Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/sD_qVmyko7BITFMhKS8gnNf54Pk.roa
File:                     sD_qVmyko7BITFMhKS8gnNf54Pk.roa (raw, json)
Hash identifier:          0pP7+kV68EtTgIsytqPIngN02xBeCDMvKiUFZAOfoxQ=
Subject key identifier:   B0:3F:EA:56:6C:A4:A3:B0:48:4C:53:21:29:2F:20:9C:D7:F9:E0:F9
Certificate issuer:       /CN=43a0adb5b3c4c3b8fa690d1e77f060b371e73646
Certificate serial:       029F79DF
Authority key identifier: 43:A0:AD:B5:B3:C4:C3:B8:FA:69:0D:1E:77:F0:60:B3:71:E7:36:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/sD_qVmyko7BITFMhKS8gnNf54Pk.roa
Signing time:             Sat 01 Jan 2022 12:04:48 +0000
ROA not before:           Sat 01 Jan 2022 12:04:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     208226
IP address blocks:        185.248.33.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44005855 (0x29f79df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43a0adb5b3c4c3b8fa690d1e77f060b371e73646
        Validity
            Not Before: Jan  1 12:04:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b03fea566ca4a3b0484c5321292f209cd7f9e0f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a0:05:c3:e8:cd:94:0b:38:36:a0:79:aa:e6:
                    7d:16:f5:0e:cc:d1:ec:7e:21:e5:72:f2:22:f6:17:
                    44:88:22:a1:1d:5a:6c:93:e0:23:2e:56:82:21:c5:
                    01:a0:4b:56:fe:f4:97:6f:91:16:92:e3:34:8f:23:
                    00:93:6b:d6:23:34:ef:df:79:2d:6b:1d:a4:0a:66:
                    fe:5f:fb:1c:36:da:4c:d5:d6:d9:81:4d:9c:6f:34:
                    47:28:c5:52:4c:f7:03:e4:d7:21:4b:3e:7d:da:89:
                    d6:30:ae:34:8d:fb:99:60:5f:e2:2b:84:33:41:5f:
                    17:47:a7:17:09:b4:a5:15:9f:b4:01:a8:43:75:2f:
                    66:42:c6:1c:50:02:82:51:1d:81:d4:f3:8d:f0:25:
                    a2:be:f8:08:9b:e4:86:75:75:2b:4a:98:2d:64:0d:
                    fc:f2:6b:ae:2c:fb:68:ce:b8:8f:5d:ed:1b:67:8d:
                    bf:6e:b2:c1:80:2b:e7:3d:56:b2:3c:2d:c8:01:b8:
                    56:bc:b6:21:f9:92:8e:e3:59:55:16:34:1d:4a:fa:
                    99:bc:c0:58:a7:4a:ed:52:4e:dc:c7:00:e3:13:c7:
                    32:b9:19:15:c4:d4:39:7b:24:a4:10:db:54:c8:81:
                    f1:4b:7d:35:24:ac:67:73:58:4b:95:19:1f:cf:70:
                    34:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:3F:EA:56:6C:A4:A3:B0:48:4C:53:21:29:2F:20:9C:D7:F9:E0:F9
            X509v3 Authority Key Identifier:
                keyid:43:A0:AD:B5:B3:C4:C3:B8:FA:69:0D:1E:77:F0:60:B3:71:E7:36:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/sD_qVmyko7BITFMhKS8gnNf54Pk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eaa7ce-0df1-47f1-bb81-d3dc7522e08d/1/Q6CttbPEw7j6aQ0ed_Bgs3HnNkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:df:20:1e:ce:28:ea:3b:07:4b:88:25:22:fd:63:7a:a7:d9:
         06:16:81:c2:cc:bb:47:bb:5b:07:c2:dc:69:b9:59:62:65:77:
         64:5b:4a:24:4c:8e:c9:5f:ae:51:c5:4f:37:4c:5c:b4:24:a8:
         cb:a8:bd:25:eb:30:b2:40:2d:4c:c5:f6:82:c6:f4:0d:af:47:
         2d:f4:aa:49:b0:4f:a3:c9:a7:77:62:5b:14:f5:6b:44:ee:09:
         47:25:bc:32:1d:44:37:5d:14:08:d7:3b:4c:5b:16:5e:12:27:
         4a:0b:ad:93:00:9e:b1:c7:ec:2f:37:76:35:c3:34:68:38:f9:
         3b:d8:43:9a:53:b8:a5:87:c6:cc:5e:19:da:e3:7f:1e:49:e9:
         cf:60:22:0f:c8:d6:4e:b6:7c:ed:72:57:26:41:00:81:1d:e6:
         32:5c:7f:bb:04:59:4f:69:20:2c:80:7e:67:e1:f7:b1:a8:f5:
         69:61:29:56:5d:2c:cc:10:45:a9:44:81:69:37:f5:2c:a7:b1:
         0c:be:1b:3b:d8:b4:c9:79:3c:59:33:61:68:f6:fe:44:75:07:
         b0:20:b0:df:7b:6c:d4:b7:a3:c1:c4:31:b0:24:68:50:89:2b:
         e8:02:15:e6:d8:de:d5:29:b2:6f:d7:fe:e6:d3:ce:f8:02:ee:
         99:5d:3d:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAp953zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2EwYWRiNWIzYzRjM2I4ZmE2OTBkMWU3N2YwNjBiMzcxZTczNjQ2MB4XDTIyMDEw
MTEyMDQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAzZmVhNTY2Y2E0
YTNiMDQ4NGM1MzIxMjkyZjIwOWNkN2Y5ZTBmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKigBcPozZQLODagearmfRb1DszR7H4h5XLyIvYXRIgioR1a
bJPgIy5WgiHFAaBLVv70l2+RFpLjNI8jAJNr1iM07995LWsdpApm/l/7HDbaTNXW
2YFNnG80RyjFUkz3A+TXIUs+fdqJ1jCuNI37mWBf4iuEM0FfF0enFwm0pRWftAGo
Q3UvZkLGHFACglEdgdTzjfAlor74CJvkhnV1K0qYLWQN/PJrriz7aM64j13tG2eN
v26ywYAr5z1WsjwtyAG4Vry2IfmSjuNZVRY0HUr6mbzAWKdK7VJO3McA4xPHMrkZ
FcTUOXskpBDbVMiB8Ut9NSSsZ3NYS5UZH89wNA0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSwP+pWbKSjsEhMUyEpLyCc1/ng+TAfBgNVHSMEGDAWgBRDoK21s8TDuPpp
DR538GCzcec2RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E2Q3R0YlBFdzdqNmFRMGVkX0JnczNIbk5rWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvZWFhN2NlLTBkZjEtNDdmMS1iYjgxLWQzZGM3NTIyZTA4ZC8x
L3NEX3FWbXlrbzdCSVRGTWhLUzhnbk5mNTRQay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
ZWFhN2NlLTBkZjEtNDdmMS1iYjgxLWQzZGM3NTIyZTA4ZC8xL1E2Q3R0YlBFdzdq
NmFRMGVkX0JnczNIbk5rWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn4ITANBgkqhkiG9w0BAQsFAAOC
AQEAa98gHs4o6jsHS4glIv1jeqfZBhaBwsy7R7tbB8LcablZYmV3ZFtKJEyOyV+u
UcVPN0xctCSoy6i9JeswskAtTMX2gsb0Da9HLfSqSbBPo8mnd2JbFPVrRO4JRyW8
Mh1EN10UCNc7TFsWXhInSgutkwCescfsLzd2NcM0aDj5O9hDmlO4pYfGzF4Z2uN/
Hknpz2AiD8jWTrZ87XJXJkEAgR3mMlx/uwRZT2kgLIB+Z+H3saj1aWEpVl0szBBF
qUSBaTf1LKexDL4bO9i0yXk8WTNhaPb+RHUHsCCw33ts1LejwcQxsCRoUIkr6AIV
5tje1Smyb9f+5tPO+ALumV09eg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:51 2023 by rpki-client on console-fra.rpki-client.org