Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/949baa-8d2d-42a6-aa07-5e1eff0cfe0f/1/2u1TeP1mLg5zkbTCpIW2N9Yyf5A.roa
File:                     2u1TeP1mLg5zkbTCpIW2N9Yyf5A.roa (raw, json)
Hash identifier:          nqithXDkbgostv8StI1/XD4Bz/eXHfcg0OUTSHbVDRA=
Subject key identifier:   DA:ED:53:78:FD:66:2E:0E:73:91:B4:C2:A4:85:B6:37:D6:32:7F:90
Certificate issuer:       /CN=c03297625f85d5dc18f04cb7b3ed528c760d95de
Certificate serial:       0186DFBF14EC5BEB674F3A8E5D4302B4F697
Authority key identifier: C0:32:97:62:5F:85:D5:DC:18:F0:4C:B7:B3:ED:52:8C:76:0D:95:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wDKXYl-F1dwY8Ey3s-1SjHYNld4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/949baa-8d2d-42a6-aa07-5e1eff0cfe0f/1/2u1TeP1mLg5zkbTCpIW2N9Yyf5A.roa
Signing time:             Tue 14 Mar 2023 10:51:27 +0000
ROA not before:           Tue 14 Mar 2023 10:51:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211500
IP address blocks:        212.23.204.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:bf:14:ec:5b:eb:67:4f:3a:8e:5d:43:02:b4:f6:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c03297625f85d5dc18f04cb7b3ed528c760d95de
        Validity
            Not Before: Mar 14 10:51:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=daed5378fd662e0e7391b4c2a485b637d6327f90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:01:49:94:c8:6f:72:dc:3a:19:5d:2d:b8:a6:
                    cf:1f:e2:67:58:16:b8:3e:18:5c:30:a8:9f:a1:b8:
                    cf:67:44:c5:71:80:f3:46:40:c8:d0:82:55:97:3e:
                    1c:15:a2:d6:18:83:29:54:f8:75:e8:f9:24:e7:1f:
                    88:a7:f9:6c:c5:8c:33:02:2d:e4:8d:1a:76:ef:71:
                    3e:2d:3c:90:d5:a7:88:b9:6e:2a:a6:5f:f3:43:15:
                    b5:32:58:a4:6f:75:ac:e5:58:76:d7:7c:1b:3a:d7:
                    53:e3:ec:c4:ac:72:9b:fa:05:b9:6a:52:50:2a:d4:
                    9e:f4:f6:c0:ad:d3:38:f8:fd:ac:37:99:35:fe:62:
                    a0:7b:7c:23:67:a5:05:6f:08:6b:af:d1:bb:e4:7a:
                    91:36:67:c4:ba:e7:2f:48:be:8e:bc:d8:04:5d:f8:
                    3d:18:83:62:44:15:19:85:6b:0f:ed:10:c4:53:7c:
                    6f:fb:20:ba:db:af:11:d4:25:7d:a5:3f:52:d9:64:
                    43:ca:15:5c:e9:0c:11:9f:71:04:9a:5a:85:d2:4d:
                    82:e9:69:59:8b:df:8b:7e:1f:04:ed:8c:ae:6b:92:
                    e9:c9:03:de:42:7b:cc:62:5e:64:3e:05:e8:cc:6b:
                    28:ab:5e:eb:1a:22:10:6b:6e:37:88:df:06:ee:79:
                    15:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:ED:53:78:FD:66:2E:0E:73:91:B4:C2:A4:85:B6:37:D6:32:7F:90
            X509v3 Authority Key Identifier:
                keyid:C0:32:97:62:5F:85:D5:DC:18:F0:4C:B7:B3:ED:52:8C:76:0D:95:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wDKXYl-F1dwY8Ey3s-1SjHYNld4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/949baa-8d2d-42a6-aa07-5e1eff0cfe0f/1/2u1TeP1mLg5zkbTCpIW2N9Yyf5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/949baa-8d2d-42a6-aa07-5e1eff0cfe0f/1/wDKXYl-F1dwY8Ey3s-1SjHYNld4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:32:0d:ee:16:ce:c8:44:40:30:d7:fb:11:93:d2:a5:4e:77:
         91:29:a7:88:d3:55:93:09:3f:66:b4:e5:30:40:10:48:3c:6f:
         eb:3b:5b:e8:34:1e:e8:96:67:03:ba:e5:f5:47:6f:4a:1b:c7:
         86:4d:a3:13:c9:3d:02:9e:e4:d3:44:8d:09:8b:41:09:72:06:
         9b:a7:07:b1:cf:88:84:04:f3:eb:d0:97:0b:47:8e:57:b9:44:
         b7:da:24:c2:12:f7:5a:40:07:f6:89:4a:e4:d6:41:00:70:cc:
         00:ec:d6:f2:ea:83:21:d8:9a:3a:5d:5a:09:17:2e:9d:a0:bd:
         dc:4d:fe:0c:68:9c:ec:27:77:7a:c4:e4:0d:f5:b2:7c:14:cc:
         1c:17:b7:95:92:bd:38:e1:a3:b0:f1:0e:d8:82:f8:8c:51:a7:
         96:11:36:80:48:1b:26:c1:6e:74:47:0a:fc:98:27:0f:e1:cb:
         97:22:b3:37:3c:fd:2e:7b:ae:73:5d:43:1b:42:2f:d1:ca:13:
         66:c2:27:1c:9d:48:be:8e:e3:a0:56:a2:4d:06:f5:b5:35:3a:
         97:45:9f:41:72:b9:0b:71:41:a1:5a:28:4b:a0:15:f4:ff:13:
         e8:d7:b0:fa:84:fd:1c:80:61:b8:1b:b5:12:ee:c8:9d:46:8a:
         02:fb:63:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbfvxTsW+tnTzqOXUMCtPaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMzI5NzYyNWY4NWQ1ZGMxOGYwNGNiN2IzZWQ1MjhjNzYw
ZDk1ZGUwHhcNMjMwMzE0MTA1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWVkNTM3OGZkNjYyZTBlNzM5MWI0YzJhNDg1YjYzN2Q2MzI3ZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQFJlMhvctw6GV0tuKbPH+JnWBa4
PhhcMKifobjPZ0TFcYDzRkDI0IJVlz4cFaLWGIMpVPh16Pkk5x+Ip/lsxYwzAi3k
jRp273E+LTyQ1aeIuW4qpl/zQxW1Mlikb3Ws5Vh213wbOtdT4+zErHKb+gW5alJQ
KtSe9PbArdM4+P2sN5k1/mKge3wjZ6UFbwhrr9G75HqRNmfEuucvSL6OvNgEXfg9
GINiRBUZhWsP7RDEU3xv+yC6268R1CV9pT9S2WRDyhVc6QwRn3EEmlqF0k2C6WlZ
i9+Lfh8E7Yyua5LpyQPeQnvMYl5kPgXozGsoq17rGiIQa243iN8G7nkV5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrtU3j9Zi4Oc5G0wqSFtjfWMn+QMB8GA1UdIwQY
MBaAFMAyl2JfhdXcGPBMt7PtUox2DZXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0RLWFlsLUYxZHdZOEV5M3MtMVNqSFlObGQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85NDliYWEtOGQyZC00MmE2LWFhMDct
NWUxZWZmMGNmZTBmLzEvMnUxVGVQMW1MZzV6a2JUQ3BJVzJOOVl5ZjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85NDliYWEtOGQyZC00MmE2LWFhMDctNWUxZWZmMGNmZTBm
LzEvd0RLWFlsLUYxZHdZOEV5M3MtMVNqSFlObGQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfMMA0G
CSqGSIb3DQEBCwUAA4IBAQCzMg3uFs7IREAw1/sRk9KlTneRKaeI01WTCT9mtOUw
QBBIPG/rO1voNB7olmcDuuX1R29KG8eGTaMTyT0CnuTTRI0Ji0EJcgabpwexz4iE
BPPr0JcLR45XuUS32iTCEvdaQAf2iUrk1kEAcMwA7Nby6oMh2Jo6XVoJFy6doL3c
Tf4MaJzsJ3d6xOQN9bJ8FMwcF7eVkr044aOw8Q7YgviMUaeWETaASBsmwW50Rwr8
mCcP4cuXIrM3PP0ue65zXUMbQi/RyhNmwiccnUi+juOgVqJNBvW1NTqXRZ9BcrkL
cUGhWihLoBX0/xPo17D6hP0cgGG4G7US7sidRooC+2Om
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:16 2024 by rpki-client on console-fra.rpki-client.org