Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa
File:                     Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa (raw, json)
Hash identifier:          o4ekiAO7AZSi+ckxFVHdfZFNZjhFtfAYE/4gdm3P38o=
Subject key identifier:   1D:BE:D1:48:13:36:DE:B3:8E:81:49:73:6C:BD:B0:18:3D:83:3A:66
Certificate issuer:       /CN=977778e209bc0e0616590af328c801d0ed9a319a
Certificate serial:       01848192AC7D9C7FEDD86C4C536C17EB3322
Authority key identifier: 97:77:78:E2:09:BC:0E:06:16:59:0A:F3:28:C8:01:D0:ED:9A:31:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l3d44gm8DgYWWQrzKMgB0O2aMZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa
Signing time:             Wed 16 Nov 2022 17:53:03 +0000
ROA not before:           Wed 16 Nov 2022 17:53:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     209529
IP address blocks:        185.228.220.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:81:92:ac:7d:9c:7f:ed:d8:6c:4c:53:6c:17:eb:33:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977778e209bc0e0616590af328c801d0ed9a319a
        Validity
            Not Before: Nov 16 17:53:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1dbed1481336deb38e8149736cbdb0183d833a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f3:24:db:28:e7:20:fa:39:0c:e8:56:cb:55:
                    89:7e:63:c2:41:12:23:63:bd:a9:3f:9b:7c:51:7c:
                    3e:87:07:fc:8a:ad:41:bf:94:39:88:8e:ab:77:57:
                    74:e0:78:70:75:27:7f:c0:c3:ca:47:c5:3e:f1:53:
                    74:ce:32:d7:1b:d0:91:b9:df:33:6f:83:ec:7b:7d:
                    40:7d:41:71:ca:1b:05:00:56:6b:3f:49:07:ac:e2:
                    01:b9:49:15:56:1e:fe:89:7a:c4:70:6e:2f:8b:86:
                    b9:7e:8a:a6:f7:82:1c:af:da:1f:b8:d2:74:0d:63:
                    69:33:96:a4:cd:36:49:e9:78:10:36:cb:d5:de:db:
                    5e:a9:d9:bd:83:6c:12:c5:18:34:eb:c9:a9:24:28:
                    9b:3c:e7:e8:af:08:cf:89:7e:bb:47:98:29:26:36:
                    3a:97:22:55:6a:97:90:3d:cd:81:1c:b5:6a:b3:58:
                    a4:57:69:fb:39:30:7a:65:70:52:c8:12:3b:ca:40:
                    84:aa:46:a2:84:01:5c:28:0f:0f:86:0a:81:47:8f:
                    72:7a:35:48:43:5e:33:ca:f4:b3:55:1a:8a:d0:6b:
                    ff:e8:f1:1f:59:ed:13:b9:c3:b0:bf:95:93:69:17:
                    47:bb:79:3a:0d:40:5a:d2:ee:07:69:ae:47:44:c8:
                    18:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:BE:D1:48:13:36:DE:B3:8E:81:49:73:6C:BD:B0:18:3D:83:3A:66
            X509v3 Authority Key Identifier:
                keyid:97:77:78:E2:09:BC:0E:06:16:59:0A:F3:28:C8:01:D0:ED:9A:31:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3d44gm8DgYWWQrzKMgB0O2aMZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/Hb7RSBM23rOOgUlzbL2wGD2DOmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/efa7e1-004f-4bf9-a3a5-0fdf3cf217fc/1/l3d44gm8DgYWWQrzKMgB0O2aMZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b7:cf:d9:df:f5:9c:09:a4:71:a1:b5:91:a2:80:1d:b8:77:70:
         ae:ed:bd:d8:52:2e:75:40:c8:61:eb:8e:14:a3:6e:88:78:ce:
         f6:f4:76:1d:6a:87:12:a5:1d:cf:e1:7b:89:da:77:ed:7a:6e:
         d9:a3:cf:25:8d:03:10:b6:64:38:44:a9:0a:b3:c6:29:fb:d8:
         b1:bf:9f:7e:96:68:db:b4:0a:e6:26:6c:5a:88:3d:7c:17:05:
         6e:a5:76:3b:d5:4a:a0:d5:c2:8d:1b:eb:28:c7:a6:32:b0:7b:
         bb:50:6d:59:cc:61:00:a6:3e:a0:89:8b:b0:77:16:ac:e1:d7:
         5f:4d:2f:28:33:a0:aa:52:96:cd:58:ed:a5:f6:cc:81:53:c9:
         c9:04:c5:0c:c3:d9:a0:42:5b:19:3a:dc:57:9b:a8:54:07:6f:
         6b:77:1f:48:2d:2e:6d:74:01:c6:4c:35:a0:0f:c6:69:bf:5b:
         ca:58:99:07:b1:15:3f:9b:b7:86:ec:a2:a6:13:a2:30:8f:98:
         14:d9:66:48:35:43:9b:44:a4:e3:e3:3d:07:50:6f:66:0d:67:
         9e:bf:f5:90:62:75:82:22:47:c1:d7:f5:97:83:02:a6:81:81:
         3f:28:9f:94:da:b3:3f:61:99:41:0b:b0:00:ad:8f:02:78:ad:
         fb:db:31:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSBkqx9nH/t2GxMU2wX6zMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Nzc3OGUyMDliYzBlMDYxNjU5MGFmMzI4YzgwMWQwZWQ5
YTMxOWEwHhcNMjIxMTE2MTc1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGJlZDE0ODEzMzZkZWIzOGU4MTQ5NzM2Y2JkYjAxODNkODMzYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvMk2yjnIPo5DOhWy1WJfmPCQRIj
Y72pP5t8UXw+hwf8iq1Bv5Q5iI6rd1d04HhwdSd/wMPKR8U+8VN0zjLXG9CRud8z
b4Pse31AfUFxyhsFAFZrP0kHrOIBuUkVVh7+iXrEcG4vi4a5foqm94Icr9ofuNJ0
DWNpM5akzTZJ6XgQNsvV3tteqdm9g2wSxRg068mpJCibPOforwjPiX67R5gpJjY6
lyJVapeQPc2BHLVqs1ikV2n7OTB6ZXBSyBI7ykCEqkaihAFcKA8PhgqBR49yejVI
Q14zyvSzVRqK0Gv/6PEfWe0TucOwv5WTaRdHu3k6DUBa0u4Haa5HRMgYEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2+0UgTNt6zjoFJc2y9sBg9gzpmMB8GA1UdIwQY
MBaAFJd3eOIJvA4GFlkK8yjIAdDtmjGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNkNDRnbThEZ1lXV1FyektNZ0IwTzJhTVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZmE3ZTEtMDA0Zi00YmY5LWEzYTUt
MGZkZjNjZjIxN2ZjLzEvSGI3UlNCTTIzck9PZ1VsemJMMndHRDJET21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZmE3ZTEtMDA0Zi00YmY5LWEzYTUtMGZkZjNjZjIxN2Zj
LzEvbDNkNDRnbThEZ1lXV1FyektNZ0IwTzJhTVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueTcMA0G
CSqGSIb3DQEBCwUAA4IBAQC3z9nf9ZwJpHGhtZGigB24d3Cu7b3YUi51QMhh644U
o26IeM729HYdaocSpR3P4XuJ2nftem7Zo88ljQMQtmQ4RKkKs8Yp+9ixv59+lmjb
tArmJmxaiD18FwVupXY71Uqg1cKNG+sox6YysHu7UG1ZzGEApj6giYuwdxas4ddf
TS8oM6CqUpbNWO2l9syBU8nJBMUMw9mgQlsZOtxXm6hUB29rdx9ILS5tdAHGTDWg
D8Zpv1vKWJkHsRU/m7eG7KKmE6Iwj5gU2WZINUObRKTj4z0HUG9mDWeev/WQYnWC
IkfB1/WXgwKmgYE/KJ+U2rM/YZlBC7AArY8CeK372zHe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:06 2024 by rpki-client on console-fra.rpki-client.org