Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/247492-da0f-4d43-b262-d2c29f1981ff/1/za8D1AK0ynbsZKwoxCGS7UkciEA.roa
File:                     za8D1AK0ynbsZKwoxCGS7UkciEA.roa (raw, json)
Hash identifier:          Oikl50gFwg2kuvzUir4P28PRp61IQnd6T4BZy1i50+8=
Subject key identifier:   CD:AF:03:D4:02:B4:CA:76:EC:64:AC:28:C4:21:92:ED:49:1C:88:40
Certificate issuer:       /CN=0d8f95c3875d66b069042196606c00d9f96fd4cb
Certificate serial:       909AA7
Authority key identifier: 0D:8F:95:C3:87:5D:66:B0:69:04:21:96:60:6C:00:D9:F9:6F:D4:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY-Vw4ddZrBpBCGWYGwA2flv1Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/247492-da0f-4d43-b262-d2c29f1981ff/1/za8D1AK0ynbsZKwoxCGS7UkciEA.roa
Signing time:             Mon 04 Apr 2022 16:41:38 +0000
ROA not before:           Mon 04 Apr 2022 16:41:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208485
IP address blocks:        193.228.131.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9476775 (0x909aa7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8f95c3875d66b069042196606c00d9f96fd4cb
        Validity
            Not Before: Apr  4 16:41:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdaf03d402b4ca76ec64ac28c42192ed491c8840
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b4:03:58:a8:ea:57:0d:06:15:77:d6:2f:d5:
                    c1:ad:ea:c5:d0:b2:30:d3:34:50:51:2a:73:d7:6b:
                    f0:12:fe:8a:59:7e:74:9a:e5:67:c8:73:63:ca:38:
                    b6:e1:cd:90:51:a8:63:16:e2:7a:0c:c8:6a:55:86:
                    bf:0a:0d:40:87:31:6a:1a:c2:70:bc:ec:ac:1a:69:
                    09:43:09:89:45:34:be:da:00:db:f2:67:5f:ae:66:
                    0a:64:35:01:aa:e9:99:2a:f5:ff:4a:c0:31:fd:36:
                    7b:98:68:80:95:6e:39:15:b3:5c:45:03:3b:b1:ef:
                    e3:14:b4:e7:e0:d4:e0:61:da:35:18:9d:60:60:a2:
                    79:9e:89:8b:07:a1:ce:9c:23:59:4e:f0:40:f3:ff:
                    17:af:da:49:34:2b:48:d9:ac:cd:d3:c8:47:cb:ea:
                    a8:2d:35:fa:88:f7:2a:cf:e9:e1:c5:04:b5:d4:2f:
                    de:2b:af:b2:ba:6c:9f:11:f7:6a:81:5a:80:bc:74:
                    7f:66:ba:dd:85:35:e4:8a:ab:2e:71:c5:e3:c9:4e:
                    0b:3c:e3:60:de:bf:05:cf:dc:9a:a6:a7:e5:31:7f:
                    6a:6b:76:9c:87:64:99:99:fc:3f:ff:9e:61:de:2b:
                    c3:2a:2a:2a:51:9b:6e:4a:2f:ed:77:da:15:c9:1c:
                    ee:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:AF:03:D4:02:B4:CA:76:EC:64:AC:28:C4:21:92:ED:49:1C:88:40
            X509v3 Authority Key Identifier:
                keyid:0D:8F:95:C3:87:5D:66:B0:69:04:21:96:60:6C:00:D9:F9:6F:D4:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY-Vw4ddZrBpBCGWYGwA2flv1Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/247492-da0f-4d43-b262-d2c29f1981ff/1/za8D1AK0ynbsZKwoxCGS7UkciEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/247492-da0f-4d43-b262-d2c29f1981ff/1/DY-Vw4ddZrBpBCGWYGwA2flv1Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.228.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:1f:cc:a9:a2:ab:2f:16:a4:5e:bf:e6:9e:66:2a:3c:f0:d4:
         a5:d0:7c:d2:00:e9:b2:aa:bc:6f:6a:c0:ce:70:1f:ab:5f:22:
         e0:db:5a:dc:57:84:71:6b:fa:cd:ba:09:92:c3:30:d6:2e:e3:
         e7:a4:e8:9a:10:14:7a:15:9f:da:23:c0:97:c7:91:da:67:7a:
         62:fb:7d:23:8e:0f:52:1a:09:13:5e:aa:03:dc:03:0c:6f:15:
         5c:2d:26:c4:08:0c:b4:41:21:f8:cd:c2:96:ca:af:d8:a3:41:
         09:ce:62:73:36:f7:5f:ee:4e:91:30:a6:9e:d4:05:f5:8b:ea:
         0c:00:e5:82:08:a8:06:6b:ed:29:95:da:ae:cc:87:1c:de:c2:
         ff:62:3b:0b:66:fb:11:95:19:e7:f6:b3:e4:1a:a6:7c:8e:68:
         33:00:e8:21:87:09:0e:bb:c5:d4:9d:fa:87:3b:0e:1c:9d:14:
         23:7d:89:f6:78:ca:3c:16:67:82:e4:b4:63:9d:fb:ac:ad:5c:
         0b:1b:1e:e1:f4:5b:93:3d:a6:28:c5:18:5d:11:e5:49:a6:82:
         ad:3f:ca:1f:ba:0e:97:9f:30:2f:94:8a:57:b9:a5:f6:96:19:
         d7:07:50:1b:7d:36:0f:14:3d:4b:86:c1:54:62:fc:f2:32:07:
         ca:5f:28:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJCapzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDhmOTVjMzg3NWQ2NmIwNjkwNDIxOTY2MDZjMDBkOWY5NmZkNGNiMB4XDTIyMDQw
NDE2NDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RhZjAzZDQwMmI0
Y2E3NmVjNjRhYzI4YzQyMTkyZWQ0OTFjODg0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+0A1io6lcNBhV31i/Vwa3qxdCyMNM0UFEqc9dr8BL+ill+
dJrlZ8hzY8o4tuHNkFGoYxbiegzIalWGvwoNQIcxahrCcLzsrBppCUMJiUU0vtoA
2/JnX65mCmQ1AarpmSr1/0rAMf02e5hogJVuORWzXEUDO7Hv4xS05+DU4GHaNRid
YGCieZ6JiwehzpwjWU7wQPP/F6/aSTQrSNmszdPIR8vqqC01+oj3Ks/p4cUEtdQv
3iuvsrpsnxH3aoFagLx0f2a63YU15IqrLnHF48lOCzzjYN6/Bc/cmqan5TF/amt2
nIdkmZn8P/+eYd4rwyoqKlGbbkov7XfaFckc7j8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNrwPUArTKduxkrCjEIZLtSRyIQDAfBgNVHSMEGDAWgBQNj5XDh11msGkE
IZZgbADZ+W/UyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZLVZ3NGRkWnJCcEJDR1dZR3dBMmZsdjFNcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvMjQ3NDkyLWRhMGYtNGQ0My1iMjYyLWQyYzI5ZjE5ODFmZi8x
L3phOEQxQUsweW5ic1pLd294Q0dTN1VrY2lFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
MjQ3NDkyLWRhMGYtNGQ0My1iMjYyLWQyYzI5ZjE5ODFmZi8xL0RZLVZ3NGRkWnJC
cEJDR1dZR3dBMmZsdjFNcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHkgzANBgkqhkiG9w0BAQsFAAOC
AQEAiR/MqaKrLxakXr/mnmYqPPDUpdB80gDpsqq8b2rAznAfq18i4Nta3FeEcWv6
zboJksMw1i7j56TomhAUehWf2iPAl8eR2md6Yvt9I44PUhoJE16qA9wDDG8VXC0m
xAgMtEEh+M3Clsqv2KNBCc5iczb3X+5OkTCmntQF9YvqDADlggioBmvtKZXarsyH
HN7C/2I7C2b7EZUZ5/az5BqmfI5oMwDoIYcJDrvF1J36hzsOHJ0UI32J9njKPBZn
guS0Y537rK1cCxse4fRbkz2mKMUYXRHlSaaCrT/KH7oOl58wL5SKV7ml9pYZ1wdQ
G302DxQ9S4bBVGL88jIHyl8o+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:10 2024 by rpki-client on console-fra.rpki-client.org