Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/CzCrf63JvJJ8cwz0In2ZgnW5dmg.roa
File:                     CzCrf63JvJJ8cwz0In2ZgnW5dmg.roa (raw, json)
Hash identifier:          6OOQCA96d6PXrEXfSRbTLIfdhHUDjQ9ytGMiGFPJdOE=
Subject key identifier:   0B:30:AB:7F:AD:C9:BC:92:7C:73:0C:F4:22:7D:99:82:75:B9:76:68
Certificate issuer:       /CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
Certificate serial:       0168E17C
Authority key identifier: 03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/CzCrf63JvJJ8cwz0In2ZgnW5dmg.roa
Signing time:             Sat 01 Jan 2022 04:57:21 +0000
ROA not before:           Sat 01 Jan 2022 04:57:21 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     25369
IP address blocks:        213.232.252.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23650684 (0x168e17c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
        Validity
            Not Before: Jan  1 04:57:21 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0b30ab7fadc9bc927c730cf4227d998275b97668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:3b:3c:07:29:2d:f2:61:4e:2b:f6:37:66:8e:
                    df:15:20:a9:5e:35:7b:e7:a8:37:fa:6f:a9:24:bf:
                    c0:73:5b:f9:91:2b:68:e0:26:51:09:00:82:a1:70:
                    b6:42:19:a3:64:19:2a:b0:29:5a:2b:60:bf:52:db:
                    2e:92:37:02:45:86:22:ba:52:d8:27:e9:34:e8:44:
                    79:8c:54:d2:16:a7:eb:bd:98:bd:7f:4f:e3:6a:26:
                    26:39:f5:d2:53:eb:f6:e5:b0:3f:33:37:6b:89:4d:
                    1c:7a:84:3d:aa:33:d8:69:24:2e:63:33:61:90:95:
                    df:53:de:49:48:54:5b:3b:09:50:80:fe:a0:d5:d0:
                    2f:9b:77:9e:4b:e2:70:b6:b6:4b:30:65:39:18:40:
                    2c:51:1c:8d:c8:68:48:4c:0f:7e:c2:3c:70:5d:cd:
                    b4:cf:ff:67:45:7b:41:fd:5d:5e:f3:7b:79:79:40:
                    6e:db:1f:62:a8:0b:a6:cc:cf:12:c5:2e:c0:22:b5:
                    2d:59:e7:8b:0c:76:7c:34:fa:29:a8:59:d5:a5:8b:
                    e6:10:86:19:79:b2:88:be:86:b6:e1:b5:96:d1:67:
                    df:86:d0:e4:d9:57:50:43:7d:28:5c:52:f4:f4:1e:
                    c4:d0:2e:05:cb:0b:1f:ef:0d:8b:4f:3c:d4:f1:9a:
                    57:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:30:AB:7F:AD:C9:BC:92:7C:73:0C:F4:22:7D:99:82:75:B9:76:68
            X509v3 Authority Key Identifier:
                keyid:03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/CzCrf63JvJJ8cwz0In2ZgnW5dmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/A0Usnb_J5Bk8flXg0gFlaNlGUoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:42:b8:b0:62:15:59:ac:85:28:a2:95:24:44:8d:74:b4:b0:
         2a:74:73:71:14:58:0e:d1:a6:f7:b0:27:fd:ec:b6:bc:33:59:
         45:76:42:f9:db:43:bf:19:c7:fe:a1:35:87:b4:fe:77:b3:12:
         c5:ce:a0:c9:e5:ad:cf:4d:f6:fe:2f:53:dc:97:98:af:a2:3c:
         94:0e:8b:b0:35:1f:5a:f7:7d:41:1a:10:73:f7:eb:d8:39:db:
         90:f9:e1:27:91:cf:e9:04:69:c2:0f:35:21:a5:b8:e9:fc:70:
         22:48:5d:60:c7:27:88:49:94:56:e6:14:c3:88:77:27:96:1e:
         92:24:11:c8:44:e6:f3:d7:ea:eb:1d:ae:eb:80:92:4d:e3:79:
         f7:ee:83:a4:b7:7c:17:09:ce:ed:fb:de:21:e3:cd:1f:7d:d9:
         a0:90:c5:c1:7a:b5:4c:2a:a5:89:af:90:bb:ca:5b:a0:c5:77:
         b6:8e:62:d5:55:61:ed:fb:cd:40:fc:68:0b:a2:7d:9f:76:6d:
         95:48:95:75:7f:8b:5b:d3:d9:a6:3d:29:7e:c1:b7:08:9c:3d:
         33:a4:7e:20:a5:eb:5d:50:d2:8f:d9:87:e2:55:ad:a6:8e:7f:
         6b:54:d0:34:87:51:bd:87:f5:84:29:a1:f8:c9:a1:6d:6d:8b:
         7f:ae:64:4e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWjhfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzQ1MmM5ZGJmYzllNDE5M2M3ZTU1ZTBkMjAxNjU2OGQ5NDY1Mjg1MB4XDTIyMDEw
MTA0NTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIzMGFiN2ZhZGM5
YmM5MjdjNzMwY2Y0MjI3ZDk5ODI3NWI5NzY2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQ7PAcpLfJhTiv2N2aO3xUgqV41e+eoN/pvqSS/wHNb+ZEr
aOAmUQkAgqFwtkIZo2QZKrApWitgv1LbLpI3AkWGIrpS2CfpNOhEeYxU0han672Y
vX9P42omJjn10lPr9uWwPzM3a4lNHHqEPaoz2GkkLmMzYZCV31PeSUhUWzsJUID+
oNXQL5t3nkvicLa2SzBlORhALFEcjchoSEwPfsI8cF3NtM//Z0V7Qf1dXvN7eXlA
btsfYqgLpszPEsUuwCK1LVnniwx2fDT6KahZ1aWL5hCGGXmyiL6GtuG1ltFn34bQ
5NlXUEN9KFxS9PQexNAuBcsLH+8Ni0881PGaV4sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLMKt/rcm8knxzDPQifZmCdbl2aDAfBgNVHSMEGDAWgBQDRSydv8nkGTx+
VeDSAWVo2UZShTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EwVXNuYl9KNUJrOGZsWGcwZ0ZsYU5sR1VvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8x
L0N6Q3JmNjNKdkpKOGN3ejBJbjJaZ25XNWRtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8xL0EwVXNuYl9KNUJr
OGZsWGcwZ0ZsYU5sR1VvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo/DANBgkqhkiG9w0BAQsFAAOC
AQEAq0K4sGIVWayFKKKVJESNdLSwKnRzcRRYDtGm97An/ey2vDNZRXZC+dtDvxnH
/qE1h7T+d7MSxc6gyeWtz032/i9T3JeYr6I8lA6LsDUfWvd9QRoQc/fr2DnbkPnh
J5HP6QRpwg81IaW46fxwIkhdYMcniEmUVuYUw4h3J5YekiQRyETm89fq6x2u64CS
TeN59+6DpLd8FwnO7fveIePNH33ZoJDFwXq1TCqlia+Qu8pboMV3to5i1VVh7fvN
QPxoC6J9n3ZtlUiVdX+LW9PZpj0pfsG3CJw9M6R+IKXrXVDSj9mH4lWtpo5/a1TQ
NIdRvYf1hCmh+MmhbW2Lf65kTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org