Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/2e8POel6k7fX6_9ypjkDOW072Ns.roa
File:                     2e8POel6k7fX6_9ypjkDOW072Ns.roa (raw, json)
Hash identifier:          C/RJ7J+tffi9Kl1smLqWaIF/Yp321ZKDhgX1uuW9u6A=
Subject key identifier:   D9:EF:0F:39:E9:7A:93:B7:D7:EB:FF:72:A6:39:03:39:6D:3B:D8:DB
Certificate issuer:       /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial:       01856DD40C8E8D898F6CF0E575A4EF32BCC3
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/2e8POel6k7fX6_9ypjkDOW072Ns.roa
Signing time:             Sun 01 Jan 2023 14:54:51 +0000
ROA not before:           Sun 01 Jan 2023 14:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49127
IP address blocks:        83.98.157.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:0c:8e:8d:89:8f:6c:f0:e5:75:a4:ef:32:bc:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
        Validity
            Not Before: Jan  1 14:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9ef0f39e97a93b7d7ebff72a63903396d3bd8db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a7:0d:0e:29:d9:c3:da:b4:32:71:bf:47:f4:
                    08:5a:95:f9:49:12:e5:07:c6:47:e7:ad:3c:6f:64:
                    03:48:5b:f6:b0:8c:97:75:8c:b7:0d:e4:e4:cd:08:
                    43:ef:10:2c:f2:30:b3:0a:0d:4e:e1:bc:dd:ea:2c:
                    b1:77:35:88:eb:37:1c:c7:cc:60:43:df:a8:6d:a0:
                    d8:30:25:38:88:c2:ee:c9:91:62:c8:d4:9c:54:95:
                    64:9f:bc:2e:cd:2b:72:51:d7:a9:68:e5:34:97:d3:
                    54:2a:8b:91:83:94:0a:37:bf:ce:ec:36:60:4e:57:
                    bb:d5:68:b4:e2:b6:ea:b2:2b:d3:ab:8b:19:1e:3c:
                    75:76:33:d2:74:95:ec:08:d2:24:ac:51:68:5c:72:
                    54:b6:d8:8d:d4:8d:5e:5c:17:9f:7e:57:0f:4b:f5:
                    f1:f2:da:a2:4e:cf:9b:79:c6:6c:dd:a6:95:83:32:
                    ff:a3:68:cb:f6:4c:26:75:7c:48:96:29:85:9f:f8:
                    9c:12:3f:03:6a:88:c8:36:22:7f:2c:3a:82:17:24:
                    b4:e6:9c:b5:bc:9a:56:79:1e:6d:81:fd:8f:0e:cb:
                    0e:7f:72:db:37:f5:9c:4f:f4:bd:0d:f5:48:bd:04:
                    16:39:8b:99:45:0c:37:32:55:a8:26:5c:8a:26:7d:
                    eb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:EF:0F:39:E9:7A:93:B7:D7:EB:FF:72:A6:39:03:39:6D:3B:D8:DB
            X509v3 Authority Key Identifier:
                keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/2e8POel6k7fX6_9ypjkDOW072Ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.98.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:7a:71:fc:1f:83:3b:0a:16:ed:98:70:93:b0:ae:c6:ea:2a:
         76:b6:d7:24:cf:2f:f5:26:78:70:5e:4f:87:ae:20:69:3d:a6:
         d2:87:6d:92:21:57:17:c2:6d:c8:55:91:a4:47:1b:3e:9e:8b:
         e0:9f:8a:2b:95:98:b1:24:45:8a:dd:49:89:e9:24:71:a3:a8:
         94:f5:06:1b:75:ee:42:96:29:ca:f1:7b:2d:d1:0b:26:5d:27:
         96:85:41:4a:e0:5c:ea:7f:ac:42:08:f7:74:ee:a9:cd:de:00:
         96:9f:e5:a5:f4:7f:e3:78:e7:a0:19:07:c5:cf:f2:16:a2:57:
         02:54:db:f6:9b:4a:09:85:cd:05:7a:22:32:9f:54:41:98:e4:
         c5:66:55:bc:e1:ca:6d:26:6c:1e:51:9c:e7:0a:52:09:4d:41:
         6b:91:15:d3:1e:cb:2c:06:eb:10:3d:70:6b:4e:c4:ed:cf:f9:
         a1:8b:8c:8e:f4:cd:9a:af:b1:4a:31:80:2a:6d:68:79:a6:6d:
         3d:bd:05:ed:f9:d9:e5:3d:dc:7d:b0:73:5c:23:49:c0:51:0a:
         5a:d3:d0:3f:96:31:48:85:4c:4e:69:cb:a1:53:6a:fd:3c:92:
         45:38:39:a4:4e:35:79:27:da:0e:5f:49:e5:3d:1f:29:43:f8:
         cc:e5:f4:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AyOjYmPbPDldaTvMrzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWVmMGYzOWU5N2E5M2I3ZDdlYmZmNzJhNjM5MDMzOTZkM2JkOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuacNDinZw9q0MnG/R/QIWpX5SRLl
B8ZH5608b2QDSFv2sIyXdYy3DeTkzQhD7xAs8jCzCg1O4bzd6iyxdzWI6zccx8xg
Q9+obaDYMCU4iMLuyZFiyNScVJVkn7wuzStyUdepaOU0l9NUKouRg5QKN7/O7DZg
Tle71Wi04rbqsivTq4sZHjx1djPSdJXsCNIkrFFoXHJUttiN1I1eXBefflcPS/Xx
8tqiTs+becZs3aaVgzL/o2jL9kwmdXxIlimFn/icEj8DaojINiJ/LDqCFyS05py1
vJpWeR5tgf2PDssOf3LbN/WcT/S9DfVIvQQWOYuZRQw3MlWoJlyKJn3riwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnvDznpepO31+v/cqY5AzltO9jbMB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEvMmU4UE9lbDZrN2ZYNl85eXBqa0RPVzA3Mk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU2KdMA0G
CSqGSIb3DQEBCwUAA4IBAQB8enH8H4M7ChbtmHCTsK7G6ip2ttckzy/1JnhwXk+H
riBpPabSh22SIVcXwm3IVZGkRxs+novgn4orlZixJEWK3UmJ6SRxo6iU9QYbde5C
linK8Xst0QsmXSeWhUFK4Fzqf6xCCPd07qnN3gCWn+Wl9H/jeOegGQfFz/IWolcC
VNv2m0oJhc0FeiIyn1RBmOTFZlW84cptJmweUZznClIJTUFrkRXTHsssBusQPXBr
TsTtz/mhi4yO9M2ar7FKMYAqbWh5pm09vQXt+dnlPdx9sHNcI0nAUQpa09A/ljFI
hUxOacuhU2r9PJJFODmkTjV5J9oOX0nlPR8pQ/jM5fQ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org