Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/28UldnFsmAafUI8I4dWBUzZX9S4.roa
File:                     28UldnFsmAafUI8I4dWBUzZX9S4.roa (raw, json)
Hash identifier:          FNFeofRb0EhHNxQES6o+h9KrzLPy2kZ2DJpQ8GR/Xbw=
Subject key identifier:   DB:C5:25:76:71:6C:98:06:9F:50:8F:08:E1:D5:81:53:36:57:F5:2E
Certificate issuer:       /CN=06360901ffe4f23c18c45b544ab8759db55292cb
Certificate serial:       018820867848DF045C84904C0ACDD89B8BD0
Authority key identifier: 06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/28UldnFsmAafUI8I4dWBUzZX9S4.roa
Signing time:             Mon 15 May 2023 17:47:43 +0000
ROA not before:           Mon 15 May 2023 17:47:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7393
IP address blocks:        176.97.198.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:20:86:78:48:df:04:5c:84:90:4c:0a:cd:d8:9b:8b:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06360901ffe4f23c18c45b544ab8759db55292cb
        Validity
            Not Before: May 15 17:47:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dbc52576716c98069f508f08e1d581533657f52e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7e:7f:b4:b3:9c:6d:36:af:c9:d9:51:5e:0f:
                    0f:44:be:5f:cc:f1:91:5c:cb:fa:82:5e:71:59:3f:
                    f1:4e:d8:30:49:d6:49:29:e6:58:7a:93:37:2a:55:
                    42:a7:e9:dd:ec:80:ec:29:a0:1a:51:b3:c2:15:d0:
                    a6:1d:97:5c:a1:16:7b:21:a2:61:fa:93:33:45:98:
                    2b:1b:5a:7a:8a:78:3c:b3:eb:1a:e3:10:bd:32:54:
                    6e:9e:6b:20:52:4f:47:56:1d:b5:ba:84:7c:25:e5:
                    cf:cf:59:80:17:d7:2f:73:31:2a:2d:28:ec:06:eb:
                    6e:c1:65:13:21:77:e5:7b:22:2f:3a:31:95:ce:ad:
                    85:e3:eb:7a:dc:49:10:ee:77:86:b5:44:40:9c:c7:
                    c0:5f:31:d6:66:1e:2e:2a:07:ba:cc:b0:ed:ce:b0:
                    05:88:59:fb:e2:20:ef:49:4e:ab:82:d6:58:9d:0a:
                    6b:66:32:8e:cb:cd:18:0e:fe:b0:f5:b4:1d:b7:58:
                    53:db:6c:4c:e7:bb:69:e8:ca:53:18:d4:73:d1:4e:
                    8c:f4:b7:b9:c5:a5:fa:d6:ba:55:b2:d8:eb:35:aa:
                    b3:d2:8e:08:1e:16:36:6e:d9:ea:6c:1c:a8:bb:09:
                    26:e0:f9:4c:31:7f:56:f3:e6:18:02:df:b3:66:3a:
                    6b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:C5:25:76:71:6C:98:06:9F:50:8F:08:E1:D5:81:53:36:57:F5:2E
            X509v3 Authority Key Identifier:
                keyid:06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/28UldnFsmAafUI8I4dWBUzZX9S4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/BjYJAf_k8jwYxFtUSrh1nbVSkss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:93:e4:59:e9:36:6a:7f:d9:a7:d9:08:14:c1:3a:55:dd:28:
         0d:37:bd:ed:f5:59:e0:60:ab:2e:37:c2:13:fa:33:6f:d7:42:
         91:e2:7f:cd:c0:de:38:fc:31:9c:e5:ac:31:4b:03:aa:7f:91:
         f3:84:29:70:5c:35:ed:bd:9f:6f:89:57:2f:52:44:9b:87:d0:
         c9:d4:b4:e4:ca:32:50:20:e5:b3:58:bd:8a:98:2a:40:1f:a5:
         86:97:48:47:4a:9f:1f:da:fe:35:a1:33:a7:18:4d:28:49:41:
         5f:77:e5:a9:8f:40:b4:c0:97:86:a5:63:91:93:a6:4b:40:a5:
         df:50:6e:7d:20:c4:dd:6c:25:40:95:95:33:c3:e5:41:15:94:
         9a:dd:5e:d2:01:22:36:a9:a8:9b:4e:36:c2:69:07:4d:52:f9:
         4b:55:05:89:05:c0:fb:aa:eb:09:51:f4:1e:ed:d8:0c:34:af:
         d4:79:fb:36:97:75:b1:c0:f9:5c:7d:e6:ed:1a:d4:1f:51:3d:
         f9:b3:97:b7:df:98:90:f1:2e:d0:50:1c:64:59:7e:26:8a:f1:
         e3:83:6b:e9:ff:b6:f1:ef:9b:9b:4a:38:62:a8:86:63:e9:e5:
         fb:3f:c9:c6:c4:33:13:29:73:09:01:dd:5d:13:52:d5:2d:87:
         ee:c1:24:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgghnhI3wRchJBMCs3Ym4vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzYwOTAxZmZlNGYyM2MxOGM0NWI1NDRhYjg3NTlkYjU1
MjkyY2IwHhcNMjMwNTE1MTc0NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM1MjU3NjcxNmM5ODA2OWY1MDhmMDhlMWQ1ODE1MzM2NTdmNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX5/tLOcbTavydlRXg8PRL5fzPGR
XMv6gl5xWT/xTtgwSdZJKeZYepM3KlVCp+nd7IDsKaAaUbPCFdCmHZdcoRZ7IaJh
+pMzRZgrG1p6ing8s+sa4xC9MlRunmsgUk9HVh21uoR8JeXPz1mAF9cvczEqLSjs
ButuwWUTIXfleyIvOjGVzq2F4+t63EkQ7neGtURAnMfAXzHWZh4uKge6zLDtzrAF
iFn74iDvSU6rgtZYnQprZjKOy80YDv6w9bQdt1hT22xM57tp6MpTGNRz0U6M9Le5
xaX61rpVstjrNaqz0o4IHhY2btnqbByouwkm4PlMMX9W8+YYAt+zZjprZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvFJXZxbJgGn1CPCOHVgVM2V/UuMB8GA1UdIwQY
MBaAFAY2CQH/5PI8GMRbVEq4dZ21UpLLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpZSkFmX2s4andZeEZ0VVNyaDFuYlZTa3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMmI2MGMtZTY0Ny00Mzc1LTk4Njkt
ZDZlMWUyYWYwYjNjLzEvMjhVbGRuRnNtQWFmVUk4STRkV0JVelpYOVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xMmI2MGMtZTY0Ny00Mzc1LTk4NjktZDZlMWUyYWYwYjNj
LzEvQmpZSkFmX2s4andZeEZ0VVNyaDFuYlZTa3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHGMA0G
CSqGSIb3DQEBCwUAA4IBAQCak+RZ6TZqf9mn2QgUwTpV3SgNN73t9VngYKsuN8IT
+jNv10KR4n/NwN44/DGc5awxSwOqf5HzhClwXDXtvZ9viVcvUkSbh9DJ1LTkyjJQ
IOWzWL2KmCpAH6WGl0hHSp8f2v41oTOnGE0oSUFfd+Wpj0C0wJeGpWORk6ZLQKXf
UG59IMTdbCVAlZUzw+VBFZSa3V7SASI2qaibTjbCaQdNUvlLVQWJBcD7qusJUfQe
7dgMNK/Uefs2l3WxwPlcfebtGtQfUT35s5e335iQ8S7QUBxkWX4mivHjg2vp/7bx
75ubSjhiqIZj6eX7P8nGxDMTKXMJAd1dE1LVLYfuwSTT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:33 2024 by rpki-client on console-fra.rpki-client.org