Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/Bd7ZyFWJ39Tcad1B9-xpwHfB_KA.roa
File:                     Bd7ZyFWJ39Tcad1B9-xpwHfB_KA.roa (raw, json)
Hash identifier:          lQ3xg4BPyzSF+Pr9pkCvvRaSTOk19qXGt+EyU23VvFI=
Subject key identifier:   05:DE:D9:C8:55:89:DF:D4:DC:69:DD:41:F7:EC:69:C0:77:C1:FC:A0
Certificate issuer:       /CN=5b661adcbf6962eeec825c6d4de9b449f02e841d
Certificate serial:       0711F991
Authority key identifier: 5B:66:1A:DC:BF:69:62:EE:EC:82:5C:6D:4D:E9:B4:49:F0:2E:84:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W2Ya3L9pYu7sglxtTem0SfAuhB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/Bd7ZyFWJ39Tcad1B9-xpwHfB_KA.roa
Signing time:             Sat 01 Jan 2022 11:59:35 +0000
ROA not before:           Sat 01 Jan 2022 11:59:35 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212384
IP address blocks:        185.242.108.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118618513 (0x711f991)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b661adcbf6962eeec825c6d4de9b449f02e841d
        Validity
            Not Before: Jan  1 11:59:35 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=05ded9c85589dfd4dc69dd41f7ec69c077c1fca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8a:29:e4:6d:a5:55:d9:db:b6:52:a6:74:8e:
                    60:6f:0d:eb:19:6f:dd:bf:21:4e:42:70:55:b6:c6:
                    21:9b:76:29:77:5b:91:f3:f0:34:d7:f8:e5:df:3f:
                    0e:44:d6:f4:e9:1f:89:3f:44:68:d3:be:f3:e1:31:
                    81:c7:39:40:85:21:5d:a3:fc:31:25:51:7f:1f:cd:
                    37:7f:fb:c1:bc:48:55:e2:fd:7d:7a:c9:10:4d:54:
                    7c:02:68:a8:b0:25:ff:fa:4c:ef:8d:17:a4:f5:c9:
                    cd:5a:a8:07:3b:43:d1:98:90:2e:7e:66:1d:9e:5d:
                    af:9b:87:bc:5f:64:cf:7d:4e:b0:16:35:b7:ca:51:
                    f9:c5:56:17:38:55:37:22:c1:3b:88:17:75:0b:ad:
                    48:e0:40:04:ae:36:89:95:e7:41:8a:0e:4d:29:63:
                    30:bf:27:70:cb:5f:00:1a:44:9d:5c:67:ad:50:70:
                    ad:37:4c:a1:98:52:fb:14:ef:64:c1:d0:76:af:b8:
                    24:19:ad:f3:ef:79:d6:94:ac:d7:df:4c:a1:28:b1:
                    d8:fe:8a:e4:56:5d:05:fa:6b:42:df:b8:8a:d0:eb:
                    57:a3:16:a1:11:c0:8f:90:1b:f1:53:74:b0:e7:c1:
                    80:fd:e8:d2:89:ba:73:0b:af:d5:a0:10:02:7c:bb:
                    16:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:DE:D9:C8:55:89:DF:D4:DC:69:DD:41:F7:EC:69:C0:77:C1:FC:A0
            X509v3 Authority Key Identifier:
                keyid:5B:66:1A:DC:BF:69:62:EE:EC:82:5C:6D:4D:E9:B4:49:F0:2E:84:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2Ya3L9pYu7sglxtTem0SfAuhB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/Bd7ZyFWJ39Tcad1B9-xpwHfB_KA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cff31c-25d0-4d02-a696-4bcb629da545/1/W2Ya3L9pYu7sglxtTem0SfAuhB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.242.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:ab:2f:fe:55:83:ed:f8:d1:24:54:3d:e2:b8:7f:ac:b0:19:
         42:96:c9:e2:79:3b:94:65:1e:97:9a:05:05:0e:24:fe:91:ec:
         8f:e6:b7:8c:46:8a:73:ae:c6:dc:2e:69:b2:4b:bf:bc:2c:b8:
         f2:4a:5d:8a:93:27:44:ae:95:8a:cd:b6:1c:6f:67:da:55:a3:
         21:c0:cb:50:5c:fc:87:3c:68:cc:31:69:37:84:62:c9:7d:2b:
         23:9d:f8:01:13:57:d1:0b:07:61:ef:fd:a5:c8:ac:fb:f3:93:
         eb:9d:94:8a:84:ef:81:2f:f4:4c:fc:26:a0:45:c4:a7:9d:e4:
         3d:8c:22:ac:5d:d0:3d:97:4c:91:8b:fc:ef:27:02:bc:35:e2:
         77:9e:cc:8f:05:6c:24:d8:31:ee:e0:db:3f:cb:0e:94:6a:ab:
         a7:4b:f1:b1:cf:11:83:fb:48:31:e2:6e:2e:31:54:c7:32:86:
         1c:aa:28:35:85:d3:dc:66:25:04:05:a3:63:00:6c:bf:23:61:
         03:2b:4d:7d:7d:df:af:d1:18:09:ac:31:e1:bf:ff:d5:cd:69:
         85:0e:6e:14:10:f2:46:9c:33:bc:ec:ec:a0:33:d0:a4:b8:1f:
         2e:9f:16:c2:0a:c5:79:30:3b:be:12:55:ee:01:4c:b5:b5:ea:
         83:d5:80:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxH5kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjY2MWFkY2JmNjk2MmVlZWM4MjVjNmQ0ZGU5YjQ0OWYwMmU4NDFkMB4XDTIyMDEw
MTExNTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVkZWQ5Yzg1NTg5
ZGZkNGRjNjlkZDQxZjdlYzY5YzA3N2MxZmNhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOKKeRtpVXZ27ZSpnSOYG8N6xlv3b8hTkJwVbbGIZt2KXdb
kfPwNNf45d8/DkTW9OkfiT9EaNO+8+Exgcc5QIUhXaP8MSVRfx/NN3/7wbxIVeL9
fXrJEE1UfAJoqLAl//pM740XpPXJzVqoBztD0ZiQLn5mHZ5dr5uHvF9kz31OsBY1
t8pR+cVWFzhVNyLBO4gXdQutSOBABK42iZXnQYoOTSljML8ncMtfABpEnVxnrVBw
rTdMoZhS+xTvZMHQdq+4JBmt8+951pSs199MoSix2P6K5FZdBfprQt+4itDrV6MW
oRHAj5Ab8VN0sOfBgP3o0om6cwuv1aAQAny7FtUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF3tnIVYnf1Nxp3UH37GnAd8H8oDAfBgNVHSMEGDAWgBRbZhrcv2li7uyC
XG1N6bRJ8C6EHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1cyWWEzTDlwWXU3c2dseHRUZW0wU2ZBdWhCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvY2ZmMzFjLTI1ZDAtNGQwMi1hNjk2LTRiY2I2MjlkYTU0NS8x
L0JkN1p5RldKMzlUY2FkMUI5LXhwd0hmQl9LQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
Y2ZmMzFjLTI1ZDAtNGQwMi1hNjk2LTRiY2I2MjlkYTU0NS8xL1cyWWEzTDlwWXU3
c2dseHRUZW0wU2ZBdWhCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnybDANBgkqhkiG9w0BAQsFAAOC
AQEAi6sv/lWD7fjRJFQ94rh/rLAZQpbJ4nk7lGUel5oFBQ4k/pHsj+a3jEaKc67G
3C5psku/vCy48kpdipMnRK6Vis22HG9n2lWjIcDLUFz8hzxozDFpN4RiyX0rI534
ARNX0QsHYe/9pcis+/OT652UioTvgS/0TPwmoEXEp53kPYwirF3QPZdMkYv87ycC
vDXid57MjwVsJNgx7uDbP8sOlGqrp0vxsc8Rg/tIMeJuLjFUxzKGHKooNYXT3GYl
BAWjYwBsvyNhAytNfX3fr9EYCawx4b//1c1phQ5uFBDyRpwzvOzsoDPQpLgfLp8W
wgrFeTA7vhJV7gFMtbXqg9WAXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:46 2024 by rpki-client on console-fra.rpki-client.org