Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/R7Ffu7GpbgRgWA53glyG5xNZfsE.roa
File:                     R7Ffu7GpbgRgWA53glyG5xNZfsE.roa (raw, json)
Hash identifier:          +VjyudQDBbGUaSZzSFzaRq/LTLdR8XVfTpYYuCVZKO8=
Subject key identifier:   47:B1:5F:BB:B1:A9:6E:04:60:58:0E:77:82:5C:86:E7:13:59:7E:C1
Certificate issuer:       /CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
Certificate serial:       018570E75D7B80B12F2D4CD7D5D6580CE6D2
Authority key identifier: CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/R7Ffu7GpbgRgWA53glyG5xNZfsE.roa
Signing time:             Mon 02 Jan 2023 05:14:48 +0000
ROA not before:           Mon 02 Jan 2023 05:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212941
IP address blocks:        185.67.96.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:5d:7b:80:b1:2f:2d:4c:d7:d5:d6:58:0c:e6:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
        Validity
            Not Before: Jan  2 05:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47b15fbbb1a96e0460580e77825c86e713597ec1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ba:f7:c0:be:fb:91:66:81:ac:09:56:ab:a3:
                    ce:90:16:79:79:c6:c0:97:e0:9c:33:d0:fd:66:ab:
                    51:92:e8:2e:8e:7d:95:bf:9a:66:98:f9:74:cd:46:
                    2f:d4:2f:d1:71:be:cc:a5:05:8e:95:1b:0a:ed:8b:
                    dc:0e:09:18:96:d2:db:af:7c:d1:52:d3:36:58:69:
                    c4:2e:16:b6:18:e2:05:ab:4a:19:82:77:d8:da:bb:
                    9e:12:15:39:e0:40:15:fe:4f:af:14:fe:d5:b5:6e:
                    a2:a1:3e:28:3c:79:60:7d:e8:b3:d5:3b:f6:d2:47:
                    03:b6:e9:01:c2:ea:51:9a:93:55:1c:75:67:63:ae:
                    8d:07:0c:4b:2b:c5:a6:80:17:97:56:5e:69:bb:64:
                    84:e9:3d:4b:d0:3d:d9:24:2e:34:2e:d1:fe:2b:11:
                    2f:26:f8:88:2b:c9:be:0e:7a:2f:d9:ef:fa:e4:11:
                    f4:a9:e8:0e:31:a0:09:45:28:93:f2:68:89:ad:13:
                    fe:5c:da:c9:e5:54:45:a5:8f:21:4f:b5:9a:cc:60:
                    16:84:69:d7:d6:15:25:13:2d:31:84:e9:24:0d:78:
                    dd:c9:43:fc:ab:7d:0d:5c:a5:d0:b4:f0:3f:0e:a9:
                    51:14:05:a3:37:67:18:bb:62:93:f8:98:6a:00:1b:
                    63:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B1:5F:BB:B1:A9:6E:04:60:58:0E:77:82:5C:86:E7:13:59:7E:C1
            X509v3 Authority Key Identifier:
                keyid:CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/R7Ffu7GpbgRgWA53glyG5xNZfsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/y7Cobpj9j_o1A47rCKroUPuQnys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:6a:75:9c:96:3c:3e:06:71:eb:60:dd:28:75:7f:37:9f:44:
         62:e7:8d:82:fc:93:68:ae:37:9f:93:91:b7:39:83:ca:f5:23:
         ad:3c:12:7e:7a:ce:22:92:f4:65:1e:5a:ed:86:ab:1a:26:4b:
         12:86:b0:b6:9a:56:82:58:10:49:67:ba:7e:25:85:1f:ec:de:
         6b:7a:ef:0b:f3:01:56:e7:d5:7c:ca:36:03:0d:35:62:9d:04:
         15:21:2c:ab:e4:18:81:03:20:83:cb:11:2a:a0:7b:1f:cb:ab:
         73:b2:56:76:a0:32:ed:42:4a:6c:1b:34:db:87:f9:af:82:f7:
         ec:96:b5:5f:f0:c7:ec:ba:6c:35:0f:a3:fe:d7:ee:8e:8c:98:
         df:6e:0e:8a:84:8c:b4:60:a7:79:62:17:86:2e:fb:85:d3:e1:
         65:98:05:2e:b0:da:c3:14:80:78:94:5d:c1:23:f4:5d:a0:4d:
         3f:db:45:86:b7:62:4b:07:25:52:96:8a:08:d0:09:93:44:ab:
         dc:40:e2:68:9a:33:04:86:2d:42:81:6d:6d:ba:53:db:64:60:
         8d:7c:43:4d:05:87:e1:79:ce:5e:53:f0:4f:de:97:c8:04:c3:
         81:5b:4b:a3:1c:73:2c:3a:b7:9d:25:da:44:79:14:ea:2f:27:
         07:78:4d:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw5117gLEvLUzX1dZYDObSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjBhODZlOThmZDhmZmEzNTAzOGVlYjA4YWFlODUwZmI5
MDlmMmIwHhcNMjMwMTAyMDUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2IxNWZiYmIxYTk2ZTA0NjA1ODBlNzc4MjVjODZlNzEzNTk3ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobr3wL77kWaBrAlWq6POkBZ5ecbA
l+CcM9D9ZqtRkugujn2Vv5pmmPl0zUYv1C/Rcb7MpQWOlRsK7YvcDgkYltLbr3zR
UtM2WGnELha2GOIFq0oZgnfY2rueEhU54EAV/k+vFP7VtW6ioT4oPHlgfeiz1Tv2
0kcDtukBwupRmpNVHHVnY66NBwxLK8WmgBeXVl5pu2SE6T1L0D3ZJC40LtH+KxEv
JviIK8m+Dnov2e/65BH0qegOMaAJRSiT8miJrRP+XNrJ5VRFpY8hT7WazGAWhGnX
1hUlEy0xhOkkDXjdyUP8q30NXKXQtPA/DqlRFAWjN2cYu2KT+JhqABtjOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEexX7uxqW4EYFgOd4JchucTWX7BMB8GA1UdIwQY
MBaAFMuwqG6Y/Y/6NQOO6wiq6FD7kJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYt
NTA3NjRmMzc3ZDE0LzEvUjdGZnU3R3BiZ1JnV0E1M2dseUc1eE5aZnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYtNTA3NjRmMzc3ZDE0
LzEveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCjanWcljw+BnHrYN0odX83n0Ri542C/JNorjefk5G3
OYPK9SOtPBJ+es4ikvRlHlrthqsaJksShrC2mlaCWBBJZ7p+JYUf7N5reu8L8wFW
59V8yjYDDTVinQQVISyr5BiBAyCDyxEqoHsfy6tzslZ2oDLtQkpsGzTbh/mvgvfs
lrVf8Mfsumw1D6P+1+6OjJjfbg6KhIy0YKd5YheGLvuF0+FlmAUusNrDFIB4lF3B
I/RdoE0/20WGt2JLByVSlooI0AmTRKvcQOJomjMEhi1CgW1tulPbZGCNfENNBYfh
ec5eU/BP3pfIBMOBW0ujHHMsOredJdpEeRTqLycHeE2C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:21 2024 by rpki-client on console-fra.rpki-client.org