Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/89f9db-c5bd-47fc-bfcd-dcdb3ea7449b/1/tPokKk6t2PKUQshPiKk_T7NIWdc.roa
File:                     tPokKk6t2PKUQshPiKk_T7NIWdc.roa (raw, json)
Hash identifier:          630QxmpqQk/84bCRdZqJhlGxru0YDRCSrrYh0RKmeA0=
Subject key identifier:   B4:FA:24:2A:4E:AD:D8:F2:94:42:C8:4F:88:A9:3F:4F:B3:48:59:D7
Certificate issuer:       /CN=c5b87b468d4bc31cae4b50faefd8f6f548e75993
Certificate serial:       018964C05A5ED94A962938D615847DF9F07C
Authority key identifier: C5:B8:7B:46:8D:4B:C3:1C:AE:4B:50:FA:EF:D8:F6:F5:48:E7:59:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xbh7Ro1LwxyuS1D679j29UjnWZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/89f9db-c5bd-47fc-bfcd-dcdb3ea7449b/1/tPokKk6t2PKUQshPiKk_T7NIWdc.roa
Signing time:             Mon 17 Jul 2023 16:47:54 +0000
ROA not before:           Mon 17 Jul 2023 16:47:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        176.118.38.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:c0:5a:5e:d9:4a:96:29:38:d6:15:84:7d:f9:f0:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5b87b468d4bc31cae4b50faefd8f6f548e75993
        Validity
            Not Before: Jul 17 16:47:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4fa242a4eadd8f29442c84f88a93f4fb34859d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:67:6e:57:18:6f:bb:8d:48:02:30:e5:72:55:
                    c7:97:49:92:7f:46:c7:ae:dd:e9:92:83:28:98:47:
                    c7:59:3e:61:0f:68:cd:3c:d7:71:67:7f:09:e9:a3:
                    c3:45:02:df:4a:0c:ef:7f:7a:a7:c9:9b:18:de:6d:
                    98:26:e0:c2:2c:41:e3:38:c8:71:f0:a9:52:ce:dd:
                    06:c7:48:7c:00:ad:1f:7d:6e:42:82:96:45:e4:13:
                    96:7c:da:b1:38:d2:24:38:6c:85:8d:c2:22:e9:8a:
                    73:b9:e7:de:de:9f:74:52:62:58:07:43:1e:57:5e:
                    8f:26:2f:32:0c:4b:15:43:52:82:50:d2:23:ba:79:
                    e7:d2:4d:e6:18:e9:ff:68:9c:38:f4:62:c9:39:e1:
                    8c:44:d8:0e:9f:05:44:f7:93:af:4a:d6:55:14:75:
                    47:c1:29:db:88:df:45:c6:c5:09:0a:33:59:c2:42:
                    80:f6:2b:7d:8b:47:f5:a4:55:f7:79:55:73:aa:51:
                    61:a3:6e:1a:b9:ca:89:ea:5e:2d:b8:90:98:8c:02:
                    6a:5f:09:ad:8e:3a:53:6e:fc:32:b7:ed:19:13:03:
                    30:38:fa:df:3a:5f:46:88:da:c1:e9:f7:4f:d9:e0:
                    31:99:6e:82:86:f4:39:3b:fb:e0:fd:c6:14:ce:d9:
                    a9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:FA:24:2A:4E:AD:D8:F2:94:42:C8:4F:88:A9:3F:4F:B3:48:59:D7
            X509v3 Authority Key Identifier:
                keyid:C5:B8:7B:46:8D:4B:C3:1C:AE:4B:50:FA:EF:D8:F6:F5:48:E7:59:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbh7Ro1LwxyuS1D679j29UjnWZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/89f9db-c5bd-47fc-bfcd-dcdb3ea7449b/1/tPokKk6t2PKUQshPiKk_T7NIWdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/89f9db-c5bd-47fc-bfcd-dcdb3ea7449b/1/xbh7Ro1LwxyuS1D679j29UjnWZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:ab:2b:32:90:1b:36:25:f0:c0:5e:1b:0e:63:07:eb:db:3b:
         81:5e:59:9e:68:f6:97:91:ba:b5:19:bb:6c:52:c9:52:77:9f:
         66:05:e8:56:eb:a6:d4:32:e1:dd:1d:4b:66:e2:cb:a0:9c:08:
         e1:bb:b5:d5:d0:07:8e:23:c2:ab:e0:58:38:7d:c0:af:59:78:
         31:a1:20:fb:05:42:27:a3:50:f4:63:d3:7d:4e:30:c2:73:d9:
         f5:8a:40:32:ec:b3:55:7d:a9:58:6f:c7:d8:b0:c6:46:36:72:
         af:e6:4a:91:5f:6c:06:82:af:0b:17:a9:1d:0e:2d:92:2e:ee:
         33:17:87:e4:61:0f:9b:47:b8:7d:8e:fe:c8:a4:08:fa:7b:9c:
         1d:f6:9d:84:b0:8e:fd:da:6b:9f:5a:ca:a6:1d:00:2d:66:82:
         5d:c0:93:54:54:e7:e9:0a:80:cb:5f:32:ac:54:87:83:49:fe:
         d5:8f:b9:6e:48:cf:c3:2c:40:cd:e3:fe:ac:ac:c9:63:8e:2c:
         5c:7e:2d:b2:53:6e:00:1c:7e:ba:d0:6b:b0:95:40:a9:a3:28:
         59:53:29:b3:ec:92:4a:3f:c8:a2:ad:07:d8:38:28:37:06:48:
         71:35:c1:ab:d5:3b:fe:fa:58:a5:33:0a:f9:a2:ec:9c:ff:74:
         1e:a7:63:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFpe2UqWKTjWFYR9+fB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1Yjg3YjQ2OGQ0YmMzMWNhZTRiNTBmYWVmZDhmNmY1NDhl
NzU5OTMwHhcNMjMwNzE3MTY0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGZhMjQyYTRlYWRkOGYyOTQ0MmM4NGY4OGE5M2Y0ZmIzNDg1OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mduVxhvu41IAjDlclXHl0mSf0bH
rt3pkoMomEfHWT5hD2jNPNdxZ38J6aPDRQLfSgzvf3qnyZsY3m2YJuDCLEHjOMhx
8KlSzt0Gx0h8AK0ffW5CgpZF5BOWfNqxONIkOGyFjcIi6Ypzuefe3p90UmJYB0Me
V16PJi8yDEsVQ1KCUNIjunnn0k3mGOn/aJw49GLJOeGMRNgOnwVE95OvStZVFHVH
wSnbiN9FxsUJCjNZwkKA9it9i0f1pFX3eVVzqlFho24aucqJ6l4tuJCYjAJqXwmt
jjpTbvwyt+0ZEwMwOPrfOl9GiNrB6fdP2eAxmW6ChvQ5O/vg/cYUztmpJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT6JCpOrdjylELIT4ipP0+zSFnXMB8GA1UdIwQY
MBaAFMW4e0aNS8McrktQ+u/Y9vVI51mTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJoN1JvMUx3eHl1UzFENjc5ajI5VWpuV1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84OWY5ZGItYzViZC00N2ZjLWJmY2Qt
ZGNkYjNlYTc0NDliLzEvdFBva0trNnQyUEtVUXNoUGlLa19UN05JV2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84OWY5ZGItYzViZC00N2ZjLWJmY2QtZGNkYjNlYTc0NDli
LzEveGJoN1JvMUx3eHl1UzFENjc5ajI5VWpuV1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHYmMA0G
CSqGSIb3DQEBCwUAA4IBAQCoqysykBs2JfDAXhsOYwfr2zuBXlmeaPaXkbq1Gbts
UslSd59mBehW66bUMuHdHUtm4sugnAjhu7XV0AeOI8Kr4Fg4fcCvWXgxoSD7BUIn
o1D0Y9N9TjDCc9n1ikAy7LNVfalYb8fYsMZGNnKv5kqRX2wGgq8LF6kdDi2SLu4z
F4fkYQ+bR7h9jv7IpAj6e5wd9p2EsI792mufWsqmHQAtZoJdwJNUVOfpCoDLXzKs
VIeDSf7Vj7luSM/DLEDN4/6srMljjixcfi2yU24AHH660GuwlUCpoyhZUymz7JJK
P8iirQfYOCg3BkhxNcGr1Tv++lilMwr5ouyc/3Qep2MG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:50 2024 by rpki-client on console-fra.rpki-client.org