Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa
File:                     bAY0JttdkDTOZQCMfqjxihJ11QE.roa (raw, json)
Hash identifier:          4LDZRGO2u34z0HIvO50FjG7iI/ensh3rRTw8pJwBMlQ=
Subject key identifier:   6C:06:34:26:DB:5D:90:34:CE:65:00:8C:7E:A8:F1:8A:12:75:D5:01
Certificate issuer:       /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial:       11B26D82
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa
Signing time:             Mon 28 Mar 2022 18:00:22 +0000
ROA not before:           Mon 28 Mar 2022 18:00:22 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     43402
IP address blocks:        83.142.240.0/21 maxlen: 24
                          95.131.160.0/21 maxlen: 21
                          95.131.166.0/24 maxlen: 24
                          95.131.167.0/24 maxlen: 24
                          185.127.144.0/22 maxlen: 22
                          185.127.144.0/23 maxlen: 23
                          2a03:62c0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 296906114 (0x11b26d82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
        Validity
            Not Before: Mar 28 18:00:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c063426db5d9034ce65008c7ea8f18a1275d501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:88:0f:73:cf:e9:b7:cf:a2:8e:1d:42:58:9e:
                    0a:29:41:eb:2d:a1:8a:64:56:42:26:dd:0f:ee:72:
                    5a:88:e7:5c:16:62:66:06:00:aa:4d:22:a5:c5:81:
                    9b:25:7b:cd:e6:6a:49:af:a5:18:88:95:5c:e5:48:
                    e8:c8:80:4b:83:d0:34:75:11:4c:db:0d:af:82:15:
                    ba:dd:ca:21:cc:65:25:24:2d:28:50:d4:0c:27:0d:
                    36:2b:c4:fc:6f:24:37:c9:e1:9c:a9:54:1a:13:38:
                    2a:44:93:72:16:ce:95:eb:c3:c5:33:d4:ed:f3:64:
                    c9:4e:79:44:68:08:e4:b4:74:3f:e4:d1:65:66:48:
                    ef:df:1a:f2:27:b7:c7:f4:2f:08:2e:d6:af:64:b4:
                    9a:56:b5:c5:74:92:15:ff:08:c8:f9:98:52:63:62:
                    07:99:63:a3:4f:c6:0a:56:5a:2e:ef:36:ff:f2:bd:
                    a4:29:96:17:7a:af:fe:64:0d:f4:21:e6:13:a9:41:
                    0b:a2:7d:c1:4c:59:ea:a5:70:36:33:07:0f:d1:71:
                    6f:1e:1c:f1:2f:16:80:bd:67:7c:32:4d:01:c2:47:
                    15:81:b6:b3:04:f8:d1:64:35:32:27:16:06:38:48:
                    08:7e:0b:ca:f9:58:c8:3b:c4:7b:ac:19:84:51:c9:
                    a7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:06:34:26:DB:5D:90:34:CE:65:00:8C:7E:A8:F1:8A:12:75:D5:01
            X509v3 Authority Key Identifier:
                keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.142.240.0/21
                  95.131.160.0/21
                  185.127.144.0/22
                IPv6:
                  2a03:62c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:8f:79:b9:b1:31:15:45:cb:13:87:93:28:df:9e:f8:a8:87:
         ad:46:39:c3:a1:98:27:a7:43:ee:82:46:78:71:e4:fc:86:97:
         7b:92:28:e7:d7:af:eb:8b:cf:61:8b:2c:0f:79:da:97:52:f2:
         ec:34:f0:b4:90:5d:55:f3:cc:0f:d8:4f:db:73:f7:2b:09:81:
         13:ad:47:0a:26:77:25:ef:30:68:49:37:66:33:71:e9:64:6d:
         64:58:36:7f:e0:2d:d7:d4:76:f7:3c:04:59:98:e8:5c:d7:3d:
         07:1d:52:f3:15:72:9d:f6:ee:aa:49:3c:23:aa:5d:48:db:49:
         1d:58:61:24:76:8c:d1:a3:5d:bb:73:60:96:b6:6c:32:2e:6a:
         64:1d:83:76:6b:39:8d:1a:fe:5f:9a:76:74:65:87:51:d8:46:
         8a:92:ed:18:67:59:f4:2c:21:05:67:67:6e:3d:1d:9b:11:ee:
         a6:b1:f9:d3:ec:36:f5:e6:d9:51:b9:b2:b9:bf:f6:b8:4c:cc:
         26:37:ef:6f:33:45:a4:81:68:16:e2:a2:9a:c0:3f:a4:c4:39:
         ed:64:90:5b:c2:5f:2b:ea:65:e0:f5:0d:86:08:84:00:b4:1a:
         81:8e:d7:e8:a0:a3:a4:74:a1:bd:0b:36:d7:c1:4f:76:39:82:
         cf:7e:72:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEbJtgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDMy
ODE4MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMwNjM0MjZkYjVk
OTAzNGNlNjUwMDhjN2VhOGYxOGExMjc1ZDUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOID3PP6bfPoo4dQlieCilB6y2himRWQibdD+5yWojnXBZi
ZgYAqk0ipcWBmyV7zeZqSa+lGIiVXOVI6MiAS4PQNHURTNsNr4IVut3KIcxlJSQt
KFDUDCcNNivE/G8kN8nhnKlUGhM4KkSTchbOlevDxTPU7fNkyU55RGgI5LR0P+TR
ZWZI798a8ie3x/QvCC7Wr2S0mla1xXSSFf8IyPmYUmNiB5ljo0/GClZaLu82//K9
pCmWF3qv/mQN9CHmE6lBC6J9wUxZ6qVwNjMHD9Fxbx4c8S8WgL1nfDJNAcJHFYG2
swT40WQ1MicWBjhICH4LyvlYyDvEe6wZhFHJp7MCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRsBjQm212QNM5lAIx+qPGKEnXVATAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L2JBWTBKdHRka0RUT1pRQ01mcWp4aWhKMTFRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBAIA
AjAHAwUAKgNiwDANBgkqhkiG9w0BAQsFAAOCAQEAM495ubExFUXLE4eTKN+e+KiH
rUY5w6GYJ6dD7oJGeHHk/IaXe5Io59ev64vPYYssD3nal1Ly7DTwtJBdVfPMD9hP
23P3KwmBE61HCiZ3Je8waEk3ZjNx6WRtZFg2f+At19R29zwEWZjoXNc9Bx1S8xVy
nfbuqkk8I6pdSNtJHVhhJHaM0aNdu3NglrZsMi5qZB2Ddms5jRr+X5p2dGWHUdhG
ipLtGGdZ9CwhBWdnbj0dmxHuprH50+w29ebZUbmyub/2uEzMJjfvbzNFpIFoFuKi
msA/pMQ57WSQW8JfK+pl4PUNhgiEALQagY7X6KCjpHShvQs218FPdjmCz35yWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org