Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f5f0ca-2df8-430f-aea7-5de67c61298e/1/SzX7zUw9bOicBM18SGHosj7cHcI.roa
File:                     SzX7zUw9bOicBM18SGHosj7cHcI.roa (raw, json)
Hash identifier:          gXvv3dtS/E4p0DNplyOZKvuPkObwnlvpVKLHiYxVA1k=
Subject key identifier:   4B:35:FB:CD:4C:3D:6C:E8:9C:04:CD:7C:48:61:E8:B2:3E:DC:1D:C2
Certificate issuer:       /CN=b0a371c5831db97063e0cc04bce0b4e9b0066ccd
Certificate serial:       01856F39108440248B522F56223FA4609045
Authority key identifier: B0:A3:71:C5:83:1D:B9:70:63:E0:CC:04:BC:E0:B4:E9:B0:06:6C:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sKNxxYMduXBj4MwEvOC06bAGbM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/f5f0ca-2df8-430f-aea7-5de67c61298e/1/SzX7zUw9bOicBM18SGHosj7cHcI.roa
Signing time:             Sun 01 Jan 2023 21:24:48 +0000
ROA not before:           Sun 01 Jan 2023 21:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        93.177.107.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:10:84:40:24:8b:52:2f:56:22:3f:a4:60:90:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0a371c5831db97063e0cc04bce0b4e9b0066ccd
        Validity
            Not Before: Jan  1 21:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b35fbcd4c3d6ce89c04cd7c4861e8b23edc1dc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ad:aa:2b:90:c9:30:2f:d0:42:06:f2:09:24:
                    8a:f4:7c:50:7a:5d:bd:b5:11:4d:f9:c5:5b:3c:74:
                    9b:ef:2b:06:d6:45:0c:c1:dd:22:ba:c6:8f:14:60:
                    a6:c4:4a:9b:68:4f:42:1a:5f:28:80:02:0f:8b:e3:
                    ed:e3:94:12:27:2d:8b:2e:c8:1b:ad:c6:ac:c0:e6:
                    00:d1:17:0c:98:5b:d2:96:2f:f7:9b:d3:ee:1c:78:
                    5f:db:96:e4:05:3d:00:04:c9:1e:e6:12:d0:94:96:
                    a4:df:9f:d6:c7:92:48:5e:c2:86:8c:10:33:ee:b8:
                    0e:32:34:a8:b6:00:6c:ef:d2:18:eb:71:20:af:5e:
                    ef:f6:bd:c9:d1:3b:44:d1:9e:01:9d:2f:af:e3:b1:
                    fa:21:9a:30:b2:a1:83:8a:1e:e3:b7:76:01:fe:09:
                    d6:f2:f0:da:b2:97:a8:e5:f3:73:eb:c9:67:a0:1e:
                    61:89:99:8e:79:1c:6e:1d:a8:04:ac:09:c8:e1:dd:
                    2e:6f:90:62:6b:35:b0:29:78:bd:a1:27:9f:08:8a:
                    7d:84:03:cc:e6:5b:f5:4e:e9:96:83:b8:98:07:13:
                    4f:6a:71:16:a0:43:85:50:15:31:45:3a:95:a4:ad:
                    a3:23:b4:2b:c0:f0:9b:95:04:82:66:2f:c8:4d:ad:
                    bf:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:35:FB:CD:4C:3D:6C:E8:9C:04:CD:7C:48:61:E8:B2:3E:DC:1D:C2
            X509v3 Authority Key Identifier:
                keyid:B0:A3:71:C5:83:1D:B9:70:63:E0:CC:04:BC:E0:B4:E9:B0:06:6C:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sKNxxYMduXBj4MwEvOC06bAGbM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f5f0ca-2df8-430f-aea7-5de67c61298e/1/SzX7zUw9bOicBM18SGHosj7cHcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f5f0ca-2df8-430f-aea7-5de67c61298e/1/sKNxxYMduXBj4MwEvOC06bAGbM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.177.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:e0:81:d4:90:c5:b7:70:6c:bc:1c:c8:d6:c1:5a:b5:94:14:
         30:97:ea:c5:36:03:84:f5:8b:9a:6a:c9:28:bd:1a:10:0c:95:
         0e:45:d1:05:cd:14:11:ee:ea:9e:91:a1:5b:e4:8c:e5:5f:84:
         87:74:3c:bf:67:09:bf:b1:8f:17:5f:4b:d9:4e:bc:de:54:fb:
         53:98:20:c0:56:d6:e5:f5:90:23:41:33:cc:c0:cb:59:aa:a6:
         de:08:c8:b1:ac:a4:49:e4:28:ce:18:fb:6f:db:4a:24:33:87:
         ab:35:92:3d:f9:47:e7:5c:36:0e:b2:5a:96:66:67:4e:3e:e7:
         5c:11:89:1d:9d:74:55:23:30:4d:a7:83:0b:3e:ad:2f:15:d0:
         db:99:fe:f9:4e:d2:15:4a:be:9b:1d:08:07:97:cb:31:14:f5:
         d7:7e:c3:43:0a:17:82:08:b5:ef:1b:67:46:c5:af:75:3a:76:
         d7:43:bb:65:cb:f6:2e:6c:ce:d4:36:41:f4:7c:11:3f:03:2d:
         5c:7e:ee:40:92:16:f4:4e:c9:49:b8:c9:44:8e:c5:16:3d:12:
         04:96:24:11:9a:39:50:cb:9d:48:4e:ec:e4:49:a3:38:98:94:
         a0:bd:64:79:66:57:1e:f0:5e:4f:4a:72:96:c1:79:3f:1e:cf:
         ab:47:0e:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvORCEQCSLUi9WIj+kYJBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYTM3MWM1ODMxZGI5NzA2M2UwY2MwNGJjZTBiNGU5YjAw
NjZjY2QwHhcNMjMwMTAxMjEyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM1ZmJjZDRjM2Q2Y2U4OWMwNGNkN2M0ODYxZThiMjNlZGMxZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq2qK5DJMC/QQgbyCSSK9HxQel29
tRFN+cVbPHSb7ysG1kUMwd0iusaPFGCmxEqbaE9CGl8ogAIPi+Pt45QSJy2LLsgb
rcaswOYA0RcMmFvSli/3m9PuHHhf25bkBT0ABMke5hLQlJak35/Wx5JIXsKGjBAz
7rgOMjSotgBs79IY63Egr17v9r3J0TtE0Z4BnS+v47H6IZowsqGDih7jt3YB/gnW
8vDaspeo5fNz68lnoB5hiZmOeRxuHagErAnI4d0ub5BiazWwKXi9oSefCIp9hAPM
5lv1TumWg7iYBxNPanEWoEOFUBUxRTqVpK2jI7QrwPCblQSCZi/ITa2/mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEs1+81MPWzonATNfEhh6LI+3B3CMB8GA1UdIwQY
MBaAFLCjccWDHblwY+DMBLzgtOmwBmzNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tOeHhZTWR1WEJqNE13RXZPQzA2YkFHYk0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNWYwY2EtMmRmOC00MzBmLWFlYTct
NWRlNjdjNjEyOThlLzEvU3pYN3pVdzliT2ljQk0xOFNHSG9zajdjSGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNWYwY2EtMmRmOC00MzBmLWFlYTctNWRlNjdjNjEyOThl
LzEvc0tOeHhZTWR1WEJqNE13RXZPQzA2YkFHYk0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbFrMA0G
CSqGSIb3DQEBCwUAA4IBAQC04IHUkMW3cGy8HMjWwVq1lBQwl+rFNgOE9Yuaasko
vRoQDJUORdEFzRQR7uqekaFb5IzlX4SHdDy/Zwm/sY8XX0vZTrzeVPtTmCDAVtbl
9ZAjQTPMwMtZqqbeCMixrKRJ5CjOGPtv20okM4erNZI9+UfnXDYOslqWZmdOPudc
EYkdnXRVIzBNp4MLPq0vFdDbmf75TtIVSr6bHQgHl8sxFPXXfsNDCheCCLXvG2dG
xa91OnbXQ7tly/YubM7UNkH0fBE/Ay1cfu5Akhb0TslJuMlEjsUWPRIEliQRmjlQ
y51ITuzkSaM4mJSgvWR5Zlce8F5PSnKWwXk/Hs+rRw7r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org