Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/v9CQ_kg-7FYSTyhsxmUqmaqESlc.roa
File:                     v9CQ_kg-7FYSTyhsxmUqmaqESlc.roa (raw, json)
Hash identifier:          UEtgZ/cKlJlkgQpMwazVljiPEd/9J4MtaL72b2chuNU=
Subject key identifier:   BF:D0:90:FE:48:3E:EC:56:12:4F:28:6C:C6:65:2A:99:AA:84:4A:57
Certificate issuer:       /CN=07217c0634c102c71ba3e444f0688abdd1af4ce8
Certificate serial:       1472B808
Authority key identifier: 07:21:7C:06:34:C1:02:C7:1B:A3:E4:44:F0:68:8A:BD:D1:AF:4C:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ByF8BjTBAscbo-RE8GiKvdGvTOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/v9CQ_kg-7FYSTyhsxmUqmaqESlc.roa
Signing time:             Wed 01 Jun 2022 07:56:20 +0000
ROA not before:           Wed 01 Jun 2022 07:56:20 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     28788
IP address blocks:        185.84.196.0/22 maxlen: 24
                          2a03:71e0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 343062536 (0x1472b808)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07217c0634c102c71ba3e444f0688abdd1af4ce8
        Validity
            Not Before: Jun  1 07:56:20 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bfd090fe483eec56124f286cc6652a99aa844a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:8d:f7:31:ed:0a:36:dd:51:4a:2d:09:ff:b1:
                    d4:86:04:78:a3:5a:5d:4b:ae:47:cc:a5:97:4f:2f:
                    84:4b:8c:dd:3d:cc:64:f6:e7:a9:91:c7:e0:94:ad:
                    30:b2:8e:28:92:2a:89:12:de:2f:0a:b2:eb:42:41:
                    e6:b5:39:d6:25:68:80:b8:bd:e0:fd:65:99:a4:c6:
                    6d:3a:b0:49:8a:25:3b:9d:95:9b:f2:1c:da:5b:8e:
                    bb:fe:30:b4:62:24:c0:c2:36:5e:29:7c:52:7e:61:
                    ca:47:38:d0:5e:0f:a0:15:51:f0:26:df:6c:66:8d:
                    20:0f:12:d8:bc:7b:dd:56:9a:4a:26:31:d5:be:d7:
                    e1:d8:6b:b8:0e:6e:ec:36:08:f7:c5:20:92:91:32:
                    a8:5f:93:c2:e1:67:ae:9f:9d:7b:b2:11:ed:4a:46:
                    6a:a7:b2:2e:57:37:ee:06:51:79:2e:0c:78:c3:53:
                    88:10:25:47:d6:41:0e:8e:9d:0e:1c:20:d8:a2:a2:
                    39:5c:72:ae:2e:de:1a:2f:7f:d4:ad:f8:0a:b6:6d:
                    96:e6:07:bd:95:2e:01:0d:75:73:af:1b:dc:67:08:
                    a1:2c:33:ff:f4:af:e3:cf:ee:c6:71:73:22:da:de:
                    58:82:8e:fd:bb:d2:ec:a1:e6:d7:0e:df:c0:29:c4:
                    a9:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D0:90:FE:48:3E:EC:56:12:4F:28:6C:C6:65:2A:99:AA:84:4A:57
            X509v3 Authority Key Identifier:
                keyid:07:21:7C:06:34:C1:02:C7:1B:A3:E4:44:F0:68:8A:BD:D1:AF:4C:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ByF8BjTBAscbo-RE8GiKvdGvTOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/v9CQ_kg-7FYSTyhsxmUqmaqESlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b41ad4-8500-4f26-9019-0f0bc9f629d3/1/ByF8BjTBAscbo-RE8GiKvdGvTOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.84.196.0/22
                IPv6:
                  2a03:71e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:8d:4d:e4:e4:65:16:b4:58:b2:4c:a1:95:58:94:5a:0f:fe:
         aa:19:e0:34:c9:03:3f:0a:20:84:0f:b9:bf:0f:84:ee:34:e1:
         a0:87:6f:7b:bc:be:54:b7:36:b0:c5:cd:46:93:a3:3c:c1:fe:
         f2:1e:73:20:f2:93:5f:90:5d:6f:86:f8:1d:6a:81:ac:1a:91:
         fc:70:c6:98:11:b6:3b:d7:04:da:38:85:8f:99:fb:6c:53:b1:
         e7:b3:11:26:fa:38:ee:48:39:99:65:9c:80:dd:bd:4a:a2:ee:
         b7:08:3c:5d:be:88:99:00:c7:49:56:cb:77:f5:07:08:8d:f7:
         68:de:12:5e:6b:de:54:71:78:20:86:25:4f:aa:db:f3:be:85:
         bf:b7:e0:e9:32:ab:45:80:50:85:91:d2:4d:33:09:fa:3d:bf:
         5a:9c:67:7f:ea:39:7c:1f:91:a5:82:36:a2:8f:7a:18:3d:8c:
         93:3d:49:e3:15:0f:6e:99:fd:b0:2c:44:b3:67:4c:fd:b8:65:
         c2:76:42:e1:fd:39:10:4f:94:32:42:59:2d:2a:d8:27:9e:95:
         ba:09:54:6c:2b:02:a6:8e:4c:55:c6:15:a8:63:0b:2f:90:da:
         b2:a8:cc:e4:db:38:91:08:f8:06:3e:9d:02:ef:29:78:44:a3:
         90:ff:80:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFHK4CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzIxN2MwNjM0YzEwMmM3MWJhM2U0NDRmMDY4OGFiZGQxYWY0Y2U4MB4XDTIyMDYw
MTA3NTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmZkMDkwZmU0ODNl
ZWM1NjEyNGYyODZjYzY2NTJhOTlhYTg0NGE1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiN9zHtCjbdUUotCf+x1IYEeKNaXUuuR8yll08vhEuM3T3M
ZPbnqZHH4JStMLKOKJIqiRLeLwqy60JB5rU51iVogLi94P1lmaTGbTqwSYolO52V
m/Ic2luOu/4wtGIkwMI2Xil8Un5hykc40F4PoBVR8CbfbGaNIA8S2Lx73VaaSiYx
1b7X4dhruA5u7DYI98UgkpEyqF+TwuFnrp+de7IR7UpGaqeyLlc37gZReS4MeMNT
iBAlR9ZBDo6dDhwg2KKiOVxyri7eGi9/1K34CrZtluYHvZUuAQ11c68b3GcIoSwz
//Sv48/uxnFzItreWIKO/bvS7KHm1w7fwCnEqRUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS/0JD+SD7sVhJPKGzGZSqZqoRKVzAfBgNVHSMEGDAWgBQHIXwGNMECxxuj
5ETwaIq90a9M6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J5RjhCalRCQXNjYm8tUkU4R2lLdmRHdlRPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvYjQxYWQ0LTg1MDAtNGYyNi05MDE5LTBmMGJjOWY2MjlkMy8x
L3Y5Q1Ffa2ctN0ZZU1R5aHN4bVVxbWFxRVNsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
YjQxYWQ0LTg1MDAtNGYyNi05MDE5LTBmMGJjOWY2MjlkMy8xL0J5RjhCalRCQXNj
Ym8tUkU4R2lLdmRHdlRPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlUxDANBAIAAjAHAwUAKgNx4DAN
BgkqhkiG9w0BAQsFAAOCAQEAUI1N5ORlFrRYskyhlViUWg/+qhngNMkDPwoghA+5
vw+E7jThoIdve7y+VLc2sMXNRpOjPMH+8h5zIPKTX5Bdb4b4HWqBrBqR/HDGmBG2
O9cE2jiFj5n7bFOx57MRJvo47kg5mWWcgN29SqLutwg8Xb6ImQDHSVbLd/UHCI33
aN4SXmveVHF4IIYlT6rb876Fv7fg6TKrRYBQhZHSTTMJ+j2/Wpxnf+o5fB+RpYI2
oo96GD2Mkz1J4xUPbpn9sCxEs2dM/bhlwnZC4f05EE+UMkJZLSrYJ56VuglUbCsC
po5MVcYVqGMLL5DasqjM5Ns4kQj4Bj6dAu8peESjkP+Amw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:50 2024 by rpki-client on console-ams.rpki-client.org