Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/8AaczUKWBW7Hu4qBIsNc_X4NXCo.roa
File:                     8AaczUKWBW7Hu4qBIsNc_X4NXCo.roa (raw, json)
Hash identifier:          0dcWM/DDlvrDvatbWxp2r3rqYbtul+YVOMt35sFN2bk=
Subject key identifier:   F0:06:9C:CD:42:96:05:6E:C7:BB:8A:81:22:C3:5C:FD:7E:0D:5C:2A
Certificate issuer:       /CN=ceae1021ef5d6d72ca68f8ca5c159f4a08a74366
Certificate serial:       02AB1B0E
Authority key identifier: CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/8AaczUKWBW7Hu4qBIsNc_X4NXCo.roa
Signing time:             Wed 02 Mar 2022 20:52:26 +0000
ROA not before:           Wed 02 Mar 2022 20:52:26 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        193.32.204.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44768014 (0x2ab1b0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ceae1021ef5d6d72ca68f8ca5c159f4a08a74366
        Validity
            Not Before: Mar  2 20:52:26 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f0069ccd4296056ec7bb8a8122c35cfd7e0d5c2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8b:2b:55:6f:5f:d0:04:da:d4:39:6d:30:9b:
                    a6:05:c0:06:aa:b4:0e:69:ba:43:32:88:5f:f7:1c:
                    d0:97:a0:75:e5:45:4f:33:5f:ac:c1:76:a2:ff:5a:
                    98:d7:e8:05:c1:fe:8e:fb:b2:1d:31:e6:5d:7a:34:
                    0b:a9:1d:6a:a5:ab:3c:aa:0a:ad:ed:2d:7a:f0:76:
                    c7:b3:23:46:ae:fa:34:ee:7e:97:3d:f1:a7:16:94:
                    dd:47:8c:79:a7:eb:8e:70:df:12:70:fe:66:0a:01:
                    00:a4:87:5a:53:a2:dd:88:3d:7e:31:62:60:b0:3f:
                    ea:66:ec:a1:e3:95:7d:85:2a:31:8c:0f:49:3d:af:
                    ec:a0:c4:52:86:1d:5e:76:8d:75:10:c2:13:1f:7b:
                    68:c9:06:f2:b4:7f:20:a0:ca:62:b3:d8:4a:d8:62:
                    26:33:29:4b:7a:2f:c8:ed:76:ec:b1:df:a3:82:ad:
                    35:87:9f:bd:31:73:aa:d2:0b:e9:68:ea:1e:15:08:
                    1c:1c:ff:a8:9a:da:57:16:a8:40:a3:21:06:bd:05:
                    1e:c1:24:05:0c:19:ac:6e:18:ba:94:b1:af:d9:e2:
                    bd:93:ab:e1:5a:b5:8d:d4:2a:c1:c5:46:17:7e:c1:
                    b2:0f:91:b4:57:a3:c1:90:ea:39:8d:1a:be:b4:48:
                    0f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:06:9C:CD:42:96:05:6E:C7:BB:8A:81:22:C3:5C:FD:7E:0D:5C:2A
            X509v3 Authority Key Identifier:
                keyid:CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/8AaczUKWBW7Hu4qBIsNc_X4NXCo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/zq4QIe9dbXLKaPjKXBWfSginQ2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:18:5c:fa:31:8d:d2:7c:01:60:a4:5a:8f:64:14:77:52:aa:
         dd:b5:0f:fe:62:11:9a:a3:58:89:6f:a8:2b:42:97:5f:ab:1f:
         8e:78:49:a2:bf:fb:9a:54:3e:70:73:03:9d:76:6c:df:d6:9e:
         2f:ea:69:63:d2:e8:e1:8e:f6:ec:68:5e:34:f6:09:75:f9:ec:
         a3:a8:6b:6e:f1:55:c4:60:fe:6d:4a:d6:9e:1e:ca:20:fc:25:
         b2:41:5d:29:b3:81:9c:e5:c6:5f:8e:28:53:01:db:9a:e7:8a:
         46:d1:38:74:ff:7b:21:c8:6f:bb:09:fb:cb:22:a6:5b:8f:46:
         55:c9:27:74:81:ac:b5:55:a8:c3:bf:20:3f:4f:67:1b:33:f1:
         9a:ab:03:10:50:80:18:f0:07:bf:e8:4c:63:f4:bf:c5:85:31:
         64:d3:e7:fc:13:c2:4d:2c:d5:f1:6a:7f:57:4b:f1:6a:b5:ce:
         cb:4b:48:f5:29:a4:cc:52:3b:87:25:ec:58:49:f2:b1:e5:5b:
         a8:4c:0b:fa:49:aa:a4:df:ff:f4:9c:68:61:a3:6f:fa:46:25:
         17:34:31:d7:53:bf:66:25:9d:54:45:d6:e3:42:d0:b9:c1:c5:
         3d:4c:a6:80:70:4b:7f:24:fe:e2:2b:b1:e1:bc:79:95:fc:87:
         4c:33:b9:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqsbDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWFlMTAyMWVmNWQ2ZDcyY2E2OGY4Y2E1YzE1OWY0YTA4YTc0MzY2MB4XDTIyMDMw
MjIwNTIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjAwNjljY2Q0Mjk2
MDU2ZWM3YmI4YTgxMjJjMzVjZmQ3ZTBkNWMyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSLK1VvX9AE2tQ5bTCbpgXABqq0Dmm6QzKIX/cc0JegdeVF
TzNfrMF2ov9amNfoBcH+jvuyHTHmXXo0C6kdaqWrPKoKre0tevB2x7MjRq76NO5+
lz3xpxaU3UeMeafrjnDfEnD+ZgoBAKSHWlOi3Yg9fjFiYLA/6mbsoeOVfYUqMYwP
ST2v7KDEUoYdXnaNdRDCEx97aMkG8rR/IKDKYrPYSthiJjMpS3ovyO127LHfo4Kt
NYefvTFzqtIL6WjqHhUIHBz/qJraVxaoQKMhBr0FHsEkBQwZrG4YupSxr9nivZOr
4Vq1jdQqwcVGF37Bsg+RtFejwZDqOY0avrRID/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTwBpzNQpYFbse7ioEiw1z9fg1cKjAfBgNVHSMEGDAWgBTOrhAh711tcspo
+MpcFZ9KCKdDZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pxNFFJZTlkYlhMS2FQaktYQldmU2dpblEyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvY2FmNjIyLWVlMTEtNDU4ZC1iODFkLTE1ZWQxZWE5M2UyNS8x
LzhBYWN6VUtXQlc3SHU0cUJJc05jX1g0TlhDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
Y2FmNjIyLWVlMTEtNDU4ZC1iODFkLTE1ZWQxZWE5M2UyNS8xL3pxNFFJZTlkYlhM
S2FQaktYQldmU2dpblEyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsEgzDANBgkqhkiG9w0BAQsFAAOC
AQEAbRhc+jGN0nwBYKRaj2QUd1Kq3bUP/mIRmqNYiW+oK0KXX6sfjnhJor/7mlQ+
cHMDnXZs39aeL+ppY9Lo4Y727GheNPYJdfnso6hrbvFVxGD+bUrWnh7KIPwlskFd
KbOBnOXGX44oUwHbmueKRtE4dP97Ichvuwn7yyKmW49GVckndIGstVWow78gP09n
GzPxmqsDEFCAGPAHv+hMY/S/xYUxZNPn/BPCTSzV8Wp/V0vxarXOy0tI9SmkzFI7
hyXsWEnyseVbqEwL+kmqpN//9JxoYaNv+kYlFzQx11O/ZiWdVEXW40LQucHFPUym
gHBLfyT+4iux4bx5lfyHTDO55A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:46 2024 by rpki-client on console-fra.rpki-client.org