Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/237146-f85c-42bb-b3e5-9deb04216273/1/JcfoULxL_vkGcwD047Dqz-ZmP4s.roa
File:                     JcfoULxL_vkGcwD047Dqz-ZmP4s.roa (raw, json)
Hash identifier:          2iFQ2Aj1uHu7OKkwFJOTne5ycRqDYWr9vIIEkO9PLI0=
Subject key identifier:   25:C7:E8:50:BC:4B:FE:F9:06:73:00:F4:E3:B0:EA:CF:E6:66:3F:8B
Certificate issuer:       /CN=0d01db542317430414757aacb093fd72069192b1
Certificate serial:       0886642C
Authority key identifier: 0D:01:DB:54:23:17:43:04:14:75:7A:AC:B0:93:FD:72:06:91:92:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQHbVCMXQwQUdXqssJP9cgaRkrE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/237146-f85c-42bb-b3e5-9deb04216273/1/JcfoULxL_vkGcwD047Dqz-ZmP4s.roa
Signing time:             Sat 01 Jan 2022 09:57:56 +0000
ROA not before:           Sat 01 Jan 2022 09:57:56 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35625
IP address blocks:        94.158.180.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143025196 (0x886642c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d01db542317430414757aacb093fd72069192b1
        Validity
            Not Before: Jan  1 09:57:56 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=25c7e850bc4bfef9067300f4e3b0eacfe6663f8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a3:d0:84:61:6e:56:e0:d3:f7:56:48:de:c5:
                    d8:c0:d3:a5:be:1d:d9:ee:b8:56:f1:60:f1:81:f0:
                    52:6a:e1:91:37:c9:d1:48:3a:da:e3:8a:be:ec:37:
                    c1:c6:7f:42:75:7a:61:b0:88:f9:77:d2:03:e3:2f:
                    5f:1f:b5:7b:14:be:a0:f7:27:73:32:02:f9:ae:0a:
                    77:1f:eb:b2:83:da:59:75:d4:61:e4:d5:a8:98:8c:
                    47:80:7d:14:5e:51:c7:c2:55:d5:0d:c2:94:f2:e2:
                    c4:11:a5:70:40:53:44:a7:b7:b1:75:10:c8:78:18:
                    69:b1:b8:5e:29:f2:6b:57:8a:01:e1:75:09:fd:ab:
                    93:d9:58:70:97:31:64:56:a1:02:a7:68:00:2a:ad:
                    2c:72:8d:e0:0f:ac:f3:03:6b:3a:87:e6:79:98:5d:
                    d0:9e:d3:85:51:f5:89:2c:0e:61:0d:25:57:d4:4d:
                    1d:1d:3e:10:be:b6:7a:1a:8f:9f:2d:6c:67:da:fa:
                    47:6d:b2:66:29:1c:c1:f2:3c:c3:04:0d:39:45:e3:
                    db:9c:9d:84:65:8b:d7:31:91:da:1a:ad:61:b6:f4:
                    5a:36:7e:15:dd:3a:b9:a9:cd:00:97:5b:72:b3:15:
                    65:ea:0b:43:ca:94:09:af:6f:8a:16:25:8e:87:0f:
                    ce:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C7:E8:50:BC:4B:FE:F9:06:73:00:F4:E3:B0:EA:CF:E6:66:3F:8B
            X509v3 Authority Key Identifier:
                keyid:0D:01:DB:54:23:17:43:04:14:75:7A:AC:B0:93:FD:72:06:91:92:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQHbVCMXQwQUdXqssJP9cgaRkrE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/237146-f85c-42bb-b3e5-9deb04216273/1/JcfoULxL_vkGcwD047Dqz-ZmP4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/237146-f85c-42bb-b3e5-9deb04216273/1/DQHbVCMXQwQUdXqssJP9cgaRkrE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.158.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:09:4c:9f:7a:2f:24:11:d2:4f:ec:29:35:8a:50:08:4f:11:
         67:38:b4:d9:83:a8:42:00:83:4c:a9:0e:4f:2b:23:e7:26:6c:
         80:0b:8a:30:07:de:42:30:91:4d:4b:cf:b0:d2:84:30:24:0d:
         82:52:fb:66:16:3f:62:29:0f:57:72:5b:32:aa:b6:dc:97:62:
         d9:ee:56:ac:34:63:e7:f9:8a:35:23:7c:6a:42:5e:f3:70:94:
         f7:35:a0:44:bd:bc:6b:12:d0:49:a1:19:60:ff:24:84:d1:ff:
         28:b9:21:bb:5c:51:ce:c0:8e:e2:10:e2:10:45:c0:d6:a5:c2:
         35:fb:eb:e7:6d:cd:d2:82:7d:f9:6f:fb:1b:52:4d:a5:b0:e1:
         63:d9:f5:8c:5f:a5:a8:3d:d5:7b:49:34:f0:ef:91:33:31:d5:
         ce:f4:ef:ea:18:06:ae:a2:1b:87:af:75:f6:0a:f8:8f:f9:5f:
         40:71:7b:ba:7e:7d:89:79:fe:79:62:94:da:e8:45:6c:8d:3c:
         ef:56:11:82:69:1f:01:5a:31:19:cc:d0:13:02:cb:60:df:7a:
         a3:82:23:9f:b6:fa:57:c4:33:83:f4:70:23:11:21:42:8a:49:
         02:26:06:b0:36:a9:6c:0a:07:a3:c5:04:09:b3:eb:7e:7f:1f:
         57:01:4b:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIZkLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDAxZGI1NDIzMTc0MzA0MTQ3NTdhYWNiMDkzZmQ3MjA2OTE5MmIxMB4XDTIyMDEw
MTA5NTc1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVjN2U4NTBiYzRi
ZmVmOTA2NzMwMGY0ZTNiMGVhY2ZlNjY2M2Y4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmj0IRhblbg0/dWSN7F2MDTpb4d2e64VvFg8YHwUmrhkTfJ
0Ug62uOKvuw3wcZ/QnV6YbCI+XfSA+MvXx+1exS+oPcnczIC+a4Kdx/rsoPaWXXU
YeTVqJiMR4B9FF5Rx8JV1Q3ClPLixBGlcEBTRKe3sXUQyHgYabG4Xinya1eKAeF1
Cf2rk9lYcJcxZFahAqdoACqtLHKN4A+s8wNrOofmeZhd0J7ThVH1iSwOYQ0lV9RN
HR0+EL62ehqPny1sZ9r6R22yZikcwfI8wwQNOUXj25ydhGWL1zGR2hqtYbb0WjZ+
Fd06uanNAJdbcrMVZeoLQ8qUCa9vihYljocPzmUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlx+hQvEv++QZzAPTjsOrP5mY/izAfBgNVHSMEGDAWgBQNAdtUIxdDBBR1
eqywk/1yBpGSsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RRSGJWQ01YUXdRVWRYcXNzSlA5Y2dhUmtyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMjM3MTQ2LWY4NWMtNDJiYi1iM2U1LTlkZWIwNDIxNjI3My8x
L0pjZm9VTHhMX3ZrR2N3RDA0N0Rxei1abVA0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MjM3MTQ2LWY4NWMtNDJiYi1iM2U1LTlkZWIwNDIxNjI3My8xL0RRSGJWQ01YUXdR
VWRYcXNzSlA5Y2dhUmtyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl6etDANBgkqhkiG9w0BAQsFAAOC
AQEAYglMn3ovJBHST+wpNYpQCE8RZzi02YOoQgCDTKkOTysj5yZsgAuKMAfeQjCR
TUvPsNKEMCQNglL7ZhY/YikPV3JbMqq23Jdi2e5WrDRj5/mKNSN8akJe83CU9zWg
RL28axLQSaEZYP8khNH/KLkhu1xRzsCO4hDiEEXA1qXCNfvr523N0oJ9+W/7G1JN
pbDhY9n1jF+lqD3Ve0k08O+RMzHVzvTv6hgGrqIbh6919gr4j/lfQHF7un59iXn+
eWKU2uhFbI0871YRgmkfAVoxGczQEwLLYN96o4Ijn7b6V8Qzg/RwIxEhQopJAiYG
sDapbAoHo8UECbPrfn8fVwFLhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:20 2024 by rpki-client on console-fra.rpki-client.org