Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/40ae5e-9f9e-4056-9f5f-678d236abb75/1/Th91wbJiYcPCKYhi5gmeEUB93vc.roa
File:                     Th91wbJiYcPCKYhi5gmeEUB93vc.roa (raw, json)
Hash identifier:          5/AZxqul2lyZwnuBbrgpkE4yMqj32yAFcp52/6ZxmRs=
Subject key identifier:   4E:1F:75:C1:B2:62:61:C3:C2:29:88:62:E6:09:9E:11:40:7D:DE:F7
Certificate issuer:       /CN=4d1380e88c64a3003478ddf54142d2ac56163e93
Certificate serial:       02529B
Authority key identifier: 4D:13:80:E8:8C:64:A3:00:34:78:DD:F5:41:42:D2:AC:56:16:3E:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TROA6IxkowA0eN31QULSrFYWPpM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/40ae5e-9f9e-4056-9f5f-678d236abb75/1/Th91wbJiYcPCKYhi5gmeEUB93vc.roa
Signing time:             Thu 03 Mar 2022 13:33:44 +0000
ROA not before:           Thu 03 Mar 2022 13:33:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        185.120.86.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 152219 (0x2529b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d1380e88c64a3003478ddf54142d2ac56163e93
        Validity
            Not Before: Mar  3 13:33:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e1f75c1b26261c3c2298862e6099e11407ddef7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:17:46:0e:91:32:19:1a:d5:38:90:33:c2:de:
                    21:ee:bc:a8:ae:0a:be:89:83:2d:be:15:bd:45:0d:
                    af:ee:b0:dd:a3:39:c0:e0:62:4e:56:fa:39:f7:f6:
                    68:56:13:29:86:20:64:b4:0a:04:6e:69:75:a4:f4:
                    bc:ea:39:ee:29:a6:65:8f:9f:42:cb:53:a9:a9:17:
                    fa:14:89:47:67:ca:12:6a:26:ca:44:24:2c:9f:3b:
                    2a:49:ed:7e:8d:81:92:40:8d:c3:e8:5a:12:4a:26:
                    be:11:a2:04:3b:f5:18:50:87:3d:a1:21:cd:0d:f3:
                    4a:32:41:02:9d:83:63:0f:ce:5f:ae:3f:9e:c9:3b:
                    c1:7f:fc:67:03:8d:40:69:5e:9b:ae:75:12:f6:e4:
                    33:0b:36:b4:48:ae:7f:b5:ed:da:39:10:04:ac:63:
                    7e:b8:5a:fc:81:f4:aa:14:91:78:c9:e2:93:53:2a:
                    a1:8b:38:6c:04:88:6d:88:55:c1:bf:b0:72:22:e3:
                    20:98:a0:f2:de:0a:24:fa:c6:50:db:8e:d3:42:b9:
                    32:e9:35:19:1c:53:e6:62:1a:0d:c9:cd:63:e2:9b:
                    ef:88:fe:ec:5d:0d:6f:f3:fa:76:7a:d0:36:1f:0b:
                    a1:b1:6c:a5:76:4b:9d:7d:3e:1e:ea:8f:7f:f6:c4:
                    fc:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1F:75:C1:B2:62:61:C3:C2:29:88:62:E6:09:9E:11:40:7D:DE:F7
            X509v3 Authority Key Identifier:
                keyid:4D:13:80:E8:8C:64:A3:00:34:78:DD:F5:41:42:D2:AC:56:16:3E:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TROA6IxkowA0eN31QULSrFYWPpM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/40ae5e-9f9e-4056-9f5f-678d236abb75/1/Th91wbJiYcPCKYhi5gmeEUB93vc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/40ae5e-9f9e-4056-9f5f-678d236abb75/1/TROA6IxkowA0eN31QULSrFYWPpM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.120.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:85:82:e6:fa:6d:83:95:8d:d3:cc:df:f6:a5:00:56:39:03:
         39:25:61:f8:65:fa:05:61:24:e8:cb:5c:4c:69:7f:fe:d3:15:
         3e:39:5b:f8:2b:80:36:05:0e:1c:ac:56:5e:83:40:09:40:29:
         c5:1f:37:34:5d:aa:1a:d8:38:47:5f:04:da:e3:69:9e:b0:aa:
         d1:8e:4a:f1:96:81:0e:62:40:16:39:82:78:d4:a7:64:44:d5:
         b3:4d:da:2e:76:ad:e4:24:62:8a:7d:de:f2:7c:1e:5d:fd:30:
         72:c4:9d:a0:d8:ec:0e:73:a5:92:ba:d1:de:3f:a7:0e:77:bc:
         b4:59:24:04:84:9e:83:59:d1:c8:7e:f4:fd:d7:eb:da:70:82:
         7d:bc:04:d7:05:69:f2:2c:14:a4:70:c7:62:bf:e2:ee:fb:b6:
         ea:88:c9:e0:1d:56:1d:43:f4:23:a2:c8:cc:38:8e:3b:25:be:
         28:77:f6:c4:43:f2:3d:24:37:e3:f0:d2:b6:d2:01:9d:34:22:
         eb:80:18:01:dd:bf:e0:48:b7:81:34:6a:de:2a:a7:9d:9c:26:
         81:10:8d:c9:73:76:7a:30:2a:b4:49:00:a4:f1:4e:e0:20:27:
         c6:46:8b:cd:04:f9:74:47:0b:c3:d3:5c:86:e9:1e:87:44:34:
         67:f9:07:26
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAlKbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
MTM4MGU4OGM2NGEzMDAzNDc4ZGRmNTQxNDJkMmFjNTYxNjNlOTMwHhcNMjIwMzAz
MTMzMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ZTFmNzVjMWIyNjI2
MWMzYzIyOTg4NjJlNjA5OWUxMTQwN2RkZWY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzBdGDpEyGRrVOJAzwt4h7ryorgq+iYMtvhW9RQ2v7rDdoznA
4GJOVvo59/ZoVhMphiBktAoEbml1pPS86jnuKaZlj59Cy1OpqRf6FIlHZ8oSaibK
RCQsnzsqSe1+jYGSQI3D6FoSSia+EaIEO/UYUIc9oSHNDfNKMkECnYNjD85frj+e
yTvBf/xnA41AaV6brnUS9uQzCza0SK5/te3aORAErGN+uFr8gfSqFJF4yeKTUyqh
izhsBIhtiFXBv7ByIuMgmKDy3gok+sZQ247TQrky6TUZHFPmYhoNyc1j4pvviP7s
XQ1v8/p2etA2HwuhsWyldkudfT4e6o9/9sT8QQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFE4fdcGyYmHDwimIYuYJnhFAfd73MB8GA1UdIwQYMBaAFE0TgOiMZKMANHjd
9UFC0qxWFj6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VFJPQTZJeGtvd0EwZU4zMVFVTFNyRllXUHBNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OC80MGFlNWUtOWY5ZS00MDU2LTlmNWYtNjc4ZDIzNmFiYjc1LzEv
VGg5MXdiSmlZY1BDS1loaTVnbWVFVUI5M3ZjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80
MGFlNWUtOWY5ZS00MDU2LTlmNWYtNjc4ZDIzNmFiYjc1LzEvVFJPQTZJeGtvd0Ew
ZU4zMVFVTFNyRllXUHBNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXhWMA0GCSqGSIb3DQEBCwUAA4IB
AQCzhYLm+m2DlY3TzN/2pQBWOQM5JWH4ZfoFYSToy1xMaX/+0xU+OVv4K4A2BQ4c
rFZeg0AJQCnFHzc0Xaoa2DhHXwTa42mesKrRjkrxloEOYkAWOYJ41KdkRNWzTdou
dq3kJGKKfd7yfB5d/TByxJ2g2OwOc6WSutHeP6cOd7y0WSQEhJ6DWdHIfvT91+va
cIJ9vATXBWnyLBSkcMdiv+Lu+7bqiMngHVYdQ/QjosjMOI47Jb4od/bEQ/I9JDfj
8NK20gGdNCLrgBgB3b/gSLeBNGreKqednCaBEI3Jc3Z6MCq0SQCk8U7gICfGRovN
BPl0RwvD01yG6R6HRDRn+Qcm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:45 2025 by rpki-client