Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/1-s2Vqe7NExa-YkdBFL-FhT-Rwng.roa
File:                     1-s2Vqe7NExa-YkdBFL-FhT-Rwng.roa (raw, json)
Hash identifier:          4d/h1juVRPKG5I/OezCV9G/i2ODXSdrfYBEGPl9ojlE=
Subject key identifier:   FA:CD:95:A9:EE:CD:13:16:BE:62:47:41:14:BF:85:85:3F:91:C2:78
Certificate issuer:       /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial:       045E34F0
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/1-s2Vqe7NExa-YkdBFL-FhT-Rwng.roa
Signing time:             Tue 04 Jan 2022 15:57:33 +0000
ROA not before:           Tue 04 Jan 2022 15:57:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212815
IP address blocks:        85.237.200.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73282800 (0x45e34f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
        Validity
            Not Before: Jan  4 15:57:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=facd95a9eecd1316be62474114bf85853f91c278
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c4:77:48:93:cf:3d:66:6f:7e:8b:e4:7d:26:
                    25:ce:a3:16:e4:bd:49:83:67:45:45:b1:4a:88:0c:
                    91:0d:d6:51:ae:92:b6:38:fc:4d:a7:61:ea:a5:50:
                    12:31:2d:44:14:8a:29:05:43:99:a2:67:49:b4:bc:
                    e7:c1:7d:74:f0:11:3a:42:72:73:83:63:d7:c8:13:
                    fd:5b:64:54:63:ca:3e:1c:48:c3:7a:6f:cb:51:b7:
                    38:65:b5:c5:84:c5:8c:59:36:02:4e:c3:aa:70:34:
                    b3:c6:b5:a2:c7:f4:24:65:19:e5:c8:a3:a8:94:3e:
                    46:e8:00:ff:fe:2c:2a:44:8f:7a:be:9d:d8:15:db:
                    b5:bb:38:d5:49:70:3c:fe:98:a3:ae:1b:08:92:96:
                    c2:7b:ef:d3:15:9a:72:d3:23:8e:10:69:59:23:eb:
                    c2:e3:79:62:64:0b:c4:6b:83:eb:07:ec:41:2d:7b:
                    6e:12:52:40:34:77:cf:f3:f4:a9:9e:af:4f:bb:2c:
                    f7:8d:d9:04:6f:68:c9:64:b6:d6:2c:fb:ca:81:8c:
                    7c:0f:78:95:78:7e:c3:43:af:24:be:26:a2:39:40:
                    f5:43:0a:04:7d:b3:5d:16:cd:f2:a6:ae:6c:1e:60:
                    42:3d:17:a0:42:da:49:c4:ba:2f:e9:a2:01:92:e4:
                    1b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:CD:95:A9:EE:CD:13:16:BE:62:47:41:14:BF:85:85:3F:91:C2:78
            X509v3 Authority Key Identifier:
                keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/1-s2Vqe7NExa-YkdBFL-FhT-Rwng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:d0:be:ab:15:07:5d:47:2f:5e:65:b9:91:31:61:4c:9b:1e:
         b4:29:c8:de:82:2d:f0:2f:95:80:c1:80:92:9d:45:3d:ab:25:
         dd:44:66:6f:98:e8:b5:8f:d1:04:13:dd:e2:76:21:0b:5f:bf:
         66:f5:23:12:78:12:3c:35:2c:05:72:bc:91:8e:c7:dd:7c:12:
         0f:9f:39:36:49:16:94:fa:a4:38:43:df:b6:77:c5:47:9a:90:
         37:37:43:c3:02:59:9b:ab:5c:0c:e9:5c:2b:a2:5c:09:f5:62:
         94:4c:79:d9:96:6d:31:ad:52:1d:6e:1a:90:0c:bc:23:61:9f:
         dc:fb:79:0a:8e:4a:e5:f6:ba:7c:35:a4:4b:31:53:23:42:1b:
         c2:ac:c6:68:7c:cb:5f:44:88:62:d1:95:1c:ca:bc:dd:b4:97:
         10:73:19:fd:76:80:6e:ca:19:6c:a7:1e:ac:d9:1d:fe:d0:d8:
         02:93:7a:8e:a7:76:da:ad:a2:8a:73:b0:3a:c1:de:23:05:d6:
         73:f1:07:22:c2:5b:7d:5c:3f:6d:29:a9:7e:3e:1f:da:86:b4:
         e6:d6:5a:ad:8d:1c:19:2e:92:6b:12:fd:f3:7f:87:3e:d8:e1:
         6a:9b:6d:8b:ad:b8:b3:6c:be:0d:88:20:90:d7:2c:7b:75:70:
         b1:b8:12:a4
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBF408DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTBiNjczNjhjOTFiODVlODQ4ODhjNWVkMmU4MjRkMTM5MDgxMGJiMB4XDTIyMDEw
NDE1NTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFjZDk1YTllZWNk
MTMxNmJlNjI0NzQxMTRiZjg1ODUzZjkxYzI3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODEd0iTzz1mb36L5H0mJc6jFuS9SYNnRUWxSogMkQ3WUa6S
tjj8Tadh6qVQEjEtRBSKKQVDmaJnSbS858F9dPAROkJyc4Nj18gT/VtkVGPKPhxI
w3pvy1G3OGW1xYTFjFk2Ak7DqnA0s8a1osf0JGUZ5cijqJQ+RugA//4sKkSPer6d
2BXbtbs41UlwPP6Yo64bCJKWwnvv0xWactMjjhBpWSPrwuN5YmQLxGuD6wfsQS17
bhJSQDR3z/P0qZ6vT7ss943ZBG9oyWS21iz7yoGMfA94lXh+w0OvJL4mojlA9UMK
BH2zXRbN8qaubB5gQj0XoELaScS6L+miAZLkG8MCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6zZWp7s0TFr5iR0EUv4WFP5HCeDAfBgNVHSMEGDAWgBQ5C2c2jJG4XoSI
jF7S6CTROQgQuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RdG5Ob3lSdUY2RWlJeGUwdWdrMFRrSUVMcy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8x
LzEtczJWcWU3TkV4YS1Za2RCRkwtRmhULVJ3bmcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUy
LzE2Y2NlNC1lOTgxLTRiZTUtYjlmNi01YzlkNjI2MjljODYvMS9PUXRuTm95UnVG
NkVpSXhlMHVnazBUa0lFTHMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7cgwDQYJKoZIhvcNAQELBQAD
ggEBAInQvqsVB11HL15luZExYUybHrQpyN6CLfAvlYDBgJKdRT2rJd1EZm+Y6LWP
0QQT3eJ2IQtfv2b1IxJ4Ejw1LAVyvJGOx918Eg+fOTZJFpT6pDhD37Z3xUeakDc3
Q8MCWZurXAzpXCuiXAn1YpRMedmWbTGtUh1uGpAMvCNhn9z7eQqOSuX2unw1pEsx
UyNCG8Ksxmh8y19EiGLRlRzKvN20lxBzGf12gG7KGWynHqzZHf7Q2AKTeo6ndtqt
oopzsDrB3iMF1nPxByLCW31cP20pqX4+H9qGtObWWq2NHBkukmsS/fN/hz7Y4Wqb
bYutuLNsvg2IIJDXLHt1cLG4EqQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org