Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/29c524-c98e-4320-8274-521171b7d268/1/FbN8h24rPOcotlW7nuaSszKS3nA.roa
File:                     FbN8h24rPOcotlW7nuaSszKS3nA.roa (raw, json)
Hash identifier:          PKTqmVrssjraAj0HvdZlIS2SAj4iWY1vYy7S2qnat6w=
Subject key identifier:   15:B3:7C:87:6E:2B:3C:E7:28:B6:55:BB:9E:E6:92:B3:32:92:DE:70
Certificate issuer:       /CN=0c985eb8d94b9fa11422d782f314ff6e2ded07ad
Certificate serial:       018570152C0A441BB128E35C2D9883170E93
Authority key identifier: 0C:98:5E:B8:D9:4B:9F:A1:14:22:D7:82:F3:14:FF:6E:2D:ED:07:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DJheuNlLn6EUIteC8xT_bi3tB60.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/29c524-c98e-4320-8274-521171b7d268/1/FbN8h24rPOcotlW7nuaSszKS3nA.roa
Signing time:             Mon 02 Jan 2023 01:25:13 +0000
ROA not before:           Mon 02 Jan 2023 01:25:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        213.232.239.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:2c:0a:44:1b:b1:28:e3:5c:2d:98:83:17:0e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c985eb8d94b9fa11422d782f314ff6e2ded07ad
        Validity
            Not Before: Jan  2 01:25:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=15b37c876e2b3ce728b655bb9ee692b33292de70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ff:2a:29:0a:26:5b:db:15:fb:c4:94:5b:4c:
                    ee:0d:b5:76:f3:0a:56:bc:e4:6b:6c:9e:0e:93:d2:
                    db:c8:22:cd:d1:2d:6d:fe:d0:15:97:74:c1:40:2b:
                    a3:2b:d6:a3:bf:a4:a6:e1:ed:be:f4:e5:d1:7c:b4:
                    96:9f:dd:73:a7:da:3b:45:47:4b:af:b8:d1:8a:0a:
                    d0:b7:af:f3:87:6a:53:63:94:0f:48:bd:ab:a7:4b:
                    c4:0a:07:3a:b6:78:9a:b3:1b:6d:71:10:af:20:ab:
                    05:ca:7d:36:ba:cd:16:96:b2:10:78:e4:2a:52:0e:
                    e5:23:0c:e4:4e:a2:dc:6f:3d:ff:28:45:dd:68:a8:
                    b0:95:64:e5:aa:6a:c8:c8:cc:64:59:d2:cf:e5:88:
                    d8:46:8e:ac:ef:5b:d5:18:80:f0:e9:c1:49:95:8a:
                    cb:8b:34:96:bc:6c:d4:57:9e:c4:93:ee:4f:ed:8f:
                    70:c3:28:4b:49:31:7d:9b:ed:59:50:50:d7:c9:66:
                    df:e9:f2:a2:bc:03:23:29:aa:42:12:8c:62:67:19:
                    9a:2b:b6:0c:31:60:9b:65:2d:43:1e:7e:ab:81:3a:
                    12:cf:eb:c4:af:a0:fb:62:3f:4d:3c:a6:71:62:c7:
                    64:ca:7f:28:4f:cd:7a:ae:d2:f1:a0:ec:8f:ea:5d:
                    68:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:B3:7C:87:6E:2B:3C:E7:28:B6:55:BB:9E:E6:92:B3:32:92:DE:70
            X509v3 Authority Key Identifier:
                keyid:0C:98:5E:B8:D9:4B:9F:A1:14:22:D7:82:F3:14:FF:6E:2D:ED:07:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJheuNlLn6EUIteC8xT_bi3tB60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/29c524-c98e-4320-8274-521171b7d268/1/FbN8h24rPOcotlW7nuaSszKS3nA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/29c524-c98e-4320-8274-521171b7d268/1/DJheuNlLn6EUIteC8xT_bi3tB60.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:9c:fa:eb:5e:76:cc:3d:72:6b:0a:a7:ec:89:83:f3:20:8f:
         8e:77:45:d5:67:18:4e:d3:a7:fd:1e:7b:3c:6d:5c:f0:66:5a:
         6d:88:34:b1:31:72:c0:c5:da:cc:4c:1b:06:92:61:cf:28:4e:
         6a:0d:ea:7f:dc:f2:07:d3:da:08:d5:f1:d7:49:48:8b:35:b1:
         d0:ec:7a:3d:42:a7:68:e0:d3:96:a5:f3:0f:70:7e:c4:17:cb:
         3e:f4:e7:3b:6b:ba:80:8e:30:c1:7c:a2:69:d6:79:27:f7:e3:
         e4:89:8a:38:e7:ee:04:81:73:d8:00:b7:4c:75:ba:a0:99:a0:
         ee:46:da:12:81:8a:6b:ad:d8:a2:6e:fc:ec:c4:ad:20:0b:74:
         58:26:a4:f1:ec:1c:3d:f2:b5:ad:a6:6b:16:2c:e7:51:46:db:
         cf:26:2f:cb:60:f1:59:7b:3d:3d:9f:e5:99:85:6b:74:fe:01:
         27:da:10:bf:63:26:94:0e:19:45:33:81:31:be:b2:79:43:09:
         70:cc:0e:94:04:e7:49:3a:26:cd:ff:b9:9f:45:62:af:c6:6f:
         32:b7:f2:8b:fa:49:f8:43:73:ee:1f:25:16:4b:b9:99:3a:0f:
         39:99:fe:23:43:a6:08:fa:7d:1a:b4:2a:92:09:14:92:02:22:
         24:b8:c8:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFSwKRBuxKONcLZiDFw6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTg1ZWI4ZDk0YjlmYTExNDIyZDc4MmYzMTRmZjZlMmRl
ZDA3YWQwHhcNMjMwMTAyMDEyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIzN2M4NzZlMmIzY2U3MjhiNjU1YmI5ZWU2OTJiMzMyOTJkZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP8qKQomW9sV+8SUW0zuDbV28wpW
vORrbJ4Ok9LbyCLN0S1t/tAVl3TBQCujK9ajv6Sm4e2+9OXRfLSWn91zp9o7RUdL
r7jRigrQt6/zh2pTY5QPSL2rp0vECgc6tniasxttcRCvIKsFyn02us0WlrIQeOQq
Ug7lIwzkTqLcbz3/KEXdaKiwlWTlqmrIyMxkWdLP5YjYRo6s71vVGIDw6cFJlYrL
izSWvGzUV57Ek+5P7Y9wwyhLSTF9m+1ZUFDXyWbf6fKivAMjKapCEoxiZxmaK7YM
MWCbZS1DHn6rgToSz+vEr6D7Yj9NPKZxYsdkyn8oT816rtLxoOyP6l1oZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWzfIduKzznKLZVu57mkrMykt5wMB8GA1UdIwQY
MBaAFAyYXrjZS5+hFCLXgvMU/24t7QetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpoZXVObExuNkVVSXRlQzh4VF9iaTN0QjYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yOWM1MjQtYzk4ZS00MzIwLTgyNzQt
NTIxMTcxYjdkMjY4LzEvRmJOOGgyNHJQT2NvdGxXN251YVNzektTM25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yOWM1MjQtYzk4ZS00MzIwLTgyNzQtNTIxMTcxYjdkMjY4
LzEvREpoZXVObExuNkVVSXRlQzh4VF9iaTN0QjYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejvMA0G
CSqGSIb3DQEBCwUAA4IBAQBgnPrrXnbMPXJrCqfsiYPzII+Od0XVZxhO06f9Hns8
bVzwZlptiDSxMXLAxdrMTBsGkmHPKE5qDep/3PIH09oI1fHXSUiLNbHQ7Ho9Qqdo
4NOWpfMPcH7EF8s+9Oc7a7qAjjDBfKJp1nkn9+PkiYo45+4EgXPYALdMdbqgmaDu
RtoSgYprrdiibvzsxK0gC3RYJqTx7Bw98rWtpmsWLOdRRtvPJi/LYPFZez09n+WZ
hWt0/gEn2hC/YyaUDhlFM4ExvrJ5QwlwzA6UBOdJOibN/7mfRWKvxm8yt/KL+kn4
Q3PuHyUWS7mZOg85mf4jQ6YI+n0atCqSCRSSAiIkuMg7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:58 2024 by rpki-client on console-fra.rpki-client.org