Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/JBStW5153CE_X_D5AftuYf2eMOw.roa
File:                     JBStW5153CE_X_D5AftuYf2eMOw.roa (raw, json)
Hash identifier:          w4iO9BL4nC0mp3jUtaUJmKdywglMOjJNTvmLCdsW8qw=
Subject key identifier:   24:14:AD:5B:9D:79:DC:21:3F:5F:F0:F9:01:FB:6E:61:FD:9E:30:EC
Certificate issuer:       /CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Certificate serial:       0CBFFDEA
Authority key identifier: F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/JBStW5153CE_X_D5AftuYf2eMOw.roa
Signing time:             Mon 21 Feb 2022 08:05:07 +0000
ROA not before:           Mon 21 Feb 2022 08:05:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     41937
IP address blocks:        109.122.113.0/24 maxlen: 24
                          87.250.32.0/19 maxlen: 24
                          185.112.20.0/22 maxlen: 24
                          62.240.24.0/21 maxlen: 24
                          62.240.24.0/23 maxlen: 24
                          109.198.0.0/19 maxlen: 24
                          185.179.136.0/22 maxlen: 24
                          109.122.64.0/18 maxlen: 24
                          178.79.10.0/23 maxlen: 24
                          178.250.136.0/21 maxlen: 24
                          46.235.96.0/21 maxlen: 24
                          5.134.104.0/21 maxlen: 24
                          185.26.172.0/22 maxlen: 24
                          109.72.48.0/20 maxlen: 24
                          92.244.128.0/19 maxlen: 24
                          178.237.208.0/20 maxlen: 24
                          178.237.216.0/21 maxlen: 24
                          91.185.96.0/19 maxlen: 24
                          185.103.136.0/22 maxlen: 24
                          91.204.52.0/22 maxlen: 24
                          185.10.140.0/22 maxlen: 24
                          185.10.142.0/23 maxlen: 24
                          176.67.215.0/24 maxlen: 24
                          109.94.228.0/22 maxlen: 24
                          2a06:63c0::/29 maxlen: 48
                          2a02:61a0::/32 maxlen: 48
                          2a00:cf00::/32 maxlen: 48
                          2a00:8720::/32 maxlen: 48
                          2a03:fc40::/32 maxlen: 48
                          2a06:5b00::/29 maxlen: 48
                          2a04:1dc0::/29 maxlen: 48
                          2a01:b800::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 213908970 (0xcbffdea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
        Validity
            Not Before: Feb 21 08:05:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2414ad5b9d79dc213f5ff0f901fb6e61fd9e30ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:34:4a:7a:67:1e:12:c4:22:c1:37:c5:8a:26:
                    5b:e3:c6:12:bd:59:b1:92:2d:d3:7d:ec:61:87:ed:
                    57:4c:55:4c:d1:66:26:00:89:ce:d4:f7:35:dd:9a:
                    32:1a:46:62:ef:f9:08:88:1b:f9:a8:97:cd:98:94:
                    97:24:4b:cc:44:93:3a:5a:80:0d:07:18:b4:70:1b:
                    4b:d0:34:51:d5:64:c1:17:88:df:33:09:4d:76:99:
                    af:91:56:2a:3b:c1:1e:e3:13:7e:bd:8a:52:a2:61:
                    43:21:96:4f:1d:86:20:65:18:25:0f:3c:2b:c3:52:
                    8f:bc:f3:da:89:e4:dc:c9:f7:78:5f:ad:27:a8:9a:
                    e8:b7:df:9f:8a:23:47:07:3b:0c:fa:4b:5e:71:38:
                    3e:4a:61:6d:24:e4:39:dd:4f:3f:fd:cf:6c:3d:cb:
                    2a:9b:50:3d:b7:59:7b:38:04:6a:1d:a9:13:99:cc:
                    a6:08:01:3f:cf:9c:04:95:c9:f2:5c:32:32:76:de:
                    fa:b3:f2:ac:d9:a9:e6:05:e5:3b:9b:5f:97:b3:4c:
                    8f:b7:50:01:56:d5:7f:fd:33:c3:7b:5f:07:6b:88:
                    b8:84:71:26:dc:27:f2:49:9d:a1:cc:2c:4f:de:78:
                    cb:6a:66:eb:71:8f:30:c5:0c:c5:43:4b:2d:85:64:
                    22:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:14:AD:5B:9D:79:DC:21:3F:5F:F0:F9:01:FB:6E:61:FD:9E:30:EC
            X509v3 Authority Key Identifier:
                keyid:F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/JBStW5153CE_X_D5AftuYf2eMOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/9x-b3axMNAeNjQ-rnhTRdqQW-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.134.104.0/21
                  46.235.96.0/21
                  62.240.24.0/21
                  87.250.32.0/19
                  91.185.96.0/19
                  91.204.52.0/22
                  92.244.128.0/19
                  109.72.48.0/20
                  109.94.228.0/22
                  109.122.64.0/18
                  109.198.0.0/19
                  176.67.215.0/24
                  178.79.10.0/23
                  178.237.208.0/20
                  178.250.136.0/21
                  185.10.140.0/22
                  185.26.172.0/22
                  185.103.136.0/22
                  185.112.20.0/22
                  185.179.136.0/22
                IPv6:
                  2a00:8720::/32
                  2a00:cf00::/32
                  2a01:b800::/32
                  2a02:61a0::/32
                  2a03:fc40::/32
                  2a04:1dc0::/29
                  2a06:5b00::/29
                  2a06:63c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         ed:b5:13:b2:12:9d:29:00:66:1f:54:d7:69:f3:c4:5e:63:a1:
         fc:fc:00:81:ff:93:f4:cd:84:2e:4b:b4:1b:7a:ef:67:20:cd:
         f8:42:3d:92:f6:13:01:76:84:90:b3:de:d1:d4:82:0a:ef:59:
         0f:48:ef:58:87:d6:8c:06:e0:15:61:b4:36:4a:76:a1:1a:8d:
         2c:e1:cf:bc:85:d4:78:99:5a:4f:81:40:17:08:0a:57:21:29:
         47:56:68:a5:3a:2b:fb:92:cc:40:fd:6f:5e:cf:26:07:ca:fc:
         f2:7b:d4:e1:a6:72:81:33:b2:f9:54:ee:7a:97:04:e6:7d:85:
         b3:1f:4c:78:ee:68:89:75:e4:58:12:58:70:0b:26:22:54:3f:
         47:e0:0d:54:8e:00:c2:de:56:17:0e:5a:a9:4a:32:16:7e:72:
         b4:ad:15:a5:b2:7b:9f:2f:2e:63:02:4e:b9:df:88:eb:f7:42:
         ca:c8:04:3b:57:f0:16:54:33:5a:19:bf:7e:d4:e8:6d:d2:6f:
         fe:7d:b2:5d:89:7f:79:0c:2e:3e:20:35:99:7b:02:92:d2:ff:
         d9:f6:ee:79:ad:e2:95:3b:48:78:e9:2f:69:40:9b:f3:f1:49:
         69:af:07:26:d8:87:d9:1d:58:89:16:91:03:72:a9:0d:b3:9c:
         fa:99:17:d1
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIEDL/96jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFmOWJkZGFjNGMzNDA3OGQ4ZDBmYWI5ZTE0ZDE3NmE0MTZmOTYzMB4XDTIyMDIy
MTA4MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQxNGFkNWI5ZDc5
ZGMyMTNmNWZmMGY5MDFmYjZlNjFmZDllMzBlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKE0SnpnHhLEIsE3xYomW+PGEr1ZsZIt033sYYftV0xVTNFm
JgCJztT3Nd2aMhpGYu/5CIgb+aiXzZiUlyRLzESTOlqADQcYtHAbS9A0UdVkwReI
3zMJTXaZr5FWKjvBHuMTfr2KUqJhQyGWTx2GIGUYJQ88K8NSj7zz2onk3Mn3eF+t
J6ia6Lffn4ojRwc7DPpLXnE4PkphbSTkOd1PP/3PbD3LKptQPbdZezgEah2pE5nM
pggBP8+cBJXJ8lwyMnbe+rPyrNmp5gXlO5tfl7NMj7dQAVbVf/0zw3tfB2uIuIRx
Jtwn8kmdocwsT954y2pm63GPMMUMxUNLLYVkIvcCAwEAAaOCAr4wggK6MB0GA1Ud
DgQWBBQkFK1bnXncIT9f8PkB+25h/Z4w7DAfBgNVHSMEGDAWgBT3H5vdrEw0B42N
D6ueFNF2pBb5YzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4LWIzYXhNTkFlTmpRLXJuaFRSZHFRVy1XTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8x
L0pCU3RXNTE1M0NFX1hfRDVBZnR1WWYyZU1Pdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8xLzl4LWIzYXhNTkFl
TmpRLXJuaFRSZHFRVy1XTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0wYIKwYBBQUHAQcBAf8EgcMwgcAwfgQCAAEweAMEAwWGaAMEAy7rYAMEAz7wGAME
BVf6IAMEBVu5YAMEAlvMNAMEBVz0gAMEBG1IMAMEAm1e5AMEBm16QAMEBW3GAAME
ALBD1wMEAbJPCgMEBLLt0AMEA7L6iAMEArkKjAMEArkarAMEArlniAMEArlwFAME
ArmziDA+BAIAAjA4AwUAKgCHIAMFACoAzwADBQAqAbgAAwUAKgJhoAMFACoD/EAD
BQMqBB3AAwUDKgZbAAMFAyoGY8AwDQYJKoZIhvcNAQELBQADggEBAO21E7ISnSkA
Zh9U12nzxF5jofz8AIH/k/TNhC5LtBt672cgzfhCPZL2EwF2hJCz3tHUggrvWQ9I
71iH1owG4BVhtDZKdqEajSzhz7yF1HiZWk+BQBcIClchKUdWaKU6K/uSzED9b17P
JgfK/PJ71OGmcoEzsvlU7nqXBOZ9hbMfTHjuaIl15FgSWHALJiJUP0fgDVSOAMLe
VhcOWqlKMhZ+crStFaWye58vLmMCTrnfiOv3QsrIBDtX8BZUM1oZv37U6G3Sb/59
sl2Jf3kMLj4gNZl7ApLS/9n27nmt4pU7SHjpL2lAm/PxSWmvBybYh9kdWIkWkQNy
qQ2znPqZF9E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:02 2024 by rpki-client on console-ams.rpki-client.org