Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/_FoXCEd2BEf4ZJtu1a_fD8AL69s.roa
File:                     _FoXCEd2BEf4ZJtu1a_fD8AL69s.roa (raw, json)
Hash identifier:          XgVD3cANWO3LQ+S4JzuIINQI1nWV3RFvpeRiSqiu67I=
Subject key identifier:   FC:5A:17:08:47:76:04:47:F8:64:9B:6E:D5:AF:DF:0F:C0:0B:EB:DB
Certificate issuer:       /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial:       018C5468C2C5F90000235EAA14ADE8F4A3D7
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/_FoXCEd2BEf4ZJtu1a_fD8AL69s.roa
Signing time:             Sun 10 Dec 2023 15:46:40 +0000
ROA not before:           Sun 10 Dec 2023 15:46:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202685
IP address blocks:        85.114.120.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:54:68:c2:c5:f9:00:00:23:5e:aa:14:ad:e8:f4:a3:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
        Validity
            Not Before: Dec 10 15:46:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc5a170847760447f8649b6ed5afdf0fc00bebdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5c:67:98:93:9b:97:ac:22:aa:d6:5e:9d:76:
                    fa:54:df:41:25:0c:db:a5:2d:4a:21:f4:34:90:a0:
                    85:50:38:0f:43:a9:39:12:25:8e:a7:8f:ec:03:24:
                    06:a0:ac:4f:eb:15:ff:ac:f6:1d:56:cd:40:05:0c:
                    6e:3b:76:53:b8:14:5e:c8:b8:37:3d:1e:0f:dd:d6:
                    1d:db:27:e3:88:2e:83:7b:a0:77:e6:85:4a:56:1c:
                    d4:a0:1e:2c:31:51:08:ab:12:9d:55:b5:4d:d1:fd:
                    46:d6:54:14:2e:9b:85:ce:18:b2:1c:27:9c:90:84:
                    51:25:29:fa:6a:9c:63:9c:7f:98:5b:67:ea:ac:f6:
                    a5:15:c6:b9:ab:35:5e:53:f1:88:09:7b:cf:d6:3e:
                    bd:1d:f0:9f:4e:2f:ed:47:36:f7:e1:db:0d:d3:a6:
                    01:32:3d:7e:f5:4d:12:2b:a4:66:b6:5e:c7:d4:03:
                    f0:ac:ce:81:f0:98:a8:01:55:63:87:0b:c5:67:06:
                    31:aa:09:2f:e8:8b:98:41:5d:5a:dc:60:61:e6:aa:
                    cc:a6:de:e1:d9:73:4a:2a:64:40:d2:a2:41:88:7f:
                    5f:dc:70:e1:66:34:47:f1:87:a7:28:51:74:b5:13:
                    ce:b0:5c:42:fb:b4:4f:ba:fe:7a:4f:b9:06:c0:cb:
                    ca:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:5A:17:08:47:76:04:47:F8:64:9B:6E:D5:AF:DF:0F:C0:0B:EB:DB
            X509v3 Authority Key Identifier:
                keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/_FoXCEd2BEf4ZJtu1a_fD8AL69s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.114.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         29:07:93:db:50:c1:15:cb:cc:26:10:66:b6:37:16:00:60:38:
         fc:dc:67:5b:84:b2:e0:68:02:41:e5:a5:43:1c:47:4a:d3:39:
         10:08:e3:00:a1:76:be:bb:6f:00:5c:68:db:d2:a1:68:ea:42:
         0e:e9:9d:68:fd:5f:e9:e3:92:17:f8:0a:82:71:bc:87:66:5a:
         6b:0c:83:16:5e:7a:a9:4e:ba:7f:c6:43:42:10:21:bb:ee:73:
         cc:43:d9:50:8e:be:32:df:2b:7f:07:f5:c5:bc:27:e9:86:95:
         50:7e:2b:ca:9b:2c:11:4d:4e:11:4a:ce:42:8f:cd:da:7c:cb:
         0e:86:19:13:cb:86:e3:dc:e1:46:1d:72:e0:94:bf:47:e0:10:
         b8:6f:64:0c:e5:8e:28:68:48:5a:46:d0:39:c2:e8:6d:39:b4:
         cb:b3:ff:db:68:56:2b:5c:98:9c:f1:d4:5f:8d:7f:5b:9e:8b:
         e3:c7:02:2b:1a:9a:cf:10:62:05:c6:21:d5:22:c2:94:53:62:
         20:5d:8c:17:3d:39:2d:36:75:0e:76:b8:65:a1:0c:ca:a7:cb:
         b2:89:8c:6f:28:a0:cb:f5:0b:bb:72:fc:34:d4:f9:cd:49:a7:
         2a:50:58:52:0f:40:44:26:e8:50:f2:ed:1a:aa:9f:1b:ed:de:
         f4:eb:dc:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxUaMLF+QAAI16qFK3o9KPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjMxMjEwMTU0NjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzVhMTcwODQ3NzYwNDQ3Zjg2NDliNmVkNWFmZGYwZmMwMGJlYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1xnmJObl6wiqtZenXb6VN9BJQzb
pS1KIfQ0kKCFUDgPQ6k5EiWOp4/sAyQGoKxP6xX/rPYdVs1ABQxuO3ZTuBReyLg3
PR4P3dYd2yfjiC6De6B35oVKVhzUoB4sMVEIqxKdVbVN0f1G1lQULpuFzhiyHCec
kIRRJSn6apxjnH+YW2fqrPalFca5qzVeU/GICXvP1j69HfCfTi/tRzb34dsN06YB
Mj1+9U0SK6Rmtl7H1APwrM6B8JioAVVjhwvFZwYxqgkv6IuYQV1a3GBh5qrMpt7h
2XNKKmRA0qJBiH9f3HDhZjRH8YenKFF0tRPOsFxC+7RPuv56T7kGwMvKEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxaFwhHdgRH+GSbbtWv3w/AC+vbMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvX0ZvWENFZDJCRWY0Wkp0dTFhX2ZEOEFMNjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQApB5PbUMEVy8wmEGa2NxYAYDj83GdbhLLgaAJB5aVD
HEdK0zkQCOMAoXa+u28AXGjb0qFo6kIO6Z1o/V/p45IX+AqCcbyHZlprDIMWXnqp
Trp/xkNCECG77nPMQ9lQjr4y3yt/B/XFvCfphpVQfivKmywRTU4RSs5Cj83afMsO
hhkTy4bj3OFGHXLglL9H4BC4b2QM5Y4oaEhaRtA5wuhtObTLs//baFYrXJic8dRf
jX9bnovjxwIrGprPEGIFxiHVIsKUU2IgXYwXPTktNnUOdrhloQzKp8uyiYxvKKDL
9Qu7cvw01PnNSacqUFhSD0BEJuhQ8u0aqp8b7d7069z9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org