Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/xJmu2u3zCWDOti2-AMycGrvyjgA.roa
File:                     xJmu2u3zCWDOti2-AMycGrvyjgA.roa (raw, json)
Hash identifier:          AI7qG6BiNkOr3FHYZZWbqBrxTJyad4O+2CQI0bUHB9s=
Subject key identifier:   C4:99:AE:DA:ED:F3:09:60:CE:B6:2D:BE:00:CC:9C:1A:BB:F2:8E:00
Certificate issuer:       /CN=a5e7c6ca7370d90d7924a65d860ec9246f4d38a9
Certificate serial:       0186B0C0A59872903E08AF90E35BF89598B8
Authority key identifier: A5:E7:C6:CA:73:70:D9:0D:79:24:A6:5D:86:0E:C9:24:6F:4D:38:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pefGynNw2Q15JKZdhg7JJG9NOKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/xJmu2u3zCWDOti2-AMycGrvyjgA.roa
Signing time:             Sun 05 Mar 2023 07:51:00 +0000
ROA not before:           Sun 05 Mar 2023 07:51:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        212.24.113.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b0:c0:a5:98:72:90:3e:08:af:90:e3:5b:f8:95:98:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5e7c6ca7370d90d7924a65d860ec9246f4d38a9
        Validity
            Not Before: Mar  5 07:51:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c499aedaedf30960ceb62dbe00cc9c1abbf28e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:22:0a:9b:5b:19:cc:c8:b9:67:ef:51:87:7c:
                    a0:a1:4a:3d:2b:6c:ba:3e:60:17:71:b6:84:cc:38:
                    ea:94:d6:c6:4a:1f:4e:8f:74:e6:8a:24:3e:12:0c:
                    32:f7:c3:76:dd:b5:2c:a6:a9:30:69:77:23:e6:df:
                    71:c1:70:11:76:b1:7e:76:7f:74:9d:be:5b:8b:ed:
                    66:8e:06:ba:cd:2a:ae:f0:fc:0a:22:8b:00:4f:59:
                    4a:5e:79:1f:b9:45:5f:07:89:fc:15:62:f9:d2:c3:
                    da:29:19:22:54:b6:d4:e7:e2:9f:c2:78:56:1f:01:
                    57:ae:ae:cf:4d:ac:1c:44:5d:f6:b5:f7:1a:fd:46:
                    13:59:ec:53:22:da:76:02:1e:4d:dc:9b:53:f0:ea:
                    28:1c:19:cd:54:59:7b:02:8b:c7:d6:06:32:24:bb:
                    56:c0:bf:bc:40:7f:50:6f:a4:e1:ce:47:00:ae:01:
                    87:bb:ba:ff:36:c9:07:c5:da:d1:4f:86:b5:67:33:
                    64:76:56:13:80:34:85:2c:c2:01:a3:1e:20:7d:03:
                    d1:36:c7:87:57:12:ce:93:a8:c0:31:32:f4:51:dc:
                    bd:9d:e6:cc:59:7f:27:eb:d9:ba:6a:83:9a:3a:fa:
                    86:2f:0e:d4:01:00:f0:c3:79:61:c4:6e:53:ed:31:
                    a7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:99:AE:DA:ED:F3:09:60:CE:B6:2D:BE:00:CC:9C:1A:BB:F2:8E:00
            X509v3 Authority Key Identifier:
                keyid:A5:E7:C6:CA:73:70:D9:0D:79:24:A6:5D:86:0E:C9:24:6F:4D:38:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pefGynNw2Q15JKZdhg7JJG9NOKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/xJmu2u3zCWDOti2-AMycGrvyjgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/09e16e-3b3e-4ccb-886e-9891b328ed4a/1/pefGynNw2Q15JKZdhg7JJG9NOKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.24.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:ce:42:1c:c3:3b:ba:02:47:40:ab:e7:10:c6:75:96:1b:e7:
         71:e1:c1:3b:d2:c4:69:5b:b0:38:ac:e8:93:50:9a:32:aa:f0:
         77:67:da:14:3e:3c:7a:48:88:b6:de:ab:44:39:5b:14:ab:82:
         94:5f:35:0e:27:d7:41:92:97:37:40:20:15:1a:53:66:9b:5e:
         ce:30:71:7c:ff:d9:69:47:10:cf:26:55:5b:00:65:68:e2:9a:
         dd:84:9c:c4:0e:6f:fc:e1:c6:7e:7b:49:b0:6f:5a:c3:29:45:
         fe:a0:37:93:fb:0d:cd:c4:43:ef:ac:2b:bd:89:c5:62:86:80:
         e9:e9:a4:7f:b7:c5:13:38:2d:7a:2c:f9:86:09:53:a0:1d:d0:
         3c:16:5e:95:c9:6e:a9:04:99:ed:1e:9f:48:22:bf:6c:06:4f:
         7c:6c:54:83:bd:8c:38:7e:f1:43:8b:85:23:68:a2:5f:44:68:
         c0:6a:bf:f3:3c:16:f6:69:bc:7f:31:16:6f:d1:04:99:bb:83:
         1a:0b:09:12:62:f1:25:ab:c9:a3:07:63:d0:93:09:35:59:5a:
         63:4d:e0:d9:46:de:09:3c:7c:f6:72:f1:74:14:9d:df:57:b3:
         37:01:a9:3e:1e:b7:cb:71:65:a7:27:68:8e:b5:54:a4:2b:3b:
         cc:2a:0b:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYawwKWYcpA+CK+Q41v4lZi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZTdjNmNhNzM3MGQ5MGQ3OTI0YTY1ZDg2MGVjOTI0NmY0
ZDM4YTkwHhcNMjMwMzA1MDc1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk5YWVkYWVkZjMwOTYwY2ViNjJkYmUwMGNjOWMxYWJiZjI4ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSIKm1sZzMi5Z+9Rh3ygoUo9K2y6
PmAXcbaEzDjqlNbGSh9Oj3TmiiQ+Egwy98N23bUspqkwaXcj5t9xwXARdrF+dn90
nb5bi+1mjga6zSqu8PwKIosAT1lKXnkfuUVfB4n8FWL50sPaKRkiVLbU5+KfwnhW
HwFXrq7PTawcRF32tfca/UYTWexTItp2Ah5N3JtT8OooHBnNVFl7AovH1gYyJLtW
wL+8QH9Qb6ThzkcArgGHu7r/NskHxdrRT4a1ZzNkdlYTgDSFLMIBox4gfQPRNseH
VxLOk6jAMTL0Udy9nebMWX8n69m6aoOaOvqGLw7UAQDww3lhxG5T7TGnsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSZrtrt8wlgzrYtvgDMnBq78o4AMB8GA1UdIwQY
MBaAFKXnxspzcNkNeSSmXYYOySRvTTipMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGVmR3luTncyUTE1SktaZGhnN0pKRzlOT0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wOWUxNmUtM2IzZS00Y2NiLTg4NmUt
OTg5MWIzMjhlZDRhLzEveEptdTJ1M3pDV0RPdGkyLUFNeWNHcnZ5amdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wOWUxNmUtM2IzZS00Y2NiLTg4NmUtOTg5MWIzMjhlZDRh
LzEvcGVmR3luTncyUTE1SktaZGhnN0pKRzlOT0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BhxMA0G
CSqGSIb3DQEBCwUAA4IBAQAhzkIcwzu6AkdAq+cQxnWWG+dx4cE70sRpW7A4rOiT
UJoyqvB3Z9oUPjx6SIi23qtEOVsUq4KUXzUOJ9dBkpc3QCAVGlNmm17OMHF8/9lp
RxDPJlVbAGVo4prdhJzEDm/84cZ+e0mwb1rDKUX+oDeT+w3NxEPvrCu9icVihoDp
6aR/t8UTOC16LPmGCVOgHdA8Fl6VyW6pBJntHp9IIr9sBk98bFSDvYw4fvFDi4Uj
aKJfRGjAar/zPBb2abx/MRZv0QSZu4MaCwkSYvElq8mjB2PQkwk1WVpjTeDZRt4J
PHz2cvF0FJ3fV7M3Aak+HrfLcWWnJ2iOtVSkKzvMKgux
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:27 2024 by rpki-client on console-fra.rpki-client.org