Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/JX86yjpODl4ZQhf35NpnnzMGVTI.roa
File:                     JX86yjpODl4ZQhf35NpnnzMGVTI.roa (raw, json)
Hash identifier:          ZAIMYkY4NeRzNRpqjDC7M72poTb95AOUClrkCOVNK3Q=
Subject key identifier:   25:7F:3A:CA:3A:4E:0E:5E:19:42:17:F7:E4:DA:67:9F:33:06:55:32
Certificate issuer:       /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial:       01856D93EFE5728F4D845D3D109A5E81324D
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/JX86yjpODl4ZQhf35NpnnzMGVTI.roa
Signing time:             Sun 01 Jan 2023 13:44:49 +0000
ROA not before:           Sun 01 Jan 2023 13:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46562
IP address blocks:        176.113.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:93:ef:e5:72:8f:4d:84:5d:3d:10:9a:5e:81:32:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
        Validity
            Not Before: Jan  1 13:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=257f3aca3a4e0e5e194217f7e4da679f33065532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:71:f9:bc:45:95:4c:46:65:17:b0:70:94:23:
                    bf:c9:69:35:6b:fb:81:74:ed:0f:42:38:72:41:5f:
                    3e:d7:cf:d2:b1:fb:5d:da:25:61:76:f9:4a:c0:9b:
                    b3:c7:5a:aa:0e:10:57:70:01:11:93:65:b8:6a:0b:
                    a0:86:a0:07:ed:24:65:44:be:73:1d:c7:b6:1d:a3:
                    41:8b:a8:b6:b0:7c:ee:e3:71:62:fc:11:92:1c:21:
                    8b:ee:3c:12:ca:ee:8d:f2:b1:eb:74:ed:42:be:06:
                    91:29:33:94:45:3b:00:d7:f4:ba:2d:e2:cd:d5:2f:
                    c4:46:d8:9b:d1:26:45:f5:3c:de:fd:e9:5e:27:55:
                    5a:a0:c8:c5:fa:c6:7b:46:cd:f0:6a:69:55:a5:7f:
                    38:f1:35:0b:3e:69:97:90:75:a1:a6:bd:ea:c8:c4:
                    b1:17:3c:88:49:7d:d4:39:ad:7d:14:24:f8:70:64:
                    07:c7:e3:74:fa:88:6f:aa:86:1c:d8:7c:59:57:b6:
                    71:67:fb:84:18:1e:d5:d4:ea:f8:d9:f1:68:99:65:
                    10:4f:a8:52:97:d5:b3:b9:8a:a6:af:35:71:b4:9b:
                    ce:76:53:c5:0b:26:a5:8b:3d:be:8b:2d:0a:02:ff:
                    bd:67:61:bd:36:47:f4:10:28:04:a0:66:26:d5:b8:
                    b4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7F:3A:CA:3A:4E:0E:5E:19:42:17:F7:E4:DA:67:9F:33:06:55:32
            X509v3 Authority Key Identifier:
                keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/JX86yjpODl4ZQhf35NpnnzMGVTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.113.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:76:62:f9:be:6a:78:7e:4d:d3:8a:99:34:f0:85:ba:2a:b3:
         fc:03:93:7a:67:bf:a6:f6:14:15:14:af:46:eb:7f:2a:af:ef:
         1c:9d:56:f3:35:44:e7:67:45:e9:00:e6:a4:1b:27:2a:8f:3c:
         20:f2:04:21:85:1c:74:2d:75:fe:ba:0e:c6:f7:4b:db:cb:72:
         78:04:06:d3:f0:8e:6b:60:2c:09:1c:8a:9e:b6:05:d8:27:a1:
         80:b2:1f:3e:b6:54:6f:e9:2d:a9:d4:6c:c3:27:ca:5a:91:6e:
         a6:d6:98:ed:96:c1:d2:e0:cc:c2:4f:02:ac:ce:b3:d4:09:c9:
         2e:7e:13:a5:8e:34:64:01:96:15:58:75:40:ce:dd:3f:6f:95:
         25:d4:3d:bf:62:d3:32:9d:1b:37:5f:32:b8:d3:98:d1:70:3f:
         69:f8:7a:33:fa:a4:e4:7a:a1:d3:95:cc:9c:7a:0c:99:a0:d0:
         66:ab:22:c1:c9:3c:1f:71:f0:b5:7d:24:90:44:55:bb:12:4c:
         32:48:4c:51:fd:90:0f:59:a3:20:34:66:75:3c:12:d1:be:f0:
         47:2e:a3:b6:ce:27:ed:6b:f1:82:70:8a:5b:b4:23:4c:a1:3c:
         e0:e1:49:04:05:20:83:4a:8e:13:cb:99:5e:14:0c:07:cd:19:
         2e:48:f9:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk+/lco9NhF09EJpegTJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdmM2FjYTNhNGUwZTVlMTk0MjE3ZjdlNGRhNjc5ZjMzMDY1NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunH5vEWVTEZlF7BwlCO/yWk1a/uB
dO0PQjhyQV8+18/Ssftd2iVhdvlKwJuzx1qqDhBXcAERk2W4agughqAH7SRlRL5z
Hce2HaNBi6i2sHzu43Fi/BGSHCGL7jwSyu6N8rHrdO1CvgaRKTOURTsA1/S6LeLN
1S/ERtib0SZF9Tze/eleJ1VaoMjF+sZ7Rs3wamlVpX848TULPmmXkHWhpr3qyMSx
FzyISX3UOa19FCT4cGQHx+N0+ohvqoYc2HxZV7ZxZ/uEGB7V1Or42fFomWUQT6hS
l9WzuYqmrzVxtJvOdlPFCyaliz2+iy0KAv+9Z2G9Nkf0ECgEoGYm1bi0GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCV/Oso6Tg5eGUIX9+TaZ58zBlUyMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvSlg4NnlqcE9EbDRaUWhmMzVOcG5uek1HVlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHFiMA0G
CSqGSIb3DQEBCwUAA4IBAQA4dmL5vmp4fk3Tipk08IW6KrP8A5N6Z7+m9hQVFK9G
638qr+8cnVbzNUTnZ0XpAOakGycqjzwg8gQhhRx0LXX+ug7G90vby3J4BAbT8I5r
YCwJHIqetgXYJ6GAsh8+tlRv6S2p1GzDJ8pakW6m1pjtlsHS4MzCTwKszrPUCcku
fhOljjRkAZYVWHVAzt0/b5Ul1D2/YtMynRs3XzK405jRcD9p+Hoz+qTkeqHTlcyc
egyZoNBmqyLByTwfcfC1fSSQRFW7EkwySExR/ZAPWaMgNGZ1PBLRvvBHLqO2zift
a/GCcIpbtCNMoTzg4UkEBSCDSo4Ty5leFAwHzRkuSPlG
-----END CERTIFICATE-----
Generated at Mon Aug 28 09:52:51 2023 by rpki-client on console-fra.rpki-client.org