Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/IIMJec5kHU2XdZXmoAl_oUTahD8.roa
File:                     IIMJec5kHU2XdZXmoAl_oUTahD8.roa (raw, json)
Hash identifier:          AnABvb2vtcDsm4ToDcYyTaqPU5WjL6f7bQAfrx4GjBM=
Subject key identifier:   20:83:09:79:CE:64:1D:4D:97:75:95:E6:A0:09:7F:A1:44:DA:84:3F
Certificate issuer:       /CN=231d9096ef96ec16cb0ae68aa39671051f4f285a
Certificate serial:       01069884
Authority key identifier: 23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/IIMJec5kHU2XdZXmoAl_oUTahD8.roa
Signing time:             Sat 01 Jan 2022 06:57:24 +0000
ROA not before:           Sat 01 Jan 2022 06:57:24 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     48715
IP address blocks:        185.234.14.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17209476 (0x1069884)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=231d9096ef96ec16cb0ae68aa39671051f4f285a
        Validity
            Not Before: Jan  1 06:57:24 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=20830979ce641d4d977595e6a0097fa144da843f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a6:d6:df:41:37:a9:61:fd:ae:af:5a:83:1e:
                    db:a2:cb:93:db:46:29:66:d6:72:80:ba:2b:f5:11:
                    70:6f:5e:c1:f5:79:48:7e:6b:18:d3:ce:c2:17:0e:
                    4b:24:50:d4:56:75:8b:dd:f4:14:ea:4a:ba:b6:10:
                    07:1c:fd:b8:89:86:ed:86:f7:12:a4:14:88:05:70:
                    dd:a0:93:e6:55:96:ab:2c:2f:02:1c:be:a8:d8:b4:
                    54:28:c1:5d:97:20:1d:c6:fa:d1:e1:18:6f:7a:d3:
                    bd:f6:eb:7f:e8:21:da:f9:f0:72:ad:cc:1e:0f:49:
                    9b:7a:9c:ec:ae:dc:6d:a2:4a:18:eb:e8:48:31:29:
                    23:c8:90:27:bd:ce:8d:b2:5f:06:9a:3a:91:2c:8a:
                    e1:3c:36:c1:5b:fb:aa:dc:aa:49:9b:f9:5a:df:12:
                    66:11:13:df:f8:9f:ab:b0:1b:99:f9:76:68:55:64:
                    d3:b2:52:79:54:14:92:f7:a9:08:2a:d9:9b:a1:29:
                    94:ab:14:c1:2b:f0:59:0e:d9:46:e1:b4:e3:b8:a2:
                    94:38:80:8b:29:51:fd:21:f6:a4:8d:4b:e2:5d:f4:
                    17:d4:95:a4:2d:81:d5:52:4a:8d:49:68:ed:4a:f5:
                    13:f7:33:8c:4c:94:79:8d:8a:9d:12:d5:ad:07:a2:
                    40:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:83:09:79:CE:64:1D:4D:97:75:95:E6:A0:09:7F:A1:44:DA:84:3F
            X509v3 Authority Key Identifier:
                keyid:23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/IIMJec5kHU2XdZXmoAl_oUTahD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:92:58:50:05:78:c0:e3:fa:ac:01:09:31:8d:25:70:75:25:
         0c:c2:96:a7:1e:3a:00:4b:ab:24:95:5a:5c:a1:87:19:f9:21:
         f9:68:a9:1d:c8:3d:c1:f8:71:43:d8:b1:91:a9:db:dc:82:a1:
         c9:61:65:0e:7e:8a:d3:88:c7:c9:3d:94:1b:57:5d:20:9d:a9:
         82:1d:f5:ef:d3:e2:b7:13:e5:0f:81:49:9a:53:94:bb:c7:2e:
         43:ba:db:17:20:71:ac:30:e8:17:9a:2a:8a:bc:95:9d:ba:a7:
         70:77:6c:8c:65:90:01:10:e4:98:87:21:96:d4:a7:e8:07:5e:
         c1:99:96:27:66:b0:8a:9a:65:9c:46:eb:09:7f:d9:88:e4:33:
         a3:51:cc:29:6c:d5:7f:e8:65:f1:68:bf:be:11:aa:1e:d2:94:
         c6:b2:23:24:22:a9:a3:71:be:59:f1:e0:7d:7a:40:4d:fd:6c:
         91:cb:3d:aa:28:c2:83:20:72:77:51:ee:38:46:ed:71:2b:f5:
         c5:17:7d:d7:9d:65:39:bc:c9:1f:9c:04:bd:ff:49:14:f5:77:
         a1:f1:86:96:15:ca:46:9e:da:52:2d:14:99:aa:48:6b:9d:db:
         d2:4c:fd:23:09:8d:22:2d:c7:f3:16:13:b1:a8:bf:bf:82:8c:
         a8:09:b7:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQaYhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzFkOTA5NmVmOTZlYzE2Y2IwYWU2OGFhMzk2NzEwNTFmNGYyODVhMB4XDTIyMDEw
MTA2NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA4MzA5NzljZTY0
MWQ0ZDk3NzU5NWU2YTAwOTdmYTE0NGRhODQzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6m1t9BN6lh/a6vWoMe26LLk9tGKWbWcoC6K/URcG9ewfV5
SH5rGNPOwhcOSyRQ1FZ1i930FOpKurYQBxz9uImG7Yb3EqQUiAVw3aCT5lWWqywv
Ahy+qNi0VCjBXZcgHcb60eEYb3rTvfbrf+gh2vnwcq3MHg9Jm3qc7K7cbaJKGOvo
SDEpI8iQJ73OjbJfBpo6kSyK4Tw2wVv7qtyqSZv5Wt8SZhET3/ifq7Abmfl2aFVk
07JSeVQUkvepCCrZm6EplKsUwSvwWQ7ZRuG047iilDiAiylR/SH2pI1L4l30F9SV
pC2B1VJKjUlo7Ur1E/czjEyUeY2KnRLVrQeiQOcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQggwl5zmQdTZd1leagCX+hRNqEPzAfBgNVHSMEGDAWgBQjHZCW75bsFssK
5oqjlnEFH08oWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l4MlFsdS1XN0JiTEN1YUtvNVp4QlI5UEtGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOTBmMDIyLTJlZmQtNDU5ZC04ZTIyLWNlZTQ0Mzc5NjFiZS8x
L0lJTUplYzVrSFUyWGRaWG1vQWxfb1VUYWhEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OTBmMDIyLTJlZmQtNDU5ZC04ZTIyLWNlZTQ0Mzc5NjFiZS8xL0l4MlFsdS1XN0Ji
TEN1YUtvNVp4QlI5UEtGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnqDjANBgkqhkiG9w0BAQsFAAOC
AQEAi5JYUAV4wOP6rAEJMY0lcHUlDMKWpx46AEurJJVaXKGHGfkh+WipHcg9wfhx
Q9ixkanb3IKhyWFlDn6K04jHyT2UG1ddIJ2pgh3179PitxPlD4FJmlOUu8cuQ7rb
FyBxrDDoF5oqiryVnbqncHdsjGWQARDkmIchltSn6AdewZmWJ2awipplnEbrCX/Z
iOQzo1HMKWzVf+hl8Wi/vhGqHtKUxrIjJCKpo3G+WfHgfXpATf1skcs9qijCgyBy
d1HuOEbtcSv1xRd9151lObzJH5wEvf9JFPV3ofGGlhXKRp7aUi0UmapIa53b0kz9
IwmNIi3H8xYTsai/v4KMqAm3OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:55 2024 by rpki-client on console-ams.rpki-client.org