Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/8txNuv_gshRo0oy3zKPxV7cH1XU.roa
File:                     8txNuv_gshRo0oy3zKPxV7cH1XU.roa (raw, json)
Hash identifier:          U3rhqC4/cZ0TcehZAF4truon/BRA9rtS6qi6HWNFnpY=
Subject key identifier:   F2:DC:4D:BA:FF:E0:B2:14:68:D2:8C:B7:CC:A3:F1:57:B7:07:D5:75
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       0147F07D
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/8txNuv_gshRo0oy3zKPxV7cH1XU.roa
Signing time:             Sat 01 Jan 2022 09:00:13 +0000
ROA not before:           Sat 01 Jan 2022 09:00:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     20699
IP address blocks:        193.108.104.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21491837 (0x147f07d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Jan  1 09:00:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f2dc4dbaffe0b21468d28cb7cca3f157b707d575
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d8:0d:8d:7b:b1:87:5c:b5:c5:a8:43:15:4d:
                    1c:6e:13:b7:33:5a:63:d8:96:ca:43:54:69:eb:ef:
                    36:c6:3b:3c:58:1e:20:23:01:46:64:06:1f:c0:5b:
                    af:62:2e:8f:7e:7a:3f:f4:70:d6:54:99:d2:2e:c6:
                    8e:7b:b3:c6:8e:7b:2f:de:21:fa:e7:7b:8d:54:a1:
                    7b:9e:45:2e:3e:d9:a5:84:6c:1a:22:8d:79:52:19:
                    ed:b1:44:00:af:23:46:69:69:87:f3:2c:8a:b8:7b:
                    67:91:c9:5b:91:eb:1e:fb:aa:51:ac:68:7c:f6:29:
                    5d:db:e8:6c:db:66:e0:c0:2c:a7:a3:c3:2b:1e:70:
                    b5:50:44:f1:d4:18:8e:e3:72:ef:dd:b1:95:3b:cb:
                    ab:2a:98:6f:b8:a1:1b:16:ff:87:bc:6f:ef:99:42:
                    85:37:72:3f:4e:fe:da:d8:25:97:41:0d:d3:3d:74:
                    1f:07:83:8f:4f:ef:ed:af:22:4b:3a:19:b7:96:82:
                    43:af:5b:22:88:f4:25:db:7a:99:98:a2:9e:c2:55:
                    41:01:9b:3b:35:9e:89:24:5b:a2:79:0c:96:c9:c2:
                    66:81:02:98:a7:bc:bb:9a:ce:8e:25:dd:66:99:b8:
                    37:59:fe:16:cc:b2:f6:71:e1:98:2f:56:e6:d0:ed:
                    c9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:DC:4D:BA:FF:E0:B2:14:68:D2:8C:B7:CC:A3:F1:57:B7:07:D5:75
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/8txNuv_gshRo0oy3zKPxV7cH1XU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b8:51:5a:22:2c:73:42:a7:a5:51:30:b9:36:4c:29:c1:20:c9:
         62:b1:d5:55:cd:04:46:81:13:ea:0f:e9:d4:62:3a:8a:84:fa:
         e0:01:6d:55:77:5c:5f:7d:45:79:b1:67:ba:ba:91:06:71:23:
         13:97:44:cf:5b:07:10:9b:a5:6e:99:fe:1f:ed:06:f7:2f:f4:
         9d:3a:98:56:ca:46:26:c3:49:b0:8d:83:6f:aa:c1:bf:05:93:
         ab:8f:fb:40:15:4c:c3:33:0d:62:a5:d3:35:46:3b:d5:08:c6:
         71:b1:42:04:2b:45:5b:cc:63:8e:81:63:58:67:ed:79:47:61:
         55:17:54:39:8f:ed:e4:25:8f:76:8e:a0:e7:ae:97:ef:a7:e9:
         65:a8:c7:88:6f:ad:29:84:88:64:3e:84:45:b8:23:3d:7c:24:
         6c:36:4d:dd:b6:f6:b2:2c:3f:50:35:a6:50:2a:f3:ab:36:5d:
         f7:80:d2:89:43:c0:da:9a:c2:a7:00:70:8c:c2:2b:c3:cf:f1:
         8a:f9:a0:08:be:e3:4f:06:81:b0:af:31:98:60:69:fd:9c:db:
         68:7b:76:02:44:88:37:9e:01:c2:e5:92:d7:38:e7:f1:a2:44:
         ad:be:28:2f:78:07:67:0e:58:a5:d7:95:da:aa:64:f8:e4:6c:
         ef:38:ef:7d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAUfwfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjExNTdlODFiN2M5ZTQzMzYwYTFjYjUwYTMxNDAxMTc1OTIxODA4MB4XDTIyMDEw
MTA5MDAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJkYzRkYmFmZmUw
YjIxNDY4ZDI4Y2I3Y2NhM2YxNTdiNzA3ZDU3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfYDY17sYdctcWoQxVNHG4TtzNaY9iWykNUaevvNsY7PFge
ICMBRmQGH8Bbr2Iuj356P/Rw1lSZ0i7Gjnuzxo57L94h+ud7jVShe55FLj7ZpYRs
GiKNeVIZ7bFEAK8jRmlph/Msirh7Z5HJW5HrHvuqUaxofPYpXdvobNtm4MAsp6PD
Kx5wtVBE8dQYjuNy792xlTvLqyqYb7ihGxb/h7xv75lChTdyP07+2tgll0EN0z10
HweDj0/v7a8iSzoZt5aCQ69bIoj0Jdt6mZiinsJVQQGbOzWeiSRbonkMlsnCZoEC
mKe8u5rOjiXdZpm4N1n+Fsyy9nHhmC9W5tDtyfsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTy3E26/+CyFGjSjLfMo/FXtwfVdTAfBgNVHSMEGDAWgBT7EVfoG3yeQzYK
HLUKMUARdZIYCDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzU0LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMv
MS84dHhOdXZfZ3NoUm8wb3kzektQeFY3Y0gxWFUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0
LzE5M2M3MS1jOTRhLTQxNmYtYTE4Ni00MTY2NjRmMDFhMmMvMS8xLXhGWDZCdDhu
a00yQ2h5MUNqRkFFWFdTR0FnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWxoMA0GCSqGSIb3DQEBCwUA
A4IBAQC4UVoiLHNCp6VRMLk2TCnBIMlisdVVzQRGgRPqD+nUYjqKhPrgAW1Vd1xf
fUV5sWe6upEGcSMTl0TPWwcQm6Vumf4f7Qb3L/SdOphWykYmw0mwjYNvqsG/BZOr
j/tAFUzDMw1ipdM1RjvVCMZxsUIEK0VbzGOOgWNYZ+15R2FVF1Q5j+3kJY92jqDn
rpfvp+llqMeIb60phIhkPoRFuCM9fCRsNk3dtvayLD9QNaZQKvOrNl33gNKJQ8Da
msKnAHCMwivDz/GK+aAIvuNPBoGwrzGYYGn9nNtoe3YCRIg3ngHC5ZLXOOfxokSt
vigveAdnDlil15XaqmT45GzvOO99
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:00 2024 by rpki-client on console-fra.rpki-client.org