXIXBbPpEFwxgdesVvwyoU7j
Q2m2P22LWDzq1u5qVs6QQnwIr/IktAgPt6shDKoVK0tMmhmMjCikAucmbhCE1EDe
puNMNR4tH3yopXNUDOnvC6IIq1mSlCfHDqJ2KiewkWpCuF8mvYQ43G9KGI72IiVm
8KNMI5imcox2H6mdOES8swLZHwKOz7dZo+2YxvkLkiXMlu9kMDB+RN9tNhqvV3DL
fE488lBNIOgHu8jq0CS4nlKAijEANzqnms+QQ0K0CPM9ZNvbkj6xnnid0iupm2M+
7IE83/y2ZxZo7xFyCqYF/TjHJcqgQAtu7jN8kk8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTCifzD4EAhunmjO8vaG53fto6JGzAfBgNVHSMEGDAWgBQdbavDYo8nH4xb
DNsYTRi83luZADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hXMnJ3MktQSngtTVd3emJHRTBZdk41Ym1RQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvNzgyNzdiLTM1NjctNGU3Zi05YzY5LWQzOWJkZmVkOWZiZC8x
L3dvbjh3LUJBSWJwNW96dkwyaHVkMzdhT2lScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
NzgyNzdiLTM1NjctNGU3Zi05YzY5LWQzOWJkZmVkOWZiZC8xL0hXMnJ3MktQSngt
TVd3emJHRTBZdk41Ym1RQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAI1icAMEAI1iczANBgkqhkiG9w0B
AQsFAAOCAQEAWLA6JQT6xq6/2Zo2CGNmb8LkXgURpowXbMsIlEuz6ZT2uc4ssv1p
UfWFxDJ2yXD+8SPd3CNAm/Q2O/FBi6weMDIpBs9qPlpVKC0g4+BDF70YL4dXQvDE
xOZDwrpYb8WMMPossVQYzR7d1On5LdXASuOs2xV55XTkeBYzscx27FW722LRoE3V
1h2F0nwCcyZQ/r2YGRi4SW80YPsdAVES9IzIpIF/knnlsr9rIglAbehVW0io0sqg
iOB9eGRyr4OIi/rCeuGXHsKAlFehSuTsTELMzw9Z8HTobWb6MkQMuwD47bRUWOkh
KdqStOMGIK+vxgzawBJPSOnfR9k3epdK0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:22 2024 by rpki-client on console-ams.rpki-client.org