Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d93b3-7ddf-4d3a-a454-d56471e61c33/1/5HRbP3iRtCok9VjCtMqhK6hHCaY.roa
File:                     5HRbP3iRtCok9VjCtMqhK6hHCaY.roa (raw, json)
Hash identifier:          l6SZank+pZgKWirVj+HhchvTS1kPUWVg5GxLqti8GPg=
Subject key identifier:   E4:74:5B:3F:78:91:B4:2A:24:F5:58:C2:B4:CA:A1:2B:A8:47:09:A6
Certificate issuer:       /CN=cc4261880f82f38471a5717b8009c4fbda2df242
Certificate serial:       098E8545
Authority key identifier: CC:42:61:88:0F:82:F3:84:71:A5:71:7B:80:09:C4:FB:DA:2D:F2:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zEJhiA-C84RxpXF7gAnE-9ot8kI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7d93b3-7ddf-4d3a-a454-d56471e61c33/1/5HRbP3iRtCok9VjCtMqhK6hHCaY.roa
Signing time:             Sat 01 Jan 2022 14:56:45 +0000
ROA not before:           Sat 01 Jan 2022 14:56:45 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     174
IP address blocks:        83.150.216.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160335173 (0x98e8545)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc4261880f82f38471a5717b8009c4fbda2df242
        Validity
            Not Before: Jan  1 14:56:45 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e4745b3f7891b42a24f558c2b4caa12ba84709a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f6:c3:53:1e:58:83:a8:f1:10:a2:0f:76:c6:
                    cd:c6:0d:3c:ae:9f:ca:7a:55:58:2d:16:76:de:9c:
                    87:f2:1c:71:50:6f:e7:94:c2:ec:21:ef:9b:4c:80:
                    98:76:63:20:9b:a6:6a:12:7e:10:6c:c2:bb:0e:9b:
                    c5:64:5d:71:1b:8c:cd:e8:7e:78:9a:27:fa:42:14:
                    ca:8f:2c:cf:78:34:61:b3:46:a9:12:d8:ac:f8:58:
                    22:b0:b8:9d:f6:59:01:55:5e:41:d9:17:99:ad:e8:
                    b2:2c:a8:f5:ab:c9:bf:ab:bc:a8:1b:7c:c5:2b:03:
                    ea:8c:cc:9f:45:ff:df:4d:f5:14:b8:f0:87:ea:69:
                    20:68:3f:4c:1a:75:e7:ba:d1:36:d5:e5:30:db:f8:
                    cb:d0:89:03:bc:c3:21:67:ad:79:af:8c:52:f3:93:
                    d3:6d:9d:a9:44:5c:31:3c:f3:93:f1:88:d7:77:35:
                    2d:46:54:23:2f:e1:81:ae:bb:98:71:39:5d:08:a8:
                    c2:e6:dd:da:62:01:9d:39:c0:0a:02:5e:10:a6:07:
                    07:8f:91:7e:1e:66:c1:4a:6b:31:11:59:27:bf:12:
                    44:d6:62:8e:05:78:33:85:b3:00:b5:eb:ac:86:bf:
                    1c:43:49:5e:6d:28:c8:f7:d0:08:4c:f2:c0:5e:05:
                    12:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:74:5B:3F:78:91:B4:2A:24:F5:58:C2:B4:CA:A1:2B:A8:47:09:A6
            X509v3 Authority Key Identifier:
                keyid:CC:42:61:88:0F:82:F3:84:71:A5:71:7B:80:09:C4:FB:DA:2D:F2:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEJhiA-C84RxpXF7gAnE-9ot8kI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d93b3-7ddf-4d3a-a454-d56471e61c33/1/5HRbP3iRtCok9VjCtMqhK6hHCaY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d93b3-7ddf-4d3a-a454-d56471e61c33/1/zEJhiA-C84RxpXF7gAnE-9ot8kI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.150.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:60:44:14:20:53:96:90:ed:c3:93:8d:bd:ae:cc:df:9c:84:
         7b:cf:55:5c:1e:e8:de:9c:a3:5a:e6:c8:2c:81:d2:7a:63:ce:
         7a:66:ef:ca:f2:11:00:cc:b5:3b:d9:cd:0d:e4:87:6e:79:7a:
         99:a9:e6:72:cc:81:d9:ed:c7:1d:37:fa:38:05:63:61:65:32:
         b5:3c:0a:f1:8a:eb:92:dc:ab:f5:ac:09:11:ab:ff:b7:cb:5e:
         94:f1:1d:ba:24:3c:2e:9a:b2:0c:5e:b9:05:51:80:70:8d:8a:
         d0:7b:e5:e7:a9:7e:5d:42:f9:9a:38:28:f8:9b:2a:1e:f9:e4:
         56:4a:14:c5:e4:c0:ff:5b:d8:bf:f1:f5:fb:36:10:1d:f8:88:
         9d:00:55:f1:f0:ce:c8:63:c2:0e:d3:a3:da:46:34:76:1a:51:
         cf:e9:07:bc:4f:ab:d6:95:36:e7:81:22:03:79:33:e5:bd:b1:
         d2:5e:81:a0:1d:12:83:1d:86:6e:26:05:85:64:9c:12:b0:7e:
         35:34:61:4d:37:41:ec:4a:69:bf:89:08:e4:54:84:30:93:e7:
         90:a6:90:29:6e:59:56:cd:18:aa:f2:bd:73:bc:9c:1b:a8:be:
         f2:a1:22:9a:d8:54:30:5c:c6:65:c6:db:29:1d:18:e3:1b:19:
         bb:22:6c:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECY6FRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YzQyNjE4ODBmODJmMzg0NzFhNTcxN2I4MDA5YzRmYmRhMmRmMjQyMB4XDTIyMDEw
MTE0NTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ3NDViM2Y3ODkx
YjQyYTI0ZjU1OGMyYjRjYWExMmJhODQ3MDlhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJb2w1MeWIOo8RCiD3bGzcYNPK6fynpVWC0Wdt6ch/IccVBv
55TC7CHvm0yAmHZjIJumahJ+EGzCuw6bxWRdcRuMzeh+eJon+kIUyo8sz3g0YbNG
qRLYrPhYIrC4nfZZAVVeQdkXma3osiyo9avJv6u8qBt8xSsD6ozMn0X/3031FLjw
h+ppIGg/TBp157rRNtXlMNv4y9CJA7zDIWetea+MUvOT022dqURcMTzzk/GI13c1
LUZUIy/hga67mHE5XQiowubd2mIBnTnACgJeEKYHB4+Rfh5mwUprMRFZJ78SRNZi
jgV4M4WzALXrrIa/HENJXm0oyPfQCEzywF4FElkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkdFs/eJG0KiT1WMK0yqErqEcJpjAfBgNVHSMEGDAWgBTMQmGID4LzhHGl
cXuACcT72i3yQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pFSmhpQS1DODRSeHBYRjdnQW5FLTlvdDhrSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvN2Q5M2IzLTdkZGYtNGQzYS1hNDU0LWQ1NjQ3MWU2MWMzMy8x
LzVIUmJQM2lSdENvazlWakN0TXFoSzZoSENhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
N2Q5M2IzLTdkZGYtNGQzYS1hNDU0LWQ1NjQ3MWU2MWMzMy8xL3pFSmhpQS1DODRS
eHBYRjdnQW5FLTlvdDhrSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFOW2DANBgkqhkiG9w0BAQsFAAOC
AQEAlGBEFCBTlpDtw5ONva7M35yEe89VXB7o3pyjWubILIHSemPOembvyvIRAMy1
O9nNDeSHbnl6manmcsyB2e3HHTf6OAVjYWUytTwK8Yrrktyr9awJEav/t8telPEd
uiQ8LpqyDF65BVGAcI2K0Hvl56l+XUL5mjgo+JsqHvnkVkoUxeTA/1vYv/H1+zYQ
HfiInQBV8fDOyGPCDtOj2kY0dhpRz+kHvE+r1pU254EiA3kz5b2x0l6BoB0Sgx2G
biYFhWScErB+NTRhTTdB7Eppv4kI5FSEMJPnkKaQKW5ZVs0YqvK9c7ycG6i+8qEi
mthUMFzGZcbbKR0Y4xsZuyJsqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org