Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d8f6ab-1c9e-482d-8298-4b150e99834a/1/qBEbKvWb2ztSKMdh5IB7Muo75tI.roa
File:                     qBEbKvWb2ztSKMdh5IB7Muo75tI.roa (raw, json)
Hash identifier:          FQvufer8v1gAvFH0F0L1XnsjGPy3KSBoUwuMG+aPoKI=
Subject key identifier:   A8:11:1B:2A:F5:9B:DB:3B:52:28:C7:61:E4:80:7B:32:EA:3B:E6:D2
Certificate issuer:       /CN=401c09ffe74b2bc812ec95a2bdd11561023d1777
Certificate serial:       0188EBB2B209F0AA34E7013DA3E92FF4B3AF
Authority key identifier: 40:1C:09:FF:E7:4B:2B:C8:12:EC:95:A2:BD:D1:15:61:02:3D:17:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QBwJ_-dLK8gS7JWivdEVYQI9F3c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/d8f6ab-1c9e-482d-8298-4b150e99834a/1/qBEbKvWb2ztSKMdh5IB7Muo75tI.roa
Signing time:             Sat 24 Jun 2023 04:38:56 +0000
ROA not before:           Sat 24 Jun 2023 04:38:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.233.36.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:eb:b2:b2:09:f0:aa:34:e7:01:3d:a3:e9:2f:f4:b3:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=401c09ffe74b2bc812ec95a2bdd11561023d1777
        Validity
            Not Before: Jun 24 04:38:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a8111b2af59bdb3b5228c761e4807b32ea3be6d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0b:ef:3c:13:b6:c0:be:f1:47:4a:84:15:0f:
                    12:65:bf:26:83:b6:00:fe:ba:0e:fe:7c:f4:86:6f:
                    ff:0d:48:22:d1:df:53:7d:ed:7a:a0:19:0c:14:33:
                    c0:b4:34:d4:2b:16:85:8e:9c:bb:c3:3c:9a:02:8e:
                    93:5d:57:7b:99:8f:9d:db:f5:1a:6d:37:ea:d6:3e:
                    bd:2a:9d:59:8b:21:2b:5e:8f:91:47:30:a6:50:41:
                    29:ec:b7:97:c0:4b:fc:ac:26:42:c5:c3:fd:1d:51:
                    ef:b5:12:e3:8a:a6:4a:dc:1f:c7:77:30:ba:96:95:
                    10:e6:38:6c:fd:eb:aa:20:db:9d:d4:e9:82:83:1f:
                    3c:c7:93:6b:d1:3a:c1:b8:87:d8:a9:eb:da:55:f0:
                    9b:07:52:40:5f:6a:4b:b0:27:70:77:59:98:66:89:
                    34:e1:0e:3b:77:7d:73:08:64:43:2e:80:04:13:2c:
                    91:14:d4:cb:20:38:2c:39:d3:f2:d4:e5:e4:57:09:
                    39:db:8e:c1:3d:06:54:cf:52:f1:8f:25:a5:28:12:
                    70:da:f5:fb:af:cc:a4:21:0c:e9:a1:39:2d:be:c7:
                    15:0f:3e:a3:33:c2:9e:3b:dc:29:e5:07:51:c1:f8:
                    55:41:fd:d0:f2:49:af:e9:20:db:cb:a5:52:12:86:
                    ba:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:11:1B:2A:F5:9B:DB:3B:52:28:C7:61:E4:80:7B:32:EA:3B:E6:D2
            X509v3 Authority Key Identifier:
                keyid:40:1C:09:FF:E7:4B:2B:C8:12:EC:95:A2:BD:D1:15:61:02:3D:17:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBwJ_-dLK8gS7JWivdEVYQI9F3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d8f6ab-1c9e-482d-8298-4b150e99834a/1/qBEbKvWb2ztSKMdh5IB7Muo75tI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d8f6ab-1c9e-482d-8298-4b150e99834a/1/QBwJ_-dLK8gS7JWivdEVYQI9F3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.233.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:c2:8a:70:ac:2e:de:86:1f:69:67:e2:21:2c:82:3f:2b:87:
         4c:fa:93:2a:5f:26:a7:97:75:c2:ba:01:cf:3b:27:e5:de:98:
         3b:4f:cc:f8:fb:99:31:9f:34:f6:9c:5b:6c:96:2b:0f:30:7f:
         15:ec:00:77:82:84:36:2c:27:fd:14:bf:1e:e1:48:64:cd:25:
         6a:67:80:fe:e9:a4:b4:b9:54:49:98:f1:ae:f6:0a:9a:45:24:
         ae:5c:3d:47:63:d5:14:76:d8:1e:61:f2:b5:90:2b:12:60:43:
         23:8c:06:8c:19:90:7e:64:7a:32:3f:2e:58:95:30:5e:5a:71:
         32:60:2d:d7:98:3d:60:d4:38:a5:ba:71:d9:f0:ba:46:5c:14:
         6b:98:6a:38:37:0e:b3:77:e0:b3:10:d0:08:33:32:7b:09:25:
         b2:87:49:fa:b2:a0:88:a9:fe:83:7a:74:7b:05:a8:7f:10:6b:
         80:38:92:af:ff:c0:07:9f:b9:da:3b:75:82:55:a7:31:0d:cc:
         58:8e:44:1d:a3:ba:16:31:51:21:33:b5:c6:bc:6f:d3:6c:3b:
         58:1a:eb:b2:d6:e8:67:92:bc:14:26:66:3b:c1:db:8f:e3:3a:
         b2:ab:4b:4d:b9:f9:2e:ff:6c:08:06:0d:70:8f:fb:43:26:c7:
         5c:20:42:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjrsrIJ8Ko05wE9o+kv9LOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMWMwOWZmZTc0YjJiYzgxMmVjOTVhMmJkZDExNTYxMDIz
ZDE3NzcwHhcNMjMwNjI0MDQzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODExMWIyYWY1OWJkYjNiNTIyOGM3NjFlNDgwN2IzMmVhM2JlNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgvvPBO2wL7xR0qEFQ8SZb8mg7YA
/roO/nz0hm//DUgi0d9Tfe16oBkMFDPAtDTUKxaFjpy7wzyaAo6TXVd7mY+d2/Ua
bTfq1j69Kp1ZiyErXo+RRzCmUEEp7LeXwEv8rCZCxcP9HVHvtRLjiqZK3B/HdzC6
lpUQ5jhs/euqINud1OmCgx88x5Nr0TrBuIfYqevaVfCbB1JAX2pLsCdwd1mYZok0
4Q47d31zCGRDLoAEEyyRFNTLIDgsOdPy1OXkVwk5247BPQZUz1LxjyWlKBJw2vX7
r8ykIQzpoTktvscVDz6jM8KeO9wp5QdRwfhVQf3Q8kmv6SDby6VSEoa6UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgRGyr1m9s7UijHYeSAezLqO+bSMB8GA1UdIwQY
MBaAFEAcCf/nSyvIEuyVor3RFWECPRd3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJ3Sl8tZExLOGdTN0pXaXZkRVZZUUk5RjNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kOGY2YWItMWM5ZS00ODJkLTgyOTgt
NGIxNTBlOTk4MzRhLzEvcUJFYkt2V2IyenRTS01kaDVJQjdNdW83NXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kOGY2YWItMWM5ZS00ODJkLTgyOTgtNGIxNTBlOTk4MzRh
LzEvUUJ3Sl8tZExLOGdTN0pXaXZkRVZZUUk5RjNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPukkMA0G
CSqGSIb3DQEBCwUAA4IBAQAYwopwrC7ehh9pZ+IhLII/K4dM+pMqXyanl3XCugHP
Oyfl3pg7T8z4+5kxnzT2nFtslisPMH8V7AB3goQ2LCf9FL8e4UhkzSVqZ4D+6aS0
uVRJmPGu9gqaRSSuXD1HY9UUdtgeYfK1kCsSYEMjjAaMGZB+ZHoyPy5YlTBeWnEy
YC3XmD1g1DilunHZ8LpGXBRrmGo4Nw6zd+CzENAIMzJ7CSWyh0n6sqCIqf6DenR7
Bah/EGuAOJKv/8AHn7naO3WCVacxDcxYjkQdo7oWMVEhM7XGvG/TbDtYGuuy1uhn
krwUJmY7wduP4zqyq0tNufku/2wIBg1wj/tDJsdcIELp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:23 2024 by rpki-client on console-ams.rpki-client.org