Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/f8nJZo2PhUQ0bJDUxjZvgXb0DzQ.roa
File:                     f8nJZo2PhUQ0bJDUxjZvgXb0DzQ.roa (raw, json)
Hash identifier:          zdX5u57Le3oPzvQBHs8SXlPxjVaZJfj8eoKvrNW/sbQ=
Subject key identifier:   7F:C9:C9:66:8D:8F:85:44:34:6C:90:D4:C6:36:6F:81:76:F4:0F:34
Certificate issuer:       /CN=bf174a5833bde6aa7824c34099762d00978857ff
Certificate serial:       35802316
Authority key identifier: BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/f8nJZo2PhUQ0bJDUxjZvgXb0DzQ.roa
Signing time:             Sat 01 Jan 2022 11:56:07 +0000
ROA not before:           Sat 01 Jan 2022 11:56:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     13057
IP address blocks:        193.163.240.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 897590038 (0x35802316)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf174a5833bde6aa7824c34099762d00978857ff
        Validity
            Not Before: Jan  1 11:56:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7fc9c9668d8f8544346c90d4c6366f8176f40f34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:36:b1:3a:9e:e1:09:1a:6d:93:c6:e1:db:4d:
                    fd:a1:10:1a:59:f9:e2:e8:4f:8b:e9:3b:5c:39:e6:
                    e7:b4:05:21:3f:bd:c2:a1:e0:2b:21:17:7a:67:4a:
                    ab:75:41:2b:e6:82:d1:34:b0:26:b7:ec:20:f5:7e:
                    ae:51:6e:4c:30:dc:fa:04:b7:ac:4a:5a:65:30:b1:
                    ae:54:4f:d5:38:1b:e0:61:c6:3e:83:ac:92:a2:f7:
                    5e:71:19:90:4f:b2:77:38:76:23:e3:a1:80:d4:ba:
                    ce:b7:9b:a3:25:60:bb:ff:d6:63:0f:60:36:14:de:
                    c1:34:eb:31:53:15:8c:09:cd:63:99:c9:ca:58:0d:
                    22:18:64:a6:3b:af:2d:9e:a5:2f:88:b0:c9:97:5d:
                    67:d2:9b:03:2a:6b:70:f7:4d:c1:65:16:07:4f:6e:
                    e1:f3:cd:00:eb:35:2b:7d:13:33:0e:d4:56:14:35:
                    2b:da:59:29:3b:f1:e2:03:c3:d5:e8:84:15:86:57:
                    34:05:b9:55:02:5b:19:88:ef:7f:46:2d:ac:7d:8c:
                    0b:2a:cf:d1:a6:2b:b7:6c:37:5f:6f:6d:be:3d:4f:
                    56:98:e3:8f:7c:25:ed:62:2b:e6:92:b6:24:d2:73:
                    04:0f:c0:c6:d5:08:e8:24:c3:61:f4:aa:ea:95:fc:
                    25:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C9:C9:66:8D:8F:85:44:34:6C:90:D4:C6:36:6F:81:76:F4:0F:34
            X509v3 Authority Key Identifier:
                keyid:BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/f8nJZo2PhUQ0bJDUxjZvgXb0DzQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/vxdKWDO95qp4JMNAmXYtAJeIV_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:46:04:b2:bf:5c:dc:b6:d1:b3:a3:19:62:de:23:b0:b7:3d:
         21:0a:77:5e:cf:76:e3:a0:c8:43:86:63:ac:db:17:22:8d:ef:
         a0:00:44:12:96:2b:85:d7:7c:48:e3:39:ad:7e:54:3f:f9:f5:
         3c:77:b1:76:e5:b3:5c:c2:9e:c8:28:13:b2:37:e2:7f:21:8a:
         84:a5:74:1e:f1:4f:82:53:04:39:08:ee:5e:bf:72:62:37:b6:
         eb:a7:25:08:4c:39:23:5d:22:e6:02:d6:17:45:05:4a:c4:0d:
         5b:b9:d3:43:5f:aa:0a:ac:b8:6f:a0:95:98:55:9e:af:24:a0:
         ef:41:02:0f:98:cd:e3:78:f8:45:76:bd:e0:14:af:ba:a7:76:
         2c:a2:19:5b:b8:49:e6:31:c8:69:e2:ab:bf:f6:2f:5a:ce:83:
         a2:cd:19:36:b1:0b:ce:19:46:54:1d:93:5a:1c:c7:4d:7d:38:
         4d:89:62:96:03:dd:ae:21:ce:2e:f8:9d:d6:54:d3:30:d2:c1:
         da:75:01:b0:c1:9d:dd:3d:4a:d0:01:71:0a:51:18:0c:6a:d2:
         40:5b:d6:ee:9e:95:ca:ca:3a:d6:05:41:cf:19:ce:6a:a3:2e:
         42:bf:53:6c:97:1f:7d:00:da:43:09:70:48:dd:d0:00:da:a1:
         ca:c2:0e:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENYAjFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjE3NGE1ODMzYmRlNmFhNzgyNGMzNDA5OTc2MmQwMDk3ODg1N2ZmMB4XDTIyMDEw
MTExNTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2ZjOWM5NjY4ZDhm
ODU0NDM0NmM5MGQ0YzYzNjZmODE3NmY0MGYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPQ2sTqe4QkabZPG4dtN/aEQGln54uhPi+k7XDnm57QFIT+9
wqHgKyEXemdKq3VBK+aC0TSwJrfsIPV+rlFuTDDc+gS3rEpaZTCxrlRP1Tgb4GHG
PoOskqL3XnEZkE+ydzh2I+OhgNS6zreboyVgu//WYw9gNhTewTTrMVMVjAnNY5nJ
ylgNIhhkpjuvLZ6lL4iwyZddZ9KbAyprcPdNwWUWB09u4fPNAOs1K30TMw7UVhQ1
K9pZKTvx4gPD1eiEFYZXNAW5VQJbGYjvf0YtrH2MCyrP0aYrt2w3X29tvj1PVpjj
j3wl7WIr5pK2JNJzBA/AxtUI6CTDYfSq6pX8JTECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR/yclmjY+FRDRskNTGNm+BdvQPNDAfBgNVHSMEGDAWgBS/F0pYM73mqngk
w0CZdi0Al4hX/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Z4ZEtXRE85NXFwNEpNTkFtWFl0QUplSVZfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvZGFmMjVjLTFiNDktNDcxOS05MjAzLTMyNTRlNGQ3MTIyZS8x
L2Y4bkpabzJQaFVRMGJKRFV4alp2Z1hiMER6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
ZGFmMjVjLTFiNDktNDcxOS05MjAzLTMyNTRlNGQ3MTIyZS8xL3Z4ZEtXRE85NXFw
NEpNTkFtWFl0QUplSVZfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGj8DANBgkqhkiG9w0BAQsFAAOC
AQEANEYEsr9c3LbRs6MZYt4jsLc9IQp3Xs9246DIQ4ZjrNsXIo3voABEEpYrhdd8
SOM5rX5UP/n1PHexduWzXMKeyCgTsjfifyGKhKV0HvFPglMEOQjuXr9yYje266cl
CEw5I10i5gLWF0UFSsQNW7nTQ1+qCqy4b6CVmFWerySg70ECD5jN43j4RXa94BSv
uqd2LKIZW7hJ5jHIaeKrv/YvWs6Dos0ZNrELzhlGVB2TWhzHTX04TYlilgPdriHO
Lvid1lTTMNLB2nUBsMGd3T1K0AFxClEYDGrSQFvW7p6Vyso61gVBzxnOaqMuQr9T
bJcffQDaQwlwSN3QANqhysIOiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org