Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0ba6a9-375d-485b-b0ec-42676f09f099/1/129liL7UJFhMzV-tReZDjuc9cWQ.roa
File:                     129liL7UJFhMzV-tReZDjuc9cWQ.roa (raw, json)
Hash identifier:          Y1HNTEWaJwr2vzDNu3rw0PAF095F/A4oSIGvyRVXU2E=
Subject key identifier:   D7:6F:65:88:BE:D4:24:58:4C:CD:5F:AD:45:E6:43:8E:E7:3D:71:64
Certificate issuer:       /CN=0aa99e1cc74b4ca77b62cfa0939e79235d2ab9c1
Certificate serial:       0760840B
Authority key identifier: 0A:A9:9E:1C:C7:4B:4C:A7:7B:62:CF:A0:93:9E:79:23:5D:2A:B9:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CqmeHMdLTKd7Ys-gk555I10qucE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/0ba6a9-375d-485b-b0ec-42676f09f099/1/129liL7UJFhMzV-tReZDjuc9cWQ.roa
Signing time:             Sat 01 Jan 2022 00:55:45 +0000
ROA not before:           Sat 01 Jan 2022 00:55:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209371
IP address blocks:        185.247.184.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123765771 (0x760840b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0aa99e1cc74b4ca77b62cfa0939e79235d2ab9c1
        Validity
            Not Before: Jan  1 00:55:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d76f6588bed424584ccd5fad45e6438ee73d7164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3f:98:56:1e:e6:7d:27:b1:26:b8:ca:5b:d8:
                    d2:5f:4d:31:a0:fe:bb:67:81:6d:29:78:80:5b:a2:
                    a7:30:17:fb:8f:5b:2e:90:7d:a4:8d:fb:85:84:0a:
                    62:d8:58:90:f2:eb:02:36:56:58:6f:07:18:11:74:
                    01:11:e5:29:13:8a:ca:b6:3e:21:b2:56:e7:0c:aa:
                    a3:be:8d:3c:41:16:9b:fa:45:7f:cf:ef:2a:ee:5a:
                    a7:32:6c:64:27:04:f8:b3:cc:72:13:58:d6:c4:37:
                    fb:9f:8a:97:b1:f4:24:94:46:2c:64:19:14:c4:b7:
                    96:be:ca:33:c5:9b:07:d2:43:61:92:ca:28:ee:aa:
                    3b:f7:62:9d:92:7f:87:9f:63:e0:a5:2a:d5:d7:fa:
                    51:07:22:83:b7:e2:34:6c:24:9a:2d:50:28:da:51:
                    9a:05:95:38:e2:4d:dd:22:88:b8:72:55:3c:ee:34:
                    e1:54:09:7b:7e:f9:bc:e2:f5:4c:14:e4:0a:32:7e:
                    d7:7d:42:22:87:29:30:d6:8e:c1:a2:0d:9b:a0:4b:
                    c9:2e:72:d0:ed:e8:5b:a8:7e:77:a5:ff:7d:76:2d:
                    a6:66:f6:1d:63:67:fa:21:aa:a6:db:e1:6f:f5:57:
                    4f:f3:18:eb:19:54:2e:e1:76:ab:fe:d4:f3:29:1c:
                    a7:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:6F:65:88:BE:D4:24:58:4C:CD:5F:AD:45:E6:43:8E:E7:3D:71:64
            X509v3 Authority Key Identifier:
                keyid:0A:A9:9E:1C:C7:4B:4C:A7:7B:62:CF:A0:93:9E:79:23:5D:2A:B9:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqmeHMdLTKd7Ys-gk555I10qucE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0ba6a9-375d-485b-b0ec-42676f09f099/1/129liL7UJFhMzV-tReZDjuc9cWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0ba6a9-375d-485b-b0ec-42676f09f099/1/CqmeHMdLTKd7Ys-gk555I10qucE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.247.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:d9:c2:d8:fe:db:8e:45:ff:ab:a9:e6:a8:e9:2d:df:a9:7e:
         ba:0d:6b:13:bf:ac:96:01:14:2c:5d:d9:ab:8d:f9:07:13:de:
         07:67:63:5c:3e:77:72:6a:4e:40:a5:10:00:7f:91:cb:08:ff:
         4d:6d:8b:3a:48:e5:54:aa:8a:7f:37:96:c5:67:2d:04:00:22:
         e1:45:91:ba:10:39:00:3e:4b:9d:f8:97:c2:06:08:28:1a:31:
         a2:33:ef:e7:9c:ed:90:78:5e:d2:02:70:e1:de:c6:9c:58:d2:
         69:91:57:ab:ea:4f:63:da:a5:49:df:f0:a0:7f:aa:d4:80:86:
         6b:0e:aa:27:ad:0f:67:1e:dc:88:9e:7b:39:38:47:22:2d:df:
         42:77:b6:cd:df:79:f1:46:0e:f6:90:6e:e9:03:02:51:92:c8:
         b2:db:b0:1f:41:78:78:41:e0:91:33:db:2e:18:a6:86:e0:f6:
         0a:c9:36:01:e3:4c:98:fa:e6:55:b8:03:d2:81:ed:23:3e:78:
         c9:08:e5:90:1e:4d:68:8a:e0:4f:44:7f:07:82:20:a7:37:a8:
         a6:39:87:76:c0:65:53:af:c0:5b:e3:6d:48:61:28:f6:92:bb:
         cc:8c:29:a8:36:5e:66:bf:9e:bb:55:35:84:fd:ce:80:f4:72:
         bf:46:e4:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB2CECzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWE5OWUxY2M3NGI0Y2E3N2I2MmNmYTA5MzllNzkyMzVkMmFiOWMxMB4XDTIyMDEw
MTAwNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc2ZjY1ODhiZWQ0
MjQ1ODRjY2Q1ZmFkNDVlNjQzOGVlNzNkNzE2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0/mFYe5n0nsSa4ylvY0l9NMaD+u2eBbSl4gFuipzAX+49b
LpB9pI37hYQKYthYkPLrAjZWWG8HGBF0ARHlKROKyrY+IbJW5wyqo76NPEEWm/pF
f8/vKu5apzJsZCcE+LPMchNY1sQ3+5+Kl7H0JJRGLGQZFMS3lr7KM8WbB9JDYZLK
KO6qO/dinZJ/h59j4KUq1df6UQcig7fiNGwkmi1QKNpRmgWVOOJN3SKIuHJVPO40
4VQJe375vOL1TBTkCjJ+131CIocpMNaOwaINm6BLyS5y0O3oW6h+d6X/fXYtpmb2
HWNn+iGqptvhb/VXT/MY6xlULuF2q/7U8ykcpzECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTXb2WIvtQkWEzNX61F5kOO5z1xZDAfBgNVHSMEGDAWgBQKqZ4cx0tMp3ti
z6CTnnkjXSq5wTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NxbWVITWRMVEtkN1lzLWdrNTU1STEwcXVjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvMGJhNmE5LTM3NWQtNDg1Yi1iMGVjLTQyNjc2ZjA5ZjA5OS8x
LzEyOWxpTDdVSkZoTXpWLXRSZVpEanVjOWNXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
MGJhNmE5LTM3NWQtNDg1Yi1iMGVjLTQyNjc2ZjA5ZjA5OS8xL0NxbWVITWRMVEtk
N1lzLWdrNTU1STEwcXVjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn3uDANBgkqhkiG9w0BAQsFAAOC
AQEAgNnC2P7bjkX/q6nmqOkt36l+ug1rE7+slgEULF3Zq435BxPeB2djXD53cmpO
QKUQAH+Rywj/TW2LOkjlVKqKfzeWxWctBAAi4UWRuhA5AD5LnfiXwgYIKBoxojPv
55ztkHhe0gJw4d7GnFjSaZFXq+pPY9qlSd/woH+q1ICGaw6qJ60PZx7ciJ57OThH
Ii3fQne2zd958UYO9pBu6QMCUZLIstuwH0F4eEHgkTPbLhimhuD2Csk2AeNMmPrm
VbgD0oHtIz54yQjlkB5NaIrgT0R/B4IgpzeopjmHdsBlU6/AW+NtSGEo9pK7zIwp
qDZeZr+eu1U1hP3OgPRyv0bktg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:52 2024 by rpki-client on console-ams.rpki-client.org