Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/LbIS68-NQU5cOiCFkT8QrLU-uGc.roa
File:                     LbIS68-NQU5cOiCFkT8QrLU-uGc.roa (raw, json)
Hash identifier:          D4jj2Uy5ZZuzWyLAgL8TkCiF8t9j+3wk7jSy3dla3+U=
Subject key identifier:   2D:B2:12:EB:CF:8D:41:4E:5C:3A:20:85:91:3F:10:AC:B5:3E:B8:67
Certificate issuer:       /CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
Certificate serial:       01835BB1EC3E7D8E181366AE3A139A9DCD6A
Authority key identifier: 0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/LbIS68-NQU5cOiCFkT8QrLU-uGc.roa
Signing time:             Tue 20 Sep 2022 16:18:50 +0000
ROA not before:           Tue 20 Sep 2022 16:18:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     21073
IP address blocks:        31.41.249.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5b:b1:ec:3e:7d:8e:18:13:66:ae:3a:13:9a:9d:cd:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
        Validity
            Not Before: Sep 20 16:18:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2db212ebcf8d414e5c3a2085913f10acb53eb867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:07:b8:81:62:0f:26:e4:ea:f7:18:dc:62:47:
                    ef:9f:ce:bf:e0:00:68:25:cc:01:d7:76:18:c7:4d:
                    f8:cc:69:29:ba:7e:62:78:fc:f9:3b:5c:2f:6b:d8:
                    f2:67:f4:20:85:9e:68:88:af:6a:57:7c:dd:6d:ee:
                    4f:8b:75:39:13:76:36:02:0e:f8:d5:a0:88:15:12:
                    f1:2e:f8:a5:15:4a:60:3b:98:10:19:ea:bd:ac:f0:
                    34:85:c1:ae:d1:ae:c3:02:b2:f1:7a:72:c6:fb:4d:
                    93:f8:f4:39:ce:cc:2a:14:15:8c:b4:83:30:a0:df:
                    4b:d7:b7:fc:45:06:b4:bd:c7:fb:f8:51:f7:43:56:
                    18:2f:45:8c:50:9d:eb:19:52:aa:13:cb:c5:7b:86:
                    25:57:f9:fa:41:72:00:9d:4d:12:be:88:51:e4:1c:
                    e3:93:7c:66:a8:ba:b1:6a:83:23:ad:77:bb:ce:ac:
                    e3:ca:75:90:4e:fa:cb:dd:ac:45:fd:f0:6d:84:d9:
                    55:ac:de:73:29:f7:92:24:fb:29:aa:bc:60:26:5a:
                    f4:45:f6:a2:99:31:66:ec:87:60:9e:25:38:ef:1f:
                    4c:b0:cb:2a:c2:20:20:a7:bd:6c:93:9e:83:d2:47:
                    9c:23:8c:8c:2f:87:6c:1b:28:c9:05:b5:19:b4:23:
                    2f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:B2:12:EB:CF:8D:41:4E:5C:3A:20:85:91:3F:10:AC:B5:3E:B8:67
            X509v3 Authority Key Identifier:
                keyid:0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/LbIS68-NQU5cOiCFkT8QrLU-uGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/CwJi65tDeBr0e_2DPXsqjtW9acA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:99:d9:86:dc:5d:db:6d:2a:da:80:6a:fd:5b:54:d8:3b:d3:
         a7:df:75:2b:ad:7a:e0:fa:87:2b:38:b7:0a:14:0a:20:f2:0a:
         50:5c:f1:27:68:7c:22:22:23:2a:4a:e6:06:a0:94:63:31:0c:
         02:59:0c:08:d6:b8:12:da:4e:9c:d0:40:e5:2c:63:ff:21:35:
         c2:42:bb:15:ef:f2:00:95:d1:79:5d:3b:0c:1e:af:6d:85:55:
         56:bf:d4:03:cf:ac:8b:90:a0:7a:2e:71:77:57:d6:b1:cb:8d:
         cd:47:00:4c:82:9c:85:48:c8:69:65:6b:a2:7c:f2:83:ce:e7:
         4a:cc:a5:5f:7e:34:7e:88:f4:40:a5:2c:ca:4d:cc:94:e6:76:
         dd:77:22:a3:4d:c1:f4:ca:6b:fc:46:f3:1f:27:09:11:d9:9e:
         8f:af:b1:ab:b0:95:19:d2:8a:d6:82:6b:5c:e7:6d:02:8e:2b:
         d1:3d:53:7b:2b:ca:19:b4:c8:95:2c:b8:de:df:76:87:ec:4d:
         d2:13:85:0b:62:0f:5a:17:50:85:4e:c5:7a:28:5c:d8:f9:dd:
         aa:4d:ff:62:c0:e4:d0:3e:be:44:09:6b:62:8e:f3:e8:71:59:
         1b:19:a4:59:2c:39:af:24:a1:33:f4:55:a2:82:83:af:09:3d:
         62:fd:1f:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNbsew+fY4YE2auOhOanc1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMDI2MmViOWI0Mzc4MWFmNDdiZmQ4MzNkN2IyYThlZDVi
ZDY5YzAwHhcNMjIwOTIwMTYxODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIyMTJlYmNmOGQ0MTRlNWMzYTIwODU5MTNmMTBhY2I1M2ViODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAe4gWIPJuTq9xjcYkfvn86/4ABo
JcwB13YYx034zGkpun5iePz5O1wva9jyZ/QghZ5oiK9qV3zdbe5Pi3U5E3Y2Ag74
1aCIFRLxLvilFUpgO5gQGeq9rPA0hcGu0a7DArLxenLG+02T+PQ5zswqFBWMtIMw
oN9L17f8RQa0vcf7+FH3Q1YYL0WMUJ3rGVKqE8vFe4YlV/n6QXIAnU0SvohR5Bzj
k3xmqLqxaoMjrXe7zqzjynWQTvrL3axF/fBthNlVrN5zKfeSJPspqrxgJlr0Rfai
mTFm7IdgniU47x9MsMsqwiAgp71sk56D0kecI4yML4dsGyjJBbUZtCMvuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2yEuvPjUFOXDoghZE/EKy1PrhnMB8GA1UdIwQY
MBaAFAsCYuubQ3ga9Hv9gz17Ko7VvWnAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3dKaTY1dERlQnIwZV8yRFBYc3FqdFc5YWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hMDRiMjgtMzkxOC00MjU5LWJkMjUt
NzNkOGRmNWViMjg4LzEvTGJJUzY4LU5RVTVjT2lDRmtUOFFyTFUtdUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hMDRiMjgtMzkxOC00MjU5LWJkMjUtNzNkOGRmNWViMjg4
LzEvQ3dKaTY1dERlQnIwZV8yRFBYc3FqdFc5YWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn5MA0G
CSqGSIb3DQEBCwUAA4IBAQCsmdmG3F3bbSragGr9W1TYO9On33UrrXrg+ocrOLcK
FAog8gpQXPEnaHwiIiMqSuYGoJRjMQwCWQwI1rgS2k6c0EDlLGP/ITXCQrsV7/IA
ldF5XTsMHq9thVVWv9QDz6yLkKB6LnF3V9axy43NRwBMgpyFSMhpZWuifPKDzudK
zKVffjR+iPRApSzKTcyU5nbddyKjTcH0ymv8RvMfJwkR2Z6Pr7GrsJUZ0orWgmtc
520CjivRPVN7K8oZtMiVLLje33aH7E3SE4ULYg9aF1CFTsV6KFzY+d2qTf9iwOTQ
Pr5ECWtijvPocVkbGaRZLDmvJKEz9FWigoOvCT1i/R8T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:28 2024 by rpki-client on console-ams.rpki-client.org