Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/IG7yp6b49cgMjYwsearZahnvAJY.roa
File:                     IG7yp6b49cgMjYwsearZahnvAJY.roa (raw, json)
Hash identifier:          TkqpVODxk2aAOzOTgYDFlcZUHJhEwOre//6/BWwRirc=
Subject key identifier:   20:6E:F2:A7:A6:F8:F5:C8:0C:8D:8C:2C:79:AA:D9:6A:19:EF:00:96
Certificate issuer:       /CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
Certificate serial:       018571FA04E8534D6E15FF1BA9E517D7D420
Authority key identifier: 4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/IG7yp6b49cgMjYwsearZahnvAJY.roa
Signing time:             Mon 02 Jan 2023 10:14:48 +0000
ROA not before:           Mon 02 Jan 2023 10:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209097
IP address blocks:        185.115.204.0/24 maxlen: 24
                          2a12:f280::/29 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:04:e8:53:4d:6e:15:ff:1b:a9:e5:17:d7:d4:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
        Validity
            Not Before: Jan  2 10:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=206ef2a7a6f8f5c80c8d8c2c79aad96a19ef0096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:b7:ae:12:8d:b2:b4:ef:cf:3d:33:4c:bd:8e:
                    da:6a:dd:f6:f8:3c:f5:9f:fe:c7:95:f9:d8:da:e7:
                    ef:64:e6:90:d9:c0:d8:78:74:7f:4b:32:78:38:da:
                    ff:8e:42:9f:6e:04:fc:6d:24:72:79:5b:de:f7:f2:
                    f6:9b:98:2d:93:27:62:f6:74:9b:b5:35:39:0b:07:
                    bc:7a:00:9b:b8:4d:c2:be:4e:06:91:fa:a4:40:76:
                    e7:e1:d2:b5:ca:c8:bd:b4:20:2a:49:93:c9:08:28:
                    48:7a:d8:48:0b:c1:1f:72:ef:75:8a:a4:7b:58:7e:
                    2d:a3:85:6d:03:76:49:bc:65:a4:63:be:0c:97:ed:
                    0e:f6:20:c0:4e:d0:19:55:e7:47:42:1f:a8:1e:b1:
                    91:08:61:f4:7b:24:28:21:96:3e:77:d6:96:f2:5b:
                    53:3c:42:86:a6:95:08:d5:c7:ea:f9:59:9c:dc:66:
                    e1:63:a4:3d:81:e9:dc:d2:8b:c6:97:fc:08:8c:19:
                    ce:ba:ce:48:b4:01:83:d1:9b:35:c0:c4:39:75:bf:
                    e4:70:07:f7:75:a6:8c:05:d2:7b:9b:c1:4d:a0:b5:
                    d4:ce:21:74:ea:03:40:e8:c4:98:43:16:d3:3a:a9:
                    00:cf:2a:e4:af:2c:dc:55:16:ab:ff:1f:51:4d:d2:
                    f0:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:6E:F2:A7:A6:F8:F5:C8:0C:8D:8C:2C:79:AA:D9:6A:19:EF:00:96
            X509v3 Authority Key Identifier:
                keyid:4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/IG7yp6b49cgMjYwsearZahnvAJY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/TA2tG_GCFaL6gIaRp7xfnnAvmeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.115.204.0/24
                IPv6:
                  2a12:f280::/29

    Signature Algorithm: sha256WithRSAEncryption
         09:e5:39:b8:e1:ab:1a:08:2a:eb:8b:ae:66:bd:99:80:aa:bd:
         5e:cb:87:0b:70:81:7f:fc:18:ea:1a:b1:46:6a:f7:fd:1c:f0:
         41:73:d8:ae:13:7d:4f:4f:71:ce:3f:eb:95:83:d3:49:f2:b8:
         12:94:31:ba:80:f8:3c:bd:47:a9:58:04:db:ef:df:cf:4e:67:
         a2:e6:93:2d:06:6d:cc:49:60:25:4b:dc:e3:03:64:e2:ed:a8:
         1c:da:c8:0b:e9:e2:42:f3:33:d1:b7:82:ed:22:35:ab:94:5a:
         d6:d7:ae:5d:d1:f6:56:ad:c1:11:d8:1f:29:f9:fd:ad:fb:20:
         ac:4d:a3:73:f4:40:1b:d6:6d:45:1b:02:de:05:aa:58:e2:90:
         68:3f:5a:10:60:ab:57:e5:73:c8:19:a4:e5:0f:fb:a9:43:03:
         06:6a:ff:d9:a8:8b:d6:36:8d:22:e5:ec:30:74:82:69:0f:cf:
         aa:11:1f:36:cd:d8:fc:e0:e9:5d:7d:01:41:b9:0c:ee:a3:fc:
         47:6f:8a:ed:7b:22:25:3b:5f:81:dc:89:34:f1:c8:5c:5c:28:
         3f:07:3a:bd:9f:bb:87:9c:1b:81:9e:a2:0b:f1:a2:a3:ee:11:
         03:07:0c:39:5e:e1:22:6f:72:ec:29:70:65:5f:5b:dc:6e:d7:
         bf:d9:f3:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx+gToU01uFf8bqeUX19QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMGRhZDFiZjE4MjE1YTJmYTgwODY5MWE3YmM1ZjllNzAy
Zjk5ZTIwHhcNMjMwMTAyMTAxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDZlZjJhN2E2ZjhmNWM4MGM4ZDhjMmM3OWFhZDk2YTE5ZWYwMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLeuEo2ytO/PPTNMvY7aat32+Dz1
n/7HlfnY2ufvZOaQ2cDYeHR/SzJ4ONr/jkKfbgT8bSRyeVve9/L2m5gtkydi9nSb
tTU5Cwe8egCbuE3Cvk4GkfqkQHbn4dK1ysi9tCAqSZPJCChIethIC8Efcu91iqR7
WH4to4VtA3ZJvGWkY74Ml+0O9iDATtAZVedHQh+oHrGRCGH0eyQoIZY+d9aW8ltT
PEKGppUI1cfq+Vmc3GbhY6Q9genc0ovGl/wIjBnOus5ItAGD0Zs1wMQ5db/kcAf3
daaMBdJ7m8FNoLXUziF06gNA6MSYQxbTOqkAzyrkryzcVRar/x9RTdLwEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCBu8qem+PXIDI2MLHmq2WoZ7wCWMB8GA1UdIwQY
MBaAFEwNrRvxghWi+oCGkae8X55wL5niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQt
Yzg2OWQ3NjkxYjMyLzEvSUc3eXA2YjQ5Y2dNall3c2VhclphaG52QUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQtYzg2OWQ3NjkxYjMy
LzEvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXPMMA0E
AgACMAcDBQMqEvKAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ5Tm44asaCCrri65mvZmA
qr1ey4cLcIF//BjqGrFGavf9HPBBc9iuE31PT3HOP+uVg9NJ8rgSlDG6gPg8vUep
WATb79/PTmei5pMtBm3MSWAlS9zjA2Ti7agc2sgL6eJC8zPRt4LtIjWrlFrW165d
0fZWrcER2B8p+f2t+yCsTaNz9EAb1m1FGwLeBapY4pBoP1oQYKtX5XPIGaTlD/up
QwMGav/ZqIvWNo0i5ewwdIJpD8+qER82zdj84OldfQFBuQzuo/xHb4rteyIlO1+B
3Ik08chcXCg/Bzq9n7uHnBuBnqIL8aKj7hEDBww5XuEib3LsKXBlX1vcbte/2fMc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org