Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9a06b9-6bd5-4a75-a57b-bf3a717de744/1/36bPpZW6aNjlewW8wZtT3wv1_0g.roa
File:                     36bPpZW6aNjlewW8wZtT3wv1_0g.roa (raw, json)
Hash identifier:          //nF/5zMaqRg1dNblnAzcWaThDO9WYa5kIODssG/dXY=
Subject key identifier:   DF:A6:CF:A5:95:BA:68:D8:E5:7B:05:BC:C1:9B:53:DF:0B:F5:FF:48
Certificate issuer:       /CN=00b8d561fc8262d16b746dfaa374ec47466f5bc0
Certificate serial:       01856E8B2DD37CAA06AAB6D33B20EC451EF6
Authority key identifier: 00:B8:D5:61:FC:82:62:D1:6B:74:6D:FA:A3:74:EC:47:46:6F:5B:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ALjVYfyCYtFrdG36o3TsR0ZvW8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/9a06b9-6bd5-4a75-a57b-bf3a717de744/1/36bPpZW6aNjlewW8wZtT3wv1_0g.roa
Signing time:             Sun 01 Jan 2023 18:14:53 +0000
ROA not before:           Sun 01 Jan 2023 18:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60595
IP address blocks:        194.26.133.0/24 maxlen: 26

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:2d:d3:7c:aa:06:aa:b6:d3:3b:20:ec:45:1e:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00b8d561fc8262d16b746dfaa374ec47466f5bc0
        Validity
            Not Before: Jan  1 18:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dfa6cfa595ba68d8e57b05bcc19b53df0bf5ff48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:db:23:ad:36:cd:02:e8:93:3d:6e:77:fe:78:
                    90:88:8b:9c:54:36:4c:71:d8:9c:12:a3:51:f8:8a:
                    21:1d:67:87:ef:3b:db:9a:b4:77:61:20:37:ab:30:
                    7d:e0:80:e4:82:c0:99:66:06:29:5b:9f:86:58:46:
                    5d:79:fa:9e:4a:ab:af:f3:d7:46:de:0f:49:a9:41:
                    06:82:ef:b0:70:31:41:de:b5:09:60:2f:d0:04:3f:
                    06:a7:6f:4d:ec:d9:61:b2:5c:85:79:37:60:43:34:
                    51:fa:9d:7e:3d:cf:8f:3d:c7:07:89:b3:91:55:ad:
                    e3:27:cd:f3:19:dd:cc:52:6a:0a:bc:9b:68:ac:88:
                    82:d4:6e:db:ce:32:64:a1:37:6c:4a:e9:5e:d2:9e:
                    0a:ac:cf:c3:a1:99:d3:cd:22:d0:8a:48:07:1f:53:
                    a6:bb:d5:76:99:21:3e:0d:a8:e2:39:79:29:dc:a3:
                    5d:3b:25:e8:f6:7c:39:03:a6:0c:6a:4c:79:29:27:
                    67:b0:b7:dd:14:4b:ab:5d:a2:9c:1a:c6:e1:fe:a1:
                    d2:16:28:e8:c8:bc:da:39:0b:01:d9:be:8e:2f:57:
                    ea:8d:43:47:a3:28:f6:74:ad:1b:27:ff:fe:42:76:
                    dc:66:3c:86:30:46:72:08:d3:81:04:a4:63:3d:04:
                    f7:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A6:CF:A5:95:BA:68:D8:E5:7B:05:BC:C1:9B:53:DF:0B:F5:FF:48
            X509v3 Authority Key Identifier:
                keyid:00:B8:D5:61:FC:82:62:D1:6B:74:6D:FA:A3:74:EC:47:46:6F:5B:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALjVYfyCYtFrdG36o3TsR0ZvW8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9a06b9-6bd5-4a75-a57b-bf3a717de744/1/36bPpZW6aNjlewW8wZtT3wv1_0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9a06b9-6bd5-4a75-a57b-bf3a717de744/1/ALjVYfyCYtFrdG36o3TsR0ZvW8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:ad:36:47:f5:68:0c:41:6c:82:87:ae:48:3c:a6:b8:2e:6d:
         97:3f:16:50:af:59:44:7f:c4:74:db:7b:26:4b:10:ec:80:ca:
         0d:7b:5e:e5:fc:f3:d3:ad:f8:88:5f:d5:c2:e7:f6:11:ff:27:
         81:bc:68:93:86:c6:bf:c6:a9:fb:1b:a9:f2:a1:e5:0b:01:58:
         d7:90:08:ab:9c:d2:2e:6b:d6:46:9b:7c:72:80:a0:b3:e0:5f:
         bc:46:d3:1e:1c:c9:2b:30:2f:01:d5:f4:15:e6:e6:30:c0:82:
         c0:bd:f4:7b:bf:17:57:1d:78:02:56:54:37:79:1c:5d:87:a1:
         14:f6:9f:17:99:2c:d0:9e:a9:6f:96:a9:2e:81:b3:df:54:e2:
         8e:89:ab:ef:bd:46:40:a8:15:ff:19:0c:36:f2:56:56:c8:0d:
         8f:b3:5e:88:ba:1f:89:9b:47:04:48:b4:30:16:89:db:ba:54:
         64:dd:36:de:de:05:bd:a4:e1:4e:87:1a:fa:a1:2d:88:98:4b:
         f3:55:32:b0:31:b6:7f:d3:3b:4a:ff:b4:21:b2:6a:6d:d5:5d:
         96:88:85:25:61:e1:f4:6e:79:b0:10:34:db:b9:89:1f:1e:3a:
         72:0c:ab:52:e4:e7:5f:3d:77:be:54:fc:3b:62:23:b7:7c:d4:
         10:3d:c0:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiy3TfKoGqrbTOyDsRR72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjhkNTYxZmM4MjYyZDE2Yjc0NmRmYWEzNzRlYzQ3NDY2
ZjViYzAwHhcNMjMwMTAxMTgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE2Y2ZhNTk1YmE2OGQ4ZTU3YjA1YmNjMTliNTNkZjBiZjVmZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9sjrTbNAuiTPW53/niQiIucVDZM
cdicEqNR+IohHWeH7zvbmrR3YSA3qzB94IDkgsCZZgYpW5+GWEZdefqeSquv89dG
3g9JqUEGgu+wcDFB3rUJYC/QBD8Gp29N7NlhslyFeTdgQzRR+p1+Pc+PPccHibOR
Va3jJ83zGd3MUmoKvJtorIiC1G7bzjJkoTdsSule0p4KrM/DoZnTzSLQikgHH1Om
u9V2mSE+DajiOXkp3KNdOyXo9nw5A6YMakx5KSdnsLfdFEurXaKcGsbh/qHSFijo
yLzaOQsB2b6OL1fqjUNHoyj2dK0bJ//+QnbcZjyGMEZyCNOBBKRjPQT31QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+mz6WVumjY5XsFvMGbU98L9f9IMB8GA1UdIwQY
MBaAFAC41WH8gmLRa3Rt+qN07EdGb1vAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxqVllmeUNZdEZyZEczNm8zVHNSMFp2VzhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85YTA2YjktNmJkNS00YTc1LWE1N2It
YmYzYTcxN2RlNzQ0LzEvMzZiUHBaVzZhTmpsZXdXOHdadFQzd3YxXzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85YTA2YjktNmJkNS00YTc1LWE1N2ItYmYzYTcxN2RlNzQ0
LzEvQUxqVllmeUNZdEZyZEczNm8zVHNSMFp2VzhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhqFMA0G
CSqGSIb3DQEBCwUAA4IBAQBprTZH9WgMQWyCh65IPKa4Lm2XPxZQr1lEf8R023sm
SxDsgMoNe17l/PPTrfiIX9XC5/YR/yeBvGiThsa/xqn7G6nyoeULAVjXkAirnNIu
a9ZGm3xygKCz4F+8RtMeHMkrMC8B1fQV5uYwwILAvfR7vxdXHXgCVlQ3eRxdh6EU
9p8XmSzQnqlvlqkugbPfVOKOiavvvUZAqBX/GQw28lZWyA2Ps16Iuh+Jm0cESLQw
FonbulRk3Tbe3gW9pOFOhxr6oS2ImEvzVTKwMbZ/0ztK/7Qhsmpt1V2WiIUlYeH0
bnmwEDTbuYkfHjpyDKtS5OdfPXe+VPw7YiO3fNQQPcAm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org