Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/KxbUMJJsOA7uoEdB-CzdRdsMGwE.roa
File:                     KxbUMJJsOA7uoEdB-CzdRdsMGwE.roa (raw, json)
Hash identifier:          X9dhID0RpnV+RPYJk6JDdt5YJD2MkJZxLilc6Wpjas4=
Subject key identifier:   2B:16:D4:30:92:6C:38:0E:EE:A0:47:41:F8:2C:DD:45:DB:0C:1B:01
Certificate issuer:       /CN=15982be200f2ed9be40fc983d94d9c726350a9d9
Certificate serial:       01856C1C82AE40B8C6C5283AFC308AF711FA
Authority key identifier: 15:98:2B:E2:00:F2:ED:9B:E4:0F:C9:83:D9:4D:9C:72:63:50:A9:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/KxbUMJJsOA7uoEdB-CzdRdsMGwE.roa
Signing time:             Sun 01 Jan 2023 06:54:45 +0000
ROA not before:           Sun 01 Jan 2023 06:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.13.225.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:82:ae:40:b8:c6:c5:28:3a:fc:30:8a:f7:11:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15982be200f2ed9be40fc983d94d9c726350a9d9
        Validity
            Not Before: Jan  1 06:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b16d430926c380eeea04741f82cdd45db0c1b01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:de:24:78:3e:a2:11:f3:a9:60:a3:ff:97:e6:
                    7a:40:7b:0d:44:c6:18:e6:92:ad:2b:5a:e9:c5:b7:
                    f0:08:52:01:cc:cc:44:b4:ef:27:3a:49:33:93:da:
                    1a:95:8c:42:d4:db:ed:bb:15:b2:9e:a7:27:87:65:
                    38:8c:c6:bc:16:6d:af:e4:38:dd:89:d6:c0:3a:3b:
                    81:07:f7:75:1b:73:54:d5:ad:ab:a7:c2:1e:c6:51:
                    00:2f:fd:73:eb:d2:ef:df:c9:db:b4:74:47:23:c1:
                    94:7d:9f:9b:28:1d:7c:4d:e0:2c:ea:aa:6d:00:83:
                    96:17:10:3a:94:6c:3a:01:6f:34:51:3a:2d:fd:aa:
                    1c:64:68:e3:45:5f:af:a9:99:b1:e3:83:d0:b4:e6:
                    b1:1a:d9:f4:d0:c7:df:8c:66:c8:95:89:26:c0:cc:
                    d5:9f:c1:2a:2f:6c:f7:11:e0:ed:2a:2d:50:25:f9:
                    d5:9b:6a:1d:2d:ee:5a:80:a6:18:22:a8:39:d8:1c:
                    60:7e:14:22:ca:5a:fc:67:9f:12:2b:26:ce:cb:d9:
                    14:e7:41:16:3f:53:0b:e8:c4:e2:7a:98:f4:2d:69:
                    33:dc:ff:2d:8e:06:71:25:d6:2f:f0:2a:1c:0d:5b:
                    ea:35:b5:38:d6:fb:24:88:a9:27:d8:f5:9c:30:ff:
                    80:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:16:D4:30:92:6C:38:0E:EE:A0:47:41:F8:2C:DD:45:DB:0C:1B:01
            X509v3 Authority Key Identifier:
                keyid:15:98:2B:E2:00:F2:ED:9B:E4:0F:C9:83:D9:4D:9C:72:63:50:A9:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/KxbUMJJsOA7uoEdB-CzdRdsMGwE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:13:57:1f:b4:3f:b6:eb:b4:3a:6e:5b:66:ee:b6:a6:2a:ce:
         45:30:d4:14:6b:79:be:58:01:05:49:a8:30:4b:40:cc:56:a8:
         c6:89:0d:70:73:85:08:b5:8e:6e:29:8b:47:17:85:59:72:0c:
         44:b6:5d:ba:05:91:da:f4:ee:ff:df:43:ad:72:3d:62:8f:d4:
         27:7a:b8:cb:72:46:c6:89:71:a1:ce:66:84:ec:9e:f6:79:1f:
         36:60:b2:f0:b3:38:d8:76:6c:a9:f9:41:91:b0:02:55:82:7c:
         9c:c9:cb:17:91:a7:49:c1:69:2e:27:28:c8:58:1b:2c:5b:2b:
         32:7f:96:62:d6:69:23:69:1a:ba:95:f0:74:86:b0:6d:d5:20:
         f6:25:cf:f8:e9:a6:f6:41:57:d9:03:aa:28:46:06:50:fb:34:
         91:79:91:96:0f:87:4b:ac:c4:18:28:34:ce:18:c2:00:6c:3a:
         10:97:bc:82:5d:cb:66:f3:ba:7d:5e:67:1c:6b:97:71:6e:91:
         a5:1f:1f:6a:7d:9d:e1:4b:af:1d:cd:80:59:55:5d:4c:d5:4b:
         6b:c3:9b:ee:54:bf:0a:f6:56:2c:77:c9:32:42:7c:06:a1:a8:
         4f:f1:f3:70:43:85:1b:8b:a2:14:72:21:70:36:44:86:ef:f0:
         4d:a9:e3:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsHIKuQLjGxSg6/DCK9xH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OTgyYmUyMDBmMmVkOWJlNDBmYzk4M2Q5NGQ5YzcyNjM1
MGE5ZDkwHhcNMjMwMTAxMDY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjE2ZDQzMDkyNmMzODBlZWVhMDQ3NDFmODJjZGQ0NWRiMGMxYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN4keD6iEfOpYKP/l+Z6QHsNRMYY
5pKtK1rpxbfwCFIBzMxEtO8nOkkzk9oalYxC1NvtuxWynqcnh2U4jMa8Fm2v5Djd
idbAOjuBB/d1G3NU1a2rp8IexlEAL/1z69Lv38nbtHRHI8GUfZ+bKB18TeAs6qpt
AIOWFxA6lGw6AW80UTot/aocZGjjRV+vqZmx44PQtOaxGtn00MffjGbIlYkmwMzV
n8EqL2z3EeDtKi1QJfnVm2odLe5agKYYIqg52BxgfhQiylr8Z58SKybOy9kU50EW
P1ML6MTiepj0LWkz3P8tjgZxJdYv8CocDVvqNbU41vskiKkn2PWcMP+AyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsW1DCSbDgO7qBHQfgs3UXbDBsBMB8GA1UdIwQY
MBaAFBWYK+IA8u2b5A/Jg9lNnHJjUKnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlpncjRnRHk3WnZrRDhtRDJVMmNjbU5RcWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zMGU2NTMtOWMwYi00MTY0LTlhN2Qt
Y2E3ZTZjM2FlOGNlLzEvS3hiVU1KSnNPQTd1b0VkQi1DemRSZHNNR3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zMGU2NTMtOWMwYi00MTY0LTlhN2QtY2E3ZTZjM2FlOGNl
LzEvRlpncjRnRHk3WnZrRDhtRDJVMmNjbU5RcWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ3hMA0G
CSqGSIb3DQEBCwUAA4IBAQCTE1cftD+267Q6bltm7ramKs5FMNQUa3m+WAEFSagw
S0DMVqjGiQ1wc4UItY5uKYtHF4VZcgxEtl26BZHa9O7/30Otcj1ij9QnerjLckbG
iXGhzmaE7J72eR82YLLwszjYdmyp+UGRsAJVgnycycsXkadJwWkuJyjIWBssWysy
f5Zi1mkjaRq6lfB0hrBt1SD2Jc/46ab2QVfZA6ooRgZQ+zSReZGWD4dLrMQYKDTO
GMIAbDoQl7yCXctm87p9Xmcca5dxbpGlHx9qfZ3hS68dzYBZVV1M1Utrw5vuVL8K
9lYsd8kyQnwGoahP8fNwQ4Ubi6IUciFwNkSG7/BNqeMd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:12 2024 by rpki-client on console-fra.rpki-client.org