Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/YV9d5CBx-5tzqO2PIN8X1N1_rks.roa
File:                     YV9d5CBx-5tzqO2PIN8X1N1_rks.roa (raw, json)
Hash identifier:          A2cVBGLnYyFlNW3vU1rxk+NUxQ21QeH1sD8LI6Dv+ys=
Subject key identifier:   61:5F:5D:E4:20:71:FB:9B:73:A8:ED:8F:20:DF:17:D4:DD:7F:AE:4B
Certificate issuer:       /CN=083996c6f2e7a38871f8c001f4f8ba4a705e8799
Certificate serial:       0FD87F58
Authority key identifier: 08:39:96:C6:F2:E7:A3:88:71:F8:C0:01:F4:F8:BA:4A:70:5E:87:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CDmWxvLno4hx-MAB9Pi6SnBeh5k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/YV9d5CBx-5tzqO2PIN8X1N1_rks.roa
Signing time:             Sat 01 Jan 2022 02:55:29 +0000
ROA not before:           Sat 01 Jan 2022 02:55:29 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12713
IP address blocks:        62.75.58.0/24 maxlen: 24
                          62.75.54.0/24 maxlen: 24
                          62.75.64.0/24 maxlen: 24
                          62.75.62.0/24 maxlen: 24
                          62.75.69.0/24 maxlen: 24
                          62.75.3.0/24 maxlen: 24
                          62.75.1.0/24 maxlen: 24
                          62.75.2.0/24 maxlen: 24
                          62.75.10.0/24 maxlen: 24
                          62.75.8.0/24 maxlen: 24
                          62.75.15.0/24 maxlen: 24
                          62.75.16.0/23 maxlen: 23
                          62.75.13.0/24 maxlen: 24
                          62.75.18.0/23 maxlen: 23
                          62.75.24.0/23 maxlen: 23
                          62.75.22.0/24 maxlen: 24
                          62.75.23.0/24 maxlen: 24
                          62.75.20.0/24 maxlen: 24
                          62.75.21.0/24 maxlen: 24
                          2a00:1cb8:1::/48 maxlen: 48
                          2a00:1cb8:2:3::/64 maxlen: 64
                          2a00:1cb8:2:8::/64 maxlen: 64
                          2a00:1cb8:2:d::/64 maxlen: 64
                          2a00:1cb8:2:a::/64 maxlen: 64
                          2a00:1cb8:2::/48 maxlen: 48
                          2a00:1cb8:2:7::/64 maxlen: 64
                          2a00:1cb8:2:2::/64 maxlen: 64
                          2a00:1cb8:2:c::/64 maxlen: 64
                          2a00:1cb8:2000::/35 maxlen: 35
                          2a00:1cb8:2:6::/64 maxlen: 64
                          2a00:1cb8:2:b::/64 maxlen: 64
                          2a00:1cb8:2:1::/64 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 265846616 (0xfd87f58)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=083996c6f2e7a38871f8c001f4f8ba4a705e8799
        Validity
            Not Before: Jan  1 02:55:29 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=615f5de42071fb9b73a8ed8f20df17d4dd7fae4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:0e:89:ab:28:d9:7f:e0:26:78:34:be:27:9f:
                    3b:4a:f8:a8:98:0c:ec:17:61:bb:9f:0f:c5:13:41:
                    17:9a:a4:43:a2:42:9c:0b:ae:46:43:e3:97:b6:7a:
                    84:1f:95:70:0e:3d:7f:c7:62:38:95:b2:51:fc:a1:
                    7e:36:1c:c6:d8:da:96:20:d6:68:e5:b4:13:a8:52:
                    70:11:2e:49:9f:3a:63:49:93:59:58:45:97:54:47:
                    a6:6c:ac:29:20:ea:a2:39:ac:c0:af:7c:09:04:9d:
                    80:21:2f:64:61:2d:44:4b:29:38:2d:76:5c:7d:06:
                    94:5b:35:cf:73:c1:8a:e8:a6:59:c5:81:40:ff:f4:
                    b5:19:11:97:5f:c7:7f:57:3a:8e:48:ea:cf:31:fd:
                    5d:41:5f:1e:d7:b6:f4:0f:56:92:71:c6:0d:47:ba:
                    59:77:97:9d:67:ba:b7:cf:ef:17:43:4d:bf:3b:d6:
                    45:cf:f9:3b:db:bb:7e:ce:10:9f:73:81:52:b9:50:
                    fb:ab:7f:66:c0:92:c9:50:6c:ce:53:99:d4:65:45:
                    23:64:a6:fd:31:71:7f:6d:c2:c1:6e:30:87:94:d4:
                    94:08:a2:1d:02:ca:1b:65:a2:4f:c2:49:a6:c3:a5:
                    c7:19:ca:e9:0f:91:cb:1b:b1:82:bf:56:18:38:50:
                    c5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:5F:5D:E4:20:71:FB:9B:73:A8:ED:8F:20:DF:17:D4:DD:7F:AE:4B
            X509v3 Authority Key Identifier:
                keyid:08:39:96:C6:F2:E7:A3:88:71:F8:C0:01:F4:F8:BA:4A:70:5E:87:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDmWxvLno4hx-MAB9Pi6SnBeh5k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/YV9d5CBx-5tzqO2PIN8X1N1_rks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b3b4bb-20f5-48ad-a61b-fe8e5e0bfa0f/1/CDmWxvLno4hx-MAB9Pi6SnBeh5k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.75.1.0-62.75.3.255
                  62.75.8.0/24
                  62.75.10.0/24
                  62.75.13.0/24
                  62.75.15.0-62.75.25.255
                  62.75.54.0/24
                  62.75.58.0/24
                  62.75.62.0/24
                  62.75.64.0/24
                  62.75.69.0/24
                IPv6:
                  2a00:1cb8:1::-2a00:1cb8:2:ffff:ffff:ffff:ffff:ffff
                  2a00:1cb8:2000::/35

    Signature Algorithm: sha256WithRSAEncryption
         97:1f:8d:8d:ea:cc:5c:09:49:7a:b9:8d:58:8e:11:e2:0d:70:
         b0:e4:3f:4f:12:42:7e:dd:10:e4:9e:c2:7f:29:4d:10:f5:ba:
         3d:58:e3:3e:e8:9e:6d:aa:d5:90:1c:dc:69:c7:ed:c4:91:14:
         6c:10:45:56:02:71:90:ee:59:9c:14:97:31:20:d2:d9:59:5a:
         c4:41:92:fa:98:ef:79:36:42:9d:3d:79:46:7c:2e:e9:da:49:
         5e:ee:fe:43:cb:2e:a9:83:6b:66:6d:c5:8d:ed:06:77:4e:6c:
         cd:2a:44:4d:91:1c:b0:ac:5a:92:3f:e5:c1:11:5c:cd:c1:fe:
         a3:9c:37:9f:9b:20:70:2b:6e:f2:32:b2:df:66:4d:39:ed:7a:
         c6:ef:0a:6e:77:36:3c:59:56:98:14:a8:c4:21:8c:97:b4:46:
         96:42:cc:71:9a:1c:cd:19:fc:d6:59:97:4a:a3:20:71:21:de:
         de:34:29:bd:35:23:ff:39:fc:e3:fb:27:be:62:61:29:33:56:
         f2:e2:96:03:77:45:83:87:a1:8e:00:8d:a3:7e:fb:fb:19:55:
         f4:95:35:00:fc:a5:a8:d0:7f:fd:2d:c0:91:d6:ce:f5:ae:73:
         93:56:c2:ee:42:a7:55:d8:18:f8:89:00:65:a3:5e:b2:58:58:
         5c:86:d5:b7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIED9h/WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODM5OTZjNmYyZTdhMzg4NzFmOGMwMDFmNGY4YmE0YTcwNWU4Nzk5MB4XDTIyMDEw
MTAyNTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE1ZjVkZTQyMDcx
ZmI5YjczYThlZDhmMjBkZjE3ZDRkZDdmYWU0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJkOiaso2X/gJng0viefO0r4qJgM7Bdhu58PxRNBF5qkQ6JC
nAuuRkPjl7Z6hB+VcA49f8diOJWyUfyhfjYcxtjaliDWaOW0E6hScBEuSZ86Y0mT
WVhFl1RHpmysKSDqojmswK98CQSdgCEvZGEtREspOC12XH0GlFs1z3PBiuimWcWB
QP/0tRkRl1/Hf1c6jkjqzzH9XUFfHte29A9WknHGDUe6WXeXnWe6t8/vF0NNvzvW
Rc/5O9u7fs4Qn3OBUrlQ+6t/ZsCSyVBszlOZ1GVFI2Sm/TFxf23CwW4wh5TUlAii
HQLKG2WiT8JJpsOlxxnK6Q+Ryxuxgr9WGDhQxfMCAwEAAaOCAnQwggJwMB0GA1Ud
DgQWBBRhX13kIHH7m3Oo7Y8g3xfU3X+uSzAfBgNVHSMEGDAWgBQIOZbG8uejiHH4
wAH0+LpKcF6HmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NEbVd4dkxubzRoeC1NQUI5UGk2U25CZWg1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvYjNiNGJiLTIwZjUtNDhhZC1hNjFiLWZlOGU1ZTBiZmEwZi8x
L1lWOWQ1Q0J4LTV0enFPMlBJTjhYMU4xX3Jrcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
YjNiNGJiLTIwZjUtNDhhZC1hNjFiLWZlOGU1ZTBiZmEwZi8xL0NEbVd4dkxubzRo
eC1NQUI5UGk2U25CZWg1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iQYIKwYBBQUHAQcBAf8EejB4MFIEAgABMEwwDAMEAD5LAQMEAj5LAAMEAD5LCAME
AD5LCgMEAD5LDTAMAwQAPksPAwQBPksYAwQAPks2AwQAPks6AwQAPks+AwQAPktA
AwQAPktFMCIEAgACMBwwEgMHACoAHLgAAQMHACoAHLgAAgMGBSoAHLggMA0GCSqG
SIb3DQEBCwUAA4IBAQCXH42N6sxcCUl6uY1YjhHiDXCw5D9PEkJ+3RDknsJ/KU0Q
9bo9WOM+6J5tqtWQHNxpx+3EkRRsEEVWAnGQ7lmcFJcxINLZWVrEQZL6mO95NkKd
PXlGfC7p2kle7v5Dyy6pg2tmbcWN7QZ3TmzNKkRNkRywrFqSP+XBEVzNwf6jnDef
myBwK27yMrLfZk057XrG7wpudzY8WVaYFKjEIYyXtEaWQsxxmhzNGfzWWZdKoyBx
Id7eNCm9NSP/Ofzj+ye+YmEpM1by4pYDd0WDh6GOAI2jfvv7GVX0lTUA/KWo0H/9
LcCR1s71rnOTVsLuQqdV2Bj4iQBlo16yWFhchtW3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:38 2024 by rpki-client on console-ams.rpki-client.org