Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gHtHqsmHIRdC8d6EyxiuSJVAmFg.roa
File:                     gHtHqsmHIRdC8d6EyxiuSJVAmFg.roa (raw, json)
Hash identifier:          FYnN+MUXmOwJJAbRXT4P72VpVUhchtUYVU+a5iNMHxI=
Subject key identifier:   80:7B:47:AA:C9:87:21:17:42:F1:DE:84:CB:18:AE:48:95:40:98:58
Certificate issuer:       /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial:       048FA4F0
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gHtHqsmHIRdC8d6EyxiuSJVAmFg.roa
Signing time:             Mon 17 Jan 2022 10:03:37 +0000
ROA not before:           Mon 17 Jan 2022 10:03:37 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210360
IP address blocks:        85.158.58.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 76522736 (0x48fa4f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
        Validity
            Not Before: Jan 17 10:03:37 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=807b47aac987211742f1de84cb18ae4895409858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:77:f3:07:34:cb:94:ec:37:30:cc:46:43:2a:
                    db:88:b5:c7:de:9d:a2:8d:77:b3:17:17:18:7e:15:
                    b6:3c:07:7b:93:bf:10:32:38:cf:d9:e3:6b:ae:cc:
                    18:e8:bb:14:2f:39:96:3f:2b:53:2b:90:10:96:ac:
                    19:fe:55:13:13:75:8c:93:d3:aa:49:c9:69:d4:bb:
                    92:68:2d:11:ec:75:94:5a:65:23:0f:9a:0f:e2:99:
                    bd:8a:eb:03:38:8a:47:2e:7c:0c:29:dc:fc:3f:8d:
                    be:7b:a2:cc:be:32:f3:b5:bd:53:da:42:ca:60:2e:
                    4c:26:9c:88:aa:2a:19:e3:2f:78:6c:1f:02:d0:4a:
                    af:ce:35:ab:05:84:14:f6:d9:88:bb:a4:ff:47:3b:
                    15:87:03:8b:ef:73:08:8a:9f:c3:f2:27:78:c6:02:
                    c3:13:0c:77:d4:c5:b3:ec:0f:92:45:13:50:1b:5c:
                    8c:ff:fe:74:91:54:03:4e:7e:69:e9:53:29:2e:52:
                    9d:c0:0f:61:ce:88:0c:be:0e:06:77:fa:5f:d8:17:
                    05:71:37:d5:fb:5d:5e:89:3b:3c:18:c5:76:e6:9b:
                    77:cd:c1:b1:57:d0:6a:a0:08:2f:a1:aa:a2:2a:de:
                    ef:44:6b:10:66:8d:a6:2e:2e:5a:3f:76:39:34:7c:
                    87:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:7B:47:AA:C9:87:21:17:42:F1:DE:84:CB:18:AE:48:95:40:98:58
            X509v3 Authority Key Identifier:
                keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/gHtHqsmHIRdC8d6EyxiuSJVAmFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.158.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:71:a0:9f:a1:3c:b1:5b:f6:d4:70:7f:f8:48:34:1e:eb:42:
         da:37:b7:3d:51:fc:91:16:72:15:01:b5:97:b6:dd:0f:35:3b:
         e1:1a:3a:b3:82:8a:a8:9f:39:4d:e4:9d:a9:12:34:dd:5c:b1:
         90:ca:f3:8c:81:cb:65:6e:0a:b1:57:c3:01:c7:27:59:c4:3c:
         d4:ab:a4:32:36:c8:9e:6f:fc:ef:35:7b:79:79:4c:95:2a:f4:
         8c:c3:bd:8d:ef:a1:ca:b5:ad:58:ed:64:76:4f:92:18:31:f0:
         60:72:72:01:11:09:c5:de:51:e8:55:9a:9c:01:eb:0f:9e:d4:
         44:d7:bf:2f:61:08:46:70:76:c0:a4:b0:7c:b7:26:43:08:87:
         62:91:b5:64:10:fd:9d:d6:e5:17:54:6e:77:fb:99:45:d4:3d:
         fb:a5:da:b9:72:6a:44:9f:86:22:cc:01:47:84:a4:b7:09:58:
         52:5e:d0:6b:7f:10:0e:a0:5b:26:1e:db:69:f5:61:42:5c:0c:
         28:f1:7a:73:21:ef:75:29:d6:1d:19:78:88:fe:8b:cb:0b:6b:
         6b:51:c6:5c:3c:a4:0d:36:42:53:7f:4e:35:d8:48:ce:08:1e:
         32:32:bb:cf:34:15:05:b5:ab:bf:06:a5:71:6a:c3:94:dd:2a:
         35:ba:3d:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBI+k8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTBiNjczNjhjOTFiODVlODQ4ODhjNWVkMmU4MjRkMTM5MDgxMGJiMB4XDTIyMDEx
NzEwMDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODA3YjQ3YWFjOTg3
MjExNzQyZjFkZTg0Y2IxOGFlNDg5NTQwOTg1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZ38wc0y5TsNzDMRkMq24i1x96doo13sxcXGH4VtjwHe5O/
EDI4z9nja67MGOi7FC85lj8rUyuQEJasGf5VExN1jJPTqknJadS7kmgtEex1lFpl
Iw+aD+KZvYrrAziKRy58DCnc/D+NvnuizL4y87W9U9pCymAuTCaciKoqGeMveGwf
AtBKr841qwWEFPbZiLuk/0c7FYcDi+9zCIqfw/IneMYCwxMMd9TFs+wPkkUTUBtc
jP/+dJFUA05+aelTKS5SncAPYc6IDL4OBnf6X9gXBXE31ftdXok7PBjFduabd83B
sVfQaqAIL6Gqoire70RrEGaNpi4uWj92OTR8h6MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSAe0eqyYchF0Lx3oTLGK5IlUCYWDAfBgNVHSMEGDAWgBQ5C2c2jJG4XoSI
jF7S6CTROQgQuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RdG5Ob3lSdUY2RWlJeGUwdWdrMFRrSUVMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8x
L2dIdEhxc21ISVJkQzhkNkV5eGl1U0pWQW1GZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MTZjY2U0LWU5ODEtNGJlNS1iOWY2LTVjOWQ2MjYyOWM4Ni8xL09RdG5Ob3lSdUY2
RWlJeGUwdWdrMFRrSUVMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWeOjANBgkqhkiG9w0BAQsFAAOC
AQEAVXGgn6E8sVv21HB/+Eg0HutC2je3PVH8kRZyFQG1l7bdDzU74Ro6s4KKqJ85
TeSdqRI03VyxkMrzjIHLZW4KsVfDAccnWcQ81KukMjbInm/87zV7eXlMlSr0jMO9
je+hyrWtWO1kdk+SGDHwYHJyAREJxd5R6FWanAHrD57URNe/L2EIRnB2wKSwfLcm
QwiHYpG1ZBD9ndblF1Rud/uZRdQ9+6XauXJqRJ+GIswBR4SktwlYUl7Qa38QDqBb
Jh7bafVhQlwMKPF6cyHvdSnWHRl4iP6Lywtra1HGXDykDTZCU39ONdhIzggeMjK7
zzQVBbWrvwalcWrDlN0qNbo90Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org