Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa
File:                     1k-M5Hc4cubNo0FvW-MKAYbv00k.roa (raw, json)
Hash identifier:          mWSE0HoDm6fRSOfitRjL4D9tEfPglVMJP2yITUmQ0xs=
Subject key identifier:   D6:4F:8C:E4:77:38:72:E6:CD:A3:41:6F:5B:E3:0A:01:86:EF:D3:49
Certificate issuer:       /CN=7835f76d377a3387f1f0fc4f47bd88dc90aa69fb
Certificate serial:       018CCA284AA485301DDD9410F869B56F8224
Authority key identifier: 78:35:F7:6D:37:7A:33:87:F1:F0:FC:4F:47:BD:88:DC:90:AA:69:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eDX3bTd6M4fx8PxPR72I3JCqafs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa
Signing time:             Tue 02 Jan 2024 12:31:27 +0000
ROA not before:           Tue 02 Jan 2024 12:31:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        195.64.103.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:28:4a:a4:85:30:1d:dd:94:10:f8:69:b5:6f:82:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7835f76d377a3387f1f0fc4f47bd88dc90aa69fb
        Validity
            Not Before: Jan  2 12:31:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d64f8ce4773872e6cda3416f5be30a0186efd349
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:db:fe:59:9b:03:b2:c3:f2:46:12:0e:e1:e4:
                    e9:b4:de:86:0c:5c:d2:57:2f:5b:25:11:8c:7d:53:
                    0d:9d:70:f8:89:1d:5e:d7:c9:6c:b3:e3:35:fe:7b:
                    22:87:5f:2b:e4:df:89:b5:60:8d:e8:d2:cf:43:01:
                    c9:e3:fd:77:81:43:81:69:71:c1:bd:8b:ce:fc:89:
                    82:98:32:42:3b:10:74:47:e3:49:11:e1:13:be:84:
                    6a:d2:ea:23:96:40:cd:78:1a:2d:da:1d:94:a0:3d:
                    79:fb:fe:0d:69:8e:fc:e0:11:c8:f2:a2:35:1d:ff:
                    9c:01:7b:2d:17:af:22:99:d6:91:ae:d6:da:54:19:
                    46:0c:02:7d:45:9d:c4:dd:c3:b9:93:4e:ca:18:2e:
                    19:4d:24:41:30:5a:0f:2a:a6:88:77:09:7d:01:3e:
                    5a:4d:e7:f6:9b:75:23:d0:a4:3f:d8:9f:d8:12:08:
                    51:17:d9:aa:82:88:56:a9:c1:5e:e0:5d:22:48:60:
                    e3:33:9d:d1:06:16:ef:75:6c:05:c5:ef:a1:64:6b:
                    22:d4:9c:93:7d:de:02:f0:20:8a:40:75:9c:ea:32:
                    4a:13:29:3a:a3:7b:11:06:88:e3:9b:1c:41:3a:33:
                    2b:c5:6a:e5:52:b0:8c:3f:09:39:9c:b6:0c:1b:00:
                    5b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:4F:8C:E4:77:38:72:E6:CD:A3:41:6F:5B:E3:0A:01:86:EF:D3:49
            X509v3 Authority Key Identifier:
                keyid:78:35:F7:6D:37:7A:33:87:F1:F0:FC:4F:47:BD:88:DC:90:AA:69:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDX3bTd6M4fx8PxPR72I3JCqafs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/eDX3bTd6M4fx8PxPR72I3JCqafs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:24:54:26:47:58:98:f6:24:c9:9d:b1:a0:45:82:b4:8d:9a:
         06:09:2b:95:ea:72:96:f9:87:c9:eb:fd:f5:09:42:c3:36:9a:
         ad:80:a5:4b:f9:bf:4e:84:f5:c9:20:07:34:5f:59:1b:83:4e:
         28:42:43:aa:93:63:70:6f:c2:e4:83:f8:18:fe:99:50:ae:8e:
         b5:2a:af:82:fa:f5:15:73:c0:0e:37:0b:41:be:98:a6:07:57:
         39:dc:0d:bb:fd:cc:11:8b:30:50:38:01:f2:6a:ae:c2:f9:47:
         ed:86:3e:a1:27:b2:e7:b2:f8:c8:90:fa:f6:de:56:b7:bc:c6:
         93:00:21:5b:69:f5:98:17:e9:7e:98:43:a2:96:d4:38:b3:7d:
         ee:f5:7e:47:1a:6a:84:ec:49:b9:0a:11:3a:4f:42:b2:49:02:
         9c:df:86:6d:de:83:ed:88:ef:3d:9f:c4:62:d9:3d:4c:4f:58:
         6b:13:d1:51:38:5f:7c:6c:94:f7:cb:2b:46:7e:24:bd:5b:19:
         23:b2:c4:67:c1:e8:58:ce:1d:26:71:f9:5b:4b:83:4b:eb:f8:
         fb:e2:90:4e:91:a0:66:d2:56:7d:06:34:4e:7d:42:12:59:ee:
         68:e7:f1:fe:0c:92:3a:b1:20:5b:38:a0:11:31:09:c9:d4:31:
         9a:60:b2:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKEqkhTAd3ZQQ+Gm1b4IkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MzVmNzZkMzc3YTMzODdmMWYwZmM0ZjQ3YmQ4OGRjOTBh
YTY5ZmIwHhcNMjQwMTAyMTIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRmOGNlNDc3Mzg3MmU2Y2RhMzQxNmY1YmUzMGEwMTg2ZWZkMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNv+WZsDssPyRhIO4eTptN6GDFzS
Vy9bJRGMfVMNnXD4iR1e18lss+M1/nsih18r5N+JtWCN6NLPQwHJ4/13gUOBaXHB
vYvO/ImCmDJCOxB0R+NJEeETvoRq0uojlkDNeBot2h2UoD15+/4NaY784BHI8qI1
Hf+cAXstF68imdaRrtbaVBlGDAJ9RZ3E3cO5k07KGC4ZTSRBMFoPKqaIdwl9AT5a
Tef2m3Uj0KQ/2J/YEghRF9mqgohWqcFe4F0iSGDjM53RBhbvdWwFxe+hZGsi1JyT
fd4C8CCKQHWc6jJKEyk6o3sRBojjmxxBOjMrxWrlUrCMPwk5nLYMGwBb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZPjOR3OHLmzaNBb1vjCgGG79NJMB8GA1UdIwQY
MBaAFHg19203ejOH8fD8T0e9iNyQqmn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURYM2JUZDZNNGZ4OFB4UFI3MkkzSkNxYWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yMDZiYzYtZjM3Ny00NGI5LWI1M2Et
NjVlYzcyMmU3YTkyLzEvMWstTTVIYzRjdWJObzBGdlctTUtBWWJ2MDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8yMDZiYzYtZjM3Ny00NGI5LWI1M2EtNjVlYzcyMmU3YTky
LzEvZURYM2JUZDZNNGZ4OFB4UFI3MkkzSkNxYWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BnMA0G
CSqGSIb3DQEBCwUAA4IBAQBcJFQmR1iY9iTJnbGgRYK0jZoGCSuV6nKW+YfJ6/31
CULDNpqtgKVL+b9OhPXJIAc0X1kbg04oQkOqk2Nwb8Lkg/gY/plQro61Kq+C+vUV
c8AONwtBvpimB1c53A27/cwRizBQOAHyaq7C+Ufthj6hJ7LnsvjIkPr23la3vMaT
ACFbafWYF+l+mEOiltQ4s33u9X5HGmqE7Em5ChE6T0KySQKc34Zt3oPtiO89n8Ri
2T1MT1hrE9FROF98bJT3yytGfiS9WxkjssRnwehYzh0mcflbS4NL6/j74pBOkaBm
0lZ9BjROfUISWe5o5/H+DJI6sSBbOKARMQnJ1DGaYLIk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:37 2024 by rpki-client on console-fra.rpki-client.org