Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/zT8BAx--iDhQHcDovU2Im79mpXM.roa
File:                     zT8BAx--iDhQHcDovU2Im79mpXM.roa (raw, json)
Hash identifier:          ArluJrZGQkLFDnFskzAt/oZ+E5tfwXTavxgoHpgijYE=
Subject key identifier:   CD:3F:01:03:1F:BE:88:38:50:1D:C0:E8:BD:4D:88:9B:BF:66:A5:73
Certificate issuer:       /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial:       0187481B7E9C0D2635503701989056030340
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/zT8BAx--iDhQHcDovU2Im79mpXM.roa
Signing time:             Mon 03 Apr 2023 17:12:54 +0000
ROA not before:           Mon 03 Apr 2023 17:12:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        178.212.205.0/24 maxlen: 24
                          178.212.204.0/24 maxlen: 24
                          178.212.203.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:48:1b:7e:9c:0d:26:35:50:37:01:98:90:56:03:03:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
        Validity
            Not Before: Apr  3 17:12:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd3f01031fbe8838501dc0e8bd4d889bbf66a573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:2e:f1:c0:b4:6e:73:84:b2:7d:a2:a0:fd:e4:
                    47:7d:af:56:c7:fe:d7:3a:56:07:bf:21:ac:e5:9f:
                    8d:d4:be:85:30:5d:bb:f2:4f:0f:8b:d9:dd:14:a1:
                    a4:c7:6a:46:f8:a0:70:94:ba:b3:0f:74:1e:c4:c6:
                    7b:94:9b:c0:a5:b7:21:e8:31:e0:01:cc:2f:af:99:
                    0b:41:7e:e0:72:8c:90:2c:53:1b:5f:6f:8b:8b:9a:
                    cc:8f:1b:77:e0:19:ca:2e:50:fe:c9:ce:9e:d2:62:
                    ce:62:21:fb:d3:53:0d:83:bf:f9:c1:ba:26:96:ac:
                    eb:40:75:50:53:9f:ce:f2:e0:94:e6:83:6b:f1:db:
                    13:9e:78:bb:cf:57:a7:96:46:d9:25:a7:b8:0f:f0:
                    6a:79:fb:78:9c:66:cd:f8:94:2e:ee:60:d4:5c:ce:
                    7b:ac:dc:b8:0a:4e:13:95:63:2d:59:10:d5:d9:02:
                    b4:80:7e:70:15:15:f9:5c:10:ed:77:1e:01:f3:62:
                    71:f5:a6:68:ac:a6:74:99:4f:17:67:c4:13:d4:f9:
                    9c:04:ad:85:87:e6:14:71:9f:b0:84:ee:bd:34:42:
                    73:7b:3d:d8:01:a5:58:cf:9b:b9:3c:d6:9e:5e:6d:
                    d4:77:1d:31:2c:53:b1:b0:69:f0:73:71:96:91:98:
                    6d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:3F:01:03:1F:BE:88:38:50:1D:C0:E8:BD:4D:88:9B:BF:66:A5:73
            X509v3 Authority Key Identifier:
                keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/zT8BAx--iDhQHcDovU2Im79mpXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.212.203.0-178.212.205.255

    Signature Algorithm: sha256WithRSAEncryption
         49:71:7e:b6:81:c6:c9:f1:f1:e5:ae:67:f5:56:b7:48:ce:1a:
         45:3c:18:1a:7f:81:c1:dc:72:cf:a7:bb:97:86:b2:92:c9:f2:
         96:c7:f6:2a:6f:78:ad:29:a7:11:7b:36:f7:49:9c:63:2e:4b:
         fd:1a:15:fe:8b:f5:f0:9d:a3:81:20:4a:25:4a:ef:fe:ae:6a:
         ca:39:1c:ff:f2:e4:59:61:66:ee:2f:61:fb:b3:42:23:90:a2:
         0a:c1:02:ca:58:b2:c1:2c:6e:3e:95:a1:2c:b9:51:f9:7e:f5:
         f3:2f:2d:13:ab:5c:d1:d6:4c:a5:b6:b2:5a:3f:8c:d4:c8:66:
         71:e6:4a:4e:b1:0c:7a:9c:a0:b7:57:4e:9b:10:88:20:1c:b6:
         a4:42:02:46:e0:08:f4:5b:d4:00:ce:62:d6:65:41:5d:3d:ea:
         12:dd:8d:4f:05:a5:f8:94:96:17:ce:4e:27:a0:f2:9a:76:32:
         ba:99:f2:e6:87:54:b0:c4:69:16:51:f1:f9:23:3a:ab:78:ee:
         e0:1a:42:52:f0:c4:c8:08:17:ea:fa:b7:10:dd:81:46:ec:b4:
         b1:51:8e:cc:2b:12:e1:c5:31:6d:53:88:1b:66:f3:78:e9:96:
         8b:e8:7b:07:de:48:d3:48:50:aa:a7:5b:12:d0:3b:c3:05:ce:
         da:ff:64:59
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdIG36cDSY1UDcBmJBWAwNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwNDAzMTcxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNmMDEwMzFmYmU4ODM4NTAxZGMwZThiZDRkODg5YmJmNjZhNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC7xwLRuc4SyfaKg/eRHfa9Wx/7X
OlYHvyGs5Z+N1L6FMF278k8Pi9ndFKGkx2pG+KBwlLqzD3QexMZ7lJvApbch6DHg
Acwvr5kLQX7gcoyQLFMbX2+Li5rMjxt34BnKLlD+yc6e0mLOYiH701MNg7/5wbom
lqzrQHVQU5/O8uCU5oNr8dsTnni7z1enlkbZJae4D/Bqeft4nGbN+JQu7mDUXM57
rNy4Ck4TlWMtWRDV2QK0gH5wFRX5XBDtdx4B82Jx9aZorKZ0mU8XZ8QT1PmcBK2F
h+YUcZ+whO69NEJzez3YAaVYz5u5PNaeXm3Udx0xLFOxsGnwc3GWkZhtJwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM0/AQMfvog4UB3A6L1NiJu/ZqVzMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvelQ4QkF4LS1pRGhRSGNEb3ZVMkltNzltcFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACy1MsD
BAGy1MwwDQYJKoZIhvcNAQELBQADggEBAElxfraBxsnx8eWuZ/VWt0jOGkU8GBp/
gcHccs+nu5eGspLJ8pbH9ipveK0ppxF7NvdJnGMuS/0aFf6L9fCdo4EgSiVK7/6u
aso5HP/y5FlhZu4vYfuzQiOQogrBAspYssEsbj6VoSy5Ufl+9fMvLROrXNHWTKW2
slo/jNTIZnHmSk6xDHqcoLdXTpsQiCActqRCAkbgCPRb1ADOYtZlQV096hLdjU8F
pfiUlhfOTieg8pp2MrqZ8uaHVLDEaRZR8fkjOqt47uAaQlLwxMgIF+r6txDdgUbs
tLFRjswrEuHFMW1TiBtm83jplovoewfeSNNIUKqnWxLQO8MFztr/ZFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org