Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/yHMWVhy9Nqm1Vl6j5naHqT78EjQ.roa
File:                     yHMWVhy9Nqm1Vl6j5naHqT78EjQ.roa (raw, json)
Hash identifier:          dXdvx+bn6mM27zp17Dkz4T3UyljedjJxpNze3LeVM90=
Subject key identifier:   C8:73:16:56:1C:BD:36:A9:B5:56:5E:A3:E6:76:87:A9:3E:FC:12:34
Certificate issuer:       /CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
Certificate serial:       0189298CF43E6B5A7A9E95BFA1D3280AEF0E
Authority key identifier: F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/yHMWVhy9Nqm1Vl6j5naHqT78EjQ.roa
Signing time:             Thu 06 Jul 2023 04:54:10 +0000
ROA not before:           Thu 06 Jul 2023 04:54:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.248.135.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:29:8c:f4:3e:6b:5a:7a:9e:95:bf:a1:d3:28:0a:ef:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f62cb707c297f0bce43af4f4cbacbb8a636ccc61
        Validity
            Not Before: Jul  6 04:54:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c87316561cbd36a9b5565ea3e67687a93efc1234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:46:4f:55:20:b9:14:38:6f:35:43:fc:d6:05:
                    d4:b8:58:76:fd:97:bc:03:a9:28:4e:e5:59:7a:3b:
                    d5:55:b0:3e:a7:ac:9f:55:e6:3a:db:1f:55:a7:11:
                    28:1e:61:2d:b9:6e:d0:79:7a:36:5c:c1:1f:30:a9:
                    0b:0f:5c:35:69:d6:c3:64:40:35:53:f5:6b:e0:b9:
                    39:67:af:10:2e:62:cb:94:63:87:ed:43:a5:84:81:
                    5f:3c:71:58:e8:7b:b1:38:5f:95:d7:c5:a9:c3:38:
                    0f:09:b8:9c:b7:02:17:a2:e7:db:82:81:be:db:f9:
                    08:7e:8b:cb:c3:d2:d4:4b:98:14:d9:11:1f:3a:09:
                    a4:f3:39:2e:dc:ec:02:7e:5c:67:dc:a4:7e:cc:2c:
                    6f:ae:d2:cd:78:45:15:50:8f:4d:1e:12:57:ad:47:
                    a6:cf:96:01:a2:18:90:41:99:9d:ae:40:ed:b4:c2:
                    3a:3d:ac:d7:55:24:52:f7:47:32:37:75:c8:09:f8:
                    85:9d:ef:8c:18:13:b2:7e:2b:7b:aa:16:d0:64:da:
                    c9:46:5f:c0:e2:37:ae:0c:48:1c:21:77:26:4c:18:
                    d9:91:92:24:f8:0c:68:3d:fe:e7:d9:12:ce:c4:f8:
                    7b:a7:ed:e0:39:85:f2:50:4a:b7:b7:1e:ac:65:d5:
                    e7:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:73:16:56:1C:BD:36:A9:B5:56:5E:A3:E6:76:87:A9:3E:FC:12:34
            X509v3 Authority Key Identifier:
                keyid:F6:2C:B7:07:C2:97:F0:BC:E4:3A:F4:F4:CB:AC:BB:8A:63:6C:CC:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9iy3B8KX8LzkOvT0y6y7imNszGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/yHMWVhy9Nqm1Vl6j5naHqT78EjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/11362c-0ca8-4123-9b3c-3ca54d5c6f4f/1/9iy3B8KX8LzkOvT0y6y7imNszGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:8c:fe:e6:f9:2f:b8:91:2a:d6:6e:54:14:61:50:8a:9e:61:
         eb:e5:2c:ae:fc:2b:75:fd:ee:be:de:cf:0f:a1:5e:e4:9e:9a:
         1c:49:f5:61:c7:23:cc:11:96:e8:c1:f9:45:25:a4:a3:dd:c6:
         13:45:cd:44:4e:91:be:d1:a0:b9:ab:d8:68:f0:18:d5:10:02:
         a2:86:8e:f1:f9:34:62:8c:44:d7:8e:b7:a6:6a:87:44:1d:cc:
         d9:e7:3a:86:73:64:6b:64:b7:31:73:94:c9:1f:16:35:d4:4e:
         e8:34:86:51:03:c6:b6:ef:02:5e:09:b7:2f:59:e5:01:ee:05:
         db:ba:32:1d:d4:42:09:3f:ce:1d:a7:71:47:89:65:60:cf:11:
         a4:78:bf:50:90:b8:32:bd:c1:d7:00:15:a1:6f:5c:95:bd:df:
         7a:2e:87:db:3c:92:99:8e:36:25:1e:4e:cf:2f:26:15:6a:59:
         04:57:6f:73:9f:8b:65:2c:75:4a:34:60:5c:48:d5:ec:6c:14:
         a7:cb:13:9f:43:d4:aa:b5:56:88:4d:5a:d2:bf:53:e8:c7:3a:
         df:2e:2d:e8:ce:10:b5:36:47:73:2f:0e:69:17:2b:2c:8a:d0:
         77:ad:af:05:f4:7b:05:f8:22:e6:55:1f:8c:2d:f7:37:10:3b:
         f0:a0:0c:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkpjPQ+a1p6npW/odMoCu8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmNiNzA3YzI5N2YwYmNlNDNhZjRmNGNiYWNiYjhhNjM2
Y2NjNjEwHhcNMjMwNzA2MDQ1NDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODczMTY1NjFjYmQzNmE5YjU1NjVlYTNlNjc2ODdhOTNlZmMxMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkZPVSC5FDhvNUP81gXUuFh2/Ze8
A6koTuVZejvVVbA+p6yfVeY62x9VpxEoHmEtuW7QeXo2XMEfMKkLD1w1adbDZEA1
U/Vr4Lk5Z68QLmLLlGOH7UOlhIFfPHFY6HuxOF+V18WpwzgPCbictwIXoufbgoG+
2/kIfovLw9LUS5gU2REfOgmk8zku3OwCflxn3KR+zCxvrtLNeEUVUI9NHhJXrUem
z5YBohiQQZmdrkDttMI6PazXVSRS90cyN3XICfiFne+MGBOyfit7qhbQZNrJRl/A
4jeuDEgcIXcmTBjZkZIk+AxoPf7n2RLOxPh7p+3gOYXyUEq3tx6sZdXn4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhzFlYcvTaptVZeo+Z2h6k+/BI0MB8GA1UdIwQY
MBaAFPYstwfCl/C85Dr09Musu4pjbMxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWl5M0I4S1g4THprT3ZUMHk2eTdpbU5zekdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xMTM2MmMtMGNhOC00MTIzLTliM2Mt
M2NhNTRkNWM2ZjRmLzEveUhNV1ZoeTlOcW0xVmw2ajVuYUhxVDc4RWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xMTM2MmMtMGNhOC00MTIzLTliM2MtM2NhNTRkNWM2ZjRm
LzEvOWl5M0I4S1g4THprT3ZUMHk2eTdpbU5zekdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufiHMA0G
CSqGSIb3DQEBCwUAA4IBAQDSjP7m+S+4kSrWblQUYVCKnmHr5Syu/Ct1/e6+3s8P
oV7knpocSfVhxyPMEZbowflFJaSj3cYTRc1ETpG+0aC5q9ho8BjVEAKiho7x+TRi
jETXjremaodEHczZ5zqGc2RrZLcxc5TJHxY11E7oNIZRA8a27wJeCbcvWeUB7gXb
ujId1EIJP84dp3FHiWVgzxGkeL9QkLgyvcHXABWhb1yVvd96LofbPJKZjjYlHk7P
LyYValkEV29zn4tlLHVKNGBcSNXsbBSnyxOfQ9SqtVaITVrSv1PoxzrfLi3ozhC1
NkdzLw5pFyssitB3ra8F9HsF+CLmVR+MLfc3EDvwoAxn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:53 2024 by rpki-client on console-fra.rpki-client.org