Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/hx68Xqf6ZfhT0sxazr2pO4rRvUQ.roa
File:                     hx68Xqf6ZfhT0sxazr2pO4rRvUQ.roa (raw, json)
Hash identifier:          aWMQ8Nn1+SAwE1dqrctXiujy2hQNLmEpL7fsgac4aHw=
Subject key identifier:   87:1E:BC:5E:A7:FA:65:F8:53:D2:CC:5A:CE:BD:A9:3B:8A:D1:BD:44
Certificate issuer:       /CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
Certificate serial:       01826C91AF82284F06856DE037775065A097
Authority key identifier: 0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/hx68Xqf6ZfhT0sxazr2pO4rRvUQ.roa
Signing time:             Fri 05 Aug 2022 05:54:23 +0000
ROA not before:           Fri 05 Aug 2022 05:54:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     61317
IP address blocks:        31.41.249.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:6c:91:af:82:28:4f:06:85:6d:e0:37:77:50:65:a0:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b0262eb9b43781af47bfd833d7b2a8ed5bd69c0
        Validity
            Not Before: Aug  5 05:54:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=871ebc5ea7fa65f853d2cc5acebda93b8ad1bd44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e5:44:3e:09:67:13:1d:54:21:cd:a9:51:a8:
                    31:99:35:5b:11:fc:20:98:55:2a:f3:fb:f7:c2:17:
                    77:8d:47:0f:95:d0:73:62:d7:42:e3:d7:ee:bb:a1:
                    9c:b2:b4:87:61:f6:53:b0:2c:06:98:7a:e1:b0:a9:
                    88:8a:a4:6f:cd:aa:f3:cb:3e:19:e4:d9:5e:01:b1:
                    cd:91:f3:a3:81:11:96:e0:ea:c7:ad:60:cc:9d:07:
                    d4:5d:da:04:be:42:da:a6:5a:a0:2c:6b:0c:3e:e5:
                    e3:2a:f7:2e:ea:09:26:df:64:6d:5f:97:c8:97:be:
                    4a:eb:fc:52:1a:f5:d5:a5:de:00:57:f6:fb:a6:3c:
                    f6:91:42:d5:a6:64:66:39:88:e0:a2:bd:26:a8:ae:
                    e0:f5:ed:ad:3d:94:2f:25:8d:71:1f:c4:2d:56:47:
                    9f:8b:92:11:90:1c:5a:10:af:c3:72:50:f2:cf:84:
                    ab:c6:55:84:32:e4:ca:a8:53:0f:68:2a:e1:cf:54:
                    d5:3e:b4:fe:5b:39:c9:df:b1:06:7a:98:12:21:f8:
                    48:a9:f9:26:ed:de:4e:e6:3a:16:6c:fc:79:09:35:
                    b1:d5:b3:9c:3e:77:c9:94:24:28:46:91:50:27:1e:
                    c3:b4:da:72:98:76:34:fa:58:39:23:4f:12:e8:f8:
                    98:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1E:BC:5E:A7:FA:65:F8:53:D2:CC:5A:CE:BD:A9:3B:8A:D1:BD:44
            X509v3 Authority Key Identifier:
                keyid:0B:02:62:EB:9B:43:78:1A:F4:7B:FD:83:3D:7B:2A:8E:D5:BD:69:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CwJi65tDeBr0e_2DPXsqjtW9acA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/hx68Xqf6ZfhT0sxazr2pO4rRvUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a04b28-3918-4259-bd25-73d8df5eb288/1/CwJi65tDeBr0e_2DPXsqjtW9acA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.41.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:c1:eb:c3:df:10:17:76:f8:66:b9:3a:b4:0f:16:cd:93:78:
         4d:1c:69:e5:4d:7b:ab:1d:d3:97:21:fa:a3:64:da:2e:15:9d:
         58:c4:ba:f1:72:55:db:e4:ae:f0:95:69:1d:41:92:7c:7c:e5:
         c5:18:14:c3:48:ad:04:df:62:a3:58:b0:9f:3f:bd:7c:5c:3c:
         2c:ae:5e:aa:50:6b:a6:6f:37:96:37:23:c6:d1:bf:be:cd:2b:
         2c:d9:b7:d2:92:f4:93:0a:07:2d:37:54:80:44:80:59:87:c6:
         2e:9e:60:03:8d:d5:af:26:80:bb:01:2c:ad:52:4c:2c:ef:79:
         24:2b:b1:2a:73:ca:03:3a:e9:78:50:7d:be:5f:85:3f:e8:af:
         dd:d4:90:7b:28:54:49:cd:33:3b:e0:ef:09:47:31:8c:54:bd:
         15:d5:48:64:12:d0:95:fd:6c:09:e9:a7:80:e7:dc:d4:c0:54:
         e3:9c:2e:92:03:2e:72:8d:22:65:e9:04:c1:b0:1e:8a:be:11:
         67:48:89:74:04:06:86:c6:06:dc:33:12:90:f3:b1:ad:a3:6b:
         c6:f9:c3:dd:c4:02:c8:cf:c3:63:41:a5:21:60:e6:e1:b4:e0:
         b0:92:0c:6a:7d:5f:76:05:98:2b:29:9a:d1:87:e1:7e:79:3f:
         ef:83:f3:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJska+CKE8GhW3gN3dQZaCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMDI2MmViOWI0Mzc4MWFmNDdiZmQ4MzNkN2IyYThlZDVi
ZDY5YzAwHhcNMjIwODA1MDU1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFlYmM1ZWE3ZmE2NWY4NTNkMmNjNWFjZWJkYTkzYjhhZDFiZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOVEPglnEx1UIc2pUagxmTVbEfwg
mFUq8/v3whd3jUcPldBzYtdC49fuu6GcsrSHYfZTsCwGmHrhsKmIiqRvzarzyz4Z
5NleAbHNkfOjgRGW4OrHrWDMnQfUXdoEvkLaplqgLGsMPuXjKvcu6gkm32RtX5fI
l75K6/xSGvXVpd4AV/b7pjz2kULVpmRmOYjgor0mqK7g9e2tPZQvJY1xH8QtVkef
i5IRkBxaEK/DclDyz4SrxlWEMuTKqFMPaCrhz1TVPrT+WznJ37EGepgSIfhIqfkm
7d5O5joWbPx5CTWx1bOcPnfJlCQoRpFQJx7DtNpymHY0+lg5I08S6PiYgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcevF6n+mX4U9LMWs69qTuK0b1EMB8GA1UdIwQY
MBaAFAsCYuubQ3ga9Hv9gz17Ko7VvWnAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3dKaTY1dERlQnIwZV8yRFBYc3FqdFc5YWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hMDRiMjgtMzkxOC00MjU5LWJkMjUt
NzNkOGRmNWViMjg4LzEvaHg2OFhxZjZaZmhUMHN4YXpyMnBPNHJSdlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hMDRiMjgtMzkxOC00MjU5LWJkMjUtNzNkOGRmNWViMjg4
LzEvQ3dKaTY1dERlQnIwZV8yRFBYc3FqdFc5YWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyn5MA0G
CSqGSIb3DQEBCwUAA4IBAQCowevD3xAXdvhmuTq0DxbNk3hNHGnlTXurHdOXIfqj
ZNouFZ1YxLrxclXb5K7wlWkdQZJ8fOXFGBTDSK0E32KjWLCfP718XDwsrl6qUGum
bzeWNyPG0b++zSss2bfSkvSTCgctN1SARIBZh8YunmADjdWvJoC7ASytUkws73kk
K7Eqc8oDOul4UH2+X4U/6K/d1JB7KFRJzTM74O8JRzGMVL0V1UhkEtCV/WwJ6aeA
59zUwFTjnC6SAy5yjSJl6QTBsB6KvhFnSIl0BAaGxgbcMxKQ87Gto2vG+cPdxALI
z8NjQaUhYObhtOCwkgxqfV92BZgrKZrRh+F+eT/vg/P4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:20 2024 by rpki-client on console-fra.rpki-client.org