Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/yzB2KabxUXiVZKI0K4zyxYDKNo4.roa
File:                     yzB2KabxUXiVZKI0K4zyxYDKNo4.roa (raw, json)
Hash identifier:          21kJY5hEqMisToOz9fIALtThLKN/UWpPWm74HUh1k64=
Subject key identifier:   CB:30:76:29:A6:F1:51:78:95:64:A2:34:2B:8C:F2:C5:80:CA:36:8E
Certificate issuer:       /CN=271925e29ae039d43619d6b4f6442cb37c9e9705
Certificate serial:       0185707042B29129E87E83B23DB78745E0B9
Authority key identifier: 27:19:25:E2:9A:E0:39:D4:36:19:D6:B4:F6:44:2C:B3:7C:9E:97:05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jxkl4prgOdQ2Gda09kQss3yelwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/yzB2KabxUXiVZKI0K4zyxYDKNo4.roa
Signing time:             Mon 02 Jan 2023 03:04:43 +0000
ROA not before:           Mon 02 Jan 2023 03:04:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        212.18.102.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:42:b2:91:29:e8:7e:83:b2:3d:b7:87:45:e0:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=271925e29ae039d43619d6b4f6442cb37c9e9705
        Validity
            Not Before: Jan  2 03:04:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb307629a6f151789564a2342b8cf2c580ca368e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6b:f9:f0:eb:17:c8:9e:b3:7e:89:d9:00:b9:
                    ca:c4:58:02:27:3c:06:39:e9:f6:9b:29:f5:d1:c8:
                    0d:0f:52:e9:ab:b7:26:81:a1:ee:72:35:dd:d2:7b:
                    67:7c:57:2f:68:f6:ff:74:66:1d:69:fa:9c:95:5f:
                    42:9f:0c:27:58:fa:7c:b3:db:2f:6e:d3:71:c9:ca:
                    21:80:f0:64:86:d7:a9:70:a1:41:79:37:e7:1f:01:
                    ce:9e:c0:e0:51:1b:7b:7a:f6:b2:a2:c5:89:e9:ba:
                    12:a7:22:66:68:f6:b7:47:a6:61:a0:c4:44:b3:eb:
                    a7:4e:4b:9c:c0:dc:08:66:b3:5a:fb:a1:21:72:d8:
                    2d:a5:4b:fc:00:98:ed:6b:d4:a4:be:52:a7:39:d7:
                    14:9c:b8:e7:10:9a:72:10:f2:cc:c3:23:b1:24:17:
                    48:fa:fc:9b:9b:e2:fa:00:8b:c1:25:c5:54:9b:23:
                    47:13:56:b6:8f:19:eb:76:c2:89:9c:bd:50:7a:32:
                    79:f1:c8:42:26:bf:ee:72:87:4d:6b:f4:82:43:70:
                    9c:fe:ff:0d:55:71:d3:52:8c:ba:d2:50:1b:0a:94:
                    56:80:88:27:2f:60:06:27:b6:fd:50:55:04:b5:73:
                    be:2c:89:20:31:89:8d:98:06:fd:d9:73:a0:bb:d3:
                    3b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:30:76:29:A6:F1:51:78:95:64:A2:34:2B:8C:F2:C5:80:CA:36:8E
            X509v3 Authority Key Identifier:
                keyid:27:19:25:E2:9A:E0:39:D4:36:19:D6:B4:F6:44:2C:B3:7C:9E:97:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jxkl4prgOdQ2Gda09kQss3yelwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/yzB2KabxUXiVZKI0K4zyxYDKNo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/994e86-d57f-49cf-8246-f776d3336c62/1/Jxkl4prgOdQ2Gda09kQss3yelwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.18.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:80:d3:96:51:c9:3a:2c:74:9f:cd:37:6d:9a:a2:61:ed:23:
         24:a3:1b:00:dd:30:fd:ec:2e:92:7b:7b:18:24:32:cc:9b:cd:
         85:ad:cf:a6:88:54:94:e5:b7:4a:cb:f6:21:2b:8d:cf:1b:c2:
         11:dd:66:4e:67:05:ac:f5:07:48:b4:07:be:a5:d9:5e:b6:13:
         1c:76:b3:41:76:ec:b8:15:72:15:6d:67:cc:d6:c1:78:0a:68:
         73:ef:ce:72:d3:f8:e4:e5:54:3d:ec:22:a3:ea:0b:d5:a6:4a:
         73:db:eb:0d:d2:4d:1b:75:8b:f4:36:c8:47:57:49:80:61:32:
         36:e0:f5:8a:66:a6:12:e7:ad:13:06:69:de:03:74:ed:74:43:
         5d:57:8c:7e:1b:26:89:96:2c:39:05:2f:4c:b6:5c:e4:fc:ba:
         39:d3:aa:02:75:4d:aa:17:ff:d0:12:6e:74:fb:22:46:26:09:
         a1:5a:9c:9a:47:97:d7:a6:f3:64:49:10:f2:5b:e0:4b:71:ff:
         40:3e:67:37:72:05:72:0f:37:b0:42:24:ee:37:f3:06:03:52:
         2c:7f:2d:9c:89:8a:36:b0:db:8d:7c:05:27:d8:12:91:ad:5a:
         a6:15:0e:52:0c:1d:23:27:65:27:06:68:c6:70:a1:a2:a8:0e:
         5e:14:f9:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcEKykSnofoOyPbeHReC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MTkyNWUyOWFlMDM5ZDQzNjE5ZDZiNGY2NDQyY2IzN2M5
ZTk3MDUwHhcNMjMwMTAyMDMwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMwNzYyOWE2ZjE1MTc4OTU2NGEyMzQyYjhjZjJjNTgwY2EzNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2v58OsXyJ6zfonZALnKxFgCJzwG
Oen2myn10cgND1Lpq7cmgaHucjXd0ntnfFcvaPb/dGYdafqclV9CnwwnWPp8s9sv
btNxycohgPBkhtepcKFBeTfnHwHOnsDgURt7evayosWJ6boSpyJmaPa3R6ZhoMRE
s+unTkucwNwIZrNa+6EhctgtpUv8AJjta9SkvlKnOdcUnLjnEJpyEPLMwyOxJBdI
+vybm+L6AIvBJcVUmyNHE1a2jxnrdsKJnL1QejJ58chCJr/ucodNa/SCQ3Cc/v8N
VXHTUoy60lAbCpRWgIgnL2AGJ7b9UFUEtXO+LIkgMYmNmAb92XOgu9M7YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMswdimm8VF4lWSiNCuM8sWAyjaOMB8GA1UdIwQY
MBaAFCcZJeKa4DnUNhnWtPZELLN8npcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnhrbDRwcmdPZFEyR2RhMDlrUXNzM3llbHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85OTRlODYtZDU3Zi00OWNmLTgyNDYt
Zjc3NmQzMzM2YzYyLzEveXpCMkthYnhVWGlWWktJMEs0enl4WURLTm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85OTRlODYtZDU3Zi00OWNmLTgyNDYtZjc3NmQzMzM2YzYy
LzEvSnhrbDRwcmdPZFEyR2RhMDlrUXNzM3llbHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJmMA0G
CSqGSIb3DQEBCwUAA4IBAQDCgNOWUck6LHSfzTdtmqJh7SMkoxsA3TD97C6Se3sY
JDLMm82Frc+miFSU5bdKy/YhK43PG8IR3WZOZwWs9QdItAe+pdlethMcdrNBduy4
FXIVbWfM1sF4Cmhz785y0/jk5VQ97CKj6gvVpkpz2+sN0k0bdYv0NshHV0mAYTI2
4PWKZqYS560TBmneA3TtdENdV4x+GyaJliw5BS9Mtlzk/Lo506oCdU2qF//QEm50
+yJGJgmhWpyaR5fXpvNkSRDyW+BLcf9APmc3cgVyDzewQiTuN/MGA1Isfy2ciYo2
sNuNfAUn2BKRrVqmFQ5SDB0jJ2UnBmjGcKGiqA5eFPmW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:32 2024 by rpki-client on console-ams.rpki-client.org