Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/gQwi513O2PUzi-1hzXISnLqrMF4.roa
File:                     gQwi513O2PUzi-1hzXISnLqrMF4.roa (raw, json)
Hash identifier:          nZ0Q+dgTZuEU1jjZSxt4raw9GL6UGEumLPDhvxK7E3A=
Subject key identifier:   81:0C:22:E7:5D:CE:D8:F5:33:8B:ED:61:CD:72:12:9C:BA:AB:30:5E
Certificate issuer:       /CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
Certificate serial:       018B03B3E7E935BD6D39C42A175C96960C65
Authority key identifier: A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/gQwi513O2PUzi-1hzXISnLqrMF4.roa
Signing time:             Fri 06 Oct 2023 06:36:43 +0000
ROA not before:           Fri 06 Oct 2023 06:36:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        212.23.212.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:03:b3:e7:e9:35:bd:6d:39:c4:2a:17:5c:96:96:0c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
        Validity
            Not Before: Oct  6 06:36:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=810c22e75dced8f5338bed61cd72129cbaab305e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ea:52:a8:6b:90:af:31:d0:92:eb:f7:19:90:
                    6a:dd:e6:bc:7a:cb:10:58:e4:31:4e:92:48:c8:8f:
                    16:c4:53:7e:98:8b:63:61:8c:b1:a6:6f:f0:b7:5a:
                    fd:8c:1e:48:ca:c9:4c:b1:51:b2:98:d4:08:e6:2f:
                    0a:6c:4b:87:5c:58:28:09:72:cb:d5:86:e6:ce:74:
                    40:a2:a8:83:bc:47:55:08:8e:eb:33:66:d4:72:18:
                    54:1c:f8:19:e3:92:9a:17:b3:af:aa:be:ef:68:64:
                    f2:7f:0e:0b:19:77:d9:e1:4d:e2:78:a9:b5:b1:9e:
                    11:2b:cb:c5:3d:23:3f:a3:87:89:5f:55:73:81:d4:
                    2d:e4:91:a0:9e:b3:25:2e:52:5d:8a:08:61:1f:dc:
                    96:81:22:6a:31:85:aa:85:07:26:24:c3:97:52:28:
                    d9:5e:42:ac:6b:8a:11:d5:df:39:4e:07:f4:a6:0f:
                    fe:17:0a:9e:2f:8e:80:d8:34:34:c2:cb:f4:11:29:
                    d3:b2:ff:45:0c:48:ff:a6:73:52:76:9f:9c:5e:e9:
                    d2:62:f7:30:1c:54:62:80:fe:db:d2:cd:68:6a:7a:
                    80:9c:16:98:b1:9a:ae:c6:6f:a2:ab:b1:05:1f:7f:
                    1e:6f:5b:4b:16:e4:e2:45:93:a6:0d:e1:77:84:06:
                    0d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:0C:22:E7:5D:CE:D8:F5:33:8B:ED:61:CD:72:12:9C:BA:AB:30:5E
            X509v3 Authority Key Identifier:
                keyid:A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/gQwi513O2PUzi-1hzXISnLqrMF4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/pcZu2IDk4o6KbkobX54JIiNQK7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:c1:c2:c4:87:ab:88:32:9c:71:47:24:14:a5:7e:cf:9e:9f:
         44:c3:a4:5f:3a:90:6a:19:02:66:3e:95:e0:81:b5:a0:19:c2:
         67:c9:10:3f:ec:33:6c:ec:e0:f5:d4:b1:9f:72:8c:18:4e:d4:
         b5:27:a1:bf:d9:54:4d:64:c4:98:3a:de:ce:97:8d:c7:39:86:
         41:3d:24:af:ac:a3:21:b5:e5:2b:33:df:92:62:0f:04:d5:94:
         57:32:ac:a0:ba:bc:34:de:39:d0:47:67:5a:94:98:97:92:b3:
         a8:43:b1:b3:a1:bf:8f:7e:a8:ad:6f:ad:a4:51:0b:da:08:6b:
         c8:08:b7:f4:c8:34:f1:47:81:7f:10:ff:d5:46:b4:17:2e:b8:
         7c:13:2c:97:44:f5:a2:26:e6:68:4f:5c:9c:df:f8:0c:6f:88:
         75:23:02:f6:01:40:d9:70:2e:45:61:fc:09:35:2c:f5:8f:5b:
         7d:2b:de:40:96:2e:bd:94:6e:59:2d:96:ce:78:9a:be:cb:14:
         46:cb:94:3a:42:5e:29:fa:fe:e9:24:45:10:57:e9:26:b1:d8:
         18:5b:24:28:53:17:2c:cf:70:a0:a3:26:f0:bf:12:a7:75:d8:
         49:c3:8e:a6:93:14:15:c3:26:34:2f:95:27:b3:2e:03:89:96:
         8c:c3:90:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsDs+fpNb1tOcQqF1yWlgxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzY2ZWQ4ODBlNGUyOGU4YTZlNGExYjVmOWUwOTIyMjM1
MDJiYjYwHhcNMjMxMDA2MDYzNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTBjMjJlNzVkY2VkOGY1MzM4YmVkNjFjZDcyMTI5Y2JhYWIzMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOpSqGuQrzHQkuv3GZBq3ea8essQ
WOQxTpJIyI8WxFN+mItjYYyxpm/wt1r9jB5IyslMsVGymNQI5i8KbEuHXFgoCXLL
1YbmznRAoqiDvEdVCI7rM2bUchhUHPgZ45KaF7Ovqr7vaGTyfw4LGXfZ4U3ieKm1
sZ4RK8vFPSM/o4eJX1VzgdQt5JGgnrMlLlJdighhH9yWgSJqMYWqhQcmJMOXUijZ
XkKsa4oR1d85Tgf0pg/+FwqeL46A2DQ0wsv0ESnTsv9FDEj/pnNSdp+cXunSYvcw
HFRigP7b0s1oanqAnBaYsZquxm+iq7EFH38eb1tLFuTiRZOmDeF3hAYN5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEMIuddztj1M4vtYc1yEpy6qzBeMB8GA1UdIwQY
MBaAFKXGbtiA5OKOim5KG1+eCSIjUCu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNadTJJRGs0bzZLYmtvYlg1NEpJaU5RSzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kMjg3ZWMtMDlhYi00MGRhLThlNjct
NGZlODBkMWM0MzQ5LzEvZ1F3aTUxM08yUFV6aS0xaHpYSVNuTHFyTUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kMjg3ZWMtMDlhYi00MGRhLThlNjctNGZlODBkMWM0MzQ5
LzEvcGNadTJJRGs0bzZLYmtvYlg1NEpJaU5RSzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfUMA0G
CSqGSIb3DQEBCwUAA4IBAQBAwcLEh6uIMpxxRyQUpX7Pnp9Ew6RfOpBqGQJmPpXg
gbWgGcJnyRA/7DNs7OD11LGfcowYTtS1J6G/2VRNZMSYOt7Ol43HOYZBPSSvrKMh
teUrM9+SYg8E1ZRXMqygurw03jnQR2dalJiXkrOoQ7Gzob+Pfqitb62kUQvaCGvI
CLf0yDTxR4F/EP/VRrQXLrh8EyyXRPWiJuZoT1yc3/gMb4h1IwL2AUDZcC5FYfwJ
NSz1j1t9K95Ali69lG5ZLZbOeJq+yxRGy5Q6Ql4p+v7pJEUQV+kmsdgYWyQoUxcs
z3CgoybwvxKnddhJw46mkxQVwyY0L5Unsy4DiZaMw5D7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:07 2024 by rpki-client on console-ams.rpki-client.org