Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/tRZHeGzheyIaDQTQRNeEp4azgYc.roa
File:                     tRZHeGzheyIaDQTQRNeEp4azgYc.roa (raw, json)
Hash identifier:          cyvPd8t+p5H1mTdG/EjSG3bqhtHEYJ2uspGSgSyFF64=
Subject key identifier:   B5:16:47:78:6C:E1:7B:22:1A:0D:04:D0:44:D7:84:A7:86:B3:81:87
Certificate issuer:       /CN=15982be200f2ed9be40fc983d94d9c726350a9d9
Certificate serial:       018CC8010A81C52DD7E7EAAE3751F86CE2B3
Authority key identifier: 15:98:2B:E2:00:F2:ED:9B:E4:0F:C9:83:D9:4D:9C:72:63:50:A9:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/tRZHeGzheyIaDQTQRNeEp4azgYc.roa
Signing time:             Tue 02 Jan 2024 02:29:20 +0000
ROA not before:           Tue 02 Jan 2024 02:29:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        185.13.225.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:0a:81:c5:2d:d7:e7:ea:ae:37:51:f8:6c:e2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15982be200f2ed9be40fc983d94d9c726350a9d9
        Validity
            Not Before: Jan  2 02:29:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b51647786ce17b221a0d04d044d784a786b38187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:fd:36:9f:28:9c:13:46:81:20:16:e0:1c:41:
                    d2:73:5a:dc:9e:57:f4:d8:d3:3f:b4:f4:42:cd:ff:
                    04:35:85:2c:26:a1:61:78:dd:79:35:2f:37:62:3f:
                    83:4d:36:08:ad:a2:49:38:e6:76:c9:f3:53:85:b1:
                    c1:56:4c:3f:95:cf:a5:d9:62:48:07:83:d6:ba:72:
                    fe:6d:e6:61:45:d7:ec:0c:d9:b8:c5:29:91:a4:9e:
                    df:da:9b:89:1b:e8:0d:1e:90:b9:7b:ab:3d:29:de:
                    40:76:ea:29:1a:41:f1:5d:76:83:99:93:f1:e3:f9:
                    0c:35:85:1c:65:07:a7:af:49:77:68:64:32:a0:95:
                    76:c3:02:6b:70:2e:aa:ab:c3:02:03:42:38:cb:82:
                    d1:0a:e8:be:0e:d1:96:0c:1f:9f:e6:bf:cb:1e:1a:
                    86:21:06:1f:4b:78:3b:60:5a:36:cd:32:72:9c:ba:
                    ca:f3:07:36:c2:1c:8c:af:9c:bd:07:96:37:a6:f5:
                    59:4a:47:06:4e:d4:f7:9f:3f:95:03:bb:82:c3:99:
                    17:2c:76:92:b1:fc:fc:38:62:50:07:ab:c7:88:8e:
                    f4:0f:c1:4d:52:dd:d4:fe:c1:9f:f9:aa:a1:56:0d:
                    ea:52:bc:24:78:32:34:7b:a6:a2:7a:4d:d4:9a:4b:
                    bd:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:16:47:78:6C:E1:7B:22:1A:0D:04:D0:44:D7:84:A7:86:B3:81:87
            X509v3 Authority Key Identifier:
                keyid:15:98:2B:E2:00:F2:ED:9B:E4:0F:C9:83:D9:4D:9C:72:63:50:A9:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/tRZHeGzheyIaDQTQRNeEp4azgYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/30e653-9c0b-4164-9a7d-ca7e6c3ae8ce/1/FZgr4gDy7ZvkD8mD2U2ccmNQqdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:7c:9a:6c:d4:f7:b2:d5:33:86:59:83:9d:a7:49:cc:d2:d4:
         e3:12:5c:2f:f0:d9:17:b1:04:11:cb:10:1c:40:98:ec:2f:da:
         ff:2b:ec:0e:43:86:f5:24:70:58:0b:fa:4b:4a:82:5d:ba:4b:
         9a:c6:39:79:51:cb:d3:83:d2:02:3c:08:28:41:96:79:f6:77:
         8c:95:90:a1:22:31:cb:9a:cd:7e:8d:72:7e:16:c1:50:33:48:
         1d:ed:2d:64:bb:5e:a9:1a:f4:f4:da:c4:0b:b3:13:a1:a0:54:
         89:2f:52:ce:fe:8c:07:ca:dd:11:b4:a0:18:16:ba:65:e6:e5:
         cc:04:6f:68:44:aa:ac:dd:bb:10:4c:34:9f:d5:8e:c7:63:8c:
         31:2d:a3:e8:b9:2d:44:3b:c7:9b:c4:c9:5d:50:ea:5d:83:d0:
         fe:f3:5a:e0:c6:52:d6:22:ba:c7:7d:93:2f:94:10:4c:2d:85:
         bd:0a:a0:32:43:f9:47:7c:a4:cf:2e:c2:af:d6:fa:e8:83:f7:
         1a:e2:00:b4:df:f9:5d:2b:77:a0:d5:45:35:14:35:67:7e:c3:
         86:03:dd:45:9b:af:3b:3c:fd:3e:68:4d:45:10:60:0f:58:88:
         87:7c:b2:66:8f:61:ad:dd:15:e6:68:e2:c7:b7:15:6f:63:b7:
         1d:bc:6f:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAQqBxS3X5+quN1H4bOKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OTgyYmUyMDBmMmVkOWJlNDBmYzk4M2Q5NGQ5YzcyNjM1
MGE5ZDkwHhcNMjQwMTAyMDIyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTE2NDc3ODZjZTE3YjIyMWEwZDA0ZDA0NGQ3ODRhNzg2YjM4MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf02nyicE0aBIBbgHEHSc1rcnlf0
2NM/tPRCzf8ENYUsJqFheN15NS83Yj+DTTYIraJJOOZ2yfNThbHBVkw/lc+l2WJI
B4PWunL+beZhRdfsDNm4xSmRpJ7f2puJG+gNHpC5e6s9Kd5AduopGkHxXXaDmZPx
4/kMNYUcZQenr0l3aGQyoJV2wwJrcC6qq8MCA0I4y4LRCui+DtGWDB+f5r/LHhqG
IQYfS3g7YFo2zTJynLrK8wc2whyMr5y9B5Y3pvVZSkcGTtT3nz+VA7uCw5kXLHaS
sfz8OGJQB6vHiI70D8FNUt3U/sGf+aqhVg3qUrwkeDI0e6aiek3Umku9gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUWR3hs4XsiGg0E0ETXhKeGs4GHMB8GA1UdIwQY
MBaAFBWYK+IA8u2b5A/Jg9lNnHJjUKnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlpncjRnRHk3WnZrRDhtRDJVMmNjbU5RcWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zMGU2NTMtOWMwYi00MTY0LTlhN2Qt
Y2E3ZTZjM2FlOGNlLzEvdFJaSGVHemhleUlhRFFUUVJOZUVwNGF6Z1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zMGU2NTMtOWMwYi00MTY0LTlhN2QtY2E3ZTZjM2FlOGNl
LzEvRlpncjRnRHk3WnZrRDhtRDJVMmNjbU5RcWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ3hMA0G
CSqGSIb3DQEBCwUAA4IBAQA5fJps1Pey1TOGWYOdp0nM0tTjElwv8NkXsQQRyxAc
QJjsL9r/K+wOQ4b1JHBYC/pLSoJdukuaxjl5UcvTg9ICPAgoQZZ59neMlZChIjHL
ms1+jXJ+FsFQM0gd7S1ku16pGvT02sQLsxOhoFSJL1LO/owHyt0RtKAYFrpl5uXM
BG9oRKqs3bsQTDSf1Y7HY4wxLaPouS1EO8ebxMldUOpdg9D+81rgxlLWIrrHfZMv
lBBMLYW9CqAyQ/lHfKTPLsKv1vrog/ca4gC03/ldK3eg1UU1FDVnfsOGA91Fm687
PP0+aE1FEGAPWIiHfLJmj2Gt3RXmaOLHtxVvY7cdvG+t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:17 2024 by rpki-client on console-ams.rpki-client.org