Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/8khRhB5Y4SEth5FUQX7u6Vf9W5s.roa
File:                     8khRhB5Y4SEth5FUQX7u6Vf9W5s.roa (raw, json)
Hash identifier:          CP18D/HqwSM592lID+Mnngct87uvwmSKETlV/FGz9Nk=
Subject key identifier:   F2:48:51:84:1E:58:E1:21:2D:87:91:54:41:7E:EE:E9:57:FD:5B:9B
Certificate issuer:       /CN=d5271a6f99eac12abe0856100a14a2d9663ce7bb
Certificate serial:       018571F9F59BCFA5576F36457EA90BEE2996
Authority key identifier: D5:27:1A:6F:99:EA:C1:2A:BE:08:56:10:0A:14:A2:D9:66:3C:E7:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Scab5nqwSq-CFYQChSi2WY857s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/8khRhB5Y4SEth5FUQX7u6Vf9W5s.roa
Signing time:             Mon 02 Jan 2023 10:14:44 +0000
ROA not before:           Mon 02 Jan 2023 10:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24627
IP address blocks:        185.23.240.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f9:f5:9b:cf:a5:57:6f:36:45:7e:a9:0b:ee:29:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5271a6f99eac12abe0856100a14a2d9663ce7bb
        Validity
            Not Before: Jan  2 10:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f24851841e58e1212d879154417eeee957fd5b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:b9:ef:9d:b5:b0:c2:19:e1:d1:50:d0:16:bf:
                    f1:f3:bc:eb:9f:6e:7f:07:cb:ef:4f:54:1a:ba:1b:
                    ac:c3:35:bb:c4:cd:46:21:05:e8:92:c6:79:a9:ca:
                    fd:10:bf:b6:7c:7f:9b:7a:f7:ad:8a:53:eb:62:c3:
                    9e:20:a9:cd:db:28:1e:49:7f:ad:69:ed:70:0b:d5:
                    b6:70:ee:1a:e0:40:c9:4e:1b:8a:63:9e:7b:8c:e8:
                    f3:47:d8:fc:cb:bf:76:82:61:c9:d7:7a:22:8c:76:
                    47:a9:95:d0:f1:98:d2:75:61:21:b8:e9:c3:34:c2:
                    d6:1b:6d:47:8a:61:a1:c2:55:7b:e5:c5:61:f3:4b:
                    d1:3f:be:55:4a:05:e8:a5:bf:c8:3d:41:73:be:5e:
                    3a:f4:1d:bc:8e:c5:16:5c:f1:44:f5:42:d5:c7:c6:
                    54:90:ce:bd:08:96:6e:19:c0:f2:92:61:1a:fe:b9:
                    76:c7:5c:20:66:25:3e:75:1b:18:e2:c4:22:4b:69:
                    6c:44:c2:2a:37:27:64:d8:9c:77:b8:2e:ca:0c:7d:
                    c1:9e:6d:81:d2:2b:26:ff:ab:2f:9f:89:49:23:bd:
                    6a:2c:c6:d2:7e:13:ec:03:61:af:74:fc:0f:f9:d0:
                    97:eb:be:b9:75:70:e2:94:06:e3:f2:c0:6f:fb:f4:
                    9f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:48:51:84:1E:58:E1:21:2D:87:91:54:41:7E:EE:E9:57:FD:5B:9B
            X509v3 Authority Key Identifier:
                keyid:D5:27:1A:6F:99:EA:C1:2A:BE:08:56:10:0A:14:A2:D9:66:3C:E7:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Scab5nqwSq-CFYQChSi2WY857s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/8khRhB5Y4SEth5FUQX7u6Vf9W5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/1Scab5nqwSq-CFYQChSi2WY857s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:e2:9c:2f:ac:73:5c:9b:95:6f:03:81:98:b6:06:3f:a4:89:
         f0:76:c4:a0:c1:2b:b9:7f:81:4d:92:ef:b3:27:a6:b5:ec:9a:
         85:48:87:24:6d:0b:ad:8b:d5:8a:e6:cc:9c:b1:e8:a6:78:d8:
         36:12:b7:48:15:11:34:95:ba:1d:b7:a0:4f:c5:ce:32:03:ce:
         26:94:c5:94:21:23:51:ef:53:58:01:75:91:e4:ba:b4:55:e1:
         15:16:29:cc:b4:77:6b:ba:17:2c:6e:d9:af:58:bf:0a:11:37:
         7a:b5:d0:fb:4b:23:8e:70:81:28:1e:cd:ff:5c:a7:f2:a2:93:
         1b:d9:49:10:00:b2:8f:da:54:6e:45:d8:e5:d2:33:23:7f:73:
         ef:9b:b2:40:43:35:fc:5f:7f:4c:9b:e8:ff:6c:19:c5:e4:7d:
         4a:00:9e:25:3a:22:f6:a6:e1:3c:e7:67:fa:5e:c4:05:06:b4:
         e1:09:84:fa:56:ba:33:ec:2e:68:ab:20:51:c2:2b:16:28:da:
         91:28:61:4a:d4:0e:af:38:88:9b:51:29:9e:2e:4e:2c:21:7c:
         88:65:73:ec:ec:89:0f:ea:b5:84:f2:a5:e2:7c:31:a7:b1:81:
         ed:40:fd:21:df:e3:ec:0d:12:3b:58:77:44:a3:c9:f7:d9:90:
         77:bd:eb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+fWbz6VXbzZFfqkL7imWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MjcxYTZmOTllYWMxMmFiZTA4NTYxMDBhMTRhMmQ5NjYz
Y2U3YmIwHhcNMjMwMTAyMTAxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ4NTE4NDFlNThlMTIxMmQ4NzkxNTQ0MTdlZWVlOTU3ZmQ1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LnvnbWwwhnh0VDQFr/x87zrn25/
B8vvT1QauhuswzW7xM1GIQXoksZ5qcr9EL+2fH+bevetilPrYsOeIKnN2ygeSX+t
ae1wC9W2cO4a4EDJThuKY557jOjzR9j8y792gmHJ13oijHZHqZXQ8ZjSdWEhuOnD
NMLWG21HimGhwlV75cVh80vRP75VSgXopb/IPUFzvl469B28jsUWXPFE9ULVx8ZU
kM69CJZuGcDykmEa/rl2x1wgZiU+dRsY4sQiS2lsRMIqNydk2Jx3uC7KDH3Bnm2B
0ism/6svn4lJI71qLMbSfhPsA2GvdPwP+dCX6765dXDilAbj8sBv+/SfrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJIUYQeWOEhLYeRVEF+7ulX/VubMB8GA1UdIwQY
MBaAFNUnGm+Z6sEqvghWEAoUotlmPOe7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVNjYWI1bnF3U3EtQ0ZZUUNoU2kyV1k4NTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xODA5OTYtYzk3YS00OGJjLWI1YWIt
MTAwODYyYjk2YzRkLzEvOGtoUmhCNVk0U0V0aDVGVVFYN3U2VmY5VzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xODA5OTYtYzk3YS00OGJjLWI1YWItMTAwODYyYjk2YzRk
LzEvMVNjYWI1bnF3U3EtQ0ZZUUNoU2kyV1k4NTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRfwMA0G
CSqGSIb3DQEBCwUAA4IBAQAg4pwvrHNcm5VvA4GYtgY/pInwdsSgwSu5f4FNku+z
J6a17JqFSIckbQuti9WK5sycseimeNg2ErdIFRE0lbodt6BPxc4yA84mlMWUISNR
71NYAXWR5Lq0VeEVFinMtHdruhcsbtmvWL8KETd6tdD7SyOOcIEoHs3/XKfyopMb
2UkQALKP2lRuRdjl0jMjf3Pvm7JAQzX8X39Mm+j/bBnF5H1KAJ4lOiL2puE852f6
XsQFBrThCYT6Vroz7C5oqyBRwisWKNqRKGFK1A6vOIibUSmeLk4sIXyIZXPs7IkP
6rWE8qXifDGnsYHtQP0h3+PsDRI7WHdEo8n32ZB3vesl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:17 2024 by rpki-client on console-ams.rpki-client.org