Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/M6sPZoRGo34wqVGAHe8UWl-pZfE.roa
File:                     M6sPZoRGo34wqVGAHe8UWl-pZfE.roa (raw, json)
Hash identifier:          xMwb4uaZe+xEcMcdYP2RnpSe/7FWjsKubBKZQzdkstY=
Subject key identifier:   33:AB:0F:66:84:46:A3:7E:30:A9:51:80:1D:EF:14:5A:5F:A9:65:F1
Certificate issuer:       /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial:       018873C10EC64CB76A92B61CA4808A57CE98
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/M6sPZoRGo34wqVGAHe8UWl-pZfE.roa
Signing time:             Wed 31 May 2023 21:40:11 +0000
ROA not before:           Wed 31 May 2023 21:40:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        85.237.211.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:73:c1:0e:c6:4c:b7:6a:92:b6:1c:a4:80:8a:57:ce:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
        Validity
            Not Before: May 31 21:40:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33ab0f668446a37e30a951801def145a5fa965f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0a:b9:e1:4c:99:e5:2f:ff:e3:7e:67:9a:9c:
                    ae:40:61:46:26:39:65:45:c9:d1:33:ba:8c:74:83:
                    f1:ad:de:11:5d:96:2f:1e:0b:71:fe:56:22:04:a1:
                    cc:34:5f:92:89:01:04:ce:53:86:97:3e:fb:24:d8:
                    bc:9f:73:55:33:4e:a1:23:d4:7b:6b:42:f8:a5:30:
                    8f:2c:9c:93:0c:84:f4:94:5e:eb:b7:53:90:eb:7c:
                    f6:2c:50:a4:17:f3:45:e1:eb:d4:3d:06:4e:a9:eb:
                    7f:c1:fb:ef:ca:54:ec:fc:30:c9:b8:91:aa:76:fd:
                    72:b1:27:2c:9a:a8:e9:9b:84:3d:24:9e:77:01:41:
                    bd:05:a8:8e:9a:73:37:fc:07:7b:c1:65:27:73:f5:
                    5d:5d:bd:75:a9:6b:9a:f7:e5:1d:41:53:44:50:5a:
                    61:82:dc:8e:0b:0f:20:c8:c5:a2:92:3f:3e:c4:34:
                    82:d2:63:3f:e0:00:42:dc:29:bf:f3:0d:0c:da:10:
                    57:53:13:dc:60:9b:3a:2d:42:1c:a9:33:82:6e:c7:
                    60:6f:ce:4a:43:36:82:43:23:3d:82:63:e6:a0:b9:
                    43:06:aa:94:b9:04:89:85:1b:be:99:5c:35:5b:df:
                    f3:50:70:7e:87:a5:13:4f:44:3d:17:b6:17:80:67:
                    92:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:AB:0F:66:84:46:A3:7E:30:A9:51:80:1D:EF:14:5A:5F:A9:65:F1
            X509v3 Authority Key Identifier:
                keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/M6sPZoRGo34wqVGAHe8UWl-pZfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:ae:2d:f1:7e:b3:64:20:8f:88:e8:e9:b3:91:3f:a5:a1:03:
         17:a5:0e:c5:ef:df:08:c8:4f:d8:fe:1f:91:f1:8d:71:33:6f:
         b6:4c:20:80:6a:c0:fa:2f:13:c9:b9:c4:9f:15:8d:6b:96:85:
         1c:7e:ef:ae:07:19:e3:b5:c6:a1:e4:4a:46:5f:ce:34:2c:be:
         59:ed:9d:71:3e:f7:46:c8:5f:98:21:6c:18:dd:3d:fa:d4:ed:
         8c:3b:48:15:b1:82:99:3b:23:86:c2:47:8f:a4:1c:32:5d:3c:
         1a:cc:6b:94:67:70:1d:53:3e:b8:5b:e9:6c:fe:14:e3:9c:4f:
         9c:83:20:05:d6:bc:9e:e7:b6:d9:61:4e:4c:db:7f:82:ad:94:
         de:d8:39:9c:75:e7:93:fd:d8:98:47:26:79:37:aa:27:54:04:
         0f:84:a6:cb:24:2e:2a:ea:ad:70:7b:e5:10:2b:b9:f9:9f:66:
         67:87:d4:eb:06:cc:5e:7c:0e:93:d7:24:9a:a0:63:7c:e2:f3:
         a8:dd:7e:56:9a:c7:63:8f:83:4b:fc:b7:b1:cd:02:ef:bc:1c:
         41:d2:08:9e:52:40:99:d0:5f:a3:df:e2:bc:65:7f:c7:bf:d1:
         26:75:c2:fe:a9:4d:6f:18:72:0f:77:0d:f5:1e:4a:42:27:80:
         96:3a:50:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhzwQ7GTLdqkrYcpICKV86YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwNTMxMjE0MDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FiMGY2Njg0NDZhMzdlMzBhOTUxODAxZGVmMTQ1YTVmYTk2NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAq54UyZ5S//435nmpyuQGFGJjll
RcnRM7qMdIPxrd4RXZYvHgtx/lYiBKHMNF+SiQEEzlOGlz77JNi8n3NVM06hI9R7
a0L4pTCPLJyTDIT0lF7rt1OQ63z2LFCkF/NF4evUPQZOqet/wfvvylTs/DDJuJGq
dv1ysScsmqjpm4Q9JJ53AUG9BaiOmnM3/Ad7wWUnc/VdXb11qWua9+UdQVNEUFph
gtyOCw8gyMWikj8+xDSC0mM/4ABC3Cm/8w0M2hBXUxPcYJs6LUIcqTOCbsdgb85K
QzaCQyM9gmPmoLlDBqqUuQSJhRu+mVw1W9/zUHB+h6UTT0Q9F7YXgGeSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDOrD2aERqN+MKlRgB3vFFpfqWXxMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvTTZzUFpvUkdvMzR3cVZHQUhlOFVXbC1wWmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe3TMA0G
CSqGSIb3DQEBCwUAA4IBAQBVri3xfrNkII+I6OmzkT+loQMXpQ7F798IyE/Y/h+R
8Y1xM2+2TCCAasD6LxPJucSfFY1rloUcfu+uBxnjtcah5EpGX840LL5Z7Z1xPvdG
yF+YIWwY3T361O2MO0gVsYKZOyOGwkePpBwyXTwazGuUZ3AdUz64W+ls/hTjnE+c
gyAF1rye57bZYU5M23+CrZTe2DmcdeeT/diYRyZ5N6onVAQPhKbLJC4q6q1we+UQ
K7n5n2Znh9TrBsxefA6T1ySaoGN84vOo3X5Wmsdjj4NL/LexzQLvvBxB0gieUkCZ
0F+j3+K8ZX/Hv9EmdcL+qU1vGHIPdw31HkpCJ4CWOlDM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:46 2024 by rpki-client on console-fra.rpki-client.org