Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/gSL3s6C5CihUGbl26bDRD9G572w.roa
File:                     gSL3s6C5CihUGbl26bDRD9G572w.roa (raw, json)
Hash identifier:          2LFAhUjY3X4Ac2KuQr2C39/BP8vKFhB8Lq4i2+HyJ0U=
Subject key identifier:   81:22:F7:B3:A0:B9:0A:28:54:19:B9:76:E9:B0:D1:0F:D1:B9:EF:6C
Certificate issuer:       /CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Certificate serial:       0CC7ED65
Authority key identifier: F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/gSL3s6C5CihUGbl26bDRD9G572w.roa
Signing time:             Tue 22 Feb 2022 11:30:44 +0000
ROA not before:           Tue 22 Feb 2022 11:30:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     51052
IP address blocks:        185.26.172.0/24 maxlen: 24
                          185.26.175.0/24 maxlen: 24
                          185.26.173.0/24 maxlen: 24
                          185.26.174.0/24 maxlen: 24
                          178.79.44.0/23 maxlen: 24
                          178.79.42.0/23 maxlen: 24
                          178.79.40.0/23 maxlen: 24
                          178.79.51.0/24 maxlen: 24
                          178.79.50.0/24 maxlen: 24
                          178.79.48.0/24 maxlen: 24
                          178.79.49.0/24 maxlen: 24
                          178.79.47.0/24 maxlen: 24
                          178.79.58.0/24 maxlen: 24
                          178.79.57.0/24 maxlen: 24
                          178.79.55.0/24 maxlen: 24
                          178.79.56.0/24 maxlen: 24
                          178.79.53.0/24 maxlen: 24
                          178.79.54.0/24 maxlen: 24
                          178.79.52.0/24 maxlen: 24
                          178.79.63.0/24 maxlen: 24
                          178.79.62.0/24 maxlen: 24
                          178.79.60.0/24 maxlen: 24
                          178.79.61.0/24 maxlen: 24
                          178.79.59.0/24 maxlen: 24
                          213.196.110.0/23 maxlen: 24
                          213.196.107.0/24 maxlen: 24
                          178.79.4.0/23 maxlen: 23
                          178.79.3.0/24 maxlen: 24
                          178.79.1.0/24 maxlen: 24
                          178.79.2.0/24 maxlen: 24
                          178.79.0.0/24 maxlen: 24
                          178.79.8.0/22 maxlen: 24
                          178.79.6.0/23 maxlen: 23
                          178.79.14.0/23 maxlen: 23
                          178.79.12.0/22 maxlen: 24
                          178.79.24.0/21 maxlen: 21
                          178.79.22.0/23 maxlen: 23
                          178.79.18.0/23 maxlen: 23
                          178.79.20.0/24 maxlen: 24
                          178.79.21.0/24 maxlen: 24
                          178.79.36.0/22 maxlen: 22
                          178.79.32.0/22 maxlen: 22
                          185.34.93.0/24 maxlen: 24
                          185.34.92.0/24 maxlen: 24
                          185.34.94.0/23 maxlen: 24
                          109.94.233.0/24 maxlen: 24
                          109.94.232.0/24 maxlen: 24
                          109.94.238.0/24 maxlen: 24
                          109.94.239.0/24 maxlen: 24
                          109.94.234.0/24 maxlen: 24
                          109.94.235.0/24 maxlen: 24
                          109.94.236.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214429029 (0xcc7ed65)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
        Validity
            Not Before: Feb 22 11:30:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8122f7b3a0b90a285419b976e9b0d10fd1b9ef6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f8:2b:bb:91:ea:33:92:26:4f:ed:5e:68:07:
                    d7:bb:35:66:4f:81:2a:14:31:b3:f8:fb:c0:dd:35:
                    0a:64:25:71:6d:df:19:c0:41:72:f1:fe:ef:08:02:
                    94:b5:d9:78:8d:1d:55:50:e6:6f:0a:26:af:ec:6a:
                    2a:8f:75:00:8e:39:8f:32:ab:7d:59:2d:d9:5f:78:
                    9f:00:5d:c4:13:2b:e4:e5:07:56:05:db:52:11:1d:
                    cb:b1:c6:b8:8d:d4:6f:ad:ce:da:d8:a6:55:33:b5:
                    94:d3:d4:4f:86:00:f2:e2:70:72:76:1c:c6:cd:cf:
                    f1:a9:95:0e:f4:12:d8:85:f7:d8:eb:46:69:c1:e5:
                    33:ff:5c:0b:38:be:4a:2a:b7:b6:4b:57:7d:38:02:
                    27:93:17:d1:6b:4b:d5:69:a7:a0:65:ed:10:cb:b0:
                    11:3e:f1:e5:33:14:f3:2c:1a:e0:df:7c:1a:84:88:
                    4f:62:cd:5a:d2:32:4e:14:d3:f6:e2:ff:8d:26:f3:
                    f6:b3:86:86:84:70:91:24:66:aa:45:3a:c2:0e:14:
                    51:36:e9:54:aa:fa:70:1d:22:ba:25:cd:30:56:13:
                    47:5e:ba:28:39:03:2d:66:71:50:d0:4d:2f:c5:30:
                    c8:14:3e:d1:64:61:cf:5d:db:8a:16:cd:d4:2b:9b:
                    1c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:22:F7:B3:A0:B9:0A:28:54:19:B9:76:E9:B0:D1:0F:D1:B9:EF:6C
            X509v3 Authority Key Identifier:
                keyid:F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/gSL3s6C5CihUGbl26bDRD9G572w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/9x-b3axMNAeNjQ-rnhTRdqQW-WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.94.232.0/21
                  178.79.0.0/20
                  178.79.18.0-178.79.45.255
                  178.79.47.0-178.79.63.255
                  185.26.172.0/22
                  185.34.92.0/22
                  213.196.107.0/24
                  213.196.110.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:b5:c6:72:9a:04:33:20:c8:7b:1b:9f:1c:22:f0:9a:92:67:
         62:aa:65:d7:70:34:73:d0:4c:de:28:2c:db:f3:53:63:f5:9a:
         60:68:60:90:59:7a:78:32:c8:1e:1e:65:2f:72:62:04:83:04:
         df:21:b3:48:cd:5e:88:03:bc:d3:04:0b:25:53:51:20:0f:ae:
         5e:6e:7a:55:bc:24:67:2c:d1:dc:d7:c3:39:ad:5e:68:5a:25:
         ee:fc:cf:d8:90:4e:12:6b:e3:8c:df:4a:cb:d5:45:36:a9:86:
         f6:9e:ae:40:74:9f:31:55:35:04:3f:cc:41:cc:ce:42:d3:11:
         58:13:84:49:0d:f7:f2:4e:00:c6:a8:d9:7a:5b:9c:07:19:14:
         de:29:3c:6c:f1:66:5d:e2:19:a4:2a:08:15:51:d6:63:ae:12:
         f0:a9:cc:07:3a:d1:1a:3e:04:56:2b:de:03:51:ef:42:cc:ab:
         8a:20:94:17:0d:2c:02:92:28:8d:7c:fb:4d:ac:36:b1:f6:f7:
         71:31:29:ca:2b:7e:be:0b:7d:f9:a0:fd:c6:88:51:bc:e5:b3:
         0f:1b:0f:39:27:e2:29:2d:05:fa:a2:07:64:f4:d8:fa:3b:4d:
         a1:a1:df:82:9f:dc:c4:b8:d0:2e:1c:cc:62:30:19:6b:a5:86:
         8a:9f:09:99
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEDMftZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFmOWJkZGFjNGMzNDA3OGQ4ZDBmYWI5ZTE0ZDE3NmE0MTZmOTYzMB4XDTIyMDIy
MjExMzA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODEyMmY3YjNhMGI5
MGEyODU0MTliOTc2ZTliMGQxMGZkMWI5ZWY2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/4K7uR6jOSJk/tXmgH17s1Zk+BKhQxs/j7wN01CmQlcW3f
GcBBcvH+7wgClLXZeI0dVVDmbwomr+xqKo91AI45jzKrfVkt2V94nwBdxBMr5OUH
VgXbUhEdy7HGuI3Ub63O2timVTO1lNPUT4YA8uJwcnYcxs3P8amVDvQS2IX32OtG
acHlM/9cCzi+Siq3tktXfTgCJ5MX0WtL1WmnoGXtEMuwET7x5TMU8ywa4N98GoSI
T2LNWtIyThTT9uL/jSbz9rOGhoRwkSRmqkU6wg4UUTbpVKr6cB0iuiXNMFYTR166
KDkDLWZxUNBNL8UwyBQ+0WRhz13bihbN1CubHNECAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSBIvezoLkKKFQZuXbpsNEP0bnvbDAfBgNVHSMEGDAWgBT3H5vdrEw0B42N
D6ueFNF2pBb5YzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4LWIzYXhNTkFlTmpRLXJuaFRSZHFRVy1XTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8x
L2dTTDNzNkM1Q2loVUdibDI2YkRSRDlHNTcydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8xLzl4LWIzYXhNTkFl
TmpRLXJuaFRSZHFRVy1XTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEA21e6AMEBLJPADAMAwQBsk8SAwQB
sk8sMAwDBACyTy8DBAayTwADBAK5GqwDBAK5IlwDBADVxGsDBAHVxG4wDQYJKoZI
hvcNAQELBQADggEBAEm1xnKaBDMgyHsbnxwi8JqSZ2KqZddwNHPQTN4oLNvzU2P1
mmBoYJBZengyyB4eZS9yYgSDBN8hs0jNXogDvNMECyVTUSAPrl5uelW8JGcs0dzX
wzmtXmhaJe78z9iQThJr44zfSsvVRTaphvaerkB0nzFVNQQ/zEHMzkLTEVgThEkN
9/JOAMao2XpbnAcZFN4pPGzxZl3iGaQqCBVR1mOuEvCpzAc60Ro+BFYr3gNR70LM
q4oglBcNLAKSKI18+02sNrH293ExKcorfr4Lffmg/caIUbzlsw8bDzkn4iktBfqi
B2T02Po7TaGh34Kf3MS40C4czGIwGWulhoqfCZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:02 2024 by rpki-client on console-ams.rpki-client.org