Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oK8ZaLn9J6lpl4sfBt3r9UX2vZQ.roa
File:                     oK8ZaLn9J6lpl4sfBt3r9UX2vZQ.roa (raw, json)
Hash identifier:          FyfPXe0YHFZzq4E/uytxzdMNAV+6d0b9ubXFxK69QcI=
Subject key identifier:   A0:AF:19:68:B9:FD:27:A9:69:97:8B:1F:06:DD:EB:F5:45:F6:BD:94
Certificate issuer:       /CN=fb1157e81b7c9e43360a1cb50a31401175921808
Certificate serial:       018248F308DC40BBDA97D0E01C7B55762D59
Authority key identifier: FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oK8ZaLn9J6lpl4sfBt3r9UX2vZQ.roa
Signing time:             Fri 29 Jul 2022 07:54:23 +0000
ROA not before:           Fri 29 Jul 2022 07:54:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        193.108.56.0/23 maxlen: 23
                          193.108.58.0/23 maxlen: 23
                          193.108.104.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:48:f3:08:dc:40:bb:da:97:d0:e0:1c:7b:55:76:2d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb1157e81b7c9e43360a1cb50a31401175921808
        Validity
            Not Before: Jul 29 07:54:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0af1968b9fd27a969978b1f06ddebf545f6bd94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:79:92:93:98:f8:38:c6:85:8a:3c:11:a6:
                    38:3a:83:a1:03:d7:79:a4:36:a4:69:4d:a9:37:2c:
                    6b:21:ee:ca:65:bd:d5:40:91:93:5a:dd:d3:96:6e:
                    23:32:33:7b:1a:8c:ac:ca:6b:12:8e:60:3e:d7:a4:
                    52:26:7d:d8:52:61:3f:08:60:5c:9b:10:f5:c3:36:
                    2b:55:7f:3c:c4:49:78:8c:e1:d0:99:c2:25:c1:b8:
                    07:29:6b:32:8d:6d:e5:3b:b9:7f:99:e9:27:8e:7c:
                    d1:90:6f:96:f0:ce:9d:7a:dd:06:03:a9:be:0e:f1:
                    3b:94:3b:b5:65:a3:15:61:b3:84:6a:30:fb:11:fe:
                    ab:4e:7f:bb:fa:dd:2c:5e:f6:f8:3e:fe:ff:23:3d:
                    45:4b:c3:39:05:1e:c1:7d:2e:0a:37:c7:ae:c8:e7:
                    9d:c0:ec:2f:d7:dd:aa:87:a5:af:67:48:62:0a:e1:
                    2e:05:08:ad:4a:d1:44:e5:0c:f9:a8:87:13:40:30:
                    e4:82:3c:0f:00:15:b0:a2:7a:0d:34:ac:c2:d7:cb:
                    00:85:52:6b:18:c8:66:a2:57:25:0c:65:95:d7:c7:
                    bd:a2:47:97:3d:0a:65:f2:3f:06:6f:0b:bc:eb:3a:
                    60:ba:22:02:c8:16:e2:4e:04:c4:64:19:8c:26:3a:
                    7b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:AF:19:68:B9:FD:27:A9:69:97:8B:1F:06:DD:EB:F5:45:F6:BD:94
            X509v3 Authority Key Identifier:
                keyid:FB:11:57:E8:1B:7C:9E:43:36:0A:1C:B5:0A:31:40:11:75:92:18:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/oK8ZaLn9J6lpl4sfBt3r9UX2vZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/193c71-c94a-416f-a186-416664f01a2c/1/1-xFX6Bt8nkM2Chy1CjFAEXWSGAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.56.0/22
                  193.108.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:63:8b:99:6f:05:d5:f1:e3:f2:d6:44:93:97:3d:84:23:72:
         c5:3a:22:fc:79:65:05:2d:82:65:8f:e5:1e:ba:9f:0a:6d:39:
         bc:1c:b0:a1:8d:e8:ec:23:7f:e1:4e:9a:a8:a6:77:f8:32:0f:
         ce:2d:86:db:96:30:27:82:81:5d:ea:59:ee:59:31:17:67:1f:
         39:42:9c:d0:aa:d7:ad:ac:9b:ac:4e:46:d3:06:1e:0d:1b:36:
         81:0d:1a:ac:3b:ad:53:8d:c7:36:4d:24:4e:0c:37:ef:6c:14:
         b0:46:1c:08:ad:e5:cb:d8:ba:25:c3:38:2e:67:d4:f8:dc:5c:
         29:78:9a:e2:d9:e1:a1:dd:49:c8:1a:8e:c6:ca:10:be:db:10:
         01:95:22:d9:65:fd:79:20:51:59:b0:03:d9:de:c9:8a:8d:49:
         b7:82:9d:02:62:75:c9:7d:07:0b:d1:76:56:ea:6b:bd:9c:5c:
         2c:41:3a:07:56:c2:b0:c6:a3:37:e4:b7:dd:a7:d7:0a:0b:e0:
         6d:16:0b:09:5e:01:00:a0:0f:fb:cf:62:8a:a5:a7:ff:93:54:
         3e:81:56:49:ef:a7:8e:e1:b7:75:0e:af:3d:c4:d3:04:26:9f:
         2a:ed:8a:bf:44:84:d5:7a:95:e0:af:62:51:d4:e7:4e:f9:98:
         de:88:c7:2f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJI8wjcQLval9DgHHtVdi1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTE1N2U4MWI3YzllNDMzNjBhMWNiNTBhMzE0MDExNzU5
MjE4MDgwHhcNMjIwNzI5MDc1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGFmMTk2OGI5ZmQyN2E5Njk5NzhiMWYwNmRkZWJmNTQ1ZjZiZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAset5kpOY+DjGhYo8EaY4OoOhA9d5
pDakaU2pNyxrIe7KZb3VQJGTWt3Tlm4jMjN7GoysymsSjmA+16RSJn3YUmE/CGBc
mxD1wzYrVX88xEl4jOHQmcIlwbgHKWsyjW3lO7l/meknjnzRkG+W8M6det0GA6m+
DvE7lDu1ZaMVYbOEajD7Ef6rTn+7+t0sXvb4Pv7/Iz1FS8M5BR7BfS4KN8euyOed
wOwv192qh6WvZ0hiCuEuBQitStFE5Qz5qIcTQDDkgjwPABWwonoNNKzC18sAhVJr
GMhmolclDGWV18e9okeXPQpl8j8Gbwu86zpguiICyBbiTgTEZBmMJjp7HwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKCvGWi5/SepaZeLHwbd6/VF9r2UMB8GA1UdIwQY
MBaAFPsRV+gbfJ5DNgoctQoxQBF1khgIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14Rlg2QnQ4bmtNMkNoeTFDakZBRVhXU0dBZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2
LTQxNjY2NGYwMWEyYy8xL29LOFphTG45SjZscGw0c2ZCdDNyOVVYMnZaUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvMTkzYzcxLWM5NGEtNDE2Zi1hMTg2LTQxNjY2NGYwMWEy
Yy8xLzEteEZYNkJ0OG5rTTJDaHkxQ2pGQUVYV1NHQWcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBALBbDgD
BAHBbGgwDQYJKoZIhvcNAQELBQADggEBAKxji5lvBdXx4/LWRJOXPYQjcsU6Ivx5
ZQUtgmWP5R66nwptObwcsKGN6Owjf+FOmqimd/gyD84thtuWMCeCgV3qWe5ZMRdn
HzlCnNCq162sm6xORtMGHg0bNoENGqw7rVONxzZNJE4MN+9sFLBGHAit5cvYuiXD
OC5n1PjcXCl4muLZ4aHdScgajsbKEL7bEAGVItll/XkgUVmwA9neyYqNSbeCnQJi
dcl9BwvRdlbqa72cXCxBOgdWwrDGozfkt92n1woL4G0WCwleAQCgD/vPYoqlp/+T
VD6BVknvp47ht3UOrz3E0wQmnyrtir9EhNV6leCvYlHU5075mN6Ixy8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:02 2024 by rpki-client on console-ams.rpki-client.org