Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/8ba1a1-c861-4f9b-9f4f-e62f58c7c9f4/1/A1C6FtjJ1ULLBlaSgjK1_Z1UqFw.roa
File:                     A1C6FtjJ1ULLBlaSgjK1_Z1UqFw.roa (raw, json)
Hash identifier:          FOdNqwS+32IwRk1rhexyXKwuu1Os440j+JTrf/y2rl0=
Subject key identifier:   03:50:BA:16:D8:C9:D5:42:CB:06:56:92:82:32:B5:FD:9D:54:A8:5C
Certificate issuer:       /CN=922da8e9dc55505612080b379d1ee49068f0ffcd
Certificate serial:       01A11399
Authority key identifier: 92:2D:A8:E9:DC:55:50:56:12:08:0B:37:9D:1E:E4:90:68:F0:FF:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ki2o6dxVUFYSCAs3nR7kkGjw_80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/8ba1a1-c861-4f9b-9f4f-e62f58c7c9f4/1/A1C6FtjJ1ULLBlaSgjK1_Z1UqFw.roa
Signing time:             Sat 01 Jan 2022 14:07:11 +0000
ROA not before:           Sat 01 Jan 2022 14:07:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        185.76.148.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 27333529 (0x1a11399)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922da8e9dc55505612080b379d1ee49068f0ffcd
        Validity
            Not Before: Jan  1 14:07:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0350ba16d8c9d542cb0656928232b5fd9d54a85c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4a:d4:a3:1d:ee:f1:29:dd:15:f8:b7:c9:19:
                    cf:c4:1e:6d:59:db:cf:58:04:06:1e:aa:1d:d7:5e:
                    21:36:43:84:ad:20:44:25:9d:95:56:82:1f:3e:4d:
                    a1:4a:8d:28:71:49:a0:e3:50:77:ee:b6:a0:3f:0f:
                    41:8c:a7:ec:4e:dc:17:b5:8c:6f:06:bd:7d:c0:c9:
                    32:94:a7:c7:2f:1a:f9:d3:94:eb:3a:92:65:c3:c2:
                    8e:77:b6:d8:36:c5:ea:5f:5f:a9:a6:19:e7:a7:2c:
                    e5:b9:16:b4:f4:36:7d:a5:51:48:68:95:92:2d:cf:
                    23:da:92:50:f5:fc:67:4e:38:95:30:43:26:81:72:
                    dc:12:42:17:96:16:a9:69:38:b5:df:f4:4d:83:39:
                    76:e5:92:fb:cc:aa:68:1c:46:4c:77:03:7e:e7:be:
                    08:22:98:50:01:b5:49:91:7e:4b:fc:dc:3e:a7:b7:
                    b2:4e:3b:53:5e:30:bd:d9:a5:4d:27:d0:6c:b4:e6:
                    58:b4:b1:3d:4e:e1:4f:07:68:52:8b:83:30:19:ab:
                    88:48:35:6a:10:04:fb:88:1e:76:c8:62:b3:2b:92:
                    c5:52:11:45:9b:fd:8e:6a:5c:b6:13:65:43:b7:ca:
                    47:0b:a7:3a:25:df:11:2b:92:7f:86:74:af:9d:8a:
                    23:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:50:BA:16:D8:C9:D5:42:CB:06:56:92:82:32:B5:FD:9D:54:A8:5C
            X509v3 Authority Key Identifier:
                keyid:92:2D:A8:E9:DC:55:50:56:12:08:0B:37:9D:1E:E4:90:68:F0:FF:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki2o6dxVUFYSCAs3nR7kkGjw_80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8ba1a1-c861-4f9b-9f4f-e62f58c7c9f4/1/A1C6FtjJ1ULLBlaSgjK1_Z1UqFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/8ba1a1-c861-4f9b-9f4f-e62f58c7c9f4/1/ki2o6dxVUFYSCAs3nR7kkGjw_80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:55:39:c8:81:1f:47:70:b0:fc:2b:05:87:8b:d4:59:d7:0a:
         07:f7:55:b4:7f:be:9d:d0:8f:cb:93:61:85:77:43:c7:3b:53:
         2e:f9:68:64:aa:da:5c:4b:c3:c1:cc:26:21:d4:8d:66:9c:a0:
         0e:03:b1:31:18:08:85:85:7e:43:33:81:0f:37:70:65:95:2f:
         f0:20:a3:05:ed:83:e7:cf:0d:35:2b:07:4e:43:72:4d:80:04:
         4e:bc:94:d6:7c:6a:80:03:55:ac:7e:2f:33:16:b6:16:50:0c:
         c9:af:73:4c:11:cc:e1:15:b2:e3:35:db:f7:37:5f:8f:ca:91:
         d0:c6:90:93:5d:93:2f:4f:93:92:f1:f9:bb:d3:e3:f5:88:68:
         a3:ae:be:db:f9:e0:b0:30:86:99:cc:ce:8d:2d:88:c9:ea:eb:
         46:3b:cd:86:f8:72:9a:b8:76:72:1c:0c:92:9b:f8:29:1b:fc:
         e2:77:1e:20:7b:74:b1:14:73:4e:c3:7f:ad:82:5c:45:69:e6:
         d0:87:c1:9a:ff:a5:bf:b5:a3:b1:2c:4d:1a:60:46:46:3a:3b:
         98:32:4a:a9:d9:f3:1d:5a:bd:e6:93:59:16:01:55:02:d0:d1:
         61:4b:83:cc:be:47:19:d2:06:f7:51:0b:2d:be:36:c4:db:35:
         5e:88:aa:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAaETmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjJkYThlOWRjNTU1MDU2MTIwODBiMzc5ZDFlZTQ5MDY4ZjBmZmNkMB4XDTIyMDEw
MTE0MDcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM1MGJhMTZkOGM5
ZDU0MmNiMDY1NjkyODIzMmI1ZmQ5ZDU0YTg1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVK1KMd7vEp3RX4t8kZz8QebVnbz1gEBh6qHddeITZDhK0g
RCWdlVaCHz5NoUqNKHFJoONQd+62oD8PQYyn7E7cF7WMbwa9fcDJMpSnxy8a+dOU
6zqSZcPCjne22DbF6l9fqaYZ56cs5bkWtPQ2faVRSGiVki3PI9qSUPX8Z044lTBD
JoFy3BJCF5YWqWk4td/0TYM5duWS+8yqaBxGTHcDfue+CCKYUAG1SZF+S/zcPqe3
sk47U14wvdmlTSfQbLTmWLSxPU7hTwdoUouDMBmriEg1ahAE+4gedshisyuSxVIR
RZv9jmpcthNlQ7fKRwunOiXfESuSf4Z0r52KI28CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQDULoW2MnVQssGVpKCMrX9nVSoXDAfBgNVHSMEGDAWgBSSLajp3FVQVhII
CzedHuSQaPD/zTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpMm82ZHhWVUZZU0NBczNuUjdra0dqd184MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvOGJhMWExLWM4NjEtNGY5Yi05ZjRmLWU2MmY1OGM3YzlmNC8x
L0ExQzZGdGpKMVVMTEJsYVNnaksxX1oxVXFGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
OGJhMWExLWM4NjEtNGY5Yi05ZjRmLWU2MmY1OGM3YzlmNC8xL2tpMm82ZHhWVUZZ
U0NBczNuUjdra0dqd184MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlMlDANBgkqhkiG9w0BAQsFAAOC
AQEApFU5yIEfR3Cw/CsFh4vUWdcKB/dVtH++ndCPy5NhhXdDxztTLvloZKraXEvD
wcwmIdSNZpygDgOxMRgIhYV+QzOBDzdwZZUv8CCjBe2D588NNSsHTkNyTYAETryU
1nxqgANVrH4vMxa2FlAMya9zTBHM4RWy4zXb9zdfj8qR0MaQk12TL0+TkvH5u9Pj
9Yhoo66+2/ngsDCGmczOjS2IyerrRjvNhvhymrh2chwMkpv4KRv84nceIHt0sRRz
TsN/rYJcRWnm0IfBmv+lv7WjsSxNGmBGRjo7mDJKqdnzHVq95pNZFgFVAtDRYUuD
zL5HGdIG91ELLb42xNs1XoiqUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:47 2024 by rpki-client on console-fra.rpki-client.org