Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa
File:                     XTW89P4NsGwostDDJbTwBNuH-rc.roa (raw, json)
Hash identifier:          eeiZdmuN1PctvfN1wdPst83+SyR0xdabkoaWaIoE0qw=
Subject key identifier:   5D:35:BC:F4:FE:0D:B0:6C:28:B2:D0:C3:25:B4:F0:04:DB:87:FA:B7
Certificate issuer:       /CN=7abca3cc0aa411940be93134f1bb4294488c89b1
Certificate serial:       014CF8
Authority key identifier: 7A:BC:A3:CC:0A:A4:11:94:0B:E9:31:34:F1:BB:42:94:48:8C:89:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eryjzAqkEZQL6TE08btClEiMibE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa
Signing time:             Fri 28 Jan 2022 12:58:38 +0000
ROA not before:           Fri 28 Jan 2022 12:58:38 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50629
IP address blocks:        195.191.196.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85240 (0x14cf8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7abca3cc0aa411940be93134f1bb4294488c89b1
        Validity
            Not Before: Jan 28 12:58:38 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5d35bcf4fe0db06c28b2d0c325b4f004db87fab7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:34:39:d5:4d:9e:a8:48:48:61:9d:f4:da:30:
                    68:ab:37:87:96:71:fa:45:dd:b5:a2:9f:3f:f5:fe:
                    62:77:18:d8:ba:7e:4d:f3:3c:b7:12:3b:d8:f0:e6:
                    07:da:a6:43:f9:48:2f:fd:7f:9a:99:09:e3:f2:a5:
                    a5:04:96:0f:74:6d:29:16:55:02:88:c9:fc:26:5f:
                    86:25:c1:7d:13:af:69:27:bf:16:b4:a5:35:af:53:
                    2b:f3:ca:fa:6c:16:7c:c1:2d:4d:91:4a:ad:c5:01:
                    a7:97:9b:d0:23:6d:d9:9b:c6:a8:5b:15:2e:ef:07:
                    3b:23:57:b7:46:12:f5:42:55:f9:a5:56:b7:ab:ac:
                    6d:1a:9e:d4:f3:6e:73:ff:ff:1d:72:ee:19:10:46:
                    f0:cd:dc:6b:66:d8:eb:d4:e1:8e:49:00:cb:88:db:
                    95:8c:94:95:fb:2d:e9:4c:42:e6:71:c9:37:65:65:
                    bc:09:bb:00:b2:cc:bb:0e:08:3b:2b:1c:92:3e:2d:
                    c4:38:47:50:6c:b6:79:0a:fa:4a:b3:bf:bf:a0:a2:
                    19:ca:2c:ad:c6:52:b6:6c:9e:2e:40:d5:f1:0d:70:
                    24:2f:29:68:1c:13:ed:a3:fc:c5:41:d8:60:5f:73:
                    78:8a:d4:59:41:62:77:9f:20:24:88:05:25:1f:b4:
                    db:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:35:BC:F4:FE:0D:B0:6C:28:B2:D0:C3:25:B4:F0:04:DB:87:FA:B7
            X509v3 Authority Key Identifier:
                keyid:7A:BC:A3:CC:0A:A4:11:94:0B:E9:31:34:F1:BB:42:94:48:8C:89:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eryjzAqkEZQL6TE08btClEiMibE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/XTW89P4NsGwostDDJbTwBNuH-rc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c8bd33-f2c6-4381-83e4-059e0d7da369/1/eryjzAqkEZQL6TE08btClEiMibE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.191.196.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:5e:1d:4e:b1:20:0f:e1:6f:e5:c0:f1:45:54:4e:d0:b4:78:
         79:ff:b1:2d:45:64:1a:38:f1:c2:04:0e:f8:fb:d4:6f:49:ba:
         1e:fb:b3:14:d0:e3:95:4c:c7:df:37:10:ad:b6:7c:98:c1:97:
         77:0e:25:f8:3f:ad:de:b9:99:84:04:6a:8b:ce:12:99:fb:0a:
         3b:c5:d2:0f:b5:0d:21:44:d7:0a:09:a4:70:63:9f:88:c8:f9:
         fb:38:0d:55:9b:89:12:3b:2e:73:36:08:cb:ed:6e:00:66:9c:
         46:a6:bd:c7:2a:ff:d7:6e:48:fe:b0:e0:16:7d:89:d4:dd:16:
         cb:de:88:e2:7c:82:8e:bb:ed:3b:20:8d:0a:cb:0b:12:77:9a:
         c4:76:52:cb:32:b8:42:71:f7:48:c8:5f:b3:30:87:4c:b4:03:
         40:0f:3d:e5:61:34:00:72:a1:e3:47:a8:3d:62:fc:6e:6f:ff:
         b7:23:cd:38:60:a8:a0:e7:19:a7:c7:e4:06:6d:77:36:ec:6c:
         84:90:2c:3c:0a:38:92:4c:1f:9e:39:16:ed:24:e6:23:ab:45:
         2a:d3:34:aa:6b:2f:bd:a6:01:39:b7:5b:cf:0e:29:fa:8b:46:
         18:c2:47:83:81:33:17:ca:a5:1c:56:f4:b4:a0:3f:e9:8b:fd:
         c4:ba:e8:29
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAUz4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
YmNhM2NjMGFhNDExOTQwYmU5MzEzNGYxYmI0Mjk0NDg4Yzg5YjEwHhcNMjIwMTI4
MTI1ODM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZDM1YmNmNGZlMGRi
MDZjMjhiMmQwYzMyNWI0ZjAwNGRiODdmYWI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAszQ51U2eqEhIYZ302jBoqzeHlnH6Rd21op8/9f5idxjYun5N
8zy3EjvY8OYH2qZD+Ugv/X+amQnj8qWlBJYPdG0pFlUCiMn8Jl+GJcF9E69pJ78W
tKU1r1Mr88r6bBZ8wS1NkUqtxQGnl5vQI23Zm8aoWxUu7wc7I1e3RhL1QlX5pVa3
q6xtGp7U825z//8dcu4ZEEbwzdxrZtjr1OGOSQDLiNuVjJSV+y3pTELmcck3ZWW8
CbsAssy7Dgg7KxySPi3EOEdQbLZ5CvpKs7+/oKIZyiytxlK2bJ4uQNXxDXAkLylo
HBPto/zFQdhgX3N4itRZQWJ3nyAkiAUlH7TbOQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFF01vPT+DbBsKLLQwyW08ATbh/q3MB8GA1UdIwQYMBaAFHq8o8wKpBGUC+kx
NPG7QpRIjImxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZXJ5anpBcWtFWlFMNlRFMDhidENsRWlNaWJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83MS9jOGJkMzMtZjJjNi00MzgxLTgzZTQtMDU5ZTBkN2RhMzY5LzEv
WFRXODlQNE5zR3dvc3REREpiVHdCTnVILXJjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9j
OGJkMzMtZjJjNi00MzgxLTgzZTQtMDU5ZTBkN2RhMzY5LzEvZXJ5anpBcWtFWlFM
NlRFMDhidENsRWlNaWJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7/EMA0GCSqGSIb3DQEBCwUAA4IB
AQCLXh1OsSAP4W/lwPFFVE7QtHh5/7EtRWQaOPHCBA74+9RvSboe+7MU0OOVTMff
NxCttnyYwZd3DiX4P63euZmEBGqLzhKZ+wo7xdIPtQ0hRNcKCaRwY5+IyPn7OA1V
m4kSOy5zNgjL7W4AZpxGpr3HKv/Xbkj+sOAWfYnU3RbL3ojifIKOu+07II0KywsS
d5rEdlLLMrhCcfdIyF+zMIdMtANADz3lYTQAcqHjR6g9Yvxub/+3I804YKig5xmn
x+QGbXc27GyEkCw8CjiSTB+eORbtJOYjq0Uq0zSqay+9pgE5t1vPDin6i0YYwkeD
gTMXyqUcVvS0oD/pi/3Euugp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:47 2024 by rpki-client on console-fra.rpki-client.org