Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa
File:                     8RhZYUr51nxuaY-Q336JjDZmz1E.roa (raw, json)
Hash identifier:          Vc5oJu54aFLzYaZ/1p8CBqgu9Xph0Zp3jKPU0h6NlnY=
Subject key identifier:   F1:18:59:61:4A:F9:D6:7C:6E:69:8F:90:DF:7E:89:8C:36:66:CF:51
Certificate issuer:       /CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
Certificate serial:       018A0F4C79F23C50930BD556DA29419BD7BA
Authority key identifier: 4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa
Signing time:             Sat 19 Aug 2023 19:36:24 +0000
ROA not before:           Sat 19 Aug 2023 19:36:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209097
IP address blocks:        185.115.204.0/24 maxlen: 24
                          2a12:f284::/32 maxlen: 32
                          2a12:f282::/32 maxlen: 32
                          2a12:f280::/32 maxlen: 32
                          2a12:f286::/31 maxlen: 31
                          2a12:f285::/32 maxlen: 32
                          2a12:f283::/32 maxlen: 32
                          2a12:f281::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:0f:4c:79:f2:3c:50:93:0b:d5:56:da:29:41:9b:d7:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
        Validity
            Not Before: Aug 19 19:36:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f11859614af9d67c6e698f90df7e898c3666cf51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f9:48:3e:d6:f6:68:00:d5:59:4d:7e:4a:ec:
                    92:12:6c:ac:55:0f:3e:71:bc:ce:eb:f6:2f:e9:cb:
                    07:f6:ac:fd:ea:af:1a:05:6a:85:39:42:4f:64:93:
                    c9:01:f1:88:28:be:bf:08:ad:da:12:83:6d:65:62:
                    40:6f:86:8c:d3:8a:82:58:ae:e4:42:c4:5f:ca:2f:
                    2e:3a:2f:a4:5d:a2:ea:b3:8e:99:ef:f1:2e:5b:08:
                    db:40:17:70:7e:ae:11:5a:53:08:44:ee:8b:ca:f8:
                    e5:83:5a:b5:a3:ed:ad:4c:c0:a4:97:07:f8:c0:f5:
                    8d:49:5d:4f:70:0b:9b:00:00:a5:02:a7:dc:4f:71:
                    0d:47:2d:c0:7f:c0:f9:95:e4:50:6d:b1:79:dd:5d:
                    a8:8b:d6:58:3a:7d:00:d6:7e:a3:34:f3:81:a6:96:
                    55:4f:19:14:be:1a:10:9c:bf:e1:d9:87:9c:9a:df:
                    37:e4:7c:6f:66:7e:12:ec:dd:88:61:81:4b:c1:92:
                    79:75:aa:5c:0b:d5:98:c2:08:e4:a0:9a:12:fe:b1:
                    6f:0c:00:f6:32:12:07:89:58:ba:0d:b1:c6:67:92:
                    33:79:da:d7:3e:cd:5e:05:62:69:77:6c:d5:6f:48:
                    8e:54:65:40:de:8a:4d:6c:01:c0:1d:f5:11:88:2d:
                    03:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:18:59:61:4A:F9:D6:7C:6E:69:8F:90:DF:7E:89:8C:36:66:CF:51
            X509v3 Authority Key Identifier:
                keyid:4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/TA2tG_GCFaL6gIaRp7xfnnAvmeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.204.0/24
                IPv6:
                  2a12:f280::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:5b:94:ce:1d:40:91:40:42:f3:b7:9e:f2:f9:74:3d:de:bd:
         37:eb:10:c7:c0:63:f9:90:9b:2b:d8:a6:f8:04:0c:bb:17:e7:
         28:ee:19:73:90:91:27:8c:7c:05:91:4b:fa:72:d9:ff:a3:2b:
         96:ab:2f:e2:b1:d1:aa:d6:a9:3a:57:f3:31:ce:db:ff:4f:9c:
         f0:68:ed:61:b4:2b:d0:6d:74:09:da:08:5d:46:dd:29:fe:34:
         2d:e9:27:3d:68:b3:74:8b:93:c4:d4:f8:3e:2d:44:30:a8:ce:
         a3:09:7a:de:30:45:ea:9e:ae:64:1c:ec:64:f0:03:f9:6b:ce:
         d8:e6:54:c9:99:a3:13:d9:aa:d0:8a:62:30:25:2b:b8:29:9e:
         9c:e3:db:76:93:84:ff:bc:de:27:d0:57:d0:23:b6:18:bf:aa:
         cc:e1:a0:4c:94:92:ab:37:d5:70:d8:1c:0c:9a:05:dc:31:d7:
         65:ed:bb:07:c6:ea:f0:66:8a:12:59:95:4c:60:bf:5e:7b:ab:
         21:3d:82:08:e9:58:59:9d:dd:3c:36:f0:81:ae:75:96:ec:b6:
         5d:b3:18:fa:5b:d7:5f:b0:f3:1e:cd:4b:a3:a4:da:29:65:a9:
         25:60:8a:57:99:11:ef:c2:90:d9:8a:cc:1a:51:e0:02:37:c3:
         7d:54:73:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoPTHnyPFCTC9VW2ilBm9e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMGRhZDFiZjE4MjE1YTJmYTgwODY5MWE3YmM1ZjllNzAy
Zjk5ZTIwHhcNMjMwODE5MTkzNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE4NTk2MTRhZjlkNjdjNmU2OThmOTBkZjdlODk4YzM2NjZjZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvlIPtb2aADVWU1+SuySEmysVQ8+
cbzO6/Yv6csH9qz96q8aBWqFOUJPZJPJAfGIKL6/CK3aEoNtZWJAb4aM04qCWK7k
QsRfyi8uOi+kXaLqs46Z7/EuWwjbQBdwfq4RWlMIRO6Lyvjlg1q1o+2tTMCklwf4
wPWNSV1PcAubAAClAqfcT3ENRy3Af8D5leRQbbF53V2oi9ZYOn0A1n6jNPOBppZV
TxkUvhoQnL/h2Yecmt835HxvZn4S7N2IYYFLwZJ5dapcC9WYwgjkoJoS/rFvDAD2
MhIHiVi6DbHGZ5IzedrXPs1eBWJpd2zVb0iOVGVA3opNbAHAHfURiC0DXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPEYWWFK+dZ8bmmPkN9+iYw2Zs9RMB8GA1UdIwQY
MBaAFEwNrRvxghWi+oCGkae8X55wL5niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQt
Yzg2OWQ3NjkxYjMyLzEvOFJoWllVcjUxbnh1YVktUTMzNkpqRFptejFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQtYzg2OWQ3NjkxYjMy
LzEvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXPMMA0E
AgACMAcDBQMqEvKAMA0GCSqGSIb3DQEBCwUAA4IBAQAOW5TOHUCRQELzt57y+XQ9
3r036xDHwGP5kJsr2Kb4BAy7F+co7hlzkJEnjHwFkUv6ctn/oyuWqy/isdGq1qk6
V/Mxztv/T5zwaO1htCvQbXQJ2ghdRt0p/jQt6Sc9aLN0i5PE1Pg+LUQwqM6jCXre
MEXqnq5kHOxk8AP5a87Y5lTJmaMT2arQimIwJSu4KZ6c49t2k4T/vN4n0FfQI7YY
v6rM4aBMlJKrN9Vw2BwMmgXcMddl7bsHxurwZooSWZVMYL9ee6shPYII6VhZnd08
NvCBrnWW7LZdsxj6W9dfsPMezUujpNopZaklYIpXmRHvwpDZiswaUeACN8N9VHNd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org