Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/372b31-7114-4af0-8bb1-e99924daa1d5/1/iqy6oOY7iofe7lX71YEp3twU72Y.roa
File:                     iqy6oOY7iofe7lX71YEp3twU72Y.roa (raw, json)
Hash identifier:          x1hRgczDjQNTJ8U50pY9zxHO3Gk0Jg1OUWUGUzqOCkM=
Subject key identifier:   8A:AC:BA:A0:E6:3B:8A:87:DE:EE:55:FB:D5:81:29:DE:DC:14:EF:66
Certificate issuer:       /CN=601d9cd2e30c3ea2ba586cd81f3eb26a1a000f56
Certificate serial:       04ECF6
Authority key identifier: 60:1D:9C:D2:E3:0C:3E:A2:BA:58:6C:D8:1F:3E:B2:6A:1A:00:0F:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YB2c0uMMPqK6WGzYHz6yahoAD1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/372b31-7114-4af0-8bb1-e99924daa1d5/1/iqy6oOY7iofe7lX71YEp3twU72Y.roa
Signing time:             Sun 23 Jan 2022 22:09:13 +0000
ROA not before:           Sun 23 Jan 2022 22:09:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        5.181.180.0/23 maxlen: 24
                          5.181.182.0/23 maxlen: 24
                          185.176.94.0/23 maxlen: 24
                          185.176.92.0/23 maxlen: 24
                          185.229.222.0/23 maxlen: 24
                          185.216.104.0/23 maxlen: 24
                          185.229.220.0/23 maxlen: 24
                          185.216.106.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 322806 (0x4ecf6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=601d9cd2e30c3ea2ba586cd81f3eb26a1a000f56
        Validity
            Not Before: Jan 23 22:09:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=8aacbaa0e63b8a87deee55fbd58129dedc14ef66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dd:3b:91:f7:7f:da:01:23:57:13:be:03:95:
                    6b:33:8d:50:dc:5a:b9:79:36:50:59:e2:64:c4:f8:
                    27:da:b9:c3:8b:3d:a5:7a:15:56:b1:8b:f9:3b:31:
                    33:c9:f5:4a:2a:4b:de:0f:03:54:96:33:70:16:65:
                    6d:81:2d:1f:4f:5b:43:7a:0a:13:f3:1c:4a:7e:2b:
                    22:b7:c3:48:ab:53:cc:82:26:da:03:89:a7:6a:7c:
                    79:33:da:a9:a5:67:56:26:0e:69:62:9a:20:89:5d:
                    5d:b1:f2:f8:f0:b6:73:bd:eb:97:78:6e:ee:37:79:
                    1b:7f:1e:30:69:8b:64:c8:83:b8:af:92:98:fa:9b:
                    a7:93:15:0f:f2:04:f2:e6:7d:6a:6c:b5:f3:37:7e:
                    c6:cb:7d:e7:2c:d0:6f:76:f6:e0:1e:ab:df:4a:90:
                    36:50:f5:07:12:df:ae:4a:10:a8:e8:85:cb:48:34:
                    2b:93:fb:e4:5f:a5:cc:4f:7a:84:04:53:56:fd:33:
                    2d:83:a7:7a:4d:f0:d2:81:be:ab:a5:22:23:8c:0c:
                    40:78:f7:42:82:da:17:fd:0b:29:32:79:cd:23:46:
                    e0:3e:6b:00:bc:5a:75:22:00:07:b4:01:c6:ed:b6:
                    f8:67:45:b8:e6:d1:f4:9a:c3:76:93:fe:2d:4a:e2:
                    99:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:AC:BA:A0:E6:3B:8A:87:DE:EE:55:FB:D5:81:29:DE:DC:14:EF:66
            X509v3 Authority Key Identifier:
                keyid:60:1D:9C:D2:E3:0C:3E:A2:BA:58:6C:D8:1F:3E:B2:6A:1A:00:0F:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB2c0uMMPqK6WGzYHz6yahoAD1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/372b31-7114-4af0-8bb1-e99924daa1d5/1/iqy6oOY7iofe7lX71YEp3twU72Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/372b31-7114-4af0-8bb1-e99924daa1d5/1/YB2c0uMMPqK6WGzYHz6yahoAD1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.180.0/22
                  185.176.92.0/22
                  185.216.104.0/22
                  185.229.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:1d:84:d3:0b:fe:a2:bd:c5:2c:56:b9:3d:05:95:0c:5d:c1:
         98:4f:01:0d:26:e1:34:76:23:3e:7e:e3:00:e0:d6:1a:be:d5:
         e1:1c:7e:88:54:95:65:6d:6d:e9:ee:cf:85:43:68:68:26:04:
         26:e8:7d:f7:a4:49:3f:bc:60:1e:69:33:35:e3:91:7d:1e:f5:
         8e:54:2f:2b:64:4b:87:d5:fc:f4:7f:08:09:03:50:76:73:93:
         ed:0a:76:9e:eb:db:81:db:01:5d:63:85:ff:75:ef:3f:70:07:
         f6:97:b3:55:6c:81:10:84:dd:b6:72:20:77:7b:51:dc:9c:57:
         47:74:6d:64:b5:aa:1c:d4:7a:97:98:b1:e9:34:0f:27:7b:37:
         12:c3:a7:7a:63:bf:ad:5d:bc:17:4c:a0:72:73:2d:55:b7:79:
         f4:5b:bc:b2:7c:89:49:43:63:58:8d:21:4d:ee:43:c4:3d:96:
         4e:47:c4:68:e6:a3:f6:92:f8:61:8a:dd:e3:28:85:d4:5f:a6:
         f4:05:1e:c3:92:65:51:c0:06:c0:ed:2b:1b:69:80:96:9f:db:
         44:b5:b0:49:8d:1d:3a:c6:4e:97:f5:94:75:71:f4:b2:3c:95:
         ff:1f:b2:ca:79:94:d4:b7:05:8c:52:37:78:3a:25:d3:b1:a5:
         41:b8:4a:5d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDBOz2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYw
MWQ5Y2QyZTMwYzNlYTJiYTU4NmNkODFmM2ViMjZhMWEwMDBmNTYwHhcNMjIwMTIz
MjIwOTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YWFjYmFhMGU2M2I4
YTg3ZGVlZTU1ZmJkNTgxMjlkZWRjMTRlZjY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuN07kfd/2gEjVxO+A5VrM41Q3Fq5eTZQWeJkxPgn2rnDiz2l
ehVWsYv5OzEzyfVKKkveDwNUljNwFmVtgS0fT1tDegoT8xxKfisit8NIq1PMgiba
A4mnanx5M9qppWdWJg5pYpogiV1dsfL48LZzveuXeG7uN3kbfx4waYtkyIO4r5KY
+punkxUP8gTy5n1qbLXzN37Gy33nLNBvdvbgHqvfSpA2UPUHEt+uShCo6IXLSDQr
k/vkX6XMT3qEBFNW/TMtg6d6TfDSgb6rpSIjjAxAePdCgtoX/QspMnnNI0bgPmsA
vFp1IgAHtAHG7bb4Z0W45tH0msN2k/4tSuKZ2wIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFIqsuqDmO4qH3u5V+9WBKd7cFO9mMB8GA1UdIwQYMBaAFGAdnNLjDD6iulhs
2B8+smoaAA9WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WUIyYzB1TU1QcUs2V0d6WUh6NnlhaG9BRDFZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85MC8zNzJiMzEtNzExNC00YWYwLThiYjEtZTk5OTI0ZGFhMWQ1LzEv
aXF5Nm9PWTdpb2ZlN2xYNzFZRXAzdHdVNzJZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8z
NzJiMzEtNzExNC00YWYwLThiYjEtZTk5OTI0ZGFhMWQ1LzEvWUIyYzB1TU1QcUs2
V0d6WUh6NnlhaG9BRDFZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbW0AwQCubBcAwQCudhoAwQCueXc
MA0GCSqGSIb3DQEBCwUAA4IBAQCrHYTTC/6ivcUsVrk9BZUMXcGYTwENJuE0diM+
fuMA4NYavtXhHH6IVJVlbW3p7s+FQ2hoJgQm6H33pEk/vGAeaTM145F9HvWOVC8r
ZEuH1fz0fwgJA1B2c5PtCnae69uB2wFdY4X/de8/cAf2l7NVbIEQhN22ciB3e1Hc
nFdHdG1ktaoc1HqXmLHpNA8nezcSw6d6Y7+tXbwXTKBycy1Vt3n0W7yyfIlJQ2NY
jSFN7kPEPZZOR8Ro5qP2kvhhit3jKIXUX6b0BR7DkmVRwAbA7SsbaYCWn9tEtbBJ
jR06xk6X9ZR1cfSyPJX/H7LKeZTUtwWMUjd4OiXTsaVBuEpd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:44 2024 by rpki-client on console-ams.rpki-client.org