Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/78859a-f43c-4c21-96e2-9a7ae32c625b/1/YTnBVTZXN0d4fa_qDAdCFpRwmt8.roa
File:                     YTnBVTZXN0d4fa_qDAdCFpRwmt8.roa (raw, json)
Hash identifier:          RYEHYIKJ8r09kAEUjwwDqMt3yXTYKqlxHusqUh67XdU=
Subject key identifier:   61:39:C1:55:36:57:37:47:78:7D:AF:EA:0C:07:42:16:94:70:9A:DF
Certificate issuer:       /CN=da01323efafee332064e278b97cb8d1f9d8fef79
Certificate serial:       0117CA2D
Authority key identifier: DA:01:32:3E:FA:FE:E3:32:06:4E:27:8B:97:CB:8D:1F:9D:8F:EF:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gEyPvr-4zIGTieLl8uNH52P73k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/78859a-f43c-4c21-96e2-9a7ae32c625b/1/YTnBVTZXN0d4fa_qDAdCFpRwmt8.roa
Signing time:             Sat 04 Jun 2022 20:41:27 +0000
ROA not before:           Sat 04 Jun 2022 20:41:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207967
IP address blocks:        188.244.112.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18336301 (0x117ca2d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da01323efafee332064e278b97cb8d1f9d8fef79
        Validity
            Not Before: Jun  4 20:41:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6139c15536573747787dafea0c07421694709adf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:bb:55:79:05:09:84:16:37:ce:d7:4c:d2:eb:
                    bf:c3:d8:32:68:a7:8c:87:f9:1d:1b:c1:8b:91:89:
                    f0:de:0e:b5:a6:69:66:4e:29:e4:95:f0:c8:20:40:
                    3b:4c:61:c3:1a:b2:26:24:ee:6d:6f:ef:ca:da:34:
                    ce:62:db:e2:52:22:db:59:bf:eb:18:94:10:e6:cf:
                    e1:50:79:cb:16:15:83:ac:17:5e:e6:cf:a6:48:b4:
                    1d:23:e7:5b:53:51:d6:60:1d:05:67:97:c8:7a:75:
                    8a:67:31:fa:44:66:99:f9:29:03:2d:91:8c:8e:1e:
                    08:91:76:68:c5:27:e6:94:71:db:59:89:0e:90:af:
                    e6:d6:42:15:bb:32:63:6f:27:32:2a:26:1a:99:c4:
                    7c:b2:ed:01:ad:11:8d:24:2f:00:8a:f6:9c:66:f9:
                    ca:65:c3:32:e8:89:65:84:31:54:4c:4f:27:70:af:
                    53:69:ae:7d:e0:75:b5:f1:5d:bf:73:9e:01:f0:7e:
                    e0:89:d7:90:f9:b9:d5:ca:40:13:ea:c0:f0:f2:6c:
                    d4:49:18:ff:e0:53:61:0b:69:b3:68:77:b3:93:fd:
                    f1:0d:6e:7b:29:ed:ca:19:f4:40:da:4c:6e:92:87:
                    df:eb:2f:19:3f:9e:d9:dc:0c:45:1b:cd:89:34:15:
                    4a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:39:C1:55:36:57:37:47:78:7D:AF:EA:0C:07:42:16:94:70:9A:DF
            X509v3 Authority Key Identifier:
                keyid:DA:01:32:3E:FA:FE:E3:32:06:4E:27:8B:97:CB:8D:1F:9D:8F:EF:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gEyPvr-4zIGTieLl8uNH52P73k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/78859a-f43c-4c21-96e2-9a7ae32c625b/1/YTnBVTZXN0d4fa_qDAdCFpRwmt8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/78859a-f43c-4c21-96e2-9a7ae32c625b/1/2gEyPvr-4zIGTieLl8uNH52P73k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:5a:0e:ff:b7:b5:9e:31:1e:63:8b:0d:c8:55:98:e2:aa:ef:
         71:44:b4:ff:a9:92:0d:6f:33:00:88:ff:19:7e:93:2e:93:39:
         7a:40:da:81:cf:de:79:da:1d:63:95:e1:57:44:a5:25:d3:94:
         d2:22:6d:7c:af:e0:e9:92:7a:9f:74:e7:91:86:8c:82:50:a4:
         91:26:c2:9a:f0:9c:85:74:0f:d9:42:d1:17:e0:2c:34:ba:4e:
         b5:4e:eb:39:54:9d:95:36:63:4e:de:ad:bb:e5:fa:2f:c1:46:
         98:03:39:a5:21:be:9c:a9:ff:c1:89:d8:00:57:fd:73:d1:73:
         62:91:7a:57:f9:36:2b:5a:59:97:7c:bf:aa:01:53:7e:e5:09:
         3b:43:a2:4b:2a:59:aa:18:a3:41:b4:2b:82:cf:41:27:aa:28:
         1e:81:8c:fd:80:2f:9c:a0:50:d5:58:e6:bf:25:d5:0d:56:fd:
         74:9e:2e:db:c7:e4:8f:a6:c0:52:7d:0e:fd:d7:18:ac:48:85:
         13:06:2d:d6:b8:e4:cd:06:e7:2f:d4:6c:de:37:68:65:e0:da:
         50:7f:3e:b6:56:00:d6:a4:fa:86:dc:98:ac:b9:70:03:7b:60:
         21:7e:0b:86:1a:16:e5:ff:70:de:8c:8c:50:8f:0c:68:d7:ac:
         37:6a:11:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARfKLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAxMzIzZWZhZmVlMzMyMDY0ZTI3OGI5N2NiOGQxZjlkOGZlZjc5MB4XDTIyMDYw
NDIwNDEyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjEzOWMxNTUzNjU3
Mzc0Nzc4N2RhZmVhMGMwNzQyMTY5NDcwOWFkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI67VXkFCYQWN87XTNLrv8PYMminjIf5HRvBi5GJ8N4OtaZp
Zk4p5JXwyCBAO0xhwxqyJiTubW/vyto0zmLb4lIi21m/6xiUEObP4VB5yxYVg6wX
XubPpki0HSPnW1NR1mAdBWeXyHp1imcx+kRmmfkpAy2RjI4eCJF2aMUn5pRx21mJ
DpCv5tZCFbsyY28nMiomGpnEfLLtAa0RjSQvAIr2nGb5ymXDMuiJZYQxVExPJ3Cv
U2mufeB1tfFdv3OeAfB+4InXkPm51cpAE+rA8PJs1EkY/+BTYQtps2h3s5P98Q1u
eyntyhn0QNpMbpKH3+svGT+e2dwMRRvNiTQVSs8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhOcFVNlc3R3h9r+oMB0IWlHCa3zAfBgNVHSMEGDAWgBTaATI++v7jMgZO
J4uXy40fnY/veTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRXlQdnItNHpJR1RpZUxsOHVOSDUyUDczay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNzg4NTlhLWY0M2MtNGMyMS05NmUyLTlhN2FlMzJjNjI1Yi8x
L1lUbkJWVFpYTjBkNGZhX3FEQWRDRnBSd210OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
Nzg4NTlhLWY0M2MtNGMyMS05NmUyLTlhN2FlMzJjNjI1Yi8xLzJnRXlQdnItNHpJ
R1RpZUxsOHVOSDUyUDczay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALz0cDANBgkqhkiG9w0BAQsFAAOC
AQEADFoO/7e1njEeY4sNyFWY4qrvcUS0/6mSDW8zAIj/GX6TLpM5ekDagc/eedod
Y5XhV0SlJdOU0iJtfK/g6ZJ6n3TnkYaMglCkkSbCmvCchXQP2ULRF+AsNLpOtU7r
OVSdlTZjTt6tu+X6L8FGmAM5pSG+nKn/wYnYAFf9c9FzYpF6V/k2K1pZl3y/qgFT
fuUJO0OiSypZqhijQbQrgs9BJ6ooHoGM/YAvnKBQ1VjmvyXVDVb9dJ4u28fkj6bA
Un0O/dcYrEiFEwYt1rjkzQbnL9Rs3jdoZeDaUH8+tlYA1qT6htyYrLlwA3tgIX4L
hhoW5f9w3oyMUI8MaNesN2oRHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:40 2024 by rpki-client on console-fra.rpki-client.org