Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/9nBvdr17O8cXI0WPwucY2_kLuG0.roa
File:                     9nBvdr17O8cXI0WPwucY2_kLuG0.roa (raw, json)
Hash identifier:          0E4+Pl8C8wBMQv3KO2k4BPLZ2i8aTPkNtSSZbMXv5CQ=
Subject key identifier:   F6:70:6F:76:BD:7B:3B:C7:17:23:45:8F:C2:E7:18:DB:F9:0B:B8:6D
Certificate issuer:       /CN=5b661adcbf6962eeec825c6d4de9b449f02e841d
Certificate serial:       07D73912
Authority key identifier: 5B:66:1A:DC:BF:69:62:EE:EC:82:5C:6D:4D:E9:B4:49:F0:2E:84:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W2Ya3L9pYu7sglxtTem0SfAuhB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/9nBvdr17O8cXI0WPwucY2_kLuG0.roa
Signing time:             Sun 20 Mar 2022 19:50:27 +0000
ROA not before:           Sun 20 Mar 2022 19:50:27 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     62370
IP address blocks:        185.244.106.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131545362 (0x7d73912)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b661adcbf6962eeec825c6d4de9b449f02e841d
        Validity
            Not Before: Mar 20 19:50:27 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f6706f76bd7b3bc71723458fc2e718dbf90bb86d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:61:87:42:32:fe:e0:c1:cf:20:27:f1:1a:20:
                    03:88:a4:9f:52:84:3e:75:4e:58:9d:b2:70:14:33:
                    0e:43:84:33:17:93:50:22:c6:4d:0a:0c:b3:81:7c:
                    09:62:27:20:fe:1a:5b:43:9b:87:e4:75:85:36:5e:
                    fe:4a:c9:81:ef:bd:ca:55:21:94:6f:60:60:3b:8c:
                    38:eb:75:51:cd:78:0c:fa:1d:90:29:69:cc:04:70:
                    48:b0:94:13:7b:27:6d:1e:a2:0b:a8:71:ca:81:7f:
                    25:47:e1:b7:d9:e1:04:b7:db:6c:1d:b3:8a:20:26:
                    9b:e0:53:9f:de:e0:76:b4:81:0b:b7:ed:c7:59:87:
                    ca:86:10:68:e6:3d:6c:ea:64:9b:bc:d6:c4:ae:da:
                    0b:52:6e:84:df:e4:4e:5e:c6:d4:ee:d8:ea:8a:66:
                    c7:a3:36:3d:4a:0e:e6:55:8f:4b:e9:df:78:56:b4:
                    e9:a4:40:38:64:52:f5:8b:59:28:dd:00:8b:5b:0d:
                    9e:aa:4a:b0:54:3c:b9:45:70:6b:06:b0:2b:14:8a:
                    e0:b3:58:10:21:db:78:84:86:96:e8:e8:cd:fd:ac:
                    df:e1:73:cd:86:50:0b:22:9e:22:99:9b:94:d2:e9:
                    57:2a:94:51:47:a3:68:ad:4a:97:95:64:13:f7:75:
                    60:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:70:6F:76:BD:7B:3B:C7:17:23:45:8F:C2:E7:18:DB:F9:0B:B8:6D
            X509v3 Authority Key Identifier:
                keyid:5B:66:1A:DC:BF:69:62:EE:EC:82:5C:6D:4D:E9:B4:49:F0:2E:84:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2Ya3L9pYu7sglxtTem0SfAuhB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/9nBvdr17O8cXI0WPwucY2_kLuG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/W2Ya3L9pYu7sglxtTem0SfAuhB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:89:93:15:01:9d:86:5a:d5:63:0b:bb:f3:b6:5a:9d:82:37:
         ac:1d:00:21:b4:96:6b:39:82:b5:82:31:44:6b:4b:5d:4d:75:
         bb:54:85:b0:ca:16:23:02:7d:fd:94:0a:18:c5:ec:30:d0:e0:
         15:2e:2e:14:f1:53:ab:c1:cf:13:75:a6:d2:96:9b:71:dd:3d:
         8c:c7:0b:c0:cc:23:4b:bd:c2:28:b6:5f:93:10:2e:53:56:56:
         14:ed:08:40:fe:da:49:47:2f:4e:3b:08:02:9e:3b:db:1e:85:
         a8:51:dd:6c:38:11:09:36:72:f0:32:b9:cd:a9:92:0e:97:1e:
         17:90:47:24:e2:38:40:a8:95:43:e2:f9:87:f2:27:6f:cf:1f:
         1e:14:a2:69:48:df:bf:47:a2:38:3a:1e:74:30:33:aa:7e:e5:
         4c:1a:d1:65:1c:7d:64:8c:3e:8c:5d:14:2c:88:fa:00:6e:43:
         0d:b2:4d:f6:ee:90:c7:90:ad:74:72:60:7a:5d:f0:da:98:36:
         0e:23:dd:a9:be:55:95:1f:09:b6:32:db:33:65:7c:c6:de:74:
         64:12:02:c9:f8:50:20:b0:d3:5a:67:0e:43:43:79:d4:d4:aa:
         da:15:a7:16:b2:5a:8c:7c:6f:60:94:3b:b7:12:10:1e:25:03:
         9f:d2:d5:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB9c5EjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY2MWFkY2JmNjk2MmVlZWM4MjVjNmQ0ZGU5YjQ0OWYwMmU4NDFkMB4XDTIyMDMy
MDE5NTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjY3MDZmNzZiZDdi
M2JjNzE3MjM0NThmYzJlNzE4ZGJmOTBiYjg2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5hh0Iy/uDBzyAn8RogA4ikn1KEPnVOWJ2ycBQzDkOEMxeT
UCLGTQoMs4F8CWInIP4aW0Obh+R1hTZe/krJge+9ylUhlG9gYDuMOOt1Uc14DPod
kClpzARwSLCUE3snbR6iC6hxyoF/JUfht9nhBLfbbB2ziiAmm+BTn97gdrSBC7ft
x1mHyoYQaOY9bOpkm7zWxK7aC1JuhN/kTl7G1O7Y6opmx6M2PUoO5lWPS+nfeFa0
6aRAOGRS9YtZKN0Ai1sNnqpKsFQ8uUVwawawKxSK4LNYECHbeISGlujozf2s3+Fz
zYZQCyKeIpmblNLpVyqUUUejaK1Kl5VkE/d1YE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT2cG92vXs7xxcjRY/C5xjb+Qu4bTAfBgNVHSMEGDAWgBRbZhrcv2li7uyC
XG1N6bRJ8C6EHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cyWWEzTDlwWXU3c2dseHRUZW0wU2ZBdWhCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvY2ZmMzFjLTI1ZDAtNGQwMi1hNjk2LTRiY2I2MjlkYTU0NS8x
LzluQnZkcjE3TzhjWEkwV1B3dWNZMl9rTHVHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
Y2ZmMzFjLTI1ZDAtNGQwMi1hNjk2LTRiY2I2MjlkYTU0NS8xL1cyWWEzTDlwWXU3
c2dseHRUZW0wU2ZBdWhCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbn0ajANBgkqhkiG9w0BAQsFAAOC
AQEAkomTFQGdhlrVYwu787ZanYI3rB0AIbSWazmCtYIxRGtLXU11u1SFsMoWIwJ9
/ZQKGMXsMNDgFS4uFPFTq8HPE3Wm0pabcd09jMcLwMwjS73CKLZfkxAuU1ZWFO0I
QP7aSUcvTjsIAp472x6FqFHdbDgRCTZy8DK5zamSDpceF5BHJOI4QKiVQ+L5h/In
b88fHhSiaUjfv0eiODoedDAzqn7lTBrRZRx9ZIw+jF0ULIj6AG5DDbJN9u6Qx5Ct
dHJgel3w2pg2DiPdqb5VlR8JtjLbM2V8xt50ZBICyfhQILDTWmcOQ0N51NSq2hWn
FrJajHxvYJQ7txIQHiUDn9LVNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:46 2024 by rpki-client on console-fra.rpki-client.org