Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b1e1fc-3fe2-4799-8eef-e022dd0fa3e1/1/CHjxhf7_QTeY-SlPejB-q5mNK2Q.roa
File:                     CHjxhf7_QTeY-SlPejB-q5mNK2Q.roa (raw, json)
Hash identifier:          AP/t41joYKfVpRfHtxuV3Ru5Mix21HpLjJTOlPyExPE=
Subject key identifier:   08:78:F1:85:FE:FF:41:37:98:F9:29:4F:7A:30:7E:AB:99:8D:2B:64
Certificate issuer:       /CN=7f94b73b4172fb31b76bb9f1467b36e5ab9a2edd
Certificate serial:       01A55F6B
Authority key identifier: 7F:94:B7:3B:41:72:FB:31:B7:6B:B9:F1:46:7B:36:E5:AB:9A:2E:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f5S3O0Fy-zG3a7nxRns25auaLt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/b1e1fc-3fe2-4799-8eef-e022dd0fa3e1/1/CHjxhf7_QTeY-SlPejB-q5mNK2Q.roa
Signing time:             Sat 01 Jan 2022 07:53:32 +0000
ROA not before:           Sat 01 Jan 2022 07:53:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     3356
IP address blocks:        85.8.130.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27615083 (0x1a55f6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f94b73b4172fb31b76bb9f1467b36e5ab9a2edd
        Validity
            Not Before: Jan  1 07:53:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0878f185feff413798f9294f7a307eab998d2b64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:00:24:00:be:0f:c2:92:14:5e:56:98:d2:53:
                    f1:e6:43:1f:ef:24:0c:61:51:b0:fd:bf:6b:53:7e:
                    c7:42:2f:ea:1c:72:07:a7:6b:9c:31:c8:8d:07:b9:
                    81:75:52:e8:ae:1c:46:15:0d:dd:b0:d1:91:52:a5:
                    50:05:a0:18:69:61:a5:61:d9:45:d7:d0:0b:d8:b0:
                    32:1c:33:3e:31:98:fe:d0:bb:7e:5b:90:f3:47:f4:
                    2c:1d:55:b3:73:59:9c:8c:8f:d9:2f:9f:b7:43:87:
                    8c:b8:84:dc:85:3e:78:3d:94:b0:f0:ae:0b:87:49:
                    31:48:09:ca:87:27:e4:72:fe:0f:d8:08:45:1f:0e:
                    52:34:f4:4e:5d:ac:27:09:1b:80:51:55:fb:3e:9a:
                    98:90:2d:52:56:18:42:1c:d1:c4:65:7d:d0:f4:63:
                    25:fe:60:25:41:6e:aa:cf:40:c2:d0:a9:65:7c:5b:
                    96:bd:c9:a6:ac:ce:4a:be:66:4c:41:9b:6f:20:39:
                    63:c4:57:41:ba:2c:94:90:36:2d:24:3e:1a:7f:ec:
                    35:e8:f3:9f:c7:00:dc:21:52:6e:e1:5b:fd:d9:09:
                    37:bd:af:25:7c:45:70:96:72:77:4e:99:78:7f:56:
                    5a:ae:26:d2:8a:90:22:e4:d3:58:fc:ab:93:dc:3d:
                    2b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:78:F1:85:FE:FF:41:37:98:F9:29:4F:7A:30:7E:AB:99:8D:2B:64
            X509v3 Authority Key Identifier:
                keyid:7F:94:B7:3B:41:72:FB:31:B7:6B:B9:F1:46:7B:36:E5:AB:9A:2E:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5S3O0Fy-zG3a7nxRns25auaLt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b1e1fc-3fe2-4799-8eef-e022dd0fa3e1/1/CHjxhf7_QTeY-SlPejB-q5mNK2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b1e1fc-3fe2-4799-8eef-e022dd0fa3e1/1/f5S3O0Fy-zG3a7nxRns25auaLt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.8.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:eb:22:42:4a:16:bc:e7:66:31:4c:2f:03:75:aa:ec:72:d4:
         9d:63:ee:e2:39:91:97:4b:5f:ca:89:c6:e1:81:aa:18:a6:68:
         b1:fc:bf:06:69:8d:2a:9c:97:2e:00:bc:73:9c:93:a3:3d:db:
         33:ec:61:80:1f:b4:a0:31:86:44:51:37:5b:d4:ca:80:33:bb:
         30:1d:a1:46:53:60:ee:99:61:e9:27:b1:1c:dd:7d:4d:9d:f0:
         83:b0:47:50:5a:8f:d5:31:79:36:a9:9b:39:4c:9f:fb:d0:fb:
         88:07:b7:3f:20:51:5c:55:15:53:44:df:0a:80:1b:03:6a:9e:
         5e:0a:b3:5d:15:38:3d:f0:95:85:c8:7a:69:32:4e:7d:b1:9b:
         25:46:c3:16:61:17:8e:52:c0:86:a2:5d:4d:56:79:9d:59:a3:
         a9:50:01:01:ab:06:8f:64:86:a3:8d:40:3b:e8:67:9c:24:9c:
         03:b2:1b:34:5c:7c:5b:5b:c3:19:dd:8d:f9:c9:77:5c:ef:18:
         a2:d7:a0:9a:b4:76:15:3a:29:27:5d:a3:f4:2b:f5:16:1b:c4:
         27:4a:ff:97:59:8e:c5:10:3e:a3:87:01:a1:e9:9f:b1:fe:bb:
         51:21:19:c9:03:33:82:b1:2c:42:a8:d0:0a:ea:9e:e3:39:38:
         b2:95:10:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAaVfazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Zjk0YjczYjQxNzJmYjMxYjc2YmI5ZjE0NjdiMzZlNWFiOWEyZWRkMB4XDTIyMDEw
MTA3NTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg3OGYxODVmZWZm
NDEzNzk4ZjkyOTRmN2EzMDdlYWI5OThkMmI2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0AJAC+D8KSFF5WmNJT8eZDH+8kDGFRsP2/a1N+x0Iv6hxy
B6drnDHIjQe5gXVS6K4cRhUN3bDRkVKlUAWgGGlhpWHZRdfQC9iwMhwzPjGY/tC7
fluQ80f0LB1Vs3NZnIyP2S+ft0OHjLiE3IU+eD2UsPCuC4dJMUgJyocn5HL+D9gI
RR8OUjT0Tl2sJwkbgFFV+z6amJAtUlYYQhzRxGV90PRjJf5gJUFuqs9AwtCpZXxb
lr3JpqzOSr5mTEGbbyA5Y8RXQboslJA2LSQ+Gn/sNejzn8cA3CFSbuFb/dkJN72v
JXxFcJZyd06ZeH9WWq4m0oqQIuTTWPyrk9w9K+8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIePGF/v9BN5j5KU96MH6rmY0rZDAfBgNVHSMEGDAWgBR/lLc7QXL7Mbdr
ufFGezblq5ou3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Y1UzNPMEZ5LXpHM2E3bnhSbnMyNWF1YUx0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjFlMWZjLTNmZTItNDc5OS04ZWVmLWUwMjJkZDBmYTNlMS8x
L0NIanhoZjdfUVRlWS1TbFBlakItcTVtTksyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YjFlMWZjLTNmZTItNDc5OS04ZWVmLWUwMjJkZDBmYTNlMS8xL2Y1UzNPMEZ5LXpH
M2E3bnhSbnMyNWF1YUx0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFUIgjANBgkqhkiG9w0BAQsFAAOC
AQEALesiQkoWvOdmMUwvA3Wq7HLUnWPu4jmRl0tfyonG4YGqGKZosfy/BmmNKpyX
LgC8c5yToz3bM+xhgB+0oDGGRFE3W9TKgDO7MB2hRlNg7plh6SexHN19TZ3wg7BH
UFqP1TF5NqmbOUyf+9D7iAe3PyBRXFUVU0TfCoAbA2qeXgqzXRU4PfCVhch6aTJO
fbGbJUbDFmEXjlLAhqJdTVZ5nVmjqVABAasGj2SGo41AO+hnnCScA7IbNFx8W1vD
Gd2N+cl3XO8YotegmrR2FTopJ12j9Cv1FhvEJ0r/l1mOxRA+o4cBoemfsf67USEZ
yQMzgrEsQqjQCuqe4zk4spUQpA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-fra.rpki-client.org