Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/wzkv76825x0AQpXRJjIJWFUnzkk.roa
File:                     wzkv76825x0AQpXRJjIJWFUnzkk.roa (raw, json)
Hash identifier:          gv6OBK0cKHMKWRUw+U5tvNXb3aoQYb2ocyUM8e1Gjkk=
Subject key identifier:   C3:39:2F:EF:AF:36:E7:1D:00:42:95:D1:26:32:09:58:55:27:CE:49
Certificate issuer:       /CN=f28ed739b3233d24de16653c4acc6ffccb0883f5
Certificate serial:       98D0FB
Authority key identifier: F2:8E:D7:39:B3:23:3D:24:DE:16:65:3C:4A:CC:6F:FC:CB:08:83:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8o7XObMjPSTeFmU8Ssxv_MsIg_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/wzkv76825x0AQpXRJjIJWFUnzkk.roa
Signing time:             Sat 01 Jan 2022 00:57:17 +0000
ROA not before:           Sat 01 Jan 2022 00:57:17 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211439
IP address blocks:        193.3.176.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10014971 (0x98d0fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f28ed739b3233d24de16653c4acc6ffccb0883f5
        Validity
            Not Before: Jan  1 00:57:17 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c3392fefaf36e71d004295d1263209585527ce49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ea:0f:d5:e0:b4:4e:11:2b:8e:49:5d:37:f4:
                    b5:13:63:98:18:1a:c1:42:08:c7:95:a2:82:e4:a7:
                    ab:21:cc:60:9d:1c:23:25:33:31:90:91:96:a2:ec:
                    50:c1:a4:20:19:c4:4c:e2:39:62:22:4e:9c:f1:6b:
                    bd:c2:6e:53:e8:d1:73:09:ae:26:6d:2e:2a:99:eb:
                    5f:b9:01:df:7f:13:48:7f:c8:c6:41:ca:4f:1f:b1:
                    9b:36:83:f5:9b:51:9e:1d:1d:f3:bc:15:83:71:65:
                    08:4a:e3:7d:15:20:9d:a6:c0:d7:3f:a9:ef:c9:63:
                    07:15:7f:75:de:51:00:38:b4:e7:50:00:40:8d:20:
                    17:fc:ae:ff:0e:9b:91:f7:b2:1d:3f:7e:e5:e5:7f:
                    29:c3:c7:cc:38:3f:d7:cb:a6:bf:e3:14:92:10:a8:
                    a4:2d:34:72:b3:81:6b:d5:c2:17:7a:bd:58:60:40:
                    c8:52:bf:ca:76:d0:c8:b5:a1:8f:38:83:25:19:7d:
                    6d:5b:f7:2f:ad:0b:91:c6:49:b3:b4:fb:83:b5:cf:
                    fd:f7:ad:19:60:a8:38:5e:96:b7:e4:64:e0:e8:b8:
                    b6:1c:6a:99:9b:55:09:57:28:00:c0:eb:d0:da:00:
                    b5:88:57:a0:47:07:5c:ee:eb:e4:1c:0e:a4:0f:4a:
                    31:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:39:2F:EF:AF:36:E7:1D:00:42:95:D1:26:32:09:58:55:27:CE:49
            X509v3 Authority Key Identifier:
                keyid:F2:8E:D7:39:B3:23:3D:24:DE:16:65:3C:4A:CC:6F:FC:CB:08:83:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o7XObMjPSTeFmU8Ssxv_MsIg_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/wzkv76825x0AQpXRJjIJWFUnzkk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/b3b3f2-1fb5-48f3-b8b5-1e8ebb09bcac/1/8o7XObMjPSTeFmU8Ssxv_MsIg_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.3.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:54:8f:4c:9b:2d:e2:82:7b:3c:5a:24:69:3b:5a:09:3a:83:
         bc:af:ee:10:fd:1a:a3:e6:59:ec:09:aa:38:5a:f6:00:57:13:
         d8:c7:1b:1c:12:50:59:fb:13:c5:da:29:4d:7d:b4:02:50:b9:
         f4:e1:08:6b:d2:16:d9:23:51:9a:97:f4:88:68:06:36:02:6d:
         72:94:e4:06:e9:24:5b:ba:a2:93:48:f9:a1:0b:6f:f5:ae:1e:
         83:09:e9:6f:36:46:0e:7e:42:a2:89:47:48:55:5b:41:0f:2b:
         b6:5a:fd:b1:84:3d:43:d1:f9:a3:12:fb:f8:6c:9e:16:0b:fa:
         38:37:77:de:96:b3:1f:57:e8:cb:6e:c3:5e:7f:08:a5:e5:fa:
         91:e6:74:78:d0:0b:aa:ae:34:71:58:47:0f:84:d2:74:6d:d6:
         db:ae:9c:84:eb:98:b8:3f:a7:7d:1e:e0:7f:ef:e0:16:47:01:
         f5:28:df:dc:0a:77:7f:14:9f:b9:1f:7e:97:40:bb:3c:5f:b9:
         61:4c:79:8b:2d:5d:6d:36:c7:a7:e8:f2:49:c7:2a:63:6f:b3:
         59:1e:9b:bd:22:d0:2c:cd:f2:46:71:a6:cb:33:94:ef:70:b0:
         12:a8:5b:f2:40:2d:b6:36:9d:dc:a1:2b:f5:06:a7:2e:2a:1a:
         3a:f6:5a:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAJjQ+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjhlZDczOWIzMjMzZDI0ZGUxNjY1M2M0YWNjNmZmY2NiMDg4M2Y1MB4XDTIyMDEw
MTAwNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzMzOTJmZWZhZjM2
ZTcxZDAwNDI5NWQxMjYzMjA5NTg1NTI3Y2U0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbqD9XgtE4RK45JXTf0tRNjmBgawUIIx5WiguSnqyHMYJ0c
IyUzMZCRlqLsUMGkIBnETOI5YiJOnPFrvcJuU+jRcwmuJm0uKpnrX7kB338TSH/I
xkHKTx+xmzaD9ZtRnh0d87wVg3FlCErjfRUgnabA1z+p78ljBxV/dd5RADi051AA
QI0gF/yu/w6bkfeyHT9+5eV/KcPHzDg/18umv+MUkhCopC00crOBa9XCF3q9WGBA
yFK/ynbQyLWhjziDJRl9bVv3L60LkcZJs7T7g7XP/fetGWCoOF6Wt+Rk4Oi4thxq
mZtVCVcoAMDr0NoAtYhXoEcHXO7r5BwOpA9KMXMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTDOS/vrzbnHQBCldEmMglYVSfOSTAfBgNVHSMEGDAWgBTyjtc5syM9JN4W
ZTxKzG/8ywiD9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhvN1hPYk1qUFNUZUZtVThTc3h2X01zSWdfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvYjNiM2YyLTFmYjUtNDhmMy1iOGI1LTFlOGViYjA5YmNhYy8x
L3d6a3Y3NjgyNXgwQVFwWFJKaklKV0ZVbnpray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
YjNiM2YyLTFmYjUtNDhmMy1iOGI1LTFlOGViYjA5YmNhYy8xLzhvN1hPYk1qUFNU
ZUZtVThTc3h2X01zSWdfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEDsDANBgkqhkiG9w0BAQsFAAOC
AQEAf1SPTJst4oJ7PFokaTtaCTqDvK/uEP0ao+ZZ7AmqOFr2AFcT2McbHBJQWfsT
xdopTX20AlC59OEIa9IW2SNRmpf0iGgGNgJtcpTkBukkW7qik0j5oQtv9a4egwnp
bzZGDn5CoolHSFVbQQ8rtlr9sYQ9Q9H5oxL7+GyeFgv6ODd33pazH1foy27DXn8I
peX6keZ0eNALqq40cVhHD4TSdG3W266chOuYuD+nfR7gf+/gFkcB9Sjf3Ap3fxSf
uR9+l0C7PF+5YUx5iy1dbTbHp+jySccqY2+zWR6bvSLQLM3yRnGmyzOU73CwEqhb
8kAttjad3KEr9QanLioaOvZaVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:04 2024 by rpki-client on console-fra.rpki-client.org