Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/EzClKbMD5KT7M3LgJbqWwWXU1Sk.roa
File:                     EzClKbMD5KT7M3LgJbqWwWXU1Sk.roa (raw, json)
Hash identifier:          W+//pRKD1TPTISR15KBgW6FxwhE+UAs806TQaGIKDnk=
Subject key identifier:   13:30:A5:29:B3:03:E4:A4:FB:33:72:E0:25:BA:96:C1:65:D4:D5:29
Certificate issuer:       /CN=06360901ffe4f23c18c45b544ab8759db55292cb
Certificate serial:       01856BDC8B0C5E6AA76D0E1CC01C5B5D7AE5
Authority key identifier: 06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/EzClKbMD5KT7M3LgJbqWwWXU1Sk.roa
Signing time:             Sun 01 Jan 2023 05:44:53 +0000
ROA not before:           Sun 01 Jan 2023 05:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        176.97.198.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:dc:8b:0c:5e:6a:a7:6d:0e:1c:c0:1c:5b:5d:7a:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06360901ffe4f23c18c45b544ab8759db55292cb
        Validity
            Not Before: Jan  1 05:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1330a529b303e4a4fb3372e025ba96c165d4d529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a5:01:a4:4c:fb:ef:9d:b2:e4:4b:19:9d:17:
                    eb:73:a1:bd:92:03:91:d1:a3:27:bb:df:2c:0e:8f:
                    41:bf:e0:98:63:73:d2:84:0c:7b:c4:32:8f:d6:45:
                    d8:1c:0d:dd:e1:25:0e:35:23:6c:f7:8d:96:59:d7:
                    91:08:e2:2f:7a:c2:7c:94:aa:88:38:cc:f6:ba:6c:
                    ff:e8:5d:57:9b:a1:dc:fc:7d:71:8c:5b:d1:42:56:
                    9d:e8:8b:89:34:70:37:5d:83:b9:f8:c0:f4:7b:14:
                    fd:0b:93:7a:a5:95:52:ed:10:11:09:d6:2b:d3:fd:
                    e3:bd:77:2f:32:d2:01:9d:21:9c:7a:9f:08:ad:85:
                    23:65:c0:31:00:ad:c3:73:82:82:c9:e1:7a:de:1c:
                    7c:0e:48:8f:68:e8:9d:e4:fb:e6:e9:0d:28:3e:3f:
                    aa:23:fb:b1:48:36:46:b8:45:0e:88:88:99:97:50:
                    23:28:b8:f6:d8:78:7b:4f:54:ff:aa:a6:28:f5:64:
                    0c:50:06:f9:ac:be:da:6d:f6:25:53:fa:22:27:ad:
                    41:69:e9:f6:a7:4c:4c:cf:ac:1b:10:b8:62:b6:af:
                    7d:bf:04:99:f8:c0:49:76:03:4d:d1:94:a6:9e:ed:
                    d1:91:f3:b5:39:12:b3:70:07:6d:12:db:59:25:97:
                    9f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:30:A5:29:B3:03:E4:A4:FB:33:72:E0:25:BA:96:C1:65:D4:D5:29
            X509v3 Authority Key Identifier:
                keyid:06:36:09:01:FF:E4:F2:3C:18:C4:5B:54:4A:B8:75:9D:B5:52:92:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjYJAf_k8jwYxFtUSrh1nbVSkss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/EzClKbMD5KT7M3LgJbqWwWXU1Sk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/12b60c-e647-4375-9869-d6e1e2af0b3c/1/BjYJAf_k8jwYxFtUSrh1nbVSkss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:53:c1:bc:18:0a:84:f9:1b:b1:77:ba:ca:2a:6d:6f:54:32:
         87:d2:7e:39:43:a1:b7:7a:61:d5:45:ca:6e:14:a7:91:f4:d2:
         db:ef:a3:e7:74:ca:df:52:6f:11:b8:49:79:73:5b:7e:09:d4:
         b0:87:02:46:69:5c:66:c9:ae:36:cf:35:a2:0a:44:ff:f6:c5:
         20:09:56:78:b9:d3:b8:78:75:44:8f:52:3e:e6:0a:d4:ac:08:
         d3:67:4f:c9:f7:a0:65:05:fe:6d:7a:64:ee:c2:84:f1:df:91:
         f3:97:3e:37:f2:bd:a5:61:6d:8a:b0:4b:67:50:cb:c9:a8:95:
         f4:6f:61:48:ad:38:09:5f:c8:7f:a2:4a:49:47:83:90:be:33:
         00:37:60:19:0e:80:76:26:bb:d4:d0:24:80:f1:da:8c:f9:23:
         20:ba:c5:aa:a9:31:a2:22:7e:a9:9a:1f:95:cd:53:b6:66:2e:
         60:6a:cb:27:ec:5a:c7:1e:53:b9:8f:5b:af:45:66:fa:b4:33:
         fa:c1:c4:1a:7d:d1:5c:f4:c6:15:ca:54:fe:bd:0d:b3:eb:6a:
         4d:83:88:91:5a:8f:3d:d8:83:52:c8:94:91:e8:26:ea:13:a1:
         c5:af:81:f9:e6:c0:45:e5:4d:bc:cb:00:c5:36:d6:71:39:d2:
         59:8a:61:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3IsMXmqnbQ4cwBxbXXrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzYwOTAxZmZlNGYyM2MxOGM0NWI1NDRhYjg3NTlkYjU1
MjkyY2IwHhcNMjMwMTAxMDU0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzMwYTUyOWIzMDNlNGE0ZmIzMzcyZTAyNWJhOTZjMTY1ZDRkNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKUBpEz7752y5EsZnRfrc6G9kgOR
0aMnu98sDo9Bv+CYY3PShAx7xDKP1kXYHA3d4SUONSNs942WWdeRCOIvesJ8lKqI
OMz2umz/6F1Xm6Hc/H1xjFvRQlad6IuJNHA3XYO5+MD0exT9C5N6pZVS7RARCdYr
0/3jvXcvMtIBnSGcep8IrYUjZcAxAK3Dc4KCyeF63hx8DkiPaOid5Pvm6Q0oPj+q
I/uxSDZGuEUOiIiZl1AjKLj22Hh7T1T/qqYo9WQMUAb5rL7abfYlU/oiJ61Baen2
p0xMz6wbELhitq99vwSZ+MBJdgNN0ZSmnu3RkfO1ORKzcAdtEttZJZefkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBMwpSmzA+Sk+zNy4CW6lsFl1NUpMB8GA1UdIwQY
MBaAFAY2CQH/5PI8GMRbVEq4dZ21UpLLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpZSkFmX2s4andZeEZ0VVNyaDFuYlZTa3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMmI2MGMtZTY0Ny00Mzc1LTk4Njkt
ZDZlMWUyYWYwYjNjLzEvRXpDbEtiTUQ1S1Q3TTNMZ0picVd3V1hVMVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xMmI2MGMtZTY0Ny00Mzc1LTk4NjktZDZlMWUyYWYwYjNj
LzEvQmpZSkFmX2s4andZeEZ0VVNyaDFuYlZTa3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHGMA0G
CSqGSIb3DQEBCwUAA4IBAQABU8G8GAqE+Ruxd7rKKm1vVDKH0n45Q6G3emHVRcpu
FKeR9NLb76PndMrfUm8RuEl5c1t+CdSwhwJGaVxmya42zzWiCkT/9sUgCVZ4udO4
eHVEj1I+5grUrAjTZ0/J96BlBf5temTuwoTx35Hzlz438r2lYW2KsEtnUMvJqJX0
b2FIrTgJX8h/okpJR4OQvjMAN2AZDoB2JrvU0CSA8dqM+SMgusWqqTGiIn6pmh+V
zVO2Zi5gassn7FrHHlO5j1uvRWb6tDP6wcQafdFc9MYVylT+vQ2z62pNg4iRWo89
2INSyJSR6CbqE6HFr4H55sBF5U28ywDFNtZxOdJZimEH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:14 2024 by rpki-client on console-ams.rpki-client.org