Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/wi3fVXZxIlBJC7YnXnCdKpo6Toc.roa
File:                     wi3fVXZxIlBJC7YnXnCdKpo6Toc.roa (raw, json)
Hash identifier:          gFszIth84qgPA2A+TifcLfxk/v8LijFZpvyNy8j+caM=
Subject key identifier:   C2:2D:DF:55:76:71:22:50:49:0B:B6:27:5E:70:9D:2A:9A:3A:4E:87
Certificate issuer:       /CN=231d9096ef96ec16cb0ae68aa39671051f4f285a
Certificate serial:       01856F0B81C41D88AB542EB089A4955B02AE
Authority key identifier: 23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/wi3fVXZxIlBJC7YnXnCdKpo6Toc.roa
Signing time:             Sun 01 Jan 2023 20:35:03 +0000
ROA not before:           Sun 01 Jan 2023 20:35:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44285
IP address blocks:        185.234.14.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:81:c4:1d:88:ab:54:2e:b0:89:a4:95:5b:02:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=231d9096ef96ec16cb0ae68aa39671051f4f285a
        Validity
            Not Before: Jan  1 20:35:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c22ddf5576712250490bb6275e709d2a9a3a4e87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0c:b5:06:6d:35:36:90:66:0a:8e:d2:e0:00:
                    fd:58:e8:f1:8a:98:0d:dc:51:40:cc:a3:94:58:8c:
                    19:b3:37:58:c8:f4:c1:a9:05:77:03:34:48:df:31:
                    f0:2b:1e:81:f7:de:12:8b:5f:88:04:0a:f5:5b:7c:
                    37:9f:78:88:26:93:6f:d8:e6:de:85:ac:62:27:a4:
                    2e:6b:69:b0:b1:16:56:ef:24:c2:ff:e6:19:eb:f7:
                    1e:c1:7a:a2:e0:c3:1c:d3:6e:20:06:81:8c:36:53:
                    50:f1:30:a8:4f:1f:85:e9:3d:f7:a4:91:7d:cc:b6:
                    03:e6:eb:6c:d3:37:37:1e:9d:34:fc:b0:be:92:14:
                    61:f6:20:f9:3e:e8:77:26:56:f5:b4:a0:39:80:af:
                    e7:d4:26:7b:42:06:94:e3:90:56:00:ba:c0:27:57:
                    5d:dd:80:90:56:f2:d4:09:04:d0:ea:eb:4c:c1:5c:
                    45:4d:27:4a:69:a9:23:74:01:2e:ff:9e:06:46:c3:
                    b8:77:54:0b:0c:f2:13:87:a5:2c:b0:1c:1d:56:6e:
                    81:48:f2:1b:b0:12:8a:ed:66:60:d5:ec:a2:0f:f8:
                    e2:e8:85:90:06:e8:58:0c:48:cb:5c:39:8c:05:55:
                    5b:e1:91:5a:c8:2b:dd:66:8d:11:48:c6:ae:5e:1c:
                    39:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:2D:DF:55:76:71:22:50:49:0B:B6:27:5E:70:9D:2A:9A:3A:4E:87
            X509v3 Authority Key Identifier:
                keyid:23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/wi3fVXZxIlBJC7YnXnCdKpo6Toc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:a0:0b:32:c8:ee:46:17:70:5a:ad:a7:20:fe:8e:c5:56:1b:
         6e:98:41:7d:d6:67:f8:c0:99:2a:e6:b7:bc:d8:93:51:bf:1b:
         e0:62:09:aa:88:38:65:8d:a6:89:90:cf:82:04:ec:4c:25:88:
         58:9f:19:e9:53:18:e9:47:8a:01:56:12:92:3f:8c:cb:b9:a7:
         53:dd:db:df:25:fc:7b:ad:9e:c1:20:73:bb:f8:11:9d:be:fa:
         e9:f6:db:91:21:8b:cc:c1:8d:bc:b0:77:b2:a7:e0:88:f5:6f:
         a5:b2:01:c5:b9:2e:78:f2:8f:58:68:77:2f:5f:a3:66:9e:85:
         2f:f6:9d:09:51:ab:87:f2:eb:7e:19:1b:5a:57:04:d7:f7:3c:
         f5:fa:1f:e7:e0:91:44:14:78:8e:fc:3d:a1:00:92:14:c1:73:
         45:64:eb:17:16:0b:ea:43:7f:c5:f1:4a:f5:e6:90:4e:42:e9:
         36:02:8c:16:62:1b:f3:3d:a6:52:3f:12:a8:9b:1c:2f:d3:20:
         54:57:a5:1a:b4:e7:0f:02:43:84:72:42:d2:79:49:a3:3c:20:
         d0:0f:69:1b:b1:8a:46:e5:f9:76:22:1a:76:29:44:df:fd:0f:
         9d:94:b6:30:13:88:92:38:ce:e9:01:c1:ca:68:8b:9e:b8:af:
         b9:46:aa:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC4HEHYirVC6wiaSVWwKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMWQ5MDk2ZWY5NmVjMTZjYjBhZTY4YWEzOTY3MTA1MWY0
ZjI4NWEwHhcNMjMwMTAxMjAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjJkZGY1NTc2NzEyMjUwNDkwYmI2Mjc1ZTcwOWQyYTlhM2E0ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAy1Bm01NpBmCo7S4AD9WOjxipgN
3FFAzKOUWIwZszdYyPTBqQV3AzRI3zHwKx6B994Si1+IBAr1W3w3n3iIJpNv2Obe
haxiJ6Qua2mwsRZW7yTC/+YZ6/cewXqi4MMc024gBoGMNlNQ8TCoTx+F6T33pJF9
zLYD5uts0zc3Hp00/LC+khRh9iD5Puh3Jlb1tKA5gK/n1CZ7QgaU45BWALrAJ1dd
3YCQVvLUCQTQ6utMwVxFTSdKaakjdAEu/54GRsO4d1QLDPITh6UssBwdVm6BSPIb
sBKK7WZg1eyiD/ji6IWQBuhYDEjLXDmMBVVb4ZFayCvdZo0RSMauXhw5xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIt31V2cSJQSQu2J15wnSqaOk6HMB8GA1UdIwQY
MBaAFCMdkJbvluwWywrmiqOWcQUfTyhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXgyUWx1LVc3QmJMQ3VhS281WnhCUjlQS0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC85MGYwMjItMmVmZC00NTlkLThlMjIt
Y2VlNDQzNzk2MWJlLzEvd2kzZlZYWnhJbEJKQzdZblhuQ2RLcG82VG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC85MGYwMjItMmVmZC00NTlkLThlMjItY2VlNDQzNzk2MWJl
LzEvSXgyUWx1LVc3QmJMQ3VhS281WnhCUjlQS0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoOMA0G
CSqGSIb3DQEBCwUAA4IBAQCFoAsyyO5GF3Baracg/o7FVhtumEF91mf4wJkq5re8
2JNRvxvgYgmqiDhljaaJkM+CBOxMJYhYnxnpUxjpR4oBVhKSP4zLuadT3dvfJfx7
rZ7BIHO7+BGdvvrp9tuRIYvMwY28sHeyp+CI9W+lsgHFuS548o9YaHcvX6NmnoUv
9p0JUauH8ut+GRtaVwTX9zz1+h/n4JFEFHiO/D2hAJIUwXNFZOsXFgvqQ3/F8Ur1
5pBOQuk2AowWYhvzPaZSPxKomxwv0yBUV6UatOcPAkOEckLSeUmjPCDQD2kbsYpG
5fl2Ihp2KUTf/Q+dlLYwE4iSOM7pAcHKaIueuK+5Rqqi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:55 2024 by rpki-client on console-ams.rpki-client.org