Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/82AZ5pb2GOKZ-LCk-yijwAaUf14.roa
File:                     82AZ5pb2GOKZ-LCk-yijwAaUf14.roa (raw, json)
Hash identifier:          15aEinhz85MxhI4jvUO67Xj/YwigsrnFnkmP3+dzmMY=
Subject key identifier:   F3:60:19:E6:96:F6:18:E2:99:F8:B0:A4:FB:28:A3:C0:06:94:7F:5E
Certificate issuer:       /CN=1bf38b6d12023ef8700a9102f94ada3361e73e03
Certificate serial:       018635456F1DA2647E8390DFDB935FBDF30A
Authority key identifier: 1B:F3:8B:6D:12:02:3E:F8:70:0A:91:02:F9:4A:DA:33:61:E7:3E:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G_OLbRICPvhwCpEC-UraM2HnPgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/82AZ5pb2GOKZ-LCk-yijwAaUf14.roa
Signing time:             Thu 09 Feb 2023 08:23:08 +0000
ROA not before:           Thu 09 Feb 2023 08:23:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        193.163.85.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:35:45:6f:1d:a2:64:7e:83:90:df:db:93:5f:bd:f3:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bf38b6d12023ef8700a9102f94ada3361e73e03
        Validity
            Not Before: Feb  9 08:23:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f36019e696f618e299f8b0a4fb28a3c006947f5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cd:95:21:4a:26:1a:8e:ef:b4:da:35:6c:46:
                    a0:4c:be:44:50:e7:e6:b5:7e:1d:9d:fa:b2:5a:b9:
                    44:3d:92:58:bc:ba:8c:31:78:9c:90:db:ae:a5:ae:
                    8d:47:58:18:7d:a2:20:39:e8:e9:26:df:2f:4f:92:
                    c1:63:20:e7:da:b0:40:9b:1e:b4:cc:3b:35:db:c1:
                    ac:6e:eb:68:4f:22:2e:af:48:d4:d2:e3:78:e1:4a:
                    b4:14:64:44:6c:02:02:b4:da:57:78:5e:da:5d:bf:
                    3a:b4:1a:09:a1:44:1d:ac:22:57:29:2a:05:e9:a9:
                    9d:83:f6:f2:f6:5b:a9:81:fc:9a:ae:cf:ad:c0:de:
                    74:84:88:f7:ae:d3:04:6e:a8:94:f1:aa:95:15:22:
                    74:4a:ab:f8:99:98:64:ce:95:a9:00:94:16:e2:74:
                    9d:f3:28:a6:19:53:58:5d:02:28:b9:14:9e:11:68:
                    95:f8:58:56:0f:49:38:ac:b7:3b:c1:4b:92:61:06:
                    af:6c:ce:3b:5b:cc:75:a3:68:8b:be:db:75:98:aa:
                    14:4a:e8:29:5b:e2:57:84:dd:7d:6b:0d:de:fe:9d:
                    40:c9:1c:f2:cc:ce:9a:c5:3c:e8:37:c2:6c:51:49:
                    f9:b5:d7:b3:fa:ce:72:b9:7e:25:e5:ba:da:2b:40:
                    c7:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:60:19:E6:96:F6:18:E2:99:F8:B0:A4:FB:28:A3:C0:06:94:7F:5E
            X509v3 Authority Key Identifier:
                keyid:1B:F3:8B:6D:12:02:3E:F8:70:0A:91:02:F9:4A:DA:33:61:E7:3E:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_OLbRICPvhwCpEC-UraM2HnPgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/82AZ5pb2GOKZ-LCk-yijwAaUf14.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/G_OLbRICPvhwCpEC-UraM2HnPgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.163.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:c3:2c:65:32:8c:f5:d9:10:c7:03:94:fd:63:20:6c:66:cf:
         6b:cb:50:07:68:9a:62:a5:f9:c7:56:6b:c1:94:d1:d7:f4:57:
         61:b8:ee:ba:59:51:f9:1c:12:a0:9a:77:3a:20:1d:3c:1d:3b:
         49:54:a8:27:5f:96:08:bd:47:6b:ae:49:80:38:e6:cd:74:b4:
         66:40:c0:2a:f4:8d:91:28:53:08:77:78:92:63:2c:8a:4b:72:
         97:18:a3:86:d4:c8:e0:30:58:b5:33:ac:2c:34:bf:d5:d2:ce:
         b3:93:5a:1e:8c:da:9e:c4:ec:83:f0:f9:a0:90:9f:fb:db:c1:
         93:63:c6:5a:07:2b:b4:34:ee:10:c7:5c:0b:d8:9a:a6:ee:c7:
         bb:be:ef:73:f4:3a:a1:a5:18:ee:26:35:57:71:d6:c6:fe:0a:
         c8:8b:4a:8b:5f:aa:2c:1e:1a:e7:f0:a6:e4:54:22:0e:5d:1a:
         de:cf:02:b2:d0:80:54:07:e7:15:c1:0d:04:e4:b3:14:32:90:
         b2:13:9d:81:4f:7f:d8:0e:ce:b2:fd:14:9c:3f:3f:90:ec:78:
         6c:b6:26:44:58:2b:f4:f5:82:5c:6e:81:10:ec:96:8b:4c:c4:
         07:d9:9c:5b:ee:77:04:02:8e:17:e4:32:5c:e7:1c:c3:56:0b:
         36:35:5a:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY1RW8domR+g5Df25NfvfMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjM4YjZkMTIwMjNlZjg3MDBhOTEwMmY5NGFkYTMzNjFl
NzNlMDMwHhcNMjMwMjA5MDgyMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzYwMTllNjk2ZjYxOGUyOTlmOGIwYTRmYjI4YTNjMDA2OTQ3ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq82VIUomGo7vtNo1bEagTL5EUOfm
tX4dnfqyWrlEPZJYvLqMMXickNuupa6NR1gYfaIgOejpJt8vT5LBYyDn2rBAmx60
zDs128GsbutoTyIur0jU0uN44Uq0FGREbAICtNpXeF7aXb86tBoJoUQdrCJXKSoF
6amdg/by9lupgfyars+twN50hIj3rtMEbqiU8aqVFSJ0Sqv4mZhkzpWpAJQW4nSd
8yimGVNYXQIouRSeEWiV+FhWD0k4rLc7wUuSYQavbM47W8x1o2iLvtt1mKoUSugp
W+JXhN19aw3e/p1AyRzyzM6axTzoN8JsUUn5tdez+s5yuX4l5braK0DH0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNgGeaW9hjimfiwpPsoo8AGlH9eMB8GA1UdIwQY
MBaAFBvzi20SAj74cAqRAvlK2jNh5z4DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19PTGJSSUNQdmh3Q3BFQy1VcmFNMkhuUGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85MTlkNzUtODg1ZS00YmU0LTlkOGYt
ZDI4NWNhOWNiZTE2LzEvODJBWjVwYjJHT0taLUxDay15aWp3QWFVZjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85MTlkNzUtODg1ZS00YmU0LTlkOGYtZDI4NWNhOWNiZTE2
LzEvR19PTGJSSUNQdmh3Q3BFQy1VcmFNMkhuUGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBbwyxlMoz12RDHA5T9YyBsZs9ry1AHaJpipfnHVmvB
lNHX9FdhuO66WVH5HBKgmnc6IB08HTtJVKgnX5YIvUdrrkmAOObNdLRmQMAq9I2R
KFMId3iSYyyKS3KXGKOG1MjgMFi1M6wsNL/V0s6zk1oejNqexOyD8PmgkJ/728GT
Y8ZaByu0NO4Qx1wL2Jqm7se7vu9z9DqhpRjuJjVXcdbG/grIi0qLX6osHhrn8Kbk
VCIOXRrezwKy0IBUB+cVwQ0E5LMUMpCyE52BT3/YDs6y/RScPz+Q7HhstiZEWCv0
9YJcboEQ7JaLTMQH2Zxb7ncEAo4X5DJc5xzDVgs2NVq9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:38 2025 by rpki-client