Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/78afee-0222-4957-9b7a-6bd62a13c05f/1/jk83lAMSO1p2oc-nkWikaNobe60.roa
File:                     jk83lAMSO1p2oc-nkWikaNobe60.roa (raw, json)
Hash identifier:          BwPCArGEaReC5Wte1PN9ouEgYd4OVgSLpPP+fb+kc8E=
Subject key identifier:   8E:4F:37:94:03:12:3B:5A:76:A1:CF:A7:91:68:A4:68:DA:1B:7B:AD
Certificate issuer:       /CN=e379e81689ee551e3eadbded4d297aa8e6e5c146
Certificate serial:       019F82DD
Authority key identifier: E3:79:E8:16:89:EE:55:1E:3E:AD:BD:ED:4D:29:7A:A8:E6:E5:C1:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/43noFonuVR4-rb3tTSl6qOblwUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/78afee-0222-4957-9b7a-6bd62a13c05f/1/jk83lAMSO1p2oc-nkWikaNobe60.roa
Signing time:             Tue 22 Mar 2022 19:50:32 +0000
ROA not before:           Tue 22 Mar 2022 19:50:32 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        194.69.163.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27230941 (0x19f82dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e379e81689ee551e3eadbded4d297aa8e6e5c146
        Validity
            Not Before: Mar 22 19:50:32 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8e4f379403123b5a76a1cfa79168a468da1b7bad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3b:e7:02:68:21:52:9f:c8:90:78:77:2d:39:
                    ef:aa:da:91:7e:7e:02:29:c7:6f:fd:3a:0f:01:85:
                    ba:17:8d:0d:82:21:06:ad:84:a2:7b:4a:95:74:fd:
                    06:0d:af:77:f8:de:4b:0f:f1:8c:9b:50:c6:31:72:
                    a6:9f:f5:f3:97:a5:21:8c:87:ba:6c:30:eb:3c:12:
                    2d:0a:9a:a0:22:89:f0:41:8f:88:01:84:d6:8a:07:
                    aa:08:cf:5b:9e:67:22:44:d6:d2:71:e8:e2:01:dd:
                    58:63:fa:02:37:86:e7:dd:ef:95:81:e3:14:9d:4a:
                    a5:c3:e9:94:a3:ef:16:74:5e:b5:4c:9d:f5:34:78:
                    bc:13:9d:fa:be:5c:0e:e4:7a:7e:4a:78:39:f3:a1:
                    23:61:9e:fe:9c:c6:bf:d8:2e:f5:0f:cb:c5:16:f5:
                    60:56:f3:83:15:4a:d9:f7:00:0c:00:de:de:d9:7a:
                    e1:8e:b8:cd:8a:ee:0a:3c:c9:a0:05:86:51:4f:e8:
                    3a:a9:03:3e:59:a2:b7:b6:1c:85:54:d9:06:c2:1b:
                    a0:da:28:8b:32:76:7b:d0:5f:50:1f:27:dd:b5:57:
                    56:dd:4a:07:d0:ed:f0:37:64:a9:89:91:09:b5:06:
                    f9:56:8b:52:e2:2d:4a:30:9e:52:df:91:09:88:06:
                    1d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:4F:37:94:03:12:3B:5A:76:A1:CF:A7:91:68:A4:68:DA:1B:7B:AD
            X509v3 Authority Key Identifier:
                keyid:E3:79:E8:16:89:EE:55:1E:3E:AD:BD:ED:4D:29:7A:A8:E6:E5:C1:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43noFonuVR4-rb3tTSl6qOblwUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/78afee-0222-4957-9b7a-6bd62a13c05f/1/jk83lAMSO1p2oc-nkWikaNobe60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/78afee-0222-4957-9b7a-6bd62a13c05f/1/43noFonuVR4-rb3tTSl6qOblwUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.69.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:0d:5b:01:8a:30:ac:23:8f:58:cb:e0:2c:a9:7b:93:41:6b:
         78:da:2f:23:3a:fe:91:31:2d:a2:5e:3d:c3:d7:47:b7:8c:59:
         f4:58:dd:c9:9e:bb:87:51:cc:f2:0a:aa:2f:ae:1f:bd:d7:b7:
         eb:b9:70:50:35:68:a0:8f:72:5b:8f:ca:ff:13:83:61:2b:9f:
         62:0c:dc:98:53:68:84:a0:bc:cb:d4:05:3b:f2:da:56:ca:ea:
         9d:b7:89:85:4f:c2:55:85:f3:ca:8b:1e:6b:cb:2d:38:2d:20:
         98:55:45:0d:a8:f5:5c:44:43:21:54:00:ae:af:eb:a4:ad:b3:
         73:a6:92:3c:1a:07:76:d9:fa:22:6a:a8:be:fb:62:97:05:c7:
         80:26:05:56:0e:89:2b:88:80:24:79:d1:c3:26:55:a5:04:e7:
         af:33:01:a9:94:2c:5e:b2:3d:53:73:d3:55:a2:fa:e8:05:2d:
         20:0e:17:a6:8f:30:dd:9c:ae:e7:e1:94:ba:09:14:36:d6:0f:
         a3:5e:b2:b6:01:c4:cf:a4:e7:b8:d9:bd:f5:cc:2b:4f:04:2a:
         c7:48:19:f2:22:e4:32:5d:b7:e2:6c:b2:c2:68:5c:0a:e3:19:
         fd:46:08:f0:c2:fd:7d:7f:a8:5f:a3:5b:1f:c4:51:17:20:ba:
         35:71:49:ec
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZ+C3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Mzc5ZTgxNjg5ZWU1NTFlM2VhZGJkZWQ0ZDI5N2FhOGU2ZTVjMTQ2MB4XDTIyMDMy
MjE5NTAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU0ZjM3OTQwMzEy
M2I1YTc2YTFjZmE3OTE2OGE0NjhkYTFiN2JhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJA75wJoIVKfyJB4dy0576rakX5+AinHb/06DwGFuheNDYIh
Bq2EontKlXT9Bg2vd/jeSw/xjJtQxjFypp/185elIYyHumww6zwSLQqaoCKJ8EGP
iAGE1ooHqgjPW55nIkTW0nHo4gHdWGP6AjeG593vlYHjFJ1KpcPplKPvFnRetUyd
9TR4vBOd+r5cDuR6fkp4OfOhI2Ge/pzGv9gu9Q/LxRb1YFbzgxVK2fcADADe3tl6
4Y64zYruCjzJoAWGUU/oOqkDPlmit7YchVTZBsIboNooizJ2e9BfUB8n3bVXVt1K
B9Dt8DdkqYmRCbUG+VaLUuItSjCeUt+RCYgGHbkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOTzeUAxI7Wnahz6eRaKRo2ht7rTAfBgNVHSMEGDAWgBTjeegWie5VHj6t
ve1NKXqo5uXBRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQzbm9Gb251VlI0LXJiM3RUU2w2cU9ibHdVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvNzhhZmVlLTAyMjItNDk1Ny05YjdhLTZiZDYyYTEzYzA1Zi8x
L2prODNsQU1TTzFwMm9jLW5rV2lrYU5vYmU2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
NzhhZmVlLTAyMjItNDk1Ny05YjdhLTZiZDYyYTEzYzA1Zi8xLzQzbm9Gb251VlI0
LXJiM3RUU2w2cU9ibHdVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJFozANBgkqhkiG9w0BAQsFAAOC
AQEAmg1bAYowrCOPWMvgLKl7k0FreNovIzr+kTEtol49w9dHt4xZ9FjdyZ67h1HM
8gqqL64fvde367lwUDVooI9yW4/K/xODYSufYgzcmFNohKC8y9QFO/LaVsrqnbeJ
hU/CVYXzyosea8stOC0gmFVFDaj1XERDIVQArq/rpK2zc6aSPBoHdtn6Imqovvti
lwXHgCYFVg6JK4iAJHnRwyZVpQTnrzMBqZQsXrI9U3PTVaL66AUtIA4Xpo8w3Zyu
5+GUugkUNtYPo16ytgHEz6TnuNm99cwrTwQqx0gZ8iLkMl234myywmhcCuMZ/UYI
8ML9fX+oX6NbH8RRFyC6NXFJ7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:01 2024 by rpki-client on console-fra.rpki-client.org