Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/6f9af9-9afa-4d4a-a8cf-974c14130eaf/1/XxRD-g-rfQNxrXqf1MwIdamz3yE.roa
File:                     XxRD-g-rfQNxrXqf1MwIdamz3yE.roa (raw, json)
Hash identifier:          /q3x6DS0at0noTBBO+M25znEUxzfOFRFtJT3buZ/NCw=
Subject key identifier:   5F:14:43:FA:0F:AB:7D:03:71:AD:7A:9F:D4:CC:08:75:A9:B3:DF:21
Certificate issuer:       /CN=c784e2e1d8d136f51223a35b0bbeed01b477b425
Certificate serial:       032B5497
Authority key identifier: C7:84:E2:E1:D8:D1:36:F5:12:23:A3:5B:0B:BE:ED:01:B4:77:B4:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x4Ti4djRNvUSI6NbC77tAbR3tCU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/6f9af9-9afa-4d4a-a8cf-974c14130eaf/1/XxRD-g-rfQNxrXqf1MwIdamz3yE.roa
Signing time:             Sat 01 Jan 2022 01:01:01 +0000
ROA not before:           Sat 01 Jan 2022 01:01:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58057
IP address blocks:        185.232.117.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53171351 (0x32b5497)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c784e2e1d8d136f51223a35b0bbeed01b477b425
        Validity
            Not Before: Jan  1 01:01:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f1443fa0fab7d0371ad7a9fd4cc0875a9b3df21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a3:17:ea:bd:a9:07:a6:ad:5e:34:4e:ad:4a:
                    68:db:8d:47:56:ff:8b:f4:6a:d9:53:a8:b4:d7:c1:
                    ca:18:3b:95:c1:ee:60:6d:6b:63:16:15:01:08:7a:
                    53:11:2c:eb:74:24:79:cb:6d:a0:ec:cf:28:fe:08:
                    bd:96:44:9b:66:b2:af:45:f0:63:a3:2a:0b:3e:48:
                    89:12:da:5b:0a:c8:9c:18:4b:71:c6:fc:86:88:1f:
                    2c:d5:ee:4a:cb:06:66:a6:62:96:70:61:67:39:9f:
                    ed:99:a1:b9:01:e4:3f:90:42:91:a6:3d:08:20:db:
                    e4:06:bf:02:3e:8a:3a:53:3f:db:63:c3:b6:1e:3d:
                    1a:84:55:1e:b9:d3:5d:a9:fd:85:12:e6:09:4b:ee:
                    59:61:e7:6b:8c:25:dd:4c:32:21:07:f3:6c:4c:5a:
                    29:5b:cb:c2:4e:be:43:62:0a:1f:f2:1e:d2:13:31:
                    fb:64:c0:e2:91:97:1f:ae:17:07:d4:9d:41:e9:7e:
                    a6:84:d2:63:9d:f2:b4:aa:a0:bf:d6:6c:68:79:43:
                    4e:68:ce:35:52:62:ef:35:87:cc:db:60:12:76:22:
                    2b:e6:1c:a6:51:13:7d:7f:1a:84:ba:f3:4f:0a:f2:
                    4c:d2:3b:cd:68:bf:69:5c:59:bb:27:69:fa:e4:46:
                    5f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:14:43:FA:0F:AB:7D:03:71:AD:7A:9F:D4:CC:08:75:A9:B3:DF:21
            X509v3 Authority Key Identifier:
                keyid:C7:84:E2:E1:D8:D1:36:F5:12:23:A3:5B:0B:BE:ED:01:B4:77:B4:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4Ti4djRNvUSI6NbC77tAbR3tCU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6f9af9-9afa-4d4a-a8cf-974c14130eaf/1/XxRD-g-rfQNxrXqf1MwIdamz3yE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6f9af9-9afa-4d4a-a8cf-974c14130eaf/1/x4Ti4djRNvUSI6NbC77tAbR3tCU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:8e:5a:91:8f:1b:7c:a2:45:e9:39:c1:0f:14:d3:14:80:60:
         5f:5b:de:d7:de:b4:f0:db:5c:a8:72:dd:a6:f4:a6:e2:97:45:
         c2:89:0a:2f:7c:f7:d0:0e:a2:2d:64:d7:75:db:f7:3f:a1:60:
         c1:8f:cf:76:86:c5:a3:23:82:79:8d:09:2c:5f:1f:2e:56:f3:
         c0:f9:2f:53:64:46:0d:fe:76:81:99:16:34:9a:b6:29:b1:ce:
         00:e7:33:4f:68:5f:a6:64:33:25:67:34:ee:6e:04:b1:3e:b6:
         73:3c:60:27:cb:2d:88:33:24:7a:eb:61:a1:42:a0:89:b0:39:
         c9:be:37:53:29:9d:98:1c:74:80:2f:b4:c0:69:ac:02:7f:58:
         0a:ce:83:86:f0:44:e4:9a:f7:93:d8:73:1d:73:5c:22:b8:14:
         a6:32:f9:8c:e8:63:f2:ba:f9:93:8e:1d:b5:09:f6:7e:d2:1e:
         93:f7:fd:55:bd:d1:91:e9:94:b2:f3:26:91:b3:23:45:69:f3:
         23:b6:36:b7:64:f8:fc:65:a0:6d:22:a8:b2:25:9e:62:9f:21:
         ec:58:21:5f:ae:a2:1f:9d:81:fe:5f:14:e8:16:17:4e:67:3e:
         b6:5b:d6:5e:a2:d5:b1:3e:e8:0b:0e:d5:36:ed:9d:1a:78:ca:
         35:0e:dc:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAytUlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Nzg0ZTJlMWQ4ZDEzNmY1MTIyM2EzNWIwYmJlZWQwMWI0NzdiNDI1MB4XDTIyMDEw
MTAxMDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYxNDQzZmEwZmFi
N2QwMzcxYWQ3YTlmZDRjYzA4NzVhOWIzZGYyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO6jF+q9qQemrV40Tq1KaNuNR1b/i/Rq2VOotNfByhg7lcHu
YG1rYxYVAQh6UxEs63QkecttoOzPKP4IvZZEm2ayr0XwY6MqCz5IiRLaWwrInBhL
ccb8hogfLNXuSssGZqZilnBhZzmf7ZmhuQHkP5BCkaY9CCDb5Aa/Aj6KOlM/22PD
th49GoRVHrnTXan9hRLmCUvuWWHna4wl3UwyIQfzbExaKVvLwk6+Q2IKH/Ie0hMx
+2TA4pGXH64XB9SdQel+poTSY53ytKqgv9ZsaHlDTmjONVJi7zWHzNtgEnYiK+Yc
plETfX8ahLrzTwryTNI7zWi/aVxZuydp+uRGX2UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfFEP6D6t9A3Gtep/UzAh1qbPfITAfBgNVHSMEGDAWgBTHhOLh2NE29RIj
o1sLvu0BtHe0JTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g0VGk0ZGpSTnZVU0k2TmJDNzd0QWJSM3RDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvNmY5YWY5LTlhZmEtNGQ0YS1hOGNmLTk3NGMxNDEzMGVhZi8x
L1h4UkQtZy1yZlFOeHJYcWYxTXdJZGFtejN5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
NmY5YWY5LTlhZmEtNGQ0YS1hOGNmLTk3NGMxNDEzMGVhZi8xL3g0VGk0ZGpSTnZV
U0k2TmJDNzd0QWJSM3RDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnodTANBgkqhkiG9w0BAQsFAAOC
AQEAXo5akY8bfKJF6TnBDxTTFIBgX1ve19608NtcqHLdpvSm4pdFwokKL3z30A6i
LWTXddv3P6FgwY/PdobFoyOCeY0JLF8fLlbzwPkvU2RGDf52gZkWNJq2KbHOAOcz
T2hfpmQzJWc07m4EsT62czxgJ8stiDMkeuthoUKgibA5yb43UymdmBx0gC+0wGms
An9YCs6DhvBE5Jr3k9hzHXNcIrgUpjL5jOhj8rr5k44dtQn2ftIek/f9Vb3RkemU
svMmkbMjRWnzI7Y2t2T4/GWgbSKosiWeYp8h7FghX66iH52B/l8U6BYXTmc+tlvW
XqLVsT7oCw7VNu2dGnjKNQ7c5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:50 2024 by rpki-client on console-ams.rpki-client.org