Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/1c47e3-3883-4884-b6d6-2a79a9ca2f41/1/2PKBtGOLk_Vb2TyXSgOnIQFP2Tk.roa
File:                     2PKBtGOLk_Vb2TyXSgOnIQFP2Tk.roa (raw, json)
Hash identifier:          E0i/SLhmd3bHxdBeyBLTiCbUEIC7d3+E/0Z2DyhTWzQ=
Subject key identifier:   D8:F2:81:B4:63:8B:93:F5:5B:D9:3C:97:4A:03:A7:21:01:4F:D9:39
Certificate issuer:       /CN=103279df905d71d2b1af15c5abf28f66ab019a2d
Certificate serial:       01856EC217F8650D0C0752B1406893B979E0
Authority key identifier: 10:32:79:DF:90:5D:71:D2:B1:AF:15:C5:AB:F2:8F:66:AB:01:9A:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDJ535BdcdKxrxXFq_KPZqsBmi0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/1c47e3-3883-4884-b6d6-2a79a9ca2f41/1/2PKBtGOLk_Vb2TyXSgOnIQFP2Tk.roa
Signing time:             Sun 01 Jan 2023 19:14:51 +0000
ROA not before:           Sun 01 Jan 2023 19:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42765
IP address blocks:        171.25.164.0/22 maxlen: 22
                          91.204.148.0/22 maxlen: 22
                          91.233.168.0/22 maxlen: 22
                          213.108.208.0/21 maxlen: 21

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c2:17:f8:65:0d:0c:07:52:b1:40:68:93:b9:79:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=103279df905d71d2b1af15c5abf28f66ab019a2d
        Validity
            Not Before: Jan  1 19:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8f281b4638b93f55bd93c974a03a721014fd939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:04:5e:4f:7e:f4:f5:79:53:36:c0:98:5c:4b:
                    89:d1:a6:dd:f8:37:eb:9c:d9:b0:18:16:c7:3e:ff:
                    f2:f3:0d:7a:11:d4:f8:a0:85:46:20:02:f9:49:f3:
                    2d:74:e4:27:86:12:83:1c:89:ca:da:0d:04:84:6a:
                    f1:70:e3:ba:89:c1:84:40:e4:70:5b:5b:21:48:77:
                    66:83:13:bf:a9:f5:5a:da:2b:f1:8a:bb:4c:35:a9:
                    59:33:a3:c0:18:9f:ae:b5:b6:58:05:9f:28:9c:5f:
                    09:5a:23:d2:4d:4b:61:95:b1:23:35:a8:97:97:6b:
                    3d:4e:67:f4:60:f3:2f:62:67:56:17:c1:d7:7a:b9:
                    27:67:aa:4b:19:e4:e4:49:00:8e:b7:e7:bd:6e:8f:
                    74:a1:d6:cd:b8:f0:6b:12:47:2e:83:8c:86:cc:68:
                    77:b9:81:4c:5e:e8:c5:85:ad:56:70:60:be:f9:15:
                    ef:91:b4:53:c7:53:27:89:47:3e:11:bb:0f:b7:77:
                    58:1a:49:91:e0:f7:5b:9d:13:ec:28:eb:cd:2f:0e:
                    2f:f6:4f:39:89:b8:69:da:9c:73:75:e7:65:a9:56:
                    c6:23:45:fd:7a:db:c5:ac:02:6b:5f:42:4a:02:65:
                    4d:05:98:1e:87:20:6e:d9:40:74:7a:bb:91:30:91:
                    01:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:F2:81:B4:63:8B:93:F5:5B:D9:3C:97:4A:03:A7:21:01:4F:D9:39
            X509v3 Authority Key Identifier:
                keyid:10:32:79:DF:90:5D:71:D2:B1:AF:15:C5:AB:F2:8F:66:AB:01:9A:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDJ535BdcdKxrxXFq_KPZqsBmi0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1c47e3-3883-4884-b6d6-2a79a9ca2f41/1/2PKBtGOLk_Vb2TyXSgOnIQFP2Tk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1c47e3-3883-4884-b6d6-2a79a9ca2f41/1/EDJ535BdcdKxrxXFq_KPZqsBmi0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.204.148.0/22
                  91.233.168.0/22
                  171.25.164.0/22
                  213.108.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         34:f8:eb:74:a3:fd:7a:36:c0:29:08:76:3d:9a:fb:17:0a:66:
         4d:9a:86:28:06:60:df:86:d9:b8:40:b7:16:54:38:45:35:76:
         67:6f:99:b2:ce:c1:70:cd:db:c5:c1:56:00:b3:b5:be:cd:8c:
         3d:2f:6f:7d:a9:bf:19:29:7c:d3:a9:c5:74:fa:14:18:23:79:
         3d:4a:7d:78:ce:ae:f9:53:82:a6:b1:45:4b:3f:53:67:9c:cb:
         86:f6:20:7d:63:cb:b0:7e:a3:20:15:98:50:3e:e4:12:e1:ce:
         e4:81:8e:f7:5b:28:d1:5d:7c:38:38:1e:e9:49:2d:6b:88:91:
         fd:e1:6b:6f:49:12:7b:d6:e1:6f:df:2a:48:c1:e4:4b:7d:90:
         9a:1e:62:8c:a0:7d:04:14:97:b3:1d:c9:62:2d:21:bc:dd:93:
         9e:76:28:ba:fe:6d:76:38:30:26:b3:d0:46:6c:34:92:22:86:
         7a:9d:39:e4:20:89:c9:69:f2:72:0e:66:66:40:6e:92:33:1d:
         75:f2:7e:59:77:b2:8b:49:df:e9:9f:df:54:a7:48:eb:62:17:
         fe:d5:15:a0:40:ee:e6:a9:cf:55:c5:d8:69:27:88:b4:ff:99:
         c8:ca:c9:59:f8:e1:69:2d:71:b9:25:1d:09:74:5d:b6:61:06:
         7e:a7:a6:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuwhf4ZQ0MB1KxQGiTuXngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzI3OWRmOTA1ZDcxZDJiMWFmMTVjNWFiZjI4ZjY2YWIw
MTlhMmQwHhcNMjMwMTAxMTkxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGYyODFiNDYzOGI5M2Y1NWJkOTNjOTc0YTAzYTcyMTAxNGZkOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgReT3709XlTNsCYXEuJ0abd+Dfr
nNmwGBbHPv/y8w16EdT4oIVGIAL5SfMtdOQnhhKDHInK2g0EhGrxcOO6icGEQORw
W1shSHdmgxO/qfVa2ivxirtMNalZM6PAGJ+utbZYBZ8onF8JWiPSTUthlbEjNaiX
l2s9Tmf0YPMvYmdWF8HXerknZ6pLGeTkSQCOt+e9bo90odbNuPBrEkcug4yGzGh3
uYFMXujFha1WcGC++RXvkbRTx1MniUc+EbsPt3dYGkmR4PdbnRPsKOvNLw4v9k85
ibhp2pxzdedlqVbGI0X9etvFrAJrX0JKAmVNBZgehyBu2UB0eruRMJEBswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNjygbRji5P1W9k8l0oDpyEBT9k5MB8GA1UdIwQY
MBaAFBAyed+QXXHSsa8Vxavyj2arAZotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURKNTM1QmRjZEt4cnhYRnFfS1BacXNCbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xYzQ3ZTMtMzg4My00ODg0LWI2ZDYt
MmE3OWE5Y2EyZjQxLzEvMlBLQnRHT0xrX1ZiMlR5WFNnT25JUUZQMlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xYzQ3ZTMtMzg4My00ODg0LWI2ZDYtMmE3OWE5Y2EyZjQx
LzEvRURKNTM1QmRjZEt4cnhYRnFfS1BacXNCbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8yUAwQC
W+moAwQCqxmkAwQD1WzQMA0GCSqGSIb3DQEBCwUAA4IBAQA0+Ot0o/16NsApCHY9
mvsXCmZNmoYoBmDfhtm4QLcWVDhFNXZnb5myzsFwzdvFwVYAs7W+zYw9L299qb8Z
KXzTqcV0+hQYI3k9Sn14zq75U4KmsUVLP1NnnMuG9iB9Y8uwfqMgFZhQPuQS4c7k
gY73WyjRXXw4OB7pSS1riJH94WtvSRJ71uFv3ypIweRLfZCaHmKMoH0EFJezHcli
LSG83ZOedii6/m12ODAms9BGbDSSIoZ6nTnkIInJafJyDmZmQG6SMx118n5Zd7KL
Sd/pn99Up0jrYhf+1RWgQO7mqc9VxdhpJ4i0/5nIyslZ+OFpLXG5JR0JdF22YQZ+
p6a+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org