Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/o0hgdl5wumgjhv_W04qkWbsRMGE.roa
File:                     o0hgdl5wumgjhv_W04qkWbsRMGE.roa (raw, json)
Hash identifier:          fadDNu2AZRzBaNQFWcS64ppC0IzLVga/YwGZFyp63lk=
Subject key identifier:   A3:48:60:76:5E:70:BA:68:23:86:FF:D6:D3:8A:A4:59:BB:11:30:61
Certificate issuer:       /CN=f02d21c925edd7d811e1be96f0f287d7ccd2f35b
Certificate serial:       01856ECB980A7CE73BC6EBEC807188F67E51
Authority key identifier: F0:2D:21:C9:25:ED:D7:D8:11:E1:BE:96:F0:F2:87:D7:CC:D2:F3:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C0hySXt19gR4b6W8PKH18zS81s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/o0hgdl5wumgjhv_W04qkWbsRMGE.roa
Signing time:             Sun 01 Jan 2023 19:25:14 +0000
ROA not before:           Sun 01 Jan 2023 19:25:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.20.4.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:cb:98:0a:7c:e7:3b:c6:eb:ec:80:71:88:f6:7e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02d21c925edd7d811e1be96f0f287d7ccd2f35b
        Validity
            Not Before: Jan  1 19:25:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a34860765e70ba682386ffd6d38aa459bb113061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d9:64:63:f0:45:2b:e3:3d:37:78:00:dc:06:
                    3f:59:7d:34:1c:40:9b:62:49:23:8c:59:da:f1:77:
                    fd:1a:34:90:a6:48:d3:9c:c7:5b:d9:65:59:40:4f:
                    39:eb:2f:88:01:0c:09:fc:ac:a9:2b:5f:98:91:83:
                    55:94:4c:b1:84:56:66:26:e2:9d:a3:82:12:59:51:
                    8c:83:a0:64:23:a6:16:79:d9:bd:dd:43:89:cc:b7:
                    c8:6d:e1:93:be:36:e6:e7:9f:09:22:01:ce:c4:87:
                    42:d3:5b:96:42:d4:50:a2:1e:b9:d6:e6:ca:fd:48:
                    99:d5:7e:01:00:89:98:f7:bd:5c:7f:dd:f3:1f:6c:
                    38:97:95:85:d0:6a:29:7a:4e:11:65:f6:50:7f:ef:
                    1c:23:05:de:59:35:be:a9:7b:76:67:82:1b:b8:09:
                    41:b4:83:bf:ed:98:74:73:57:44:fc:09:1d:6d:8d:
                    0e:cd:c2:28:2c:89:20:f6:69:ab:7d:79:6c:aa:30:
                    e9:52:52:50:c6:98:d4:28:63:6e:a3:f7:03:55:44:
                    bf:67:fd:23:25:a8:1c:b9:f7:6b:7c:5f:7e:e0:0d:
                    32:0f:41:6d:26:ae:25:32:ef:ad:f5:b9:41:cb:3e:
                    61:1f:cc:45:3f:69:76:12:70:6f:2e:f4:20:0e:da:
                    6f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:48:60:76:5E:70:BA:68:23:86:FF:D6:D3:8A:A4:59:BB:11:30:61
            X509v3 Authority Key Identifier:
                keyid:F0:2D:21:C9:25:ED:D7:D8:11:E1:BE:96:F0:F2:87:D7:CC:D2:F3:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C0hySXt19gR4b6W8PKH18zS81s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/o0hgdl5wumgjhv_W04qkWbsRMGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/8C0hySXt19gR4b6W8PKH18zS81s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.20.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:d0:08:0f:89:80:3a:6e:08:0a:6c:f3:24:25:ba:7d:96:cc:
         0d:bb:f3:38:37:71:06:36:e6:f9:4a:a0:16:0f:d4:73:3e:6c:
         40:a0:dc:e9:02:2b:1c:f2:b4:4b:86:0c:5c:fe:fa:7f:c6:30:
         52:2a:33:cd:51:28:68:d6:6a:fc:f0:d4:d3:68:d6:e8:96:4d:
         84:8c:3a:71:a3:21:6a:92:7f:38:93:f2:0d:db:85:96:c3:71:
         d4:06:71:9f:59:04:35:35:d3:ad:47:c1:5e:f8:fb:fa:2c:0c:
         fc:07:e1:da:35:ed:e7:26:db:5e:7a:7d:31:0f:3a:2d:e0:7e:
         af:35:bb:df:12:bc:bc:cc:2c:3d:c9:7c:95:ba:3d:0c:02:a4:
         c2:5f:53:10:d2:8d:c8:84:d1:d8:af:ad:a0:ec:43:a1:2e:9c:
         55:79:88:cc:49:4f:de:7a:82:94:41:15:fc:85:18:19:71:71:
         ee:58:be:b3:d7:93:f5:1e:f1:05:56:f9:59:b8:aa:e0:60:b2:
         49:d2:bc:0c:8d:5d:1b:10:f7:77:d5:d1:99:49:f2:0a:f3:08:
         2d:2f:23:62:5b:89:b4:ad:1e:ab:a1:76:70:6c:7c:61:1b:17:
         5b:93:d8:6a:08:38:9f:d3:cf:c1:a6:a1:cc:b7:48:22:67:4f:
         71:be:11:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy5gKfOc7xuvsgHGI9n5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmQyMWM5MjVlZGQ3ZDgxMWUxYmU5NmYwZjI4N2Q3Y2Nk
MmYzNWIwHhcNMjMwMTAxMTkyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ4NjA3NjVlNzBiYTY4MjM4NmZmZDZkMzhhYTQ1OWJiMTEzMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dlkY/BFK+M9N3gA3AY/WX00HECb
YkkjjFna8Xf9GjSQpkjTnMdb2WVZQE856y+IAQwJ/KypK1+YkYNVlEyxhFZmJuKd
o4ISWVGMg6BkI6YWedm93UOJzLfIbeGTvjbm558JIgHOxIdC01uWQtRQoh651ubK
/UiZ1X4BAImY971cf93zH2w4l5WF0Gopek4RZfZQf+8cIwXeWTW+qXt2Z4IbuAlB
tIO/7Zh0c1dE/AkdbY0OzcIoLIkg9mmrfXlsqjDpUlJQxpjUKGNuo/cDVUS/Z/0j
JagcufdrfF9+4A0yD0FtJq4lMu+t9blByz5hH8xFP2l2EnBvLvQgDtpvTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNIYHZecLpoI4b/1tOKpFm7ETBhMB8GA1UdIwQY
MBaAFPAtIckl7dfYEeG+lvDyh9fM0vNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMwaHlTWHQxOWdSNGI2VzhQS0gxOHpTODFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yZWU3OGYtMDJlYS00NmViLWI1Mjkt
NDM5ZDBkYTZhMjZlLzEvbzBoZ2RsNXd1bWdqaHZfVzA0cWtXYnNSTUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yZWU3OGYtMDJlYS00NmViLWI1MjktNDM5ZDBkYTZhMjZl
LzEvOEMwaHlTWHQxOWdSNGI2VzhQS0gxOHpTODFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRQEMA0G
CSqGSIb3DQEBCwUAA4IBAQBP0AgPiYA6bggKbPMkJbp9lswNu/M4N3EGNub5SqAW
D9RzPmxAoNzpAisc8rRLhgxc/vp/xjBSKjPNUSho1mr88NTTaNbolk2EjDpxoyFq
kn84k/IN24WWw3HUBnGfWQQ1NdOtR8Fe+Pv6LAz8B+HaNe3nJtteen0xDzot4H6v
NbvfEry8zCw9yXyVuj0MAqTCX1MQ0o3IhNHYr62g7EOhLpxVeYjMSU/eeoKUQRX8
hRgZcXHuWL6z15P1HvEFVvlZuKrgYLJJ0rwMjV0bEPd31dGZSfIK8wgtLyNiW4m0
rR6roXZwbHxhGxdbk9hqCDif08/BpqHMt0giZ09xvhHv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:45 2024 by rpki-client on console-fra.rpki-client.org