Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/2hMtZpqJ6zf5rVdfKBE7oMGaNQw.roa
File:                     2hMtZpqJ6zf5rVdfKBE7oMGaNQw.roa (raw, json)
Hash identifier:          EZy/eBtmQu9GtC1iwXwcT16W++QXtIztiWgdDHp4aTA=
Subject key identifier:   DA:13:2D:66:9A:89:EB:37:F9:AD:57:5F:28:11:3B:A0:C1:9A:35:0C
Certificate issuer:       /CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
Certificate serial:       853761
Authority key identifier: A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/2hMtZpqJ6zf5rVdfKBE7oMGaNQw.roa
Signing time:             Sat 01 Jan 2022 20:39:50 +0000
ROA not before:           Sat 01 Jan 2022 20:39:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25369
IP address blocks:        212.23.212.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8730465 (0x853761)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
        Validity
            Not Before: Jan  1 20:39:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=da132d669a89eb37f9ad575f28113ba0c19a350c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1d:59:fa:45:16:7f:d8:16:65:aa:1c:2f:11:
                    47:4f:36:41:dc:77:9a:d1:7d:ac:f1:52:8e:b8:27:
                    ac:fd:e2:67:a5:e3:b9:b8:1d:79:c6:90:ab:a8:64:
                    f6:47:ff:53:7d:4a:67:a9:ed:41:18:3b:45:60:a8:
                    26:e0:d7:4c:2a:03:3b:8a:0a:11:a9:a9:97:fb:49:
                    a5:e5:b5:a6:4c:8c:a2:f0:d3:f7:9b:7e:7b:b9:da:
                    3b:ae:2a:e4:dd:7c:22:f8:19:2c:1c:79:b5:4a:84:
                    98:34:a3:9b:8a:ab:eb:96:a1:51:dd:fb:86:95:19:
                    47:41:63:61:13:3b:f6:26:c2:cf:53:a3:8d:1e:3d:
                    82:c6:69:98:f7:24:f2:27:4a:94:26:0d:69:bb:f7:
                    37:01:d7:24:17:ab:81:f3:00:f7:f2:bb:e3:2d:ec:
                    f7:b6:3b:22:4b:5b:db:4e:30:b3:f9:c4:4c:10:ca:
                    1e:3b:3f:72:5e:66:a7:8e:8b:da:6b:9f:6b:08:a4:
                    99:7e:5c:50:c2:48:e5:ad:b6:2e:cf:b9:51:c6:be:
                    e9:3c:22:b6:63:09:3a:53:ca:f0:ef:32:0d:98:7c:
                    1e:a2:39:d7:6c:da:57:6b:30:b3:8c:ec:7c:58:f7:
                    14:97:b2:5f:fc:f1:18:27:b2:ca:68:0c:ca:5e:28:
                    d0:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:13:2D:66:9A:89:EB:37:F9:AD:57:5F:28:11:3B:A0:C1:9A:35:0C
            X509v3 Authority Key Identifier:
                keyid:A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/2hMtZpqJ6zf5rVdfKBE7oMGaNQw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/pcZu2IDk4o6KbkobX54JIiNQK7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:f0:3d:d0:59:7b:65:48:9f:cd:47:82:91:74:ac:c9:5b:30:
         10:e8:f5:9e:c1:dc:df:13:a8:51:92:a7:e3:10:7b:32:fa:d7:
         68:8e:04:bd:98:f5:3b:84:22:1d:d7:0e:a9:36:e4:6d:29:f4:
         ac:9a:6c:16:dc:a9:82:b6:60:fb:7b:b0:9e:ba:3d:eb:d5:18:
         db:ce:3f:36:e2:53:45:26:ae:72:6b:f3:5c:0c:54:e1:8d:62:
         b4:e2:6d:99:e1:b9:f4:5b:ad:b3:25:1a:57:23:89:0e:e2:c7:
         17:79:ab:2b:1b:18:78:a7:8a:67:f7:5c:02:52:5b:32:9c:92:
         5d:68:0b:18:7a:ca:b4:a3:8a:69:0c:e0:3f:4b:28:31:20:a8:
         8c:e1:ca:4e:c0:c6:96:f7:b9:01:a9:32:a1:e5:28:2a:d4:cb:
         d1:a9:b8:ad:16:31:54:fe:71:2e:7c:a3:44:65:e8:32:c1:13:
         d8:8d:da:76:7b:fa:fe:16:40:ca:61:56:3f:26:c2:aa:d2:af:
         ff:08:08:bf:66:3d:ad:da:7c:fd:47:a6:41:db:15:ee:52:83:
         ca:30:10:1d:9c:a7:58:34:9c:8a:e5:14:3c:1a:b2:dc:52:c7:
         48:e6:b0:72:a4:3b:d7:52:b6:11:9d:7a:63:3e:40:e7:48:f3:
         73:93:c8:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIU3YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWM2NmVkODgwZTRlMjhlOGE2ZTRhMWI1ZjllMDkyMjIzNTAyYmI2MB4XDTIyMDEw
MTIwMzk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGExMzJkNjY5YTg5
ZWIzN2Y5YWQ1NzVmMjgxMTNiYTBjMTlhMzUwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcdWfpFFn/YFmWqHC8RR082Qdx3mtF9rPFSjrgnrP3iZ6Xj
ubgdecaQq6hk9kf/U31KZ6ntQRg7RWCoJuDXTCoDO4oKEampl/tJpeW1pkyMovDT
95t+e7naO64q5N18IvgZLBx5tUqEmDSjm4qr65ahUd37hpUZR0FjYRM79ibCz1Oj
jR49gsZpmPck8idKlCYNabv3NwHXJBergfMA9/K74y3s97Y7Iktb204ws/nETBDK
Hjs/cl5mp46L2mufawikmX5cUMJI5a22Ls+5Uca+6TwitmMJOlPK8O8yDZh8HqI5
12zaV2sws4zsfFj3FJeyX/zxGCeyymgMyl4o0LcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaEy1mmonrN/mtV18oETugwZo1DDAfBgNVHSMEGDAWgBSlxm7YgOTijopu
ShtfngkiI1ArtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BjWnUySURrNG82S2Jrb2JYNTRKSWlOUUs3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvZDI4N2VjLTA5YWItNDBkYS04ZTY3LTRmZTgwZDFjNDM0OS8x
LzJoTXRacHFKNnpmNXJWZGZLQkU3b01HYU5Rdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ZDI4N2VjLTA5YWItNDBkYS04ZTY3LTRmZTgwZDFjNDM0OS8xL3BjWnUySURrNG82
S2Jrb2JYNTRKSWlOUUs3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQX1DANBgkqhkiG9w0BAQsFAAOC
AQEAgfA90Fl7ZUifzUeCkXSsyVswEOj1nsHc3xOoUZKn4xB7MvrXaI4EvZj1O4Qi
HdcOqTbkbSn0rJpsFtypgrZg+3uwnro969UY284/NuJTRSaucmvzXAxU4Y1itOJt
meG59FutsyUaVyOJDuLHF3mrKxsYeKeKZ/dcAlJbMpySXWgLGHrKtKOKaQzgP0so
MSCojOHKTsDGlve5AakyoeUoKtTL0am4rRYxVP5xLnyjRGXoMsET2I3adnv6/hZA
ymFWPybCqtKv/wgIv2Y9rdp8/UemQdsV7lKDyjAQHZynWDSciuUUPBqy3FLHSOaw
cqQ711K2EZ16Yz5A50jzc5PI+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org