Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/sJjIi8LxyBaapUPztypafiGazB4.roa
File:                     sJjIi8LxyBaapUPztypafiGazB4.roa (raw, json)
Hash identifier:          snoS7xcNMuCgLXX7PRPXvmr0bu9uS7kTUSsVN0SedsA=
Subject key identifier:   B0:98:C8:8B:C2:F1:C8:16:9A:A5:43:F3:B7:2A:5A:7E:21:9A:CC:1E
Certificate issuer:       /CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
Certificate serial:       019420D5D4BB80F721D8504C1033AA87B462
Authority key identifier: 00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/sJjIi8LxyBaapUPztypafiGazB4.roa
Signing time:             Wed 01 Jan 2025 07:47:51 +0000
ROA not before:           Wed 01 Jan 2025 07:47:51 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     28717
IP address blocks:        194.50.57.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:20:d5:d4:bb:80:f7:21:d8:50:4c:10:33:aa:87:b4:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0072c08f74d2a842a71f23ab61499b52694fc7a5
        Validity
            Not Before: Jan  1 07:47:51 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=b098c88bc2f1c8169aa543f3b72a5a7e219acc1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:95:2b:17:c4:ca:bc:96:a6:73:fb:65:0e:ac:
                    27:6c:8b:e2:3f:c5:23:51:16:d3:80:ab:a6:88:d2:
                    b3:ae:07:f0:4f:b6:9a:94:75:ff:cd:d7:86:a6:76:
                    fd:27:de:53:b5:6e:3f:bc:c8:5f:15:4a:02:bd:f6:
                    f6:e6:b0:9f:f0:5b:be:c0:b8:01:60:d0:50:1d:43:
                    6c:7f:9b:e1:1d:04:68:20:5d:77:27:e1:c0:22:e2:
                    8f:4f:2b:f4:66:fe:c4:7f:db:15:cf:6e:ca:3b:77:
                    2f:05:1d:bd:08:a4:4d:52:57:5f:46:01:e8:45:0a:
                    f8:8d:7a:6d:53:59:f8:a4:b8:dc:75:7c:88:13:db:
                    d2:1d:5a:5a:21:55:cb:22:1f:76:3b:a7:3e:44:d4:
                    17:a1:ba:58:f7:18:e4:4d:d2:4d:6f:45:f3:71:9a:
                    9b:bd:f0:da:55:7d:3f:c1:bc:d2:4c:4f:fa:a0:be:
                    14:d5:36:57:0c:af:ea:ae:83:55:31:76:d1:a1:90:
                    de:e2:06:99:54:6b:76:a5:c8:e8:da:ac:ae:6d:ad:
                    85:0c:c1:f6:2f:b8:4b:56:a9:70:43:06:4b:b0:bb:
                    cf:15:e6:17:b2:79:71:a6:a4:ab:e3:35:42:b3:67:
                    80:33:f7:74:8c:ff:42:20:bc:5a:f4:75:17:42:67:
                    c4:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:98:C8:8B:C2:F1:C8:16:9A:A5:43:F3:B7:2A:5A:7E:21:9A:CC:1E
            X509v3 Authority Key Identifier:
                keyid:00:72:C0:8F:74:D2:A8:42:A7:1F:23:AB:61:49:9B:52:69:4F:C7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHLAj3TSqEKnHyOrYUmbUmlPx6U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/sJjIi8LxyBaapUPztypafiGazB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ac8e7c-4174-480e-bfaf-667d66469cd9/1/AHLAj3TSqEKnHyOrYUmbUmlPx6U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:8d:a0:c2:25:4c:41:95:7f:34:0d:80:fc:1e:ac:e3:d7:02:
         9a:1c:2c:ce:9f:15:30:24:4f:ef:7c:be:33:e1:3d:d6:f0:32:
         8a:d8:db:06:dd:9f:12:fc:43:54:4b:56:3d:d2:87:3a:04:59:
         56:bc:ac:a9:e4:7a:62:53:36:5f:0c:70:18:ac:e6:84:bf:56:
         07:f2:bc:a0:63:83:b6:80:4c:ec:3f:8a:1b:55:b6:fd:4a:de:
         83:7e:0d:6b:34:b2:ac:b9:c8:fe:1e:ff:35:7f:82:93:35:76:
         6c:a3:5b:2b:be:9c:c0:81:1b:b8:6e:42:ea:68:99:b0:17:ad:
         77:b1:66:b1:28:96:c6:68:30:6c:a9:f4:b4:0c:86:cb:1a:84:
         4b:60:51:c9:13:6e:0a:8b:98:60:34:1c:0e:59:4a:4a:a9:95:
         32:08:3e:70:c3:98:c0:87:9d:a8:72:44:8e:8d:c7:1f:91:60:
         53:5a:97:f6:1f:78:cd:f2:82:62:ff:a4:d0:36:cf:14:5e:94:
         d8:7b:80:67:95:39:6e:81:ef:11:b2:f8:04:e8:7f:a9:69:5a:
         7e:17:cf:dd:ba:6f:80:90:e7:5a:c1:65:cf:c5:94:86:d0:b8:
         ce:81:c2:9b:81:c2:86:a4:d0:fa:df:49:00:f5:b5:48:3b:51:
         d8:54:34:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dS7gPch2FBMEDOqh7RiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzJjMDhmNzRkMmE4NDJhNzFmMjNhYjYxNDk5YjUyNjk0
ZmM3YTUwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk4Yzg4YmMyZjFjODE2OWFhNTQzZjNiNzJhNWE3ZTIxOWFjYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZUrF8TKvJamc/tlDqwnbIviP8Uj
URbTgKumiNKzrgfwT7aalHX/zdeGpnb9J95TtW4/vMhfFUoCvfb25rCf8Fu+wLgB
YNBQHUNsf5vhHQRoIF13J+HAIuKPTyv0Zv7Ef9sVz27KO3cvBR29CKRNUldfRgHo
RQr4jXptU1n4pLjcdXyIE9vSHVpaIVXLIh92O6c+RNQXobpY9xjkTdJNb0XzcZqb
vfDaVX0/wbzSTE/6oL4U1TZXDK/qroNVMXbRoZDe4gaZVGt2pcjo2qyuba2FDMH2
L7hLVqlwQwZLsLvPFeYXsnlxpqSr4zVCs2eAM/d0jP9CILxa9HUXQmfENwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCYyIvC8cgWmqVD87cqWn4hmsweMB8GA1UdIwQY
MBaAFABywI900qhCpx8jq2FJm1JpT8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYt
NjY3ZDY2NDY5Y2Q5LzEvc0pqSWk4THh5QmFhcFVQenR5cGFmaUdhekI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hYzhlN2MtNDE3NC00ODBlLWJmYWYtNjY3ZDY2NDY5Y2Q5
LzEvQUhMQWozVFNxRUtuSHlPcllVbWJVbWxQeDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjI5MA0G
CSqGSIb3DQEBCwUAA4IBAQCwjaDCJUxBlX80DYD8Hqzj1wKaHCzOnxUwJE/vfL4z
4T3W8DKK2NsG3Z8S/ENUS1Y90oc6BFlWvKyp5HpiUzZfDHAYrOaEv1YH8rygY4O2
gEzsP4obVbb9St6Dfg1rNLKsucj+Hv81f4KTNXZso1srvpzAgRu4bkLqaJmwF613
sWaxKJbGaDBsqfS0DIbLGoRLYFHJE24Ki5hgNBwOWUpKqZUyCD5ww5jAh52ockSO
jccfkWBTWpf2H3jN8oJi/6TQNs8UXpTYe4BnlTluge8RsvgE6H+paVp+F8/dum+A
kOdawWXPxZSG0LjOgcKbgcKGpND630kA9bVIO1HYVDTG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:01 2025 by rpki-client