Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/sPVFNMrsxwuI6uZQV04FJv411-g.roa
File:                     sPVFNMrsxwuI6uZQV04FJv411-g.roa (raw, json)
Hash identifier:          /3v39qHWMdaJMSSsFZjdvYoi+abAdXm9ns7WCIOPpEc=
Subject key identifier:   B0:F5:45:34:CA:EC:C7:0B:88:EA:E6:50:57:4E:05:26:FE:35:D7:E8
Certificate issuer:       /CN=fa27c6d0a06c2c1c2c9195fd9a9adbce4f865b87
Certificate serial:       046517E5
Authority key identifier: FA:27:C6:D0:A0:6C:2C:1C:2C:91:95:FD:9A:9A:DB:CE:4F:86:5B:87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-ifG0KBsLBwskZX9mprbzk-GW4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/sPVFNMrsxwuI6uZQV04FJv411-g.roa
Signing time:             Sat 01 Jan 2022 11:59:05 +0000
ROA not before:           Sat 01 Jan 2022 11:59:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     29376
IP address blocks:        195.137.226.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73734117 (0x46517e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fa27c6d0a06c2c1c2c9195fd9a9adbce4f865b87
        Validity
            Not Before: Jan  1 11:59:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0f54534caecc70b88eae650574e0526fe35d7e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:9b:10:be:a4:72:65:cd:cb:d4:57:d4:ee:b3:
                    6a:79:60:07:05:b7:bb:85:3b:b1:2a:0e:d3:5d:c2:
                    46:3c:bf:24:da:43:1c:81:85:6f:8e:d7:cf:95:da:
                    69:90:6d:72:47:6d:df:16:81:4c:f1:22:14:89:01:
                    38:22:a2:cf:d7:b4:49:7d:ec:25:75:a3:9c:72:a4:
                    38:8e:ae:ad:c1:57:88:7f:d4:45:c8:1f:c4:5d:8d:
                    86:23:12:d1:fa:a3:44:72:75:70:27:5e:a2:dc:3a:
                    47:f0:17:8f:8d:9d:91:c2:0b:f6:16:f2:b0:52:0b:
                    51:63:3c:81:b2:66:b7:16:73:3b:30:48:d2:45:6d:
                    3e:fc:ae:dd:64:05:ab:55:98:6c:1f:8e:8c:fb:b0:
                    7c:f6:14:cb:55:8e:85:a8:55:a3:bb:10:47:bd:c8:
                    8d:3b:b2:f9:32:2b:27:45:d9:7c:31:82:14:b4:b2:
                    fb:91:13:00:90:4b:91:6a:6a:13:0e:73:82:42:e6:
                    a1:66:e5:ab:56:43:ba:80:81:7b:80:09:f3:26:04:
                    87:2c:75:63:d7:ee:d6:db:76:55:48:d3:99:88:60:
                    91:bd:81:70:72:d0:8d:30:9a:93:8d:c6:d2:fb:ae:
                    db:72:2a:f5:5f:ce:93:e4:c0:56:13:14:ac:93:c2:
                    fa:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:F5:45:34:CA:EC:C7:0B:88:EA:E6:50:57:4E:05:26:FE:35:D7:E8
            X509v3 Authority Key Identifier:
                keyid:FA:27:C6:D0:A0:6C:2C:1C:2C:91:95:FD:9A:9A:DB:CE:4F:86:5B:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ifG0KBsLBwskZX9mprbzk-GW4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/sPVFNMrsxwuI6uZQV04FJv411-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/805412-63ba-470a-89c9-562b490110e0/1/1-ifG0KBsLBwskZX9mprbzk-GW4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.137.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:e1:4f:72:70:6a:be:ab:a9:69:a7:e3:78:69:20:0b:1a:c3:
         04:1b:b1:6f:43:df:15:67:46:1a:e5:8f:22:49:19:c0:93:7d:
         8a:bb:9e:e0:2d:b0:08:fd:c2:dc:b2:fe:d7:8e:61:72:55:47:
         00:ba:a4:a4:1e:28:c1:bb:4b:49:77:e4:6d:69:cd:f8:b4:be:
         d3:86:4d:f8:2f:c1:8f:5d:c1:71:9e:c3:51:ff:88:4a:c1:37:
         9e:85:ea:96:0c:70:9f:b2:65:1a:44:cf:75:d4:f2:a4:38:b1:
         44:94:fc:36:7d:de:c4:cf:95:f9:e0:a5:29:d4:18:42:e7:05:
         9b:1a:5c:02:94:80:4c:c4:c6:8e:f4:db:52:67:06:0a:f5:3e:
         cb:9a:9a:7a:bb:f5:86:69:74:34:9a:f0:f2:70:e6:6c:21:c3:
         47:9a:36:82:7b:3d:20:49:a4:6d:0d:2f:18:03:08:67:4a:6b:
         7d:89:44:90:d0:f5:62:b6:c9:f1:77:eb:6f:6e:24:ea:fd:4e:
         0a:c5:8e:60:28:ba:da:9f:60:77:cb:1a:95:ed:35:20:88:1a:
         a9:50:78:58:40:ef:9f:8b:10:b1:75:f4:de:1b:d1:0c:7a:45:
         db:e9:41:24:07:65:22:a2:9a:ec:9b:b5:a0:85:08:c0:8a:b5:
         fc:20:aa:d8
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEBGUX5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTI3YzZkMGEwNmMyYzFjMmM5MTk1ZmQ5YTlhZGJjZTRmODY1Yjg3MB4XDTIyMDEw
MTExNTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBmNTQ1MzRjYWVj
YzcwYjg4ZWFlNjUwNTc0ZTA1MjZmZTM1ZDdlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6bEL6kcmXNy9RX1O6zanlgBwW3u4U7sSoO013CRjy/JNpD
HIGFb47Xz5XaaZBtckdt3xaBTPEiFIkBOCKiz9e0SX3sJXWjnHKkOI6urcFXiH/U
RcgfxF2NhiMS0fqjRHJ1cCdeotw6R/AXj42dkcIL9hbysFILUWM8gbJmtxZzOzBI
0kVtPvyu3WQFq1WYbB+OjPuwfPYUy1WOhahVo7sQR73IjTuy+TIrJ0XZfDGCFLSy
+5ETAJBLkWpqEw5zgkLmoWblq1ZDuoCBe4AJ8yYEhyx1Y9fu1tt2VUjTmYhgkb2B
cHLQjTCak43G0vuu23Iq9V/Ok+TAVhMUrJPC+r0CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSw9UU0yuzHC4jq5lBXTgUm/jXX6DAfBgNVHSMEGDAWgBT6J8bQoGwsHCyR
lf2amtvOT4ZbhzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtaWZHMEtCc0xCd3NrWlg5bXByYnprLUdXNGMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzhmLzgwNTQxMi02M2JhLTQ3MGEtODljOS01NjJiNDkwMTEwZTAv
MS9zUFZGTk1yc3h3dUk2dVpRVjA0Rkp2NDExLWcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhm
LzgwNTQxMi02M2JhLTQ3MGEtODljOS01NjJiNDkwMTEwZTAvMS8xLWlmRzBLQnNM
Qndza1pYOW1wcmJ6ay1HVzRjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4niMA0GCSqGSIb3DQEBCwUA
A4IBAQCa4U9ycGq+q6lpp+N4aSALGsMEG7FvQ98VZ0Ya5Y8iSRnAk32Ku57gLbAI
/cLcsv7XjmFyVUcAuqSkHijBu0tJd+Rtac34tL7Thk34L8GPXcFxnsNR/4hKwTee
heqWDHCfsmUaRM911PKkOLFElPw2fd7Ez5X54KUp1BhC5wWbGlwClIBMxMaO9NtS
ZwYK9T7Lmpp6u/WGaXQ0mvDycOZsIcNHmjaCez0gSaRtDS8YAwhnSmt9iUSQ0PVi
tsnxd+tvbiTq/U4KxY5gKLran2B3yxqV7TUgiBqpUHhYQO+fixCxdfTeG9EMekXb
6UEkB2Uioprsm7WghQjAirX8IKrY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:32 2024 by rpki-client on console-ams.rpki-client.org