Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/CNHca-B5qVRYpwCkr7xDH9d4WrI.roa
File:                     CNHca-B5qVRYpwCkr7xDH9d4WrI.roa (raw, json)
Hash identifier:          XJtxaG5RM4fgsbUPFv2Dk/3AkyUMDRBUeov3P5+X4WI=
Subject key identifier:   08:D1:DC:6B:E0:79:A9:54:58:A7:00:A4:AF:BC:43:1F:D7:78:5A:B2
Certificate issuer:       /CN=ceae1021ef5d6d72ca68f8ca5c159f4a08a74366
Certificate serial:       0182175F1DAA6EA53B6E6B62718E71B8CCA9
Authority key identifier: CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/CNHca-B5qVRYpwCkr7xDH9d4WrI.roa
Signing time:             Tue 19 Jul 2022 16:51:25 +0000
ROA not before:           Tue 19 Jul 2022 16:51:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        193.32.204.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:17:5f:1d:aa:6e:a5:3b:6e:6b:62:71:8e:71:b8:cc:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ceae1021ef5d6d72ca68f8ca5c159f4a08a74366
        Validity
            Not Before: Jul 19 16:51:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=08d1dc6be079a95458a700a4afbc431fd7785ab2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:fe:94:b3:aa:f8:61:1d:8a:25:26:b5:bc:50:
                    66:7d:39:f0:33:e0:58:d6:a3:a8:cc:0c:e9:40:54:
                    ae:84:15:68:a6:ff:86:1b:5c:55:1a:1a:77:ad:cd:
                    b8:2d:a0:a8:6b:a0:c6:12:57:d7:d2:4a:5f:de:ed:
                    26:af:57:8b:64:39:8a:b6:f2:97:f9:c5:86:2a:0c:
                    a2:c7:b5:7f:fb:8f:4d:4b:fe:7f:bf:b6:34:af:ad:
                    9a:99:44:2b:e9:d4:f2:2d:9b:8a:61:98:e8:fd:b7:
                    ce:93:7e:cd:c9:e8:08:e5:7b:dd:03:1f:22:d6:df:
                    f7:49:a7:17:75:6d:f7:de:c1:09:c4:ac:b0:a1:ee:
                    33:fc:03:ff:b4:ee:02:ce:ba:bc:72:cc:09:fb:7d:
                    56:6e:87:f4:63:3d:29:47:c7:8a:01:73:1c:bd:66:
                    bc:1c:fa:ed:b0:4e:a1:d1:1f:bd:c5:01:56:3b:22:
                    4b:a1:69:43:72:78:2e:57:50:40:40:89:6c:10:11:
                    bf:4a:bd:ab:0b:e4:56:e5:d6:dc:fc:ae:e4:59:0e:
                    9b:a0:cd:51:28:d9:f5:fd:1e:1e:5b:e4:d1:6c:e4:
                    2d:5c:b3:ed:1c:92:aa:a1:8b:d0:63:60:9f:0c:7b:
                    4a:0c:85:aa:00:57:3d:f1:cd:4f:a5:f9:da:0c:70:
                    74:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D1:DC:6B:E0:79:A9:54:58:A7:00:A4:AF:BC:43:1F:D7:78:5A:B2
            X509v3 Authority Key Identifier:
                keyid:CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/CNHca-B5qVRYpwCkr7xDH9d4WrI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/zq4QIe9dbXLKaPjKXBWfSginQ2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:98:fe:21:d3:e1:6f:60:e1:e2:d3:48:ea:8a:e8:bd:6c:e9:
         28:70:64:96:09:43:19:6d:8d:d1:8d:d8:92:f1:ae:a9:9f:62:
         59:4d:a7:0d:0c:69:9e:6e:b7:08:19:79:3b:34:35:b8:52:a2:
         f1:b5:6f:9d:59:82:c9:14:5e:80:49:bf:ef:06:78:1c:b0:c6:
         9c:30:e5:1e:cb:f9:41:a1:c1:2f:05:5c:c8:c3:9c:4a:fc:bf:
         77:f1:01:b1:40:09:fa:28:1a:7c:d7:8e:c9:b5:a0:29:dd:30:
         02:40:9d:42:a3:ce:35:02:2b:43:bc:80:8a:0d:1c:dc:a3:01:
         3a:94:3f:6b:0b:14:a8:75:79:cd:e2:be:c5:7e:c2:d0:96:ec:
         53:aa:30:c0:e5:26:64:d6:da:46:3e:e4:a9:16:92:e2:46:55:
         e3:03:11:84:c4:2a:3b:dd:e6:18:7b:1e:04:02:9c:21:2a:a7:
         ec:ff:0c:ce:86:ac:5b:16:e3:e3:62:ae:d4:51:e4:7a:b7:ef:
         34:37:4a:c3:01:f0:0b:fb:97:d4:46:52:67:2b:41:23:48:7e:
         fc:36:7c:df:7e:2b:51:ff:df:2f:f5:72:0c:48:bc:80:cb:29:
         f3:bc:0e:62:6d:35:29:94:9d:55:9a:6d:6d:e8:65:00:41:66:
         7b:29:e8:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIXXx2qbqU7bmticY5xuMypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYWUxMDIxZWY1ZDZkNzJjYTY4ZjhjYTVjMTU5ZjRhMDhh
NzQzNjYwHhcNMjIwNzE5MTY1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQxZGM2YmUwNzlhOTU0NThhNzAwYTRhZmJjNDMxZmQ3Nzg1YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf6Us6r4YR2KJSa1vFBmfTnwM+BY
1qOozAzpQFSuhBVopv+GG1xVGhp3rc24LaCoa6DGElfX0kpf3u0mr1eLZDmKtvKX
+cWGKgyix7V/+49NS/5/v7Y0r62amUQr6dTyLZuKYZjo/bfOk37NyegI5XvdAx8i
1t/3SacXdW333sEJxKywoe4z/AP/tO4Czrq8cswJ+31Wbof0Yz0pR8eKAXMcvWa8
HPrtsE6h0R+9xQFWOyJLoWlDcnguV1BAQIlsEBG/Sr2rC+RW5dbc/K7kWQ6boM1R
KNn1/R4eW+TRbOQtXLPtHJKqoYvQY2CfDHtKDIWqAFc98c1PpfnaDHB0qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjR3GvgealUWKcApK+8Qx/XeFqyMB8GA1UdIwQY
MBaAFM6uECHvXW1yymj4ylwVn0oIp0NmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenE0UUllOWRiWExLYVBqS1hCV2ZTZ2luUTJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jYWY2MjItZWUxMS00NThkLWI4MWQt
MTVlZDFlYTkzZTI1LzEvQ05IY2EtQjVxVlJZcHdDa3I3eERIOWQ0V3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jYWY2MjItZWUxMS00NThkLWI4MWQtMTVlZDFlYTkzZTI1
LzEvenE0UUllOWRiWExLYVBqS1hCV2ZTZ2luUTJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSDMMA0G
CSqGSIb3DQEBCwUAA4IBAQAQmP4h0+FvYOHi00jqiui9bOkocGSWCUMZbY3RjdiS
8a6pn2JZTacNDGmebrcIGXk7NDW4UqLxtW+dWYLJFF6ASb/vBngcsMacMOUey/lB
ocEvBVzIw5xK/L938QGxQAn6KBp8147JtaAp3TACQJ1Co841AitDvICKDRzcowE6
lD9rCxSodXnN4r7FfsLQluxTqjDA5SZk1tpGPuSpFpLiRlXjAxGExCo73eYYex4E
ApwhKqfs/wzOhqxbFuPjYq7UUeR6t+80N0rDAfAL+5fURlJnK0EjSH78NnzffitR
/98v9XIMSLyAyynzvA5ibTUplJ1Vmm1t6GUAQWZ7Kegq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:11 2024 by rpki-client on console-ams.rpki-client.org