Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/OsWB95sZbfV7L7bEf7kO-Rw_37s.roa
File:                     OsWB95sZbfV7L7bEf7kO-Rw_37s.roa (raw, json)
Hash identifier:          ax895pR1tiZ64idrgsDKVOoWUm03Sb2ktcWETmm4gTE=
Subject key identifier:   3A:C5:81:F7:9B:19:6D:F5:7B:2F:B6:C4:7F:B9:0E:F9:1C:3F:DF:BB
Certificate issuer:       /CN=43a0adb5b3c4c3b8fa690d1e77f060b371e73646
Certificate serial:       01857015268309E2F30F076E6C5E9B35CF16
Authority key identifier: 43:A0:AD:B5:B3:C4:C3:B8:FA:69:0D:1E:77:F0:60:B3:71:E7:36:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/OsWB95sZbfV7L7bEf7kO-Rw_37s.roa
Signing time:             Mon 02 Jan 2023 01:25:12 +0000
ROA not before:           Mon 02 Jan 2023 01:25:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208226
IP address blocks:        185.248.33.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:26:83:09:e2:f3:0f:07:6e:6c:5e:9b:35:cf:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43a0adb5b3c4c3b8fa690d1e77f060b371e73646
        Validity
            Not Before: Jan  2 01:25:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ac581f79b196df57b2fb6c47fb90ef91c3fdfbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ff:2f:bc:d2:3a:6d:1c:66:c0:f4:d0:8a:47:
                    f1:7f:2d:9f:cc:bc:46:ad:3a:0e:46:8c:e7:65:30:
                    58:13:3f:0d:f7:7d:86:2b:41:fb:ee:6a:64:be:32:
                    56:4f:d2:fc:42:25:07:fb:f6:f6:42:bf:96:79:16:
                    5f:2c:ef:da:06:38:1c:0f:26:f1:80:4a:50:ca:3f:
                    05:06:5e:2b:70:55:9c:d8:bd:07:17:71:56:21:0f:
                    b0:8a:50:81:a7:91:2c:36:d1:5d:7c:e8:c1:cf:1c:
                    43:54:4b:07:45:7f:33:69:fd:f0:d4:63:71:ad:d9:
                    b2:cd:73:21:1d:d9:01:aa:e7:c5:73:59:9c:a5:ab:
                    e0:b2:6c:a7:de:4e:06:d4:78:48:c2:09:48:66:2a:
                    99:db:39:d0:46:67:f2:76:00:27:0d:3f:19:5e:67:
                    3a:07:82:91:a3:27:3a:f8:75:e1:28:a7:2a:21:44:
                    c2:1b:df:67:db:83:9b:61:e0:65:af:2e:6c:38:c9:
                    52:a8:c4:1e:80:e9:f1:28:36:ca:47:3f:7a:23:6c:
                    57:10:b0:52:0c:86:de:2b:e5:e3:65:07:10:38:a5:
                    13:0f:a3:d6:36:f8:bb:76:30:b7:46:ed:eb:6a:99:
                    ed:9f:cd:54:5e:3f:af:7c:5e:4e:1d:b4:65:4e:7b:
                    41:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C5:81:F7:9B:19:6D:F5:7B:2F:B6:C4:7F:B9:0E:F9:1C:3F:DF:BB
            X509v3 Authority Key Identifier:
                keyid:43:A0:AD:B5:B3:C4:C3:B8:FA:69:0D:1E:77:F0:60:B3:71:E7:36:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/OsWB95sZbfV7L7bEf7kO-Rw_37s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:76:25:38:d0:32:f8:12:d1:b8:b4:34:83:85:dd:53:44:74:
         8d:d1:78:9f:ff:7e:b2:45:77:42:e4:c1:e6:00:60:4b:da:8d:
         94:bf:3a:17:00:b1:8d:56:2f:d0:2d:d3:7c:25:4d:ee:2e:2e:
         e9:13:de:a2:95:e5:98:6b:f8:03:3d:8f:2a:dc:8c:79:46:4e:
         4f:77:36:7f:e8:6e:46:4e:65:1d:63:e4:07:05:93:01:69:9b:
         7c:93:7e:4e:61:6b:ff:99:ee:39:cb:91:7c:5c:8d:df:d6:da:
         11:1c:3c:6b:a7:8d:3d:85:58:58:b1:f9:21:c0:74:50:51:f7:
         86:5d:86:3a:cb:a8:90:7a:a1:f8:0f:e8:09:ef:91:a2:ea:d5:
         2b:b3:ab:a6:69:a9:8d:b9:61:45:af:58:f0:0c:bb:4b:84:d6:
         de:a4:c4:7d:92:52:21:d5:ef:34:f1:71:f1:8e:dd:4e:24:a0:
         cc:a3:05:37:a0:05:b5:ff:a7:1c:55:bc:5a:8f:74:3e:56:2d:
         28:09:77:d3:d2:47:fd:67:c3:61:2f:c0:e8:b9:d2:95:df:0b:
         99:95:52:93:1f:84:ec:d0:ee:6b:4e:02:4d:79:ff:02:a3:0e:
         e9:65:9e:7a:fc:6a:47:f3:d9:26:d5:bb:56:c0:c3:3d:d6:b8:
         3e:34:08:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFSaDCeLzDwdubF6bNc8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYTBhZGI1YjNjNGMzYjhmYTY5MGQxZTc3ZjA2MGIzNzFl
NzM2NDYwHhcNMjMwMTAyMDEyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM1ODFmNzliMTk2ZGY1N2IyZmI2YzQ3ZmI5MGVmOTFjM2ZkZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/8vvNI6bRxmwPTQikfxfy2fzLxG
rToORoznZTBYEz8N932GK0H77mpkvjJWT9L8QiUH+/b2Qr+WeRZfLO/aBjgcDybx
gEpQyj8FBl4rcFWc2L0HF3FWIQ+wilCBp5EsNtFdfOjBzxxDVEsHRX8zaf3w1GNx
rdmyzXMhHdkBqufFc1mcpavgsmyn3k4G1HhIwglIZiqZ2znQRmfydgAnDT8ZXmc6
B4KRoyc6+HXhKKcqIUTCG99n24ObYeBlry5sOMlSqMQegOnxKDbKRz96I2xXELBS
DIbeK+XjZQcQOKUTD6PWNvi7djC3Ru3rapntn81UXj+vfF5OHbRlTntBQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrFgfebGW31ey+2xH+5DvkcP9+7MB8GA1UdIwQY
MBaAFEOgrbWzxMO4+mkNHnfwYLNx5zZGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZDdHRiUEV3N2o2YVEwZWRfQmdzM0huTmtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9lYWE3Y2UtMGRmMS00N2YxLWJiODEt
ZDNkYzc1MjJlMDhkLzEvT3NXQjk1c1piZlY3TDdiRWY3a08tUndfMzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9lYWE3Y2UtMGRmMS00N2YxLWJiODEtZDNkYzc1MjJlMDhk
LzEvUTZDdHRiUEV3N2o2YVEwZWRfQmdzM0huTmtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufghMA0G
CSqGSIb3DQEBCwUAA4IBAQCNdiU40DL4EtG4tDSDhd1TRHSN0Xif/36yRXdC5MHm
AGBL2o2UvzoXALGNVi/QLdN8JU3uLi7pE96ileWYa/gDPY8q3Ix5Rk5PdzZ/6G5G
TmUdY+QHBZMBaZt8k35OYWv/me45y5F8XI3f1toRHDxrp409hVhYsfkhwHRQUfeG
XYY6y6iQeqH4D+gJ75Gi6tUrs6umaamNuWFFr1jwDLtLhNbepMR9klIh1e808XHx
jt1OJKDMowU3oAW1/6ccVbxaj3Q+Vi0oCXfT0kf9Z8NhL8DoudKV3wuZlVKTH4Ts
0O5rTgJNef8Cow7pZZ56/GpH89km1btWwMM91rg+NAin
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:17 2024 by rpki-client on console-ams.rpki-client.org