Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/85e970-8a63-47d5-a2ff-994fb6f53b58/1/bHKSQ96_rInJoQZ5VOwcwJrDbvo.roa
File:                     bHKSQ96_rInJoQZ5VOwcwJrDbvo.roa (raw, json)
Hash identifier:          8A/BdFooHdwaS73mpGncX3SBqZmdN9ZibhEFAhGNyCs=
Subject key identifier:   6C:72:92:43:DE:BF:AC:89:C9:A1:06:79:54:EC:1C:C0:9A:C3:6E:FA
Certificate issuer:       /CN=9c378004b2d850fe49a35559e40abf09adee402e
Certificate serial:       018442BCACC733972010AD710789215AA43D
Authority key identifier: 9C:37:80:04:B2:D8:50:FE:49:A3:55:59:E4:0A:BF:09:AD:EE:40:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nDeABLLYUP5Jo1VZ5Aq_Ca3uQC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/85e970-8a63-47d5-a2ff-994fb6f53b58/1/bHKSQ96_rInJoQZ5VOwcwJrDbvo.roa
Signing time:             Fri 04 Nov 2022 13:02:52 +0000
ROA not before:           Fri 04 Nov 2022 13:02:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210636
IP address blocks:        45.144.197.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:42:bc:ac:c7:33:97:20:10:ad:71:07:89:21:5a:a4:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c378004b2d850fe49a35559e40abf09adee402e
        Validity
            Not Before: Nov  4 13:02:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6c729243debfac89c9a1067954ec1cc09ac36efa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:b3:22:89:f3:2c:33:6e:69:76:f5:85:a4:67:
                    d4:ed:d3:b8:23:a1:8b:12:aa:67:18:35:7a:31:9b:
                    f5:c6:52:31:28:f8:d9:83:b6:c4:fb:a0:27:52:b5:
                    bb:2d:0f:8c:dc:ba:11:bb:9b:d2:a3:37:ae:ff:05:
                    c4:1f:ba:6b:74:fd:54:3b:b9:78:5a:49:ad:6e:25:
                    71:58:6f:3c:2d:9e:f4:37:72:b4:e3:ab:b5:b3:b3:
                    e7:ac:7c:7f:71:8c:7e:c0:2e:0e:36:e6:10:26:73:
                    b7:32:be:84:e5:49:b2:62:47:61:d5:1d:1f:29:e3:
                    b4:77:14:c5:6b:76:4c:e7:09:64:a7:a1:3e:26:dc:
                    c6:29:ee:41:91:35:fa:17:5a:29:0d:22:f3:40:0c:
                    8f:37:7e:e6:f0:f4:9b:20:84:ef:a0:fa:a6:fa:ad:
                    55:02:10:5f:06:19:84:98:1c:e6:b2:6b:a8:0f:99:
                    4e:4c:f8:0d:de:4f:62:db:83:11:90:68:2d:ec:80:
                    fe:20:5e:bd:b1:49:ae:26:d3:23:92:7c:f6:05:68:
                    dc:9e:ac:fe:29:71:fe:27:1a:b8:b5:a0:0e:53:73:
                    05:82:a6:4d:12:a5:bb:fd:3f:a0:41:6f:71:40:57:
                    69:ea:df:3d:65:75:24:70:e6:88:54:f8:08:95:30:
                    25:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:72:92:43:DE:BF:AC:89:C9:A1:06:79:54:EC:1C:C0:9A:C3:6E:FA
            X509v3 Authority Key Identifier:
                keyid:9C:37:80:04:B2:D8:50:FE:49:A3:55:59:E4:0A:BF:09:AD:EE:40:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nDeABLLYUP5Jo1VZ5Aq_Ca3uQC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/85e970-8a63-47d5-a2ff-994fb6f53b58/1/bHKSQ96_rInJoQZ5VOwcwJrDbvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/85e970-8a63-47d5-a2ff-994fb6f53b58/1/nDeABLLYUP5Jo1VZ5Aq_Ca3uQC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:57:4b:ba:d9:bc:8d:16:bf:c8:8a:3f:06:cd:05:01:f5:59:
         34:b3:8b:fd:3d:28:71:0f:1a:9c:e1:e9:b7:67:67:c3:96:72:
         73:93:13:e8:e4:42:7b:c2:5f:15:b1:67:bb:a1:8b:d2:d2:94:
         da:22:15:6a:5f:c7:a2:be:80:4a:2b:a7:1b:57:cd:94:db:68:
         bb:9f:c1:e5:15:73:08:33:bb:66:8f:12:d1:2a:00:aa:c2:51:
         e4:82:5f:eb:ad:c4:94:e2:ea:20:e1:f2:db:e9:9b:55:bc:af:
         6b:c1:1f:bf:fa:ae:98:1a:a9:dd:36:1c:b8:e2:c5:12:65:16:
         10:01:30:dd:b0:8c:1d:f7:a2:3a:4c:dc:1e:c8:10:86:68:aa:
         1c:1f:29:2c:2c:4e:08:98:72:be:42:1b:35:89:eb:d3:d8:2e:
         7d:67:a6:18:62:68:99:12:7a:d8:e2:86:76:8f:cd:48:88:05:
         7f:6e:84:77:5f:5e:19:36:3d:b7:e6:69:02:ae:57:a9:5e:3d:
         e7:5a:9e:95:05:41:7b:cb:53:05:6e:f5:1f:07:5e:f8:41:18:
         9b:c6:94:f8:73:7a:40:f1:fd:ad:b1:ea:ee:f1:d1:51:3e:ba:
         10:89:f3:9c:ef:31:6a:9b:bb:30:2a:1c:40:ca:3a:7f:31:92:
         5d:fb:23:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRCvKzHM5cgEK1xB4khWqQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMzc4MDA0YjJkODUwZmU0OWEzNTU1OWU0MGFiZjA5YWRl
ZTQwMmUwHhcNMjIxMTA0MTMwMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzcyOTI0M2RlYmZhYzg5YzlhMTA2Nzk1NGVjMWNjMDlhYzM2ZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7MiifMsM25pdvWFpGfU7dO4I6GL
EqpnGDV6MZv1xlIxKPjZg7bE+6AnUrW7LQ+M3LoRu5vSozeu/wXEH7prdP1UO7l4
WkmtbiVxWG88LZ70N3K046u1s7PnrHx/cYx+wC4ONuYQJnO3Mr6E5UmyYkdh1R0f
KeO0dxTFa3ZM5wlkp6E+JtzGKe5BkTX6F1opDSLzQAyPN37m8PSbIITvoPqm+q1V
AhBfBhmEmBzmsmuoD5lOTPgN3k9i24MRkGgt7ID+IF69sUmuJtMjknz2BWjcnqz+
KXH+Jxq4taAOU3MFgqZNEqW7/T+gQW9xQFdp6t89ZXUkcOaIVPgIlTAleQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxykkPev6yJyaEGeVTsHMCaw276MB8GA1UdIwQY
MBaAFJw3gASy2FD+SaNVWeQKvwmt7kAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRlQUJMTFlVUDVKbzFWWjVBcV9DYTN1UUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NWU5NzAtOGE2My00N2Q1LWEyZmYt
OTk0ZmI2ZjUzYjU4LzEvYkhLU1E5Nl9ySW5Kb1FaNVZPd2N3SnJEYnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NWU5NzAtOGE2My00N2Q1LWEyZmYtOTk0ZmI2ZjUzYjU4
LzEvbkRlQUJMTFlVUDVKbzFWWjVBcV9DYTN1UUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZDFMA0G
CSqGSIb3DQEBCwUAA4IBAQBpV0u62byNFr/Iij8GzQUB9Vk0s4v9PShxDxqc4em3
Z2fDlnJzkxPo5EJ7wl8VsWe7oYvS0pTaIhVqX8eivoBKK6cbV82U22i7n8HlFXMI
M7tmjxLRKgCqwlHkgl/rrcSU4uog4fLb6ZtVvK9rwR+/+q6YGqndNhy44sUSZRYQ
ATDdsIwd96I6TNweyBCGaKocHyksLE4ImHK+Qhs1ievT2C59Z6YYYmiZEnrY4oZ2
j81IiAV/boR3X14ZNj235mkCrlepXj3nWp6VBUF7y1MFbvUfB174QRibxpT4c3pA
8f2tseru8dFRProQifOc7zFqm7swKhxAyjp/MZJd+yNK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:20 2024 by rpki-client on console-fra.rpki-client.org