Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa
File:                     XUSRtl7fWktRJw-XDaoIPk2nzpI.roa (raw, json)
Hash identifier:          /HX/ivhHuiAK5DdAO6ZbvSsdk/H/NWhebMKhT4vy6dI=
Subject key identifier:   5D:44:91:B6:5E:DF:5A:4B:51:27:0F:97:0D:AA:08:3E:4D:A7:CE:92
Certificate issuer:       /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial:       114D8413
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa
Signing time:             Wed 16 Feb 2022 09:45:36 +0000
ROA not before:           Wed 16 Feb 2022 09:45:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43402
IP address blocks:        83.142.240.0/21 maxlen: 21
                          95.131.160.0/21 maxlen: 21
                          95.131.166.0/24 maxlen: 24
                          95.131.167.0/24 maxlen: 24
                          185.127.144.0/22 maxlen: 22
                          185.127.144.0/23 maxlen: 23
                          2a03:62c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 290292755 (0x114d8413)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
        Validity
            Not Before: Feb 16 09:45:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d4491b65edf5a4b51270f970daa083e4da7ce92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:89:00:f8:3a:68:7b:1b:5a:07:b1:71:97:8c:
                    5c:ed:5c:36:6e:72:b0:10:71:cb:42:ea:2d:39:14:
                    fd:47:e7:f3:e8:5d:1a:cd:52:e4:fa:f9:b5:36:22:
                    29:29:f0:df:2b:8f:58:f4:0f:e6:91:56:bb:3e:dc:
                    aa:5a:c9:f2:1f:a3:1f:25:dd:2a:72:6e:08:ba:f5:
                    68:90:5e:45:1d:88:3d:21:8e:46:33:e4:fd:20:c5:
                    0b:18:14:3f:6e:04:7f:e4:d4:5c:d0:71:49:c1:91:
                    be:66:7c:bd:7b:cb:48:94:ea:88:24:a3:5e:3e:5f:
                    c7:3e:fa:07:69:01:00:4a:0e:e7:b9:44:5a:bd:49:
                    23:03:eb:73:2c:f4:b0:45:fe:1f:5f:2d:b1:a3:aa:
                    99:b0:0d:ac:30:16:db:5d:0e:d8:56:f6:51:70:3d:
                    dc:e7:e5:33:21:6b:54:8d:a9:a1:d5:8b:7e:17:76:
                    7d:84:65:03:35:75:09:bb:0c:04:04:55:05:10:14:
                    3b:97:7a:33:a3:18:a2:63:98:39:05:cc:6c:56:8a:
                    50:77:93:ac:fa:41:18:de:26:96:93:67:fc:51:6d:
                    46:be:5e:92:31:c1:26:58:ab:ed:13:1c:4c:32:59:
                    0d:c6:0d:c7:89:db:c0:61:a0:e6:24:b3:3b:cd:14:
                    ac:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:44:91:B6:5E:DF:5A:4B:51:27:0F:97:0D:AA:08:3E:4D:A7:CE:92
            X509v3 Authority Key Identifier:
                keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.142.240.0/21
                  95.131.160.0/21
                  185.127.144.0/22
                IPv6:
                  2a03:62c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:a0:30:60:35:f1:22:d0:2e:5d:91:7f:59:dc:8f:92:70:d1:
         59:90:8e:40:b4:b9:a7:19:58:9b:44:00:a5:96:36:40:46:3b:
         1d:10:94:aa:02:ed:ef:b1:a5:5d:b8:81:35:6e:eb:19:06:a6:
         88:f6:f9:46:50:e1:47:4b:b2:a7:db:b9:f6:1c:bc:9c:94:8e:
         29:60:2a:eb:fc:1f:b6:25:57:2b:d2:e4:6d:cc:01:1c:3f:96:
         21:36:67:40:fb:7e:80:39:b5:97:d4:8f:5e:17:24:7f:35:9f:
         ce:2e:3c:02:c5:20:c7:be:ff:f7:15:b2:e3:d9:d2:b5:47:09:
         1e:bc:cd:9f:ef:0c:7e:29:71:39:de:cd:f0:86:7b:72:f9:0b:
         3a:96:e7:23:34:8d:78:98:c5:72:e1:ec:f7:1a:22:63:6d:2a:
         26:6a:b4:31:01:cb:3f:05:2e:4a:6f:83:ad:3a:b5:24:94:1c:
         f3:ff:05:a6:11:be:2c:ad:3c:a6:05:39:5d:81:ab:2f:0f:f9:
         89:16:46:8d:6b:41:b9:c7:e5:0b:19:99:d3:30:30:ec:1e:b1:
         47:35:6e:a4:0e:14:e4:1c:1b:36:47:5d:ef:5c:1e:cd:32:9f:
         70:44:b9:1a:b7:43:5e:82:79:e4:81:93:a4:d2:5c:40:fe:c9:
         98:23:cc:aa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEU2EEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDIx
NjA5NDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0NDkxYjY1ZWRm
NWE0YjUxMjcwZjk3MGRhYTA4M2U0ZGE3Y2U5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGJAPg6aHsbWgexcZeMXO1cNm5ysBBxy0LqLTkU/Ufn8+hd
Gs1S5Pr5tTYiKSnw3yuPWPQP5pFWuz7cqlrJ8h+jHyXdKnJuCLr1aJBeRR2IPSGO
RjPk/SDFCxgUP24Ef+TUXNBxScGRvmZ8vXvLSJTqiCSjXj5fxz76B2kBAEoO57lE
Wr1JIwPrcyz0sEX+H18tsaOqmbANrDAW210O2Fb2UXA93OflMyFrVI2podWLfhd2
fYRlAzV1CbsMBARVBRAUO5d6M6MYomOYOQXMbFaKUHeTrPpBGN4mlpNn/FFtRr5e
kjHBJlir7RMcTDJZDcYNx4nbwGGg5iSzO80UrCkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRdRJG2Xt9aS1EnD5cNqgg+TafOkjAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L1hVU1J0bDdmV2t0Ukp3LVhEYW9JUGsybnpwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBAIA
AjAHAwUAKgNiwDANBgkqhkiG9w0BAQsFAAOCAQEAlaAwYDXxItAuXZF/WdyPknDR
WZCOQLS5pxlYm0QApZY2QEY7HRCUqgLt77GlXbiBNW7rGQamiPb5RlDhR0uyp9u5
9hy8nJSOKWAq6/wftiVXK9LkbcwBHD+WITZnQPt+gDm1l9SPXhckfzWfzi48AsUg
x77/9xWy49nStUcJHrzNn+8MfilxOd7N8IZ7cvkLOpbnIzSNeJjFcuHs9xoiY20q
Jmq0MQHLPwUuSm+DrTq1JJQc8/8FphG+LK08pgU5XYGrLw/5iRZGjWtBucflCxmZ
0zAw7B6xRzVupA4U5BwbNkdd71wezTKfcES5GrdDXoJ55IGTpNJcQP7JmCPMqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:43 2024 by rpki-client on console-ams.rpki-client.org