Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/HeLSTDoajOnQaftm_LH_Oo5URCI.roa
File:                     HeLSTDoajOnQaftm_LH_Oo5URCI.roa (raw, json)
Hash identifier:          6C/DMmJ3MF7VQ6AnZauIc7LamObw0rsF1iWB83laVzY=
Subject key identifier:   1D:E2:D2:4C:3A:1A:8C:E9:D0:69:FB:66:FC:B1:FF:3A:8E:54:44:22
Certificate issuer:       /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial:       047253CB
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/HeLSTDoajOnQaftm_LH_Oo5URCI.roa
Signing time:             Fri 07 Jan 2022 16:22:05 +0000
ROA not before:           Fri 07 Jan 2022 16:22:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     400039
IP address blocks:        193.109.192.0/24 maxlen: 24
                          85.237.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74601419 (0x47253cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
        Validity
            Not Before: Jan  7 16:22:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1de2d24c3a1a8ce9d069fb66fcb1ff3a8e544422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:51:ac:94:99:53:2a:22:5a:d2:ac:15:fa:03:
                    a0:1b:66:3e:f1:c1:37:ac:4a:b5:46:41:49:4b:e3:
                    b5:05:c0:97:0e:b7:b6:bb:cd:10:22:63:84:a9:c4:
                    c6:d3:88:ea:76:b4:27:44:4d:32:99:06:10:d8:4d:
                    dd:8e:d4:7c:b2:13:fd:3f:23:10:2b:de:09:1b:14:
                    f0:60:98:2e:f4:2d:5f:5d:e1:6e:b6:f3:9e:72:98:
                    07:5a:7d:36:77:fe:4b:14:bb:85:2a:68:45:b8:a2:
                    0c:bf:62:b4:be:9e:64:b1:19:03:58:7b:31:38:26:
                    fa:f7:09:e4:6a:4f:0a:08:14:65:c0:3e:e2:31:f4:
                    ec:aa:2e:14:2e:78:85:a4:f0:4a:fa:0e:85:c1:d1:
                    ff:d4:34:b2:21:d7:0f:3a:d4:05:a7:ee:43:a0:03:
                    fa:05:28:23:60:84:d7:49:fd:1c:73:92:c6:7a:8e:
                    22:9e:45:cb:8c:43:ee:3f:d5:62:ac:f4:b5:a4:25:
                    6c:2c:a3:64:88:7f:55:ed:7a:db:a3:73:78:f3:41:
                    2f:66:9d:dd:5f:7a:85:a4:fe:7e:1b:83:54:a9:23:
                    17:30:3a:ad:9c:0d:49:97:71:34:2c:e1:57:42:29:
                    7a:61:62:05:e1:17:c9:fc:02:24:62:d0:67:86:e9:
                    8d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E2:D2:4C:3A:1A:8C:E9:D0:69:FB:66:FC:B1:FF:3A:8E:54:44:22
            X509v3 Authority Key Identifier:
                keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/HeLSTDoajOnQaftm_LH_Oo5URCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.219.0/24
                  193.109.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:dd:09:c3:4f:6c:cf:7c:a3:8e:eb:3a:d3:76:50:ce:21:62:
         e5:ce:01:9f:8f:78:f1:de:de:bc:af:36:71:79:7a:13:62:ca:
         31:17:c8:d9:7c:14:f4:1b:d5:7f:c5:98:cc:d8:56:93:d9:64:
         c9:92:85:56:47:6f:fc:81:cd:8f:82:de:44:3d:a3:c2:7d:03:
         89:cc:4a:d0:8d:d0:a3:46:1b:fd:9a:1d:45:59:4d:5b:c1:b8:
         57:b0:71:a1:b0:c3:67:0d:60:aa:1c:ad:97:a2:3c:68:8b:8a:
         2e:e2:6f:53:d6:53:3c:36:27:34:6c:0c:62:b1:5f:49:b6:13:
         f5:42:c6:07:01:bb:60:59:93:2d:f7:c8:84:10:57:d2:a8:a6:
         4f:1c:38:10:8c:82:36:e8:4d:21:82:25:3c:f2:ca:82:af:d2:
         e3:f4:34:41:79:93:4f:30:1f:76:2e:e1:26:6a:38:7c:89:8f:
         e1:58:17:de:b4:32:37:27:3e:9d:e2:f2:2c:94:d8:fb:7f:70:
         10:53:c6:e0:03:e9:25:31:04:a0:6e:9f:ee:23:e7:29:d5:86:
         a2:b7:3f:21:3c:9c:6b:f2:cc:b9:e1:34:79:da:7d:d2:8b:75:
         ce:1a:42:f2:ab:c0:86:41:ec:ee:de:83:79:32:8b:c0:22:e7:
         fa:53:bb:8b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBHJTyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTBiNjczNjhjOTFiODVlODQ4ODhjNWVkMmU4MjRkMTM5MDgxMGJiMB4XDTIyMDEw
NzE2MjIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRlMmQyNGMzYTFh
OGNlOWQwNjlmYjY2ZmNiMWZmM2E4ZTU0NDQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNRrJSZUyoiWtKsFfoDoBtmPvHBN6xKtUZBSUvjtQXAlw63
trvNECJjhKnExtOI6na0J0RNMpkGENhN3Y7UfLIT/T8jECveCRsU8GCYLvQtX13h
brbznnKYB1p9Nnf+SxS7hSpoRbiiDL9itL6eZLEZA1h7MTgm+vcJ5GpPCggUZcA+
4jH07KouFC54haTwSvoOhcHR/9Q0siHXDzrUBafuQ6AD+gUoI2CE10n9HHOSxnqO
Ip5Fy4xD7j/VYqz0taQlbCyjZIh/Ve1626NzePNBL2ad3V96haT+fhuDVKkjFzA6
rZwNSZdxNCzhV0IpemFiBeEXyfwCJGLQZ4bpjRkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQd4tJMOhqM6dBp+2b8sf86jlREIjAfBgNVHSMEGDAWgBQ5C2c2jJG4XoSI
jF7S6CTROQgQuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RdG5Ob3lSdUY2RWlJeGUwdWdrMFRrSUVMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8x
L0hlTFNURG9hak9uUWFmdG1fTEhfT281VVJDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8xL09RdG5Ob3lSdUY2
RWlJeGUwdWdrMFRrSUVMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFXt2wMEAMFtwDANBgkqhkiG9w0B
AQsFAAOCAQEAS90Jw09sz3yjjus603ZQziFi5c4Bn4948d7evK82cXl6E2LKMRfI
2XwU9BvVf8WYzNhWk9lkyZKFVkdv/IHNj4LeRD2jwn0DicxK0I3Qo0Yb/ZodRVlN
W8G4V7BxobDDZw1gqhytl6I8aIuKLuJvU9ZTPDYnNGwMYrFfSbYT9ULGBwG7YFmT
LffIhBBX0qimTxw4EIyCNuhNIYIlPPLKgq/S4/Q0QXmTTzAfdi7hJmo4fImP4VgX
3rQyNyc+neLyLJTY+39wEFPG4APpJTEEoG6f7iPnKdWGorc/ITyca/LMueE0edp9
0ot1zhpC8qvAhkHs7t6DeTKLwCLn+lO7iw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org