Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/vv0JMM-DX7IFwupgUMvZTCSnkZQ.roa
File:                     vv0JMM-DX7IFwupgUMvZTCSnkZQ.roa (raw, json)
Hash identifier:          8APBAkITon441mgGR+OuW+sleU0T8B8q0Pizs3Z525I=
Subject key identifier:   BE:FD:09:30:CF:83:5F:B2:05:C2:EA:60:50:CB:D9:4C:24:A7:91:94
Certificate issuer:       /CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
Certificate serial:       01856FF950B1998750F399F2B4250F64F6E5
Authority key identifier: A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/vv0JMM-DX7IFwupgUMvZTCSnkZQ.roa
Signing time:             Mon 02 Jan 2023 00:54:48 +0000
ROA not before:           Mon 02 Jan 2023 00:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211975
IP address blocks:        212.23.212.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f9:50:b1:99:87:50:f3:99:f2:b4:25:0f:64:f6:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c66ed880e4e28e8a6e4a1b5f9e092223502bb6
        Validity
            Not Before: Jan  2 00:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=befd0930cf835fb205c2ea6050cbd94c24a79194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:7c:f1:91:33:a4:75:de:70:be:6e:bc:f4:8e:
                    f9:65:3a:2c:b2:fe:52:33:c1:9a:5f:78:76:b5:b8:
                    e8:21:20:fd:b9:3b:ce:2f:c2:fb:10:3d:2d:be:99:
                    07:af:a6:d6:2f:c2:41:87:4e:41:12:23:6f:c8:0b:
                    1b:39:b4:e6:db:69:4c:bc:78:5f:62:87:19:51:3a:
                    89:2a:c3:87:ab:2e:7f:4b:1c:6b:df:ff:54:70:e8:
                    e0:08:b0:4e:b6:29:6b:87:28:81:cd:5a:87:8e:45:
                    64:e4:24:5d:e9:b4:81:a6:50:72:1c:7b:ab:b2:19:
                    2d:e5:21:98:93:61:98:d0:88:15:db:be:a8:8b:e4:
                    dc:3b:fb:e9:c5:db:14:95:91:79:36:6c:e1:c3:97:
                    41:27:5e:a2:5e:95:85:a9:ca:ef:c0:12:6a:22:72:
                    3c:84:54:14:e4:6e:89:2a:17:c0:03:14:85:6f:21:
                    49:15:18:ea:79:df:e3:ab:17:b1:8a:28:73:c2:18:
                    c3:96:07:b1:5d:90:8e:f3:07:52:ba:18:5d:fb:cd:
                    43:03:2f:b0:fd:5b:e7:60:31:69:6d:f8:48:e2:2b:
                    e4:4d:a6:52:cd:fe:60:54:2e:e8:7f:2f:bd:53:56:
                    f6:d6:62:74:cc:c2:aa:12:83:74:30:8a:64:90:ba:
                    99:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:FD:09:30:CF:83:5F:B2:05:C2:EA:60:50:CB:D9:4C:24:A7:91:94
            X509v3 Authority Key Identifier:
                keyid:A5:C6:6E:D8:80:E4:E2:8E:8A:6E:4A:1B:5F:9E:09:22:23:50:2B:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcZu2IDk4o6KbkobX54JIiNQK7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/vv0JMM-DX7IFwupgUMvZTCSnkZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d287ec-09ab-40da-8e67-4fe80d1c4349/1/pcZu2IDk4o6KbkobX54JIiNQK7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:38:f7:e4:fc:81:4b:c7:01:d3:84:50:99:d0:b6:30:ed:1d:
         21:0e:fe:07:a7:be:17:89:cb:b9:10:b2:74:20:f2:cb:50:08:
         b9:2f:78:17:e4:8b:56:20:43:84:c5:42:f3:77:e5:a6:57:e1:
         50:e7:c3:5a:cf:a9:c1:6e:f7:35:db:9f:f9:af:5d:0c:b5:ca:
         c7:6b:57:3d:60:40:42:38:c6:b3:6d:3d:fb:b6:81:5c:cb:26:
         b3:d3:36:22:93:ba:b3:a0:3c:fa:6c:2b:a1:0b:1c:4b:10:d9:
         09:38:ae:42:ca:be:20:1b:86:77:46:e9:9a:c8:79:82:25:94:
         aa:e1:2a:d6:2e:1e:6e:ab:da:29:39:2c:e3:e8:83:cc:30:4c:
         23:fe:e3:87:5e:98:37:ec:63:e8:79:8f:1f:a9:b0:74:3a:72:
         ce:f1:80:6d:b3:10:14:e2:88:d6:f6:8c:ab:ba:70:76:e8:06:
         2b:e8:09:a1:30:ac:03:0c:37:75:dc:ed:1b:cd:3d:e6:ef:4a:
         5a:c2:f9:6d:f3:ad:76:51:bd:07:22:21:28:b8:41:54:63:f3:
         c5:2a:af:fd:c6:38:06:c2:c4:05:e1:e0:fe:b4:38:35:4e:ee:
         69:51:76:80:cf:c5:ab:b7:b1:4a:c7:78:2b:53:eb:1e:26:ba:
         82:63:82:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+VCxmYdQ85nytCUPZPblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzY2ZWQ4ODBlNGUyOGU4YTZlNGExYjVmOWUwOTIyMjM1
MDJiYjYwHhcNMjMwMTAyMDA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWZkMDkzMGNmODM1ZmIyMDVjMmVhNjA1MGNiZDk0YzI0YTc5MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXzxkTOkdd5wvm689I75ZTossv5S
M8GaX3h2tbjoISD9uTvOL8L7ED0tvpkHr6bWL8JBh05BEiNvyAsbObTm22lMvHhf
YocZUTqJKsOHqy5/Sxxr3/9UcOjgCLBOtilrhyiBzVqHjkVk5CRd6bSBplByHHur
shkt5SGYk2GY0IgV276oi+TcO/vpxdsUlZF5Nmzhw5dBJ16iXpWFqcrvwBJqInI8
hFQU5G6JKhfAAxSFbyFJFRjqed/jqxexiihzwhjDlgexXZCO8wdSuhhd+81DAy+w
/VvnYDFpbfhI4ivkTaZSzf5gVC7ofy+9U1b21mJ0zMKqEoN0MIpkkLqZxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL79CTDPg1+yBcLqYFDL2Uwkp5GUMB8GA1UdIwQY
MBaAFKXGbtiA5OKOim5KG1+eCSIjUCu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNadTJJRGs0bzZLYmtvYlg1NEpJaU5RSzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kMjg3ZWMtMDlhYi00MGRhLThlNjct
NGZlODBkMWM0MzQ5LzEvdnYwSk1NLURYN0lGd3VwZ1VNdlpUQ1Nua1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kMjg3ZWMtMDlhYi00MGRhLThlNjctNGZlODBkMWM0MzQ5
LzEvcGNadTJJRGs0bzZLYmtvYlg1NEpJaU5RSzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfUMA0G
CSqGSIb3DQEBCwUAA4IBAQAuOPfk/IFLxwHThFCZ0LYw7R0hDv4Hp74Xicu5ELJ0
IPLLUAi5L3gX5ItWIEOExULzd+WmV+FQ58Naz6nBbvc125/5r10MtcrHa1c9YEBC
OMazbT37toFcyyaz0zYik7qzoDz6bCuhCxxLENkJOK5Cyr4gG4Z3RumayHmCJZSq
4SrWLh5uq9opOSzj6IPMMEwj/uOHXpg37GPoeY8fqbB0OnLO8YBtsxAU4ojW9oyr
unB26AYr6AmhMKwDDDd13O0bzT3m70pawvlt8612Ub0HIiEouEFUY/PFKq/9xjgG
wsQF4eD+tDg1Tu5pUXaAz8Wrt7FKx3grU+seJrqCY4Ls
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:07 2024 by rpki-client on console-ams.rpki-client.org