Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa
File:                     MHA27ceZEUOwLDRSg61cuSJh9DI.roa (raw, json)
Hash identifier:          YErgy5K2y0ejiLK+ZYhKV1YexGDAm167ASa4wcdVyWo=
Subject key identifier:   30:70:36:ED:C7:99:11:43:B0:2C:34:52:83:AD:5C:B9:22:61:F4:32
Certificate issuer:       /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial:       11508E87
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa
Signing time:             Wed 16 Feb 2022 09:54:00 +0000
ROA not before:           Wed 16 Feb 2022 09:54:00 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        95.131.166.0/24 maxlen: 24
                          95.131.165.0/24 maxlen: 24
                          95.131.164.0/24 maxlen: 24
                          95.131.163.0/24 maxlen: 24
                          95.131.162.0/24 maxlen: 24
                          95.131.160.0/21 maxlen: 21
                          95.131.161.0/24 maxlen: 24
                          95.131.167.0/24 maxlen: 24
                          185.127.145.0/24 maxlen: 24
                          185.127.144.0/22 maxlen: 22
                          185.127.144.0/24 maxlen: 24
                          83.142.244.0/24 maxlen: 24
                          83.142.243.0/24 maxlen: 24
                          83.142.242.0/24 maxlen: 24
                          83.142.240.0/21 maxlen: 21
                          83.142.241.0/24 maxlen: 24
                          83.142.246.0/24 maxlen: 24
                          83.142.245.0/24 maxlen: 24
                          83.142.247.0/24 maxlen: 24
                          185.127.147.0/24 maxlen: 24
                          185.127.146.0/24 maxlen: 24
                          83.142.240.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 290492039 (0x11508e87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
        Validity
            Not Before: Feb 16 09:54:00 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=307036edc7991143b02c345283ad5cb92261f432
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:7f:5b:d1:03:d2:cb:48:f4:9b:61:1c:4b:48:
                    aa:c9:68:a7:80:ab:c4:da:39:8b:8e:a6:51:4b:a9:
                    6b:97:b9:2c:a7:b5:be:9d:c3:86:ea:7f:ff:38:5d:
                    d4:9c:41:15:b4:c2:5f:76:6f:bd:27:88:06:76:bf:
                    15:32:a2:31:e3:48:a0:2c:ea:9d:a1:f1:8e:70:6f:
                    5e:91:eb:5b:00:40:42:66:b5:ce:0a:10:29:f2:77:
                    e1:d5:eb:72:6e:36:aa:ba:f3:9e:d0:d2:da:a5:39:
                    5a:39:34:05:95:09:83:f3:24:a8:a9:fa:4c:8f:a5:
                    92:29:9f:54:82:49:3e:b9:15:f7:7a:ef:11:4c:84:
                    c6:fa:37:76:75:07:e8:a6:8e:7b:8a:04:28:11:6c:
                    8c:54:73:e1:53:ec:ed:40:0b:29:b7:2b:27:93:7d:
                    eb:93:d3:30:a0:69:4b:97:b1:dd:c0:90:31:30:fe:
                    29:a8:7f:97:48:22:5f:ad:77:fa:8a:b6:ea:7f:32:
                    93:5d:0c:9c:67:d4:dd:2b:38:34:ee:59:2c:9f:fe:
                    02:6b:4c:99:6d:50:d9:ff:bf:51:c9:65:76:f1:27:
                    e6:49:a4:77:f3:a7:0b:6c:7a:06:34:3a:62:10:22:
                    5b:5e:d0:62:51:43:e8:cf:e6:d8:22:c1:cd:ae:54:
                    65:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:70:36:ED:C7:99:11:43:B0:2C:34:52:83:AD:5C:B9:22:61:F4:32
            X509v3 Authority Key Identifier:
                keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/MHA27ceZEUOwLDRSg61cuSJh9DI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.142.240.0/21
                  95.131.160.0/21
                  185.127.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:c4:1b:d9:5b:85:bf:61:f2:93:73:83:45:5c:ea:8e:ef:b8:
         ec:e4:6e:05:a2:3d:46:c5:f8:1e:e0:61:8a:4f:dc:35:4f:96:
         ef:2e:eb:b4:7e:b5:a3:59:e2:ce:78:f0:8b:6b:b1:80:cd:55:
         4c:0b:82:a3:b2:9c:29:af:5c:92:a7:58:b1:e4:68:d7:58:0d:
         2b:a8:fc:07:bc:c5:53:08:74:70:6a:c4:ce:a0:a2:a1:9f:75:
         9a:db:20:74:5e:b4:1b:5a:b2:2c:1e:aa:39:25:64:17:0e:00:
         46:5e:cd:a3:40:15:02:fb:56:3b:e6:a6:41:4c:e5:64:26:2a:
         7f:27:de:ef:ca:34:8f:b3:8c:0b:b6:19:c2:ce:24:bd:4c:fb:
         ee:61:82:53:3b:2a:d8:29:d2:ef:b7:d8:22:94:41:57:82:44:
         65:1e:d0:ca:f5:d4:0e:00:28:27:79:32:5b:24:6f:c3:da:ef:
         2b:62:e7:82:86:e1:b8:8f:e6:56:85:08:cb:f6:70:5c:7d:23:
         7a:b0:21:32:75:52:31:9e:93:28:90:49:03:c9:92:4f:75:84:
         ea:30:7d:fd:64:c1:56:7e:97:50:37:0b:c2:35:12:fa:24:57:
         6d:c5:b4:82:a6:85:76:f2:af:b7:b9:43:a4:62:88:de:2f:0d:
         b6:2e:8e:c0
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEVCOhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDIx
NjA5NTQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA3MDM2ZWRjNzk5
MTE0M2IwMmMzNDUyODNhZDVjYjkyMjYxZjQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMR/W9ED0stI9JthHEtIqslop4CrxNo5i46mUUupa5e5LKe1
vp3Dhup//zhd1JxBFbTCX3ZvvSeIBna/FTKiMeNIoCzqnaHxjnBvXpHrWwBAQma1
zgoQKfJ34dXrcm42qrrzntDS2qU5Wjk0BZUJg/MkqKn6TI+lkimfVIJJPrkV93rv
EUyExvo3dnUH6KaOe4oEKBFsjFRz4VPs7UALKbcrJ5N965PTMKBpS5ex3cCQMTD+
Kah/l0giX613+oq26n8yk10MnGfU3Ss4NO5ZLJ/+AmtMmW1Q2f+/UclldvEn5kmk
d/OnC2x6BjQ6YhAiW17QYlFD6M/m2CLBza5UZfsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQwcDbtx5kRQ7AsNFKDrVy5ImH0MjAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L01IQTI3Y2VaRVVPd0xEUlNnNjFjdVNKaDlESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBgkq
hkiG9w0BAQsFAAOCAQEAisQb2VuFv2Hyk3ODRVzqju+47ORuBaI9RsX4HuBhik/c
NU+W7y7rtH61o1niznjwi2uxgM1VTAuCo7KcKa9ckqdYseRo11gNK6j8B7zFUwh0
cGrEzqCioZ91mtsgdF60G1qyLB6qOSVkFw4ARl7No0AVAvtWO+amQUzlZCYqfyfe
78o0j7OMC7YZws4kvUz77mGCUzsq2CnS77fYIpRBV4JEZR7QyvXUDgAoJ3kyWyRv
w9rvK2LngobhuI/mVoUIy/ZwXH0jerAhMnVSMZ6TKJBJA8mST3WE6jB9/WTBVn6X
UDcLwjUS+iRXbcW0gqaFdvKvt7lDpGKI3i8Nti6OwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org