Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/RVpavK33LEycoox3-d3BLqndDmk.roa
File:                     RVpavK33LEycoox3-d3BLqndDmk.roa (raw, json)
Hash identifier:          9KG8MXMaphlS8ackQNlC1q4JPAIeoRL6nM8wWwGJrcI=
Subject key identifier:   45:5A:5A:BC:AD:F7:2C:4C:9C:A2:8C:77:F9:DD:C1:2E:A9:DD:0E:69
Certificate issuer:       /CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
Certificate serial:       018570E75CCE03D42E8C0947A5230576953D
Authority key identifier: CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/RVpavK33LEycoox3-d3BLqndDmk.roa
Signing time:             Mon 02 Jan 2023 05:14:48 +0000
ROA not before:           Mon 02 Jan 2023 05:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200845
IP address blocks:        185.67.96.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:5c:ce:03:d4:2e:8c:09:47:a5:23:05:76:95:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
        Validity
            Not Before: Jan  2 05:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=455a5abcadf72c4c9ca28c77f9ddc12ea9dd0e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:58:07:39:f6:6e:3a:65:eb:d1:a1:0a:d2:a2:
                    19:db:54:39:8f:75:80:45:74:6d:e7:b2:f8:4a:f5:
                    a7:93:07:2c:a5:95:9a:d8:72:62:d7:b1:47:55:11:
                    d9:e1:02:48:28:d1:3f:79:3e:ef:f0:f9:88:96:bf:
                    5d:00:1a:b3:d5:72:a6:3f:60:db:6e:aa:d5:1a:2b:
                    c5:83:ef:5b:88:66:68:6d:08:f8:c2:11:3f:3c:dc:
                    b2:02:8f:6b:9c:4a:5b:4d:18:fa:53:06:71:6f:78:
                    2a:b5:01:5e:04:55:de:c0:60:be:a8:d9:79:45:65:
                    b2:f3:4b:f9:e6:95:73:25:5d:b6:97:99:48:61:84:
                    51:5d:58:60:13:e9:54:d1:46:80:4d:41:8e:91:01:
                    64:2b:16:06:5a:bb:93:b9:2b:e4:71:1d:fd:82:99:
                    2d:a6:93:e5:3f:6d:2e:8b:7b:46:27:07:72:27:95:
                    bd:97:0c:a8:97:b9:dc:b9:9b:ef:24:5b:d3:1f:7b:
                    36:3e:14:eb:5d:38:bb:41:55:3b:43:85:c1:40:54:
                    35:68:5d:73:ba:dd:b9:17:79:27:08:cb:ac:f3:74:
                    95:0d:ec:fe:d3:95:f5:c9:29:97:7f:69:f5:88:bb:
                    ab:65:5b:d7:e1:c4:e2:04:be:6d:77:6c:9c:25:04:
                    09:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:5A:5A:BC:AD:F7:2C:4C:9C:A2:8C:77:F9:DD:C1:2E:A9:DD:0E:69
            X509v3 Authority Key Identifier:
                keyid:CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/RVpavK33LEycoox3-d3BLqndDmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/y7Cobpj9j_o1A47rCKroUPuQnys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:6e:46:75:57:ee:cb:ad:9b:63:30:1b:d9:05:38:11:5e:c2:
         c4:33:22:24:1a:6e:9f:6a:2c:25:a8:7e:c5:ec:7a:b9:f3:85:
         9b:7f:86:6a:62:f6:8e:e5:f4:e0:23:5a:52:cd:fa:90:fb:9a:
         9c:8a:04:7c:29:46:9c:db:77:18:b5:47:ae:2a:1c:66:30:5b:
         d9:5d:db:ee:46:75:98:c3:22:97:69:25:e8:2a:f4:e2:35:d1:
         fd:97:22:76:b3:9e:95:8f:64:4f:f9:ec:0b:e4:81:f4:35:b4:
         86:81:57:11:36:28:0d:f1:72:87:9c:f7:f5:82:6c:4c:7d:47:
         29:46:d6:46:5f:04:90:6f:c6:7c:59:66:6c:e4:e8:38:63:03:
         cf:cd:c8:50:33:7a:79:10:18:33:ee:a8:ad:fa:31:8f:4d:9e:
         60:be:25:d6:15:c0:79:a2:12:21:37:36:f5:2c:d1:74:d1:6d:
         44:d1:2a:66:2d:e0:3d:51:ae:0e:57:a9:de:70:47:24:19:42:
         86:2f:9f:f4:41:9c:69:ee:5d:47:ec:5e:54:1f:e6:76:40:6d:
         97:c6:a1:a9:de:d1:10:00:b6:1d:98:a1:fe:52:b3:80:a5:9d:
         f2:ba:bd:bf:1e:17:25:b1:2b:c1:22:b4:27:57:40:6e:db:97:
         d1:08:ab:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51zOA9QujAlHpSMFdpU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjBhODZlOThmZDhmZmEzNTAzOGVlYjA4YWFlODUwZmI5
MDlmMmIwHhcNMjMwMTAyMDUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTVhNWFiY2FkZjcyYzRjOWNhMjhjNzdmOWRkYzEyZWE5ZGQwZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFgHOfZuOmXr0aEK0qIZ21Q5j3WA
RXRt57L4SvWnkwcspZWa2HJi17FHVRHZ4QJIKNE/eT7v8PmIlr9dABqz1XKmP2Db
bqrVGivFg+9biGZobQj4whE/PNyyAo9rnEpbTRj6UwZxb3gqtQFeBFXewGC+qNl5
RWWy80v55pVzJV22l5lIYYRRXVhgE+lU0UaATUGOkQFkKxYGWruTuSvkcR39gpkt
ppPlP20ui3tGJwdyJ5W9lwyol7ncuZvvJFvTH3s2PhTrXTi7QVU7Q4XBQFQ1aF1z
ut25F3knCMus83SVDez+05X1ySmXf2n1iLurZVvX4cTiBL5td2ycJQQJtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVaWryt9yxMnKKMd/ndwS6p3Q5pMB8GA1UdIwQY
MBaAFMuwqG6Y/Y/6NQOO6wiq6FD7kJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYt
NTA3NjRmMzc3ZDE0LzEvUlZwYXZLMzNMRXljb294My1kM0JMcW5kRG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYtNTA3NjRmMzc3ZDE0
LzEveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBGbkZ1V+7LrZtjMBvZBTgRXsLEMyIkGm6faiwlqH7F
7Hq584Wbf4ZqYvaO5fTgI1pSzfqQ+5qcigR8KUac23cYtUeuKhxmMFvZXdvuRnWY
wyKXaSXoKvTiNdH9lyJ2s56Vj2RP+ewL5IH0NbSGgVcRNigN8XKHnPf1gmxMfUcp
RtZGXwSQb8Z8WWZs5Og4YwPPzchQM3p5EBgz7qit+jGPTZ5gviXWFcB5ohIhNzb1
LNF00W1E0SpmLeA9Ua4OV6necEckGUKGL5/0QZxp7l1H7F5UH+Z2QG2XxqGp3tEQ
ALYdmKH+UrOApZ3yur2/HhclsSvBIrQnV0Bu25fRCKuX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:37 2024 by rpki-client on console-ams.rpki-client.org