Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/68707f-f2a8-4f53-ba5c-31dfbbb914ed/1/dB0i4QKey614tAhrf6UR5wVU2O4.roa
File:                     dB0i4QKey614tAhrf6UR5wVU2O4.roa (raw, json)
Hash identifier:          fvYENVG/25U5WL8SQ3CtR/MXlt32gQNgWxTx6ktgmO8=
Subject key identifier:   74:1D:22:E1:02:9E:CB:AD:78:B4:08:6B:7F:A5:11:E7:05:54:D8:EE
Certificate issuer:       /CN=ed77ba4f32f2426170afc9e25914c13490ff5db6
Certificate serial:       01857230F030FEDD13AEADBFC6B81F171017
Authority key identifier: ED:77:BA:4F:32:F2:42:61:70:AF:C9:E2:59:14:C1:34:90:FF:5D:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7Xe6TzLyQmFwr8niWRTBNJD_XbY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/68707f-f2a8-4f53-ba5c-31dfbbb914ed/1/dB0i4QKey614tAhrf6UR5wVU2O4.roa
Signing time:             Mon 02 Jan 2023 11:14:47 +0000
ROA not before:           Mon 02 Jan 2023 11:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398464
IP address blocks:        195.64.124.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:30:f0:30:fe:dd:13:ae:ad:bf:c6:b8:1f:17:10:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed77ba4f32f2426170afc9e25914c13490ff5db6
        Validity
            Not Before: Jan  2 11:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=741d22e1029ecbad78b4086b7fa511e70554d8ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:70:07:9e:bb:59:9b:0b:54:a2:30:35:c8:83:
                    9c:79:09:23:51:02:ae:01:25:6e:5e:0a:da:d3:de:
                    86:fb:de:d5:54:e6:0e:c5:29:84:69:95:98:4b:f6:
                    1e:2b:14:43:ea:a2:16:c9:1c:61:5a:f9:93:1c:cc:
                    26:9f:c7:7e:67:f3:9c:a1:55:d1:9b:27:d8:dc:dd:
                    1d:c7:6b:99:71:1c:b1:17:50:c6:d6:e7:a7:11:52:
                    e4:ea:82:c7:a6:2e:23:44:9b:3f:be:68:ed:ff:fa:
                    dc:9e:a8:f9:4f:ce:12:d0:a0:e5:54:ba:bb:d5:7e:
                    2c:08:ca:29:6c:89:49:25:b9:89:49:ea:5e:b0:5f:
                    9c:08:e7:cf:16:d6:0d:4a:b3:55:2e:1f:a4:05:a5:
                    2f:eb:df:06:e2:bf:b6:b4:13:53:c2:2c:43:0d:61:
                    64:d5:43:75:6e:4d:53:23:ea:15:fd:0c:ab:54:61:
                    23:c0:3d:cc:b6:ce:39:a3:9b:23:b8:6a:4a:fb:68:
                    80:a6:67:7a:8d:f9:91:cd:71:9c:08:53:fc:e9:04:
                    12:d7:35:79:57:22:f7:eb:33:e0:a4:2a:56:82:de:
                    ab:89:08:bb:0d:7c:6c:d5:e5:7f:03:f1:a5:b5:bd:
                    af:c9:73:ff:dc:7d:ee:7d:da:78:74:67:06:e3:10:
                    81:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:1D:22:E1:02:9E:CB:AD:78:B4:08:6B:7F:A5:11:E7:05:54:D8:EE
            X509v3 Authority Key Identifier:
                keyid:ED:77:BA:4F:32:F2:42:61:70:AF:C9:E2:59:14:C1:34:90:FF:5D:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Xe6TzLyQmFwr8niWRTBNJD_XbY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/68707f-f2a8-4f53-ba5c-31dfbbb914ed/1/dB0i4QKey614tAhrf6UR5wVU2O4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/68707f-f2a8-4f53-ba5c-31dfbbb914ed/1/7Xe6TzLyQmFwr8niWRTBNJD_XbY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.64.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:fb:2f:0b:8f:51:f5:3f:66:9a:ab:39:6a:f0:f9:00:67:ee:
         bc:3d:de:ed:3a:56:28:83:7e:86:45:9a:35:41:f6:c4:4a:70:
         00:e5:0c:ba:87:f5:a3:d2:60:1b:aa:68:64:89:df:5a:20:ad:
         f0:58:5a:00:ec:22:2a:0b:a6:9f:4a:8e:3e:05:4a:8f:69:f0:
         3a:f5:57:a9:7f:5c:1a:32:73:5e:e8:bc:6c:27:0e:20:9b:66:
         f6:fb:a2:10:3d:0d:39:bd:17:84:db:85:58:3c:44:58:24:3b:
         b7:f9:14:1e:e6:6b:cf:b4:aa:87:38:12:23:05:ff:65:0f:09:
         8c:b9:3e:f8:ba:62:b2:9a:71:16:bb:51:40:df:ac:1c:b6:0c:
         90:e3:ac:eb:f4:fa:e8:d7:b2:40:0c:a0:67:59:66:34:ba:6e:
         2d:2b:c2:7d:6b:c5:9f:bd:60:4d:13:d7:28:de:60:37:0b:cd:
         4e:10:f8:df:36:e4:f6:3d:5a:40:0a:94:1a:01:e9:14:5c:16:
         7a:f7:15:2e:14:af:c5:f5:0b:d7:00:81:85:2b:1e:70:b1:40:
         9c:75:27:51:12:04:8b:0b:39:68:42:2b:86:c4:2a:d2:d5:8a:
         6b:db:51:a7:83:b0:a6:58:35:5f:20:77:01:97:93:44:65:85:
         79:a6:94:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMPAw/t0Trq2/xrgfFxAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdiYTRmMzJmMjQyNjE3MGFmYzllMjU5MTRjMTM0OTBm
ZjVkYjYwHhcNMjMwMTAyMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFkMjJlMTAyOWVjYmFkNzhiNDA4NmI3ZmE1MTFlNzA1NTRkOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHAHnrtZmwtUojA1yIOceQkjUQKu
ASVuXgra096G+97VVOYOxSmEaZWYS/YeKxRD6qIWyRxhWvmTHMwmn8d+Z/OcoVXR
myfY3N0dx2uZcRyxF1DG1uenEVLk6oLHpi4jRJs/vmjt//rcnqj5T84S0KDlVLq7
1X4sCMopbIlJJbmJSepesF+cCOfPFtYNSrNVLh+kBaUv698G4r+2tBNTwixDDWFk
1UN1bk1TI+oV/QyrVGEjwD3Mts45o5sjuGpK+2iApmd6jfmRzXGcCFP86QQS1zV5
VyL36zPgpCpWgt6riQi7DXxs1eV/A/Gltb2vyXP/3H3ufdp4dGcG4xCB+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQdIuECnsuteLQIa3+lEecFVNjuMB8GA1UdIwQY
MBaAFO13uk8y8kJhcK/J4lkUwTSQ/122MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hlNlR6THlRbUZ3cjhuaVdSVEJOSkRfWGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ODcwN2YtZjJhOC00ZjUzLWJhNWMt
MzFkZmJiYjkxNGVkLzEvZEIwaTRRS2V5NjE0dEFocmY2VVI1d1ZVMk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ODcwN2YtZjJhOC00ZjUzLWJhNWMtMzFkZmJiYjkxNGVk
LzEvN1hlNlR6THlRbUZ3cjhuaVdSVEJOSkRfWGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B8MA0G
CSqGSIb3DQEBCwUAA4IBAQCZ+y8Lj1H1P2aaqzlq8PkAZ+68Pd7tOlYog36GRZo1
QfbESnAA5Qy6h/Wj0mAbqmhkid9aIK3wWFoA7CIqC6afSo4+BUqPafA69Vepf1wa
MnNe6LxsJw4gm2b2+6IQPQ05vReE24VYPERYJDu3+RQe5mvPtKqHOBIjBf9lDwmM
uT74umKymnEWu1FA36wctgyQ46zr9Pro17JADKBnWWY0um4tK8J9a8WfvWBNE9co
3mA3C81OEPjfNuT2PVpACpQaAekUXBZ69xUuFK/F9QvXAIGFKx5wsUCcdSdREgSL
CzloQiuGxCrS1Ypr21Gng7CmWDVfIHcBl5NEZYV5ppS3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:26 2024 by rpki-client on console-fra.rpki-client.org