Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/aff364-9d53-44c7-ae8e-1a106213d444/1/VDK8PwCTZQPJ5CRFU0bF9IvChzo.roa
File:                     VDK8PwCTZQPJ5CRFU0bF9IvChzo.roa (raw, json)
Hash identifier:          g/KCA8jIK6bKesN9VfkF5JJUu24Pn+31v0UsqJ8PIKo=
Subject key identifier:   54:32:BC:3F:00:93:65:03:C9:E4:24:45:53:46:C5:F4:8B:C2:87:3A
Certificate issuer:       /CN=ecaa5ed7276a6c61cdaf3d38776acf9c24981415
Certificate serial:       018CC87145FF2D8696125E53D300846AA439
Authority key identifier: EC:AA:5E:D7:27:6A:6C:61:CD:AF:3D:38:77:6A:CF:9C:24:98:14:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7Kpe1ydqbGHNrz04d2rPnCSYFBU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/aff364-9d53-44c7-ae8e-1a106213d444/1/VDK8PwCTZQPJ5CRFU0bF9IvChzo.roa
Signing time:             Tue 02 Jan 2024 04:31:55 +0000
ROA not before:           Tue 02 Jan 2024 04:31:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57783
IP address blocks:        195.43.134.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:45:ff:2d:86:96:12:5e:53:d3:00:84:6a:a4:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecaa5ed7276a6c61cdaf3d38776acf9c24981415
        Validity
            Not Before: Jan  2 04:31:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5432bc3f00936503c9e424455346c5f48bc2873a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2f:29:2a:97:5c:79:9e:8a:14:55:e3:b3:31:
                    c2:62:9c:1f:36:ae:9b:bd:64:6d:04:b7:dd:4b:7f:
                    7c:50:71:22:ad:73:cf:55:c2:88:ed:e6:2c:07:2b:
                    96:c2:bc:77:20:a1:70:05:4b:19:5c:fc:82:bb:b5:
                    8b:2c:c1:64:1b:16:4c:89:95:a1:0c:97:57:93:6b:
                    62:f9:df:f4:ca:3d:1a:72:e0:a0:4f:3a:f0:e4:b7:
                    43:c2:78:50:d5:4e:02:03:eb:ca:19:d1:b6:9a:04:
                    4c:65:51:93:d2:b4:cd:36:95:7f:6e:17:3e:ec:29:
                    55:46:dd:ce:93:2f:e5:db:e2:b9:20:bd:d3:65:11:
                    47:67:b5:5c:e7:c0:d2:e1:d0:52:b3:fd:cf:6a:68:
                    55:e6:9d:69:78:82:3e:93:1b:7e:4f:3e:dc:e8:97:
                    1c:eb:80:ee:f0:52:31:62:e5:29:14:d7:62:1c:4f:
                    48:a2:73:7b:aa:73:57:3b:91:55:cf:18:b9:39:44:
                    65:ac:13:06:a0:e3:08:a7:ec:8e:68:1f:fb:f8:79:
                    37:46:53:3d:45:33:91:7a:d1:e4:dc:86:00:30:9a:
                    1e:28:59:bb:0b:6c:a0:a9:70:ae:0e:fc:a9:6d:fb:
                    69:67:f5:af:be:2e:9a:b5:3c:a6:b5:98:4f:53:fa:
                    71:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:32:BC:3F:00:93:65:03:C9:E4:24:45:53:46:C5:F4:8B:C2:87:3A
            X509v3 Authority Key Identifier:
                keyid:EC:AA:5E:D7:27:6A:6C:61:CD:AF:3D:38:77:6A:CF:9C:24:98:14:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Kpe1ydqbGHNrz04d2rPnCSYFBU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aff364-9d53-44c7-ae8e-1a106213d444/1/VDK8PwCTZQPJ5CRFU0bF9IvChzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/aff364-9d53-44c7-ae8e-1a106213d444/1/7Kpe1ydqbGHNrz04d2rPnCSYFBU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.43.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:3e:75:b1:ad:3f:9c:d4:1e:db:8e:fb:06:5b:fd:a4:c2:77:
         6e:f5:2c:c4:74:bb:13:d1:8f:da:e7:ab:73:20:f8:ec:aa:cd:
         a0:06:1e:b8:ed:ed:fa:9f:cf:af:9e:d8:fd:83:20:07:7d:e9:
         01:f2:d8:73:fb:ad:86:a1:d4:a2:e6:7d:3f:b9:8d:5d:0b:a8:
         a7:c0:c6:ba:5f:a1:b9:4e:82:7a:40:ec:fa:d7:df:9b:ae:8d:
         f2:8b:2a:5c:c4:15:07:aa:27:23:e1:cc:76:18:39:ea:2f:2b:
         f4:47:64:0f:63:8b:b8:4b:b0:72:20:e9:b2:e3:10:b5:77:42:
         9a:a2:15:61:4c:4b:ce:70:93:e5:3a:fd:16:e6:14:c0:80:e3:
         7e:31:77:ae:e5:bc:d1:b1:7a:62:6f:96:c3:46:39:13:b7:a3:
         05:33:5d:03:b3:5f:00:3b:5d:48:97:d3:34:94:50:b5:b6:72:
         ab:73:7f:8c:77:3e:c2:99:67:4c:ab:2e:14:42:85:9c:1c:c7:
         0b:8e:54:9c:4d:cb:08:5b:50:8a:67:56:96:1b:1b:66:40:42:
         3e:1a:ac:8d:33:f1:69:01:0a:0e:35:29:a7:f5:08:7e:20:1d:
         8f:57:f8:63:ef:4b:a3:73:6d:7f:d1:b2:43:a3:b7:cc:b9:41:
         1f:2a:9b:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcUX/LYaWEl5T0wCEaqQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYWE1ZWQ3Mjc2YTZjNjFjZGFmM2QzODc3NmFjZjljMjQ5
ODE0MTUwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDMyYmMzZjAwOTM2NTAzYzllNDI0NDU1MzQ2YzVmNDhiYzI4NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy8pKpdceZ6KFFXjszHCYpwfNq6b
vWRtBLfdS398UHEirXPPVcKI7eYsByuWwrx3IKFwBUsZXPyCu7WLLMFkGxZMiZWh
DJdXk2ti+d/0yj0acuCgTzrw5LdDwnhQ1U4CA+vKGdG2mgRMZVGT0rTNNpV/bhc+
7ClVRt3Oky/l2+K5IL3TZRFHZ7Vc58DS4dBSs/3PamhV5p1peII+kxt+Tz7c6Jcc
64Du8FIxYuUpFNdiHE9IonN7qnNXO5FVzxi5OURlrBMGoOMIp+yOaB/7+Hk3RlM9
RTORetHk3IYAMJoeKFm7C2ygqXCuDvypbftpZ/Wvvi6atTymtZhPU/px9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQyvD8Ak2UDyeQkRVNGxfSLwoc6MB8GA1UdIwQY
MBaAFOyqXtcnamxhza89OHdqz5wkmBQVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0twZTF5ZHFiR0hOcnowNGQyclBuQ1NZRkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hZmYzNjQtOWQ1My00NGM3LWFlOGUt
MWExMDYyMTNkNDQ0LzEvVkRLOFB3Q1RaUVBKNUNSRlUwYkY5SXZDaHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9hZmYzNjQtOWQ1My00NGM3LWFlOGUtMWExMDYyMTNkNDQ0
LzEvN0twZTF5ZHFiR0hOcnowNGQyclBuQ1NZRkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuGMA0G
CSqGSIb3DQEBCwUAA4IBAQAePnWxrT+c1B7bjvsGW/2kwndu9SzEdLsT0Y/a56tz
IPjsqs2gBh647e36n8+vntj9gyAHfekB8thz+62GodSi5n0/uY1dC6inwMa6X6G5
ToJ6QOz619+bro3yiypcxBUHqicj4cx2GDnqLyv0R2QPY4u4S7ByIOmy4xC1d0Ka
ohVhTEvOcJPlOv0W5hTAgON+MXeu5bzRsXpib5bDRjkTt6MFM10Ds18AO11Il9M0
lFC1tnKrc3+Mdz7CmWdMqy4UQoWcHMcLjlScTcsIW1CKZ1aWGxtmQEI+GqyNM/Fp
AQoONSmn9Qh+IB2PV/hj70ujc21/0bJDo7fMuUEfKpuk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:55 2024 by rpki-client on console-ams.rpki-client.org