Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/z4fY2pzepHqmc1IfG72W4dhGjbk.roa
File:                     z4fY2pzepHqmc1IfG72W4dhGjbk.roa (raw, json)
Hash identifier:          V7v5dFfPq6GxUcMwxppbsXraAE6GgBKCOLzzRt/aYzk=
Subject key identifier:   CF:87:D8:DA:9C:DE:A4:7A:A6:73:52:1F:1B:BD:96:E1:D8:46:8D:B9
Certificate issuer:       /CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
Certificate serial:       0190A51D
Authority key identifier: 03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/z4fY2pzepHqmc1IfG72W4dhGjbk.roa
Signing time:             Sun 16 Jan 2022 07:18:04 +0000
ROA not before:           Sun 16 Jan 2022 07:18:04 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        213.232.252.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26256669 (0x190a51d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03452c9dbfc9e4193c7e55e0d2016568d9465285
        Validity
            Not Before: Jan 16 07:18:04 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cf87d8da9cdea47aa673521f1bbd96e1d8468db9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ca:a5:ec:8b:68:6f:c9:98:bb:6b:f8:38:de:
                    7e:d2:b0:84:b8:70:e8:49:25:11:74:f4:0d:f1:ea:
                    e9:1d:40:45:ea:cb:cd:c1:f4:aa:3e:51:73:65:e3:
                    39:94:df:83:fe:54:0a:42:a6:78:9b:4a:9c:df:75:
                    a0:96:82:af:11:df:46:38:79:99:ed:6d:52:19:8b:
                    43:b4:de:3d:02:f3:d4:6d:5f:2f:a3:9e:ff:6b:ce:
                    9b:88:3d:d9:7e:55:7a:97:cf:83:f4:f5:95:86:a2:
                    bd:08:04:aa:ee:68:78:57:6a:ce:57:63:42:5c:53:
                    5b:c5:9a:4e:9e:fe:7b:f7:9c:e4:78:87:bd:cc:f3:
                    f3:e5:52:e9:e2:e0:b5:94:75:a7:79:ba:ac:ef:a8:
                    ce:8b:b2:00:2b:c7:dd:41:35:91:f3:74:86:95:cc:
                    ab:d4:4f:60:70:7a:ee:fa:87:5f:fb:8b:f2:51:11:
                    16:a5:1d:9c:c1:38:7f:82:ea:b0:01:ac:cc:1a:da:
                    06:0d:d4:70:db:65:00:b0:57:a3:2c:48:44:0b:89:
                    83:05:b9:d8:76:b5:eb:d5:b7:64:19:ea:ec:0a:ac:
                    4c:4a:8c:41:39:4e:43:c2:ec:bb:38:9b:f6:34:30:
                    9a:2e:11:dc:e7:2d:43:27:ac:d0:e9:ea:c9:f2:2c:
                    d0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:87:D8:DA:9C:DE:A4:7A:A6:73:52:1F:1B:BD:96:E1:D8:46:8D:B9
            X509v3 Authority Key Identifier:
                keyid:03:45:2C:9D:BF:C9:E4:19:3C:7E:55:E0:D2:01:65:68:D9:46:52:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0Usnb_J5Bk8flXg0gFlaNlGUoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/z4fY2pzepHqmc1IfG72W4dhGjbk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/5fddcb-632d-439e-aa69-d3ee98fc2776/1/A0Usnb_J5Bk8flXg0gFlaNlGUoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.232.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:30:59:a4:9a:cb:58:1d:91:91:a4:8a:94:ef:8e:cf:a4:7d:
         3e:f5:64:89:f9:c7:7f:9c:44:f7:25:68:55:59:1e:62:74:5d:
         a5:21:86:e2:c7:03:5a:5a:80:2a:2e:da:17:ca:e5:08:40:9c:
         21:48:1f:ae:0b:84:9b:2e:f3:a6:c5:bd:24:14:f8:14:39:ba:
         af:7e:63:55:ee:ca:dc:1c:85:00:b7:ce:d1:dc:79:06:01:d4:
         f6:ba:0e:dc:9c:85:f6:e3:d9:78:ed:ee:b4:84:38:d8:51:42:
         0f:43:03:8f:dd:31:15:d5:ca:31:0c:c6:6f:58:76:6c:a8:80:
         1e:02:35:1f:17:e8:d4:83:ac:1b:c3:64:e4:12:2f:c1:33:27:
         42:6a:dd:a1:41:25:0f:0c:eb:de:13:61:03:9c:37:f6:73:90:
         9a:0e:de:c4:24:41:8a:e3:14:2c:4a:80:00:f3:1f:6b:cf:40:
         c7:c7:0f:f0:28:8f:46:fa:7f:49:8c:22:ac:81:4f:00:b2:0d:
         44:37:22:bc:ae:88:5c:09:d6:f0:92:2a:1b:cf:b7:64:55:fe:
         e1:67:29:60:ee:92:26:a6:3c:98:89:27:04:19:fd:59:9b:14:
         ac:96:b7:6e:21:d4:c8:c2:02:5b:76:1c:4f:7e:23:ce:17:1f:
         24:c3:b8:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZClHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzQ1MmM5ZGJmYzllNDE5M2M3ZTU1ZTBkMjAxNjU2OGQ5NDY1Mjg1MB4XDTIyMDEx
NjA3MTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y4N2Q4ZGE5Y2Rl
YTQ3YWE2NzM1MjFmMWJiZDk2ZTFkODQ2OGRiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPKpeyLaG/JmLtr+DjeftKwhLhw6EklEXT0DfHq6R1ARerL
zcH0qj5Rc2XjOZTfg/5UCkKmeJtKnN91oJaCrxHfRjh5me1tUhmLQ7TePQLz1G1f
L6Oe/2vOm4g92X5VepfPg/T1lYaivQgEqu5oeFdqzldjQlxTW8WaTp7+e/ec5HiH
vczz8+VS6eLgtZR1p3m6rO+ozouyACvH3UE1kfN0hpXMq9RPYHB67vqHX/uL8lER
FqUdnME4f4LqsAGszBraBg3UcNtlALBXoyxIRAuJgwW52Ha169W3ZBnq7AqsTEqM
QTlOQ8Lsuzib9jQwmi4R3OctQyes0OnqyfIs0O0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTPh9janN6keqZzUh8bvZbh2EaNuTAfBgNVHSMEGDAWgBQDRSydv8nkGTx+
VeDSAWVo2UZShTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EwVXNuYl9KNUJrOGZsWGcwZ0ZsYU5sR1VvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8x
L3o0ZlkycHplcEhxbWMxSWZHNzJXNGRoR2piay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NWZkZGNiLTYzMmQtNDM5ZS1hYTY5LWQzZWU5OGZjMjc3Ni8xL0EwVXNuYl9KNUJr
OGZsWGcwZ0ZsYU5sR1VvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANXo/DANBgkqhkiG9w0BAQsFAAOC
AQEAmTBZpJrLWB2RkaSKlO+Oz6R9PvVkifnHf5xE9yVoVVkeYnRdpSGG4scDWlqA
Ki7aF8rlCECcIUgfrguEmy7zpsW9JBT4FDm6r35jVe7K3ByFALfO0dx5BgHU9roO
3JyF9uPZeO3utIQ42FFCD0MDj90xFdXKMQzGb1h2bKiAHgI1Hxfo1IOsG8Nk5BIv
wTMnQmrdoUElDwzr3hNhA5w39nOQmg7exCRBiuMULEqAAPMfa89Ax8cP8CiPRvp/
SYwirIFPALINRDcivK6IXAnW8JIqG8+3ZFX+4WcpYO6SJqY8mIknBBn9WZsUrJa3
biHUyMICW3YcT34jzhcfJMO4AA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org