Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/598642-e36f-4c5c-a8e0-a0b514249c06/1/upqPnF8LsVycpbCOKxP0WkQ2brU.roa
File:                     upqPnF8LsVycpbCOKxP0WkQ2brU.roa (raw, json)
Hash identifier:          HMed31cBCDVOnLXQu090HaeP3xGDJ38N4gyAI8i3dPY=
Subject key identifier:   BA:9A:8F:9C:5F:0B:B1:5C:9C:A5:B0:8E:2B:13:F4:5A:44:36:6E:B5
Certificate issuer:       /CN=d41bca39861f9c30c757614801f86d17e5ea1e4b
Certificate serial:       0179EB52
Authority key identifier: D4:1B:CA:39:86:1F:9C:30:C7:57:61:48:01:F8:6D:17:E5:EA:1E:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1BvKOYYfnDDHV2FIAfhtF-XqHks.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/598642-e36f-4c5c-a8e0-a0b514249c06/1/upqPnF8LsVycpbCOKxP0WkQ2brU.roa
Signing time:             Fri 04 Feb 2022 17:18:09 +0000
ROA not before:           Fri 04 Feb 2022 17:18:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     393398
IP address blocks:        194.31.222.0/24 maxlen: 24
                          194.31.223.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24767314 (0x179eb52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d41bca39861f9c30c757614801f86d17e5ea1e4b
        Validity
            Not Before: Feb  4 17:18:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ba9a8f9c5f0bb15c9ca5b08e2b13f45a44366eb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a9:c2:e2:46:96:3e:b3:5b:cf:26:eb:1c:a9:
                    40:fe:a5:3a:54:8e:b9:41:b4:6c:07:53:41:71:05:
                    16:23:4a:37:2b:f1:d6:0b:28:97:fe:17:09:11:97:
                    02:a7:60:93:93:9b:3c:ec:e9:ea:ba:24:69:81:0b:
                    87:3d:42:c7:3d:0f:a1:c8:19:73:1c:b7:81:2b:13:
                    a0:25:41:05:c8:22:8b:ec:36:c6:44:b1:31:28:08:
                    2a:bf:87:1f:cb:58:26:4b:a3:55:ed:e9:72:07:ba:
                    20:95:c9:f0:ee:47:61:ee:b6:aa:27:1a:0b:2c:db:
                    4e:30:ab:81:f5:11:01:9c:f6:d7:92:e8:da:c0:0e:
                    6c:41:a6:d3:cf:34:9b:50:0f:2b:64:8a:cc:e3:72:
                    ec:71:b5:b9:c0:0f:d5:a6:c0:9d:65:6f:1f:79:57:
                    b2:22:9c:27:22:e1:2b:34:06:0d:38:e5:ff:5d:bf:
                    cd:65:3c:16:97:ae:8e:bc:82:d0:7b:ea:d9:4b:d8:
                    f9:51:fb:e6:86:81:58:21:22:12:bf:85:dd:b5:59:
                    3c:68:39:a9:22:6a:ef:74:d0:2a:85:57:37:54:f9:
                    8d:a1:bb:4b:98:1d:23:44:0c:a0:d4:83:a7:21:70:
                    28:be:88:e4:01:aa:86:4b:a6:e5:f2:89:96:40:1a:
                    05:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:9A:8F:9C:5F:0B:B1:5C:9C:A5:B0:8E:2B:13:F4:5A:44:36:6E:B5
            X509v3 Authority Key Identifier:
                keyid:D4:1B:CA:39:86:1F:9C:30:C7:57:61:48:01:F8:6D:17:E5:EA:1E:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BvKOYYfnDDHV2FIAfhtF-XqHks.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/598642-e36f-4c5c-a8e0-a0b514249c06/1/upqPnF8LsVycpbCOKxP0WkQ2brU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/598642-e36f-4c5c-a8e0-a0b514249c06/1/1BvKOYYfnDDHV2FIAfhtF-XqHks.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.31.222.0/23

    Signature Algorithm: sha256WithRSAEncryption
         11:d9:af:8d:2a:f9:ed:4d:0f:9f:85:a8:01:7f:19:97:5c:1b:
         8f:c2:22:3b:00:47:b6:a5:76:57:92:3d:17:45:ab:84:4a:20:
         ba:11:4a:90:7c:d9:f7:c7:8f:5e:71:a3:15:98:ae:e1:40:8c:
         f3:62:4c:7c:73:4b:92:e1:4c:c9:59:c5:7e:d1:f3:31:71:3d:
         cf:15:38:e3:9c:5b:cc:71:a3:fd:9a:66:03:d2:07:94:46:9b:
         71:cb:75:3a:11:50:27:70:e7:2a:26:33:04:dc:7e:9f:aa:b8:
         0a:fa:47:01:9a:0a:14:8a:33:6a:51:16:eb:20:31:95:71:4d:
         cc:9a:7d:fb:d9:10:81:2f:5c:ae:44:6f:18:44:00:24:c5:d6:
         2d:98:b5:27:c2:23:b4:ef:e8:7a:df:01:6d:66:34:2e:49:24:
         41:ab:69:50:90:f3:4e:f6:41:fd:ad:8f:6e:10:21:9b:fa:0c:
         b1:b7:6c:d7:d1:d7:c5:da:9b:29:9d:0f:2d:1c:25:fa:d0:d4:
         d5:c8:8b:b5:e1:83:f1:af:6e:f3:b0:38:a0:ce:29:34:51:12:
         99:12:88:56:d7:bc:1f:d9:08:39:cd:af:a4:58:df:3e:43:db:
         73:34:fb:f5:cf:e0:dc:dd:61:de:69:6e:4b:4c:8f:b6:dc:50:
         4e:2d:24:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXnrUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDFiY2EzOTg2MWY5YzMwYzc1NzYxNDgwMWY4NmQxN2U1ZWExZTRiMB4XDTIyMDIw
NDE3MTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE5YThmOWM1ZjBi
YjE1YzljYTViMDhlMmIxM2Y0NWE0NDM2NmViNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6pwuJGlj6zW88m6xypQP6lOlSOuUG0bAdTQXEFFiNKNyvx
1gsol/4XCRGXAqdgk5ObPOzp6rokaYELhz1Cxz0PocgZcxy3gSsToCVBBcgii+w2
xkSxMSgIKr+HH8tYJkujVe3pcge6IJXJ8O5HYe62qicaCyzbTjCrgfURAZz215Lo
2sAObEGm0880m1APK2SKzONy7HG1ucAP1abAnWVvH3lXsiKcJyLhKzQGDTjl/12/
zWU8FpeujryC0Hvq2UvY+VH75oaBWCEiEr+F3bVZPGg5qSJq73TQKoVXN1T5jaG7
S5gdI0QMoNSDpyFwKL6I5AGqhkum5fKJlkAaBScCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS6mo+cXwuxXJylsI4rE/RaRDZutTAfBgNVHSMEGDAWgBTUG8o5hh+cMMdX
YUgB+G0X5eoeSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFCdktPWVlmbkRESFYyRklBZmh0Ri1YcUhrcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTk4NjQyLWUzNmYtNGM1Yy1hOGUwLWEwYjUxNDI0OWMwNi8x
L3VwcVBuRjhMc1Z5Y3BiQ09LeFAwV2tRMmJyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTk4NjQyLWUzNmYtNGM1Yy1hOGUwLWEwYjUxNDI0OWMwNi8xLzFCdktPWVlmbkRE
SFYyRklBZmh0Ri1YcUhrcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIf3jANBgkqhkiG9w0BAQsFAAOC
AQEAEdmvjSr57U0Pn4WoAX8Zl1wbj8IiOwBHtqV2V5I9F0WrhEoguhFKkHzZ98eP
XnGjFZiu4UCM82JMfHNLkuFMyVnFftHzMXE9zxU445xbzHGj/ZpmA9IHlEabcct1
OhFQJ3DnKiYzBNx+n6q4CvpHAZoKFIozalEW6yAxlXFNzJp9+9kQgS9crkRvGEQA
JMXWLZi1J8IjtO/oet8BbWY0LkkkQatpUJDzTvZB/a2PbhAhm/oMsbds19HXxdqb
KZ0PLRwl+tDU1ciLteGD8a9u87A4oM4pNFESmRKIVte8H9kIOc2vpFjfPkPbczT7
9c/g3N1h3mluS0yPttxQTi0kJA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:15 2024 by rpki-client on console-ams.rpki-client.org