Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa
File:                     PiROriJpdT23QSax8DSSZgphMk8.roa (raw, json)
Hash identifier:          locDZQSqMrghFJTAITBdgSF0f7s9dqK9UVEPzHCPFvk=
Subject key identifier:   3E:24:4E:AE:22:69:75:3D:B7:41:26:B1:F0:34:92:66:0A:61:32:4F
Certificate issuer:       /CN=72978d1d4e7782816ac42da4788e33cbb2487859
Certificate serial:       035CD46A
Authority key identifier: 72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa
Signing time:             Mon 02 May 2022 12:04:16 +0000
ROA not before:           Mon 02 May 2022 12:04:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     398464
IP address blocks:        194.180.232.0/23 maxlen: 24
                          194.180.236.0/23 maxlen: 24
                          45.133.112.0/22 maxlen: 24
                          45.136.24.0/22 maxlen: 24
                          45.147.8.0/22 maxlen: 24
                          45.147.232.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56415338 (0x35cd46a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72978d1d4e7782816ac42da4788e33cbb2487859
        Validity
            Not Before: May  2 12:04:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=3e244eae2269753db74126b1f03492660a61324f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:80:ec:be:88:52:a1:fb:ec:cf:9f:23:b9:3b:
                    a9:f2:f2:74:a6:23:50:c0:e5:a8:a4:ac:2a:2a:f9:
                    47:0c:c4:c1:2d:c1:a3:b1:d7:88:1d:32:fa:50:3f:
                    aa:dc:ec:a0:28:e3:ed:76:e1:b2:7c:1f:51:f0:16:
                    c1:99:9c:c9:f5:83:aa:3a:d5:20:a3:37:91:a0:db:
                    51:b4:03:9b:03:f2:5e:bb:77:24:08:a1:27:4c:bd:
                    bc:41:a7:de:60:1b:a2:e3:26:1b:cc:f8:29:28:33:
                    6a:f6:27:e0:a4:01:ad:a4:34:47:7e:5a:de:af:68:
                    72:68:b6:a6:7f:45:00:90:c4:97:17:0f:64:0f:69:
                    93:18:e7:1b:0e:83:f7:1f:21:29:7d:13:95:1c:12:
                    ff:fe:e3:24:7a:09:89:5e:4e:2b:30:7d:a8:16:3d:
                    f6:c7:87:9e:28:06:49:5b:9b:ca:a9:13:85:91:ab:
                    d7:26:17:c4:25:63:00:9b:89:59:da:8c:fb:44:c7:
                    85:a3:74:fc:2c:66:7a:9e:00:eb:ac:44:98:f1:ad:
                    40:c1:12:e6:4b:c6:c0:cb:08:88:80:b8:85:bc:a5:
                    2f:0e:70:13:8f:50:ac:44:a8:91:77:9f:0f:02:ab:
                    32:2c:6a:32:c4:e3:c1:38:c7:1f:44:f7:3f:fa:b4:
                    25:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:24:4E:AE:22:69:75:3D:B7:41:26:B1:F0:34:92:66:0A:61:32:4F
            X509v3 Authority Key Identifier:
                keyid:72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/cpeNHU53goFqxC2keI4zy7JIeFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.112.0/22
                  45.136.24.0/22
                  45.147.8.0/22
                  45.147.232.0/22
                  194.180.232.0/23
                  194.180.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:89:19:83:8f:03:52:3f:d8:e6:bf:86:0a:04:3d:c5:a0:3a:
         5d:71:6b:1b:c6:05:e5:fe:48:29:f8:9d:b2:74:c2:c3:e1:c7:
         a7:cf:e8:32:8f:6a:33:99:ef:56:59:0f:2b:fe:af:de:d9:17:
         8b:c9:2e:c7:fd:74:18:04:c5:35:1d:28:1c:6a:e3:09:fd:2f:
         b6:62:95:a9:a2:85:f4:61:a7:79:d1:29:cb:1a:50:04:ba:0f:
         e5:16:d0:44:9c:0b:f3:0c:7c:a0:76:29:08:9d:bf:b1:1d:64:
         b2:c7:70:64:57:d2:c2:bc:5a:6c:24:77:5f:5c:13:b9:5f:d5:
         88:1e:b3:ed:fb:ed:e1:38:ad:6a:45:aa:f4:e0:ed:b0:2a:65:
         20:38:a8:68:8b:15:5d:24:46:b6:01:36:ae:1c:96:75:2f:f1:
         9e:cd:22:a1:a8:6e:a6:60:76:21:69:1a:e3:23:77:0e:1e:f9:
         c1:3d:2b:24:17:7c:52:32:f5:65:22:8f:9b:86:8b:64:5d:c4:
         a5:05:58:67:08:ac:64:93:9d:a1:dc:4a:62:bf:0d:a4:9f:d8:
         73:df:68:75:f9:17:28:e8:06:fa:ac:34:db:96:6c:1d:8f:e8:
         8f:a8:aa:79:f9:98:44:5d:3a:9e:c0:e2:0e:68:12:03:2d:e7:
         7b:61:54:49
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA1zUajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Mjk3OGQxZDRlNzc4MjgxNmFjNDJkYTQ3ODhlMzNjYmIyNDg3ODU5MB4XDTIyMDUw
MjEyMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UyNDRlYWUyMjY5
NzUzZGI3NDEyNmIxZjAzNDkyNjYwYTYxMzI0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWA7L6IUqH77M+fI7k7qfLydKYjUMDlqKSsKir5RwzEwS3B
o7HXiB0y+lA/qtzsoCjj7XbhsnwfUfAWwZmcyfWDqjrVIKM3kaDbUbQDmwPyXrt3
JAihJ0y9vEGn3mAbouMmG8z4KSgzavYn4KQBraQ0R35a3q9ocmi2pn9FAJDElxcP
ZA9pkxjnGw6D9x8hKX0TlRwS//7jJHoJiV5OKzB9qBY99seHnigGSVubyqkThZGr
1yYXxCVjAJuJWdqM+0THhaN0/Cxmep4A66xEmPGtQMES5kvGwMsIiIC4hbylLw5w
E49QrESokXefDwKrMixqMsTjwTjHH0T3P/q0Jb0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ+JE6uIml1PbdBJrHwNJJmCmEyTzAfBgNVHSMEGDAWgBRyl40dTneCgWrE
LaR4jjPLskh4WTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NwZU5IVTUzZ29GcXhDMmtlSTR6eTdKSWVGay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvMjJlOTZmLTI0NTEtNGU4Ni1hMDM3LThkYjYyZWE1MDk5NS8x
L1BpUk9yaUpwZFQyM1FTYXg4RFNTWmdwaE1rOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
MjJlOTZmLTI0NTEtNGU4Ni1hMDM3LThkYjYyZWE1MDk5NS8xL2NwZU5IVTUzZ29G
cXhDMmtlSTR6eTdKSWVGay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2FcAMEAi2IGAMEAi2TCAMEAi2T
6AMEAcK06AMEAcK07DANBgkqhkiG9w0BAQsFAAOCAQEAL4kZg48DUj/Y5r+GCgQ9
xaA6XXFrG8YF5f5IKfidsnTCw+HHp8/oMo9qM5nvVlkPK/6v3tkXi8kux/10GATF
NR0oHGrjCf0vtmKVqaKF9GGnedEpyxpQBLoP5RbQRJwL8wx8oHYpCJ2/sR1kssdw
ZFfSwrxabCR3X1wTuV/ViB6z7fvt4TitakWq9ODtsCplIDioaIsVXSRGtgE2rhyW
dS/xns0ioahupmB2IWka4yN3Dh75wT0rJBd8UjL1ZSKPm4aLZF3EpQVYZwisZJOd
odxKYr8NpJ/Yc99odfkXKOgG+qw025ZsHY/oj6iqefmYRF06nsDiDmgSAy3ne2FU
SQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:36 2023 by rpki-client on console-ams.rpki-client.org