Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa
File:                     b97zC7vFryfL8c_8WixC6ID0hlo.roa (raw, json)
Hash identifier:          Y+mDY/V1iRhYu3vXCwuGvBKFlvFClbeYjToCTHnFo9A=
Subject key identifier:   6F:DE:F3:0B:BB:C5:AF:27:CB:F1:CF:FC:5A:2C:42:E8:80:F4:86:5A
Certificate issuer:       /CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
Certificate serial:       01842EE1A21ED31CCBAF99A3BBAB134282D6
Authority key identifier: CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa
Signing time:             Mon 31 Oct 2022 16:30:49 +0000
ROA not before:           Mon 31 Oct 2022 16:30:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212941
IP address blocks:        185.67.96.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:2e:e1:a2:1e:d3:1c:cb:af:99:a3:bb:ab:13:42:82:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbb0a86e98fd8ffa35038eeb08aae850fb909f2b
        Validity
            Not Before: Oct 31 16:30:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6fdef30bbbc5af27cbf1cffc5a2c42e880f4865a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:92:e2:86:83:b9:a6:c0:a8:a3:7e:f7:fe:5d:
                    7e:8c:cd:a6:98:b2:6e:03:c6:44:35:e1:9a:d6:cf:
                    e0:ee:52:2b:e1:8e:cd:46:ac:2d:92:1d:32:63:62:
                    f4:14:53:c7:ae:42:19:f7:f2:b4:47:53:70:dd:cc:
                    27:12:85:78:0b:a9:49:1b:94:3a:18:ab:77:c7:70:
                    b9:6e:e7:b2:6c:73:d9:57:65:51:17:97:79:f8:6d:
                    88:4d:65:be:df:45:50:5c:dc:30:8f:f5:91:df:3f:
                    23:dd:17:81:e5:96:49:86:0e:1c:e3:23:d8:3e:d9:
                    80:61:44:c7:b4:49:09:a3:4e:65:9a:9d:5e:87:ba:
                    d0:30:42:7a:ad:b3:16:f2:85:bf:8a:8d:82:62:bf:
                    23:1f:d2:44:39:3c:8a:a8:e7:44:1b:cb:4f:3e:b6:
                    ad:22:86:c3:e2:9e:ed:c5:dd:f6:a4:79:b7:f6:52:
                    b1:da:26:8d:b2:5d:d2:b9:25:72:d5:51:cb:c7:3e:
                    4e:f0:43:bd:59:0a:c2:39:a6:b2:02:58:4f:4b:98:
                    59:34:4f:e1:eb:cb:b7:01:c4:26:ad:bc:f1:ef:6c:
                    d6:01:b1:c8:d3:dc:43:01:15:c5:9e:05:a1:55:20:
                    0c:81:a5:69:d9:76:b3:ad:a2:3e:bc:2e:4d:5e:2d:
                    7d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:DE:F3:0B:BB:C5:AF:27:CB:F1:CF:FC:5A:2C:42:E8:80:F4:86:5A
            X509v3 Authority Key Identifier:
                keyid:CB:B0:A8:6E:98:FD:8F:FA:35:03:8E:EB:08:AA:E8:50:FB:90:9F:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Cobpj9j_o1A47rCKroUPuQnys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/b97zC7vFryfL8c_8WixC6ID0hlo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/bc2ba5-0d6b-4ae9-ad76-50764f377d14/1/y7Cobpj9j_o1A47rCKroUPuQnys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.67.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:0a:57:d6:4a:05:c5:98:d8:26:b3:f8:8b:bd:36:c8:6f:ac:
         f3:56:87:50:74:9f:97:2f:47:91:6c:52:8f:fe:3b:0e:c3:99:
         b1:ad:ba:96:fe:b3:02:49:1d:49:7c:05:8c:19:40:b2:af:e7:
         66:c4:08:ad:98:57:2f:43:5c:3d:9b:59:2c:08:92:83:a8:2a:
         fd:a4:fa:7b:65:2e:88:a5:6e:f9:0d:a4:82:5d:60:3a:7c:c3:
         2e:d9:c5:ec:93:4c:6d:74:32:5e:22:45:1d:39:7f:72:9d:47:
         58:10:15:bf:83:58:aa:31:64:36:3a:fb:ac:4d:93:2b:ed:cb:
         43:f6:a0:4e:cd:8e:c6:47:c0:05:1f:b3:a0:9c:fe:5a:61:c5:
         10:a2:8f:46:b5:3c:4d:cd:04:2c:48:fe:ba:b6:4b:48:10:4c:
         10:81:6c:37:71:d2:a4:62:19:4e:61:8e:20:ee:3a:b1:3f:b0:
         ba:ea:a3:30:ba:b0:b8:a5:db:37:9e:5e:1d:4f:cf:98:e8:ea:
         3b:78:61:8f:26:69:3d:82:77:f7:5f:f1:c2:3e:57:df:fc:52:
         bc:fd:1a:2f:be:93:82:3d:af:b3:0f:44:9b:35:22:57:77:29:
         5b:2f:78:cc:bf:50:29:1c:c4:5e:f7:54:9a:c4:26:6b:06:4c:
         e6:91:03:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQu4aIe0xzLr5mju6sTQoLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjBhODZlOThmZDhmZmEzNTAzOGVlYjA4YWFlODUwZmI5
MDlmMmIwHhcNMjIxMDMxMTYzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRlZjMwYmJiYzVhZjI3Y2JmMWNmZmM1YTJjNDJlODgwZjQ4NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZLihoO5psCoo373/l1+jM2mmLJu
A8ZENeGa1s/g7lIr4Y7NRqwtkh0yY2L0FFPHrkIZ9/K0R1Nw3cwnEoV4C6lJG5Q6
GKt3x3C5bueybHPZV2VRF5d5+G2ITWW+30VQXNwwj/WR3z8j3ReB5ZZJhg4c4yPY
PtmAYUTHtEkJo05lmp1eh7rQMEJ6rbMW8oW/io2CYr8jH9JEOTyKqOdEG8tPPrat
IobD4p7txd32pHm39lKx2iaNsl3SuSVy1VHLxz5O8EO9WQrCOaayAlhPS5hZNE/h
68u3AcQmrbzx72zWAbHI09xDARXFngWhVSAMgaVp2XazraI+vC5NXi19ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/e8wu7xa8ny/HP/FosQuiA9IZaMB8GA1UdIwQY
MBaAFMuwqG6Y/Y/6NQOO6wiq6FD7kJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYt
NTA3NjRmMzc3ZDE0LzEvYjk3ekM3dkZyeWZMOGNfOFdpeEM2SUQwaGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9iYzJiYTUtMGQ2Yi00YWU5LWFkNzYtNTA3NjRmMzc3ZDE0
LzEveTdDb2JwajlqX28xQTQ3ckNLcm9VUHVRbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUNgMA0G
CSqGSIb3DQEBCwUAA4IBAQA2ClfWSgXFmNgms/iLvTbIb6zzVodQdJ+XL0eRbFKP
/jsOw5mxrbqW/rMCSR1JfAWMGUCyr+dmxAitmFcvQ1w9m1ksCJKDqCr9pPp7ZS6I
pW75DaSCXWA6fMMu2cXsk0xtdDJeIkUdOX9ynUdYEBW/g1iqMWQ2OvusTZMr7ctD
9qBOzY7GR8AFH7OgnP5aYcUQoo9GtTxNzQQsSP66tktIEEwQgWw3cdKkYhlOYY4g
7jqxP7C66qMwurC4pds3nl4dT8+Y6Oo7eGGPJmk9gnf3X/HCPlff/FK8/RovvpOC
Pa+zD0SbNSJXdylbL3jMv1ApHMRe91SaxCZrBkzmkQML
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:37 2024 by rpki-client on console-ams.rpki-client.org