Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/0L-HVMgR6rQm-uaBwdW5Jwo1pAg.roa
File:                     0L-HVMgR6rQm-uaBwdW5Jwo1pAg.roa (raw, json)
Hash identifier:          BCF4GHkWJqU2rFUCYcDDhUd+aTSixf4EA6nqgSR09I8=
Subject key identifier:   D0:BF:87:54:C8:11:EA:B4:26:FA:E6:81:C1:D5:B9:27:0A:35:A4:08
Certificate issuer:       /CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
Certificate serial:       01856C9CCCA37433DB94E551F974465D5042
Authority key identifier: F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/0L-HVMgR6rQm-uaBwdW5Jwo1pAg.roa
Signing time:             Sun 01 Jan 2023 09:14:53 +0000
ROA not before:           Sun 01 Jan 2023 09:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        185.248.135.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:cc:a3:74:33:db:94:e5:51:f9:74:46:5d:50:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
        Validity
            Not Before: Jan  1 09:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0bf8754c811eab426fae681c1d5b9270a35a408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:f0:9b:9a:8c:be:69:48:d5:9d:d9:0c:02:2d:
                    f5:e1:2d:61:62:0d:9a:28:19:51:27:81:65:d2:ef:
                    a2:69:73:ab:13:eb:7f:9b:42:4b:2f:2f:6f:fa:d7:
                    87:85:3f:6e:95:f4:e5:7f:23:d4:34:23:ed:90:0c:
                    2b:b8:2a:68:ac:ed:4e:bd:97:ae:bf:64:42:b1:ab:
                    38:a3:b0:44:5b:7d:a6:7a:82:3e:c7:f1:39:fb:59:
                    41:e9:00:ad:7b:a1:26:14:7c:48:65:69:ce:f3:ac:
                    a8:b5:93:fb:64:1a:2e:cf:07:ed:43:78:41:ab:ad:
                    24:c6:ca:1e:73:b4:04:5b:eb:4c:4f:bc:69:1b:5c:
                    0c:c4:f0:48:1b:54:44:a9:7c:75:7b:3d:75:fd:33:
                    01:92:52:b5:c6:5b:e1:b7:0b:96:22:c4:88:00:e2:
                    b1:47:0c:36:40:47:33:6f:e8:7a:fa:9b:41:47:76:
                    50:e6:36:22:8d:df:65:24:e1:e0:ea:e9:ed:3f:92:
                    58:cc:4e:5c:2b:20:d4:1c:ab:5c:89:de:dc:a8:7a:
                    bb:2e:e1:29:26:ab:3f:2c:e7:85:3d:09:b0:75:6a:
                    1d:58:77:05:9f:f3:23:58:ea:5d:b1:7f:2a:54:15:
                    8d:80:86:ce:c2:dd:09:d5:0c:c5:9f:71:f7:b1:6e:
                    be:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:BF:87:54:C8:11:EA:B4:26:FA:E6:81:C1:D5:B9:27:0A:35:A4:08
            X509v3 Authority Key Identifier:
                keyid:F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/0L-HVMgR6rQm-uaBwdW5Jwo1pAg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/9iy3B8KX8LzkOvT0y6y7imNszGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:11:0c:66:d9:6c:5f:fa:92:c3:be:57:31:97:3c:6a:79:3c:
         84:6c:36:3b:12:8a:54:bf:14:a7:e3:59:af:f7:26:c4:ca:5c:
         19:3d:2f:c3:49:85:5d:8e:fc:f6:87:ce:22:b3:72:fd:18:2a:
         6b:25:17:19:1b:63:3c:52:a4:c7:dd:dc:70:4c:18:48:c2:29:
         fd:ce:bc:3a:19:56:f1:5a:84:a6:30:e5:f8:75:89:f0:e2:16:
         49:a5:9c:6a:48:78:15:97:24:10:57:d2:e0:4f:70:c5:ca:21:
         c4:f9:61:84:a5:c1:ff:cf:a4:26:5d:da:21:7c:54:5c:97:73:
         47:9b:07:49:46:2d:48:07:2f:2a:ec:54:40:e2:fa:d0:7f:8f:
         d3:f3:99:5f:b4:07:44:11:00:20:8c:0b:7d:db:de:40:8a:87:
         8e:e8:5d:33:c4:a3:13:36:97:e7:b6:0a:dc:74:05:25:01:72:
         af:43:ae:97:4e:99:ce:20:ed:bd:fa:50:81:29:e2:35:3d:c7:
         6b:44:93:0a:38:88:11:10:90:1e:7e:57:46:33:a6:02:aa:8b:
         dc:4a:30:cf:c7:47:a6:cf:ba:2c:54:6e:2c:29:00:4c:04:33:
         cc:39:29:cb:37:8e:ed:a8:63:08:23:05:17:84:03:c7:68:71:
         d5:8b:63:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnMyjdDPblOVR+XRGXVBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmNiNzA3YzI5N2YwYmNlNDNhZjRmNGNiYWNiYjhhNjM2
Y2NjNjEwHhcNMjMwMTAxMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJmODc1NGM4MTFlYWI0MjZmYWU2ODFjMWQ1YjkyNzBhMzVhNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PCbmoy+aUjVndkMAi314S1hYg2a
KBlRJ4Fl0u+iaXOrE+t/m0JLLy9v+teHhT9ulfTlfyPUNCPtkAwruCporO1OvZeu
v2RCsas4o7BEW32meoI+x/E5+1lB6QCte6EmFHxIZWnO86yotZP7ZBouzwftQ3hB
q60kxsoec7QEW+tMT7xpG1wMxPBIG1REqXx1ez11/TMBklK1xlvhtwuWIsSIAOKx
Rww2QEczb+h6+ptBR3ZQ5jYijd9lJOHg6untP5JYzE5cKyDUHKtcid7cqHq7LuEp
Jqs/LOeFPQmwdWodWHcFn/MjWOpdsX8qVBWNgIbOwt0J1QzFn3H3sW6+ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNC/h1TIEeq0JvrmgcHVuScKNaQIMB8GA1UdIwQY
MBaAFPYstwfCl/C85Dr09Musu4pjbMxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWl5M0I4S1g4THprT3ZUMHk2eTdpbU5zekdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xMTM2MmMtMGNhOC00MTIzLTliM2Mt
M2NhNTRkNWM2ZjRmLzEvMEwtSFZNZ1I2clFtLXVhQndkVzVKd28xcEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xMTM2MmMtMGNhOC00MTIzLTliM2MtM2NhNTRkNWM2ZjRm
LzEvOWl5M0I4S1g4THprT3ZUMHk2eTdpbU5zekdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiHMA0G
CSqGSIb3DQEBCwUAA4IBAQAhEQxm2Wxf+pLDvlcxlzxqeTyEbDY7EopUvxSn41mv
9ybEylwZPS/DSYVdjvz2h84is3L9GCprJRcZG2M8UqTH3dxwTBhIwin9zrw6GVbx
WoSmMOX4dYnw4hZJpZxqSHgVlyQQV9LgT3DFyiHE+WGEpcH/z6QmXdohfFRcl3NH
mwdJRi1IBy8q7FRA4vrQf4/T85lftAdEEQAgjAt9295AioeO6F0zxKMTNpfntgrc
dAUlAXKvQ66XTpnOIO29+lCBKeI1PcdrRJMKOIgREJAefldGM6YCqovcSjDPx0em
z7osVG4sKQBMBDPMOSnLN47tqGMIIwUXhAPHaHHVi2MG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:53 2024 by rpki-client on console-fra.rpki-client.org