Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/Z7MryYlzyp6q7h7nEOd-c3Ei3nU.roa
File:                     Z7MryYlzyp6q7h7nEOd-c3Ei3nU.roa (raw, json)
Hash identifier:          dzaB/lNnrhqa2Whh2R/hwWJA+Mu86zQQh7kZDuwiFEU=
Subject key identifier:   67:B3:2B:C9:89:73:CA:9E:AA:EE:1E:E7:10:E7:7E:73:71:22:DE:75
Certificate issuer:       /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial:       01852C66A198C6FC3AC2D3F5F20BF8D1A710
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/Z7MryYlzyp6q7h7nEOd-c3Ei3nU.roa
Signing time:             Mon 19 Dec 2022 22:00:01 +0000
ROA not before:           Mon 19 Dec 2022 22:00:01 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        152.89.194.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2c:66:a1:98:c6:fc:3a:c2:d3:f5:f2:0b:f8:d1:a7:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
        Validity
            Not Before: Dec 19 22:00:01 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=67b32bc98973ca9eaaee1ee710e77e737122de75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:3a:7c:d7:38:36:bf:f5:40:00:cf:1c:7d:c6:
                    6b:78:b0:27:7d:3f:df:bf:15:b0:d6:6d:84:58:8d:
                    6f:02:d0:b1:5d:9c:57:bf:80:9f:04:54:69:72:2e:
                    4f:3c:80:81:af:2e:ec:fb:f6:aa:01:19:2f:da:d4:
                    09:25:b5:72:43:e9:03:07:04:97:97:06:3b:a8:7a:
                    22:6d:36:e6:36:c6:45:49:06:a6:97:42:0d:83:62:
                    f6:47:a5:b4:2a:2b:3e:52:b7:43:fd:b6:94:86:70:
                    01:03:97:13:23:32:ff:2b:02:83:a4:2e:ad:0c:57:
                    c8:a4:80:b8:be:6a:c3:a0:62:f4:2d:00:e3:b7:79:
                    10:7d:8f:6e:5d:9e:32:59:03:47:ae:c8:a1:bb:5d:
                    e1:da:9d:9d:c8:dd:5c:1f:98:7d:f5:93:c3:fe:d1:
                    4b:45:4c:29:7b:9c:f3:e1:ba:5d:1b:69:5c:4a:e7:
                    92:71:c5:f1:2f:66:ae:53:b4:a9:3b:39:c4:e9:33:
                    29:16:ad:81:52:b6:46:af:27:55:a0:9c:4b:22:23:
                    da:82:ff:8f:ae:21:a0:ce:5a:2c:b3:bf:cf:78:66:
                    5d:a3:e6:d7:3a:f1:50:10:99:41:ff:bc:d4:15:52:
                    f5:e6:af:f0:03:a0:8f:e8:6d:fa:78:33:92:53:dc:
                    39:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:B3:2B:C9:89:73:CA:9E:AA:EE:1E:E7:10:E7:7E:73:71:22:DE:75
            X509v3 Authority Key Identifier:
                keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/Z7MryYlzyp6q7h7nEOd-c3Ei3nU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.89.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:87:fa:c8:da:44:6d:33:32:11:c8:a6:6d:f8:67:62:a5:ee:
         f3:29:db:a5:3f:6b:1d:06:2f:51:c6:32:92:2e:f3:c2:2e:4b:
         23:66:22:2c:89:95:a6:a2:28:cc:81:0c:27:fd:1f:75:ef:fe:
         81:f5:2d:61:41:df:0e:32:76:f5:da:c6:8a:72:e9:2a:8b:1b:
         45:06:e7:ed:3a:4b:24:a3:d2:31:de:42:8a:cf:0b:2c:f5:3a:
         8c:ef:87:90:fe:a3:fb:14:c4:70:7c:f9:94:61:c9:9c:78:9a:
         a0:94:ee:a5:b9:a5:77:e7:48:d6:a1:e9:0b:07:96:9c:e2:86:
         5d:c6:43:85:36:18:e1:16:ea:02:64:22:cf:ea:c4:f6:60:75:
         ae:cd:dd:0e:86:91:6c:03:76:5b:6f:15:5a:d9:bb:77:23:df:
         c0:ee:e8:77:eb:b8:fa:ad:8a:df:33:73:8a:d9:eb:f5:99:9a:
         f0:95:d5:f0:83:a0:a1:c1:a2:f5:76:43:58:4a:70:c5:ef:82:
         e2:60:dc:8a:4a:70:8c:68:f3:17:73:6e:c3:d3:c2:0e:f2:5e:
         0d:32:93:73:86:c9:f3:b7:9a:f6:35:bc:55:86:d7:7a:fe:c7:
         50:36:d0:43:27:97:35:32:d4:3c:1a:78:7c:e7:96:10:23:d1:
         6c:6e:a5:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUsZqGYxvw6wtP18gv40acQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjIxMjE5MjIwMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2IzMmJjOTg5NzNjYTllYWFlZTFlZTcxMGU3N2U3MzcxMjJkZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzp81zg2v/VAAM8cfcZreLAnfT/f
vxWw1m2EWI1vAtCxXZxXv4CfBFRpci5PPICBry7s+/aqARkv2tQJJbVyQ+kDBwSX
lwY7qHoibTbmNsZFSQaml0INg2L2R6W0Kis+UrdD/baUhnABA5cTIzL/KwKDpC6t
DFfIpIC4vmrDoGL0LQDjt3kQfY9uXZ4yWQNHrsihu13h2p2dyN1cH5h99ZPD/tFL
RUwpe5zz4bpdG2lcSueSccXxL2auU7SpOznE6TMpFq2BUrZGrydVoJxLIiPagv+P
riGgzloss7/PeGZdo+bXOvFQEJlB/7zUFVL15q/wA6CP6G36eDOSU9w5vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGezK8mJc8qequ4e5xDnfnNxIt51MB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvWjdNcnlZbHp5cDZxN2g3bkVPZC1jM0VpM25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBRh/rI2kRtMzIRyKZt+Gdipe7zKdulP2sdBi9RxjKS
LvPCLksjZiIsiZWmoijMgQwn/R917/6B9S1hQd8OMnb12saKcukqixtFBuftOksk
o9Ix3kKKzwss9TqM74eQ/qP7FMRwfPmUYcmceJqglO6luaV350jWoekLB5ac4oZd
xkOFNhjhFuoCZCLP6sT2YHWuzd0OhpFsA3ZbbxVa2bt3I9/A7uh367j6rYrfM3OK
2ev1mZrwldXwg6ChwaL1dkNYSnDF74LiYNyKSnCMaPMXc27D08IO8l4NMpNzhsnz
t5r2NbxVhtd6/sdQNtBDJ5c1MtQ8Gnh855YQI9FsbqUn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:42 2024 by rpki-client on console-fra.rpki-client.org