Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/D9HkXzF6ooBBelCH8c4pN0zJDVk.roa
File:                     D9HkXzF6ooBBelCH8c4pN0zJDVk.roa (raw, json)
Hash identifier:          apAmedu/j4viQMRnlZMObS5GgMNCNoR6KmTtl8IycrU=
Subject key identifier:   0F:D1:E4:5F:31:7A:A2:80:41:7A:50:87:F1:CE:29:37:4C:C9:0D:59
Certificate issuer:       /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial:       01856D93F109C572DBFEEFFB9B8B268945EF
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/D9HkXzF6ooBBelCH8c4pN0zJDVk.roa
Signing time:             Sun 01 Jan 2023 13:44:50 +0000
ROA not before:           Sun 01 Jan 2023 13:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        176.113.99.0/24 maxlen: 24
                          178.212.202.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:93:f1:09:c5:72:db:fe:ef:fb:9b:8b:26:89:45:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
        Validity
            Not Before: Jan  1 13:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fd1e45f317aa280417a5087f1ce29374cc90d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:30:18:8d:3b:01:25:8e:9a:91:b4:a3:a2:c3:
                    f5:4a:ba:09:74:d6:b4:96:5c:57:93:8a:6c:45:c7:
                    41:c6:6f:63:ff:bf:f7:e2:24:b2:c6:02:c3:31:c4:
                    60:8b:b0:8d:20:a2:9a:eb:c3:39:ba:98:36:ef:77:
                    74:ce:39:11:c7:50:77:8c:3b:83:93:4b:03:e2:e1:
                    45:23:33:20:53:d9:8d:8c:41:5c:95:93:d1:df:8f:
                    a1:c3:4b:16:dc:b0:d6:b4:ba:4b:3f:32:4c:f1:90:
                    f8:5d:7c:f1:9e:c8:ad:a6:45:ec:d3:1f:d7:75:51:
                    51:8e:d4:7d:25:96:78:a8:81:4f:71:20:f2:05:50:
                    85:d3:d2:75:c8:83:ac:dd:80:bf:d0:14:f4:23:f2:
                    7e:04:5b:f8:5e:e2:eb:29:1a:b4:8c:c9:0b:30:24:
                    b0:38:b9:70:53:7b:9d:7c:73:8d:8d:d0:34:87:ab:
                    bf:18:94:35:c4:04:68:a3:fd:03:b4:3d:58:7d:dc:
                    ba:a0:f4:39:9d:92:3a:77:4f:8d:22:23:b1:7c:d6:
                    7c:52:58:9a:05:fb:c3:af:9b:4a:a5:8b:b3:0c:87:
                    a0:b9:60:d4:93:13:05:e5:68:37:0e:1d:26:24:ee:
                    7f:f2:6a:4b:4c:f8:7b:81:c9:21:2c:99:14:2a:81:
                    41:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:D1:E4:5F:31:7A:A2:80:41:7A:50:87:F1:CE:29:37:4C:C9:0D:59
            X509v3 Authority Key Identifier:
                keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/D9HkXzF6ooBBelCH8c4pN0zJDVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.113.99.0/24
                  178.212.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:08:97:39:87:b9:d5:13:48:e0:c2:c0:46:c7:82:80:9c:0c:
         c3:67:bf:27:f5:3f:a9:f1:da:9b:8a:32:33:a7:5e:f6:ab:c1:
         57:29:ea:8e:5e:e4:9d:f3:f9:b4:be:04:3b:e6:02:ec:46:89:
         fc:7b:2c:09:63:b5:a8:4c:b4:22:bc:a9:b3:02:22:9f:95:5e:
         ef:da:05:ce:5f:6d:c3:c3:19:df:49:ee:9a:c7:4a:13:20:c0:
         43:65:3e:04:b3:3f:eb:f3:36:ac:e7:6e:45:03:25:62:04:2a:
         c0:27:ea:b4:16:d2:e4:c7:2c:ab:33:e8:7b:4c:1f:c3:89:a4:
         06:f1:03:c8:85:5f:e1:6d:5d:8c:03:a5:9c:fd:c5:ef:50:9a:
         29:26:19:03:c0:29:27:7c:ab:11:e4:ea:6a:48:64:47:26:c2:
         b9:55:bf:de:04:12:59:d4:86:10:d2:9e:d0:81:36:01:a9:eb:
         ae:85:0d:48:b8:d3:35:f0:84:ba:56:92:ca:1b:e1:01:70:09:
         30:41:9e:8a:09:99:d1:94:50:48:da:dd:fe:dd:a3:6a:be:37:
         4a:8c:8f:1a:f4:e3:79:db:77:c8:a1:90:61:d0:6b:f5:81:e8:
         4e:8d:8d:83:66:2b:25:f3:6d:1e:9b:56:8c:89:cc:be:8a:7e:
         c6:9f:4a:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtk/EJxXLb/u/7m4smiUXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQxZTQ1ZjMxN2FhMjgwNDE3YTUwODdmMWNlMjkzNzRjYzkwZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDAYjTsBJY6akbSjosP1SroJdNa0
llxXk4psRcdBxm9j/7/34iSyxgLDMcRgi7CNIKKa68M5upg273d0zjkRx1B3jDuD
k0sD4uFFIzMgU9mNjEFclZPR34+hw0sW3LDWtLpLPzJM8ZD4XXzxnsitpkXs0x/X
dVFRjtR9JZZ4qIFPcSDyBVCF09J1yIOs3YC/0BT0I/J+BFv4XuLrKRq0jMkLMCSw
OLlwU3udfHONjdA0h6u/GJQ1xARoo/0DtD1Yfdy6oPQ5nZI6d0+NIiOxfNZ8Ulia
BfvDr5tKpYuzDIeguWDUkxMF5Wg3Dh0mJO5/8mpLTPh7gckhLJkUKoFBZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/R5F8xeqKAQXpQh/HOKTdMyQ1ZMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvRDlIa1h6RjZvb0JCZWxDSDhjNHBOMHpKRFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHFjAwQA
stTKMA0GCSqGSIb3DQEBCwUAA4IBAQCUCJc5h7nVE0jgwsBGx4KAnAzDZ78n9T+p
8dqbijIzp172q8FXKeqOXuSd8/m0vgQ75gLsRon8eywJY7WoTLQivKmzAiKflV7v
2gXOX23DwxnfSe6ax0oTIMBDZT4Esz/r8zas525FAyViBCrAJ+q0FtLkxyyrM+h7
TB/DiaQG8QPIhV/hbV2MA6Wc/cXvUJopJhkDwCknfKsR5OpqSGRHJsK5Vb/eBBJZ
1IYQ0p7QgTYBqeuuhQ1IuNM18IS6VpLKG+EBcAkwQZ6KCZnRlFBI2t3+3aNqvjdK
jI8a9ON523fIoZBh0Gv1gehOjY2DZisl820em1aMicy+in7Gn0rI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:45 2024 by rpki-client on console-ams.rpki-client.org