Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/27fNlT0tm_jfRD8dxpaMjcx7M08.roa
File:                     27fNlT0tm_jfRD8dxpaMjcx7M08.roa (raw, json)
Hash identifier:          YxDVoMwm6zM8WQwsMKjLeJA0fwwpB2fYCK9WNTxmEkI=
Subject key identifier:   DB:B7:CD:95:3D:2D:9B:F8:DF:44:3F:1D:C6:96:8C:8D:CC:7B:33:4F
Certificate issuer:       /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial:       018571DEA3ACED56CA129ADDF37014413AC5
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/27fNlT0tm_jfRD8dxpaMjcx7M08.roa
Signing time:             Mon 02 Jan 2023 09:44:54 +0000
ROA not before:           Mon 02 Jan 2023 09:44:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400040
IP address blocks:        193.109.192.0/24 maxlen: 24
                          85.237.197.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:de:a3:ac:ed:56:ca:12:9a:dd:f3:70:14:41:3a:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
        Validity
            Not Before: Jan  2 09:44:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dbb7cd953d2d9bf8df443f1dc6968c8dcc7b334f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:65:28:83:e2:af:4a:55:7f:1e:b8:c7:55:51:
                    ae:d5:f8:96:93:c7:4f:66:ec:46:c4:1b:84:c8:32:
                    16:4f:5b:8b:51:b5:b3:b4:42:c0:2e:c4:8b:15:f2:
                    60:ff:90:f1:ce:d0:b3:17:c4:7c:91:6a:c3:e3:10:
                    f9:92:b5:bc:bd:d0:32:82:b1:69:b9:29:67:88:a3:
                    8a:1e:4c:54:6c:90:8f:e5:32:5c:63:f9:19:a9:dd:
                    b3:f6:62:45:9b:7e:88:b9:64:83:ed:77:e7:75:56:
                    41:4f:de:c1:89:47:1a:5f:56:67:41:20:2e:ae:35:
                    a4:82:a3:1a:b6:f7:d7:60:60:36:84:8a:cd:87:ef:
                    b6:46:aa:23:dd:ef:c4:ad:0f:f2:92:9e:b5:7a:2e:
                    9a:26:7c:be:b9:97:ae:6a:76:3d:2d:be:54:09:cf:
                    60:fc:20:28:86:14:60:d0:7c:10:9a:0e:c2:a4:5e:
                    f7:91:c8:c5:db:17:43:e8:9c:bc:23:ae:cc:d0:28:
                    1d:a9:8e:22:38:58:35:58:8f:5f:98:c9:84:d9:e8:
                    32:4b:ba:46:bb:0d:35:61:7e:81:0d:2e:c1:27:04:
                    71:61:6f:53:14:7e:af:52:c7:db:06:72:1f:5b:42:
                    11:50:10:8c:55:87:3b:f4:62:ad:53:90:32:a8:dc:
                    cf:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:B7:CD:95:3D:2D:9B:F8:DF:44:3F:1D:C6:96:8C:8D:CC:7B:33:4F
            X509v3 Authority Key Identifier:
                keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/27fNlT0tm_jfRD8dxpaMjcx7M08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.197.0/24
                  193.109.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:73:75:5b:1e:4f:c0:7f:bb:f8:fd:af:0d:43:5d:b5:26:7d:
         0c:6f:8b:f8:5a:8b:bd:05:58:b5:54:f5:67:1a:08:77:87:83:
         27:92:a2:6a:10:e9:d2:f1:54:59:58:a0:34:c4:a5:8d:63:94:
         e7:3e:0f:23:ea:7a:a4:77:74:f3:be:47:80:1f:d2:f8:26:30:
         28:65:92:88:0a:5e:44:08:d0:06:50:f8:72:e3:2c:42:d1:43:
         6c:97:14:7a:f1:41:6c:22:9e:1f:51:0b:75:2f:dc:e0:e4:89:
         ac:6a:2f:ba:41:54:83:b6:6e:8f:ec:a9:2a:65:51:27:9b:ba:
         02:76:37:b4:a6:d6:9b:8b:3d:b6:fe:97:e0:2f:17:1e:b3:60:
         59:2d:ef:90:9c:de:b3:fd:6e:68:9c:48:09:38:d3:2b:af:81:
         60:39:89:a9:e3:9a:ff:97:ad:b8:86:08:74:8d:99:c9:a1:d9:
         ef:35:74:3f:59:9c:13:7b:0f:67:fe:ed:f9:f7:66:74:b0:9c:
         ad:12:40:7a:8e:ea:49:8a:d5:20:99:09:05:d7:28:f6:a9:e9:
         c1:a0:c1:be:ce:91:63:a5:2d:37:83:da:47:af:c3:7a:19:01:
         e7:28:47:85:0e:33:eb:c5:18:6b:87:df:be:2d:8c:9f:86:e9:
         18:c6:db:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3qOs7VbKEprd83AUQTrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI3Y2Q5NTNkMmQ5YmY4ZGY0NDNmMWRjNjk2OGM4ZGNjN2IzMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWUog+KvSlV/HrjHVVGu1fiWk8dP
ZuxGxBuEyDIWT1uLUbWztELALsSLFfJg/5DxztCzF8R8kWrD4xD5krW8vdAygrFp
uSlniKOKHkxUbJCP5TJcY/kZqd2z9mJFm36IuWSD7XfndVZBT97BiUcaX1ZnQSAu
rjWkgqMatvfXYGA2hIrNh++2Rqoj3e/ErQ/ykp61ei6aJny+uZeuanY9Lb5UCc9g
/CAohhRg0HwQmg7CpF73kcjF2xdD6Jy8I67M0CgdqY4iOFg1WI9fmMmE2egyS7pG
uw01YX6BDS7BJwRxYW9TFH6vUsfbBnIfW0IRUBCMVYc79GKtU5AyqNzPnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNu3zZU9LZv430Q/HcaWjI3MezNPMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvMjdmTmxUMHRtX2pmUkQ4ZHhwYU1qY3g3TTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe3FAwQA
wW3AMA0GCSqGSIb3DQEBCwUAA4IBAQB8c3VbHk/Af7v4/a8NQ121Jn0Mb4v4Wou9
BVi1VPVnGgh3h4MnkqJqEOnS8VRZWKA0xKWNY5TnPg8j6nqkd3TzvkeAH9L4JjAo
ZZKICl5ECNAGUPhy4yxC0UNslxR68UFsIp4fUQt1L9zg5Imsai+6QVSDtm6P7Kkq
ZVEnm7oCdje0ptabiz22/pfgLxces2BZLe+QnN6z/W5onEgJONMrr4FgOYmp45r/
l624hgh0jZnJodnvNXQ/WZwTew9n/u3592Z0sJytEkB6jupJitUgmQkF1yj2qenB
oMG+zpFjpS03g9pHr8N6GQHnKEeFDjPrxRhrh9++LYyfhukYxtuJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:07 2023 by rpki-client on console-ams.rpki-client.org