Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/2FcQ7zzwLxOIPEdNIonqi7BAzcI.roa
File:                     2FcQ7zzwLxOIPEdNIonqi7BAzcI.roa (raw, json)
Hash identifier:          daz/VPa3+RsBnvqipIcG+xHl8dxgigpXhulLPVUyLXk=
Subject key identifier:   D8:57:10:EF:3C:F0:2F:13:88:3C:47:4D:22:89:EA:8B:B0:40:CD:C2
Certificate issuer:       /CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
Certificate serial:       0189D06A5A79406F80E30FAFA185A2D5BDAF
Authority key identifier: 46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/2FcQ7zzwLxOIPEdNIonqi7BAzcI.roa
Signing time:             Mon 07 Aug 2023 14:32:58 +0000
ROA not before:           Mon 07 Aug 2023 14:32:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50926
IP address blocks:        212.34.128.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d0:6a:5a:79:40:6f:80:e3:0f:af:a1:85:a2:d5:bd:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46ca4dc9c70661f721d68ce53601d3d5f9aa8c32
        Validity
            Not Before: Aug  7 14:32:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d85710ef3cf02f13883c474d2289ea8bb040cdc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:93:02:de:94:71:ca:ae:5e:6b:57:98:e8:6d:
                    12:86:12:19:24:c9:74:a0:5a:a7:e0:5a:d6:de:02:
                    3a:b4:98:93:7b:67:27:1b:39:0d:82:44:28:b2:9d:
                    ef:4a:d3:9b:c7:1e:a2:95:19:ee:07:a8:70:25:58:
                    1c:5b:30:73:de:90:a2:93:86:75:f6:4d:92:82:ab:
                    76:7e:b3:e4:09:26:3e:dc:1b:4a:ee:63:5d:f1:52:
                    37:d8:f5:e3:91:01:ce:a5:9e:55:61:12:e3:37:f1:
                    2b:d5:93:ad:ef:10:9d:48:1d:5b:61:d3:25:5f:37:
                    47:36:af:73:66:12:2c:66:77:2b:da:d5:78:c3:22:
                    40:fe:bc:de:62:96:32:3c:3e:e7:d6:aa:b4:9f:2f:
                    f1:59:e0:c1:a7:76:8d:7c:44:79:2b:be:9a:02:53:
                    cc:19:4c:c3:5f:f4:03:f7:a7:9d:c4:c3:16:fb:1e:
                    77:3f:6c:f1:84:33:6e:e3:38:9b:c2:94:c6:ce:45:
                    55:f2:4d:03:97:0b:3a:5e:9f:d1:f3:5c:77:c4:64:
                    d0:23:e9:37:35:f0:62:be:68:e8:8c:6c:9b:b9:0a:
                    f1:ad:79:4e:67:1d:99:99:63:bf:97:1d:bd:0e:b0:
                    98:b1:5a:f3:58:67:3d:af:d4:30:82:9f:e5:11:66:
                    12:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:57:10:EF:3C:F0:2F:13:88:3C:47:4D:22:89:EA:8B:B0:40:CD:C2
            X509v3 Authority Key Identifier:
                keyid:46:CA:4D:C9:C7:06:61:F7:21:D6:8C:E5:36:01:D3:D5:F9:AA:8C:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RspNyccGYfch1ozlNgHT1fmqjDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/2FcQ7zzwLxOIPEdNIonqi7BAzcI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/00b15a-30af-42ca-ae87-a07a4fc7b45c/1/RspNyccGYfch1ozlNgHT1fmqjDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.34.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         b3:95:4b:89:cb:d3:71:c3:c5:bd:26:2a:01:ce:9f:d3:5a:2e:
         f1:bc:31:dd:4d:de:d6:bf:34:70:19:f1:7b:74:a0:2b:56:60:
         43:9e:61:82:e2:d9:6f:a8:cc:58:20:81:7f:c2:7d:51:c1:9b:
         fb:fb:6a:58:f5:5b:22:91:e5:d1:2b:cc:b5:88:5b:c2:03:df:
         cb:f4:a3:40:93:4d:fa:80:6a:0b:ac:f2:91:7f:a4:1f:d3:d3:
         03:c2:c3:81:35:cf:42:56:2b:6d:ce:f3:fc:f1:6b:ed:0b:58:
         77:e5:b4:cb:8f:7e:55:46:b1:52:c0:bc:45:fa:18:55:09:8d:
         a2:fd:b8:83:7d:40:0b:e2:4c:f2:ac:fb:68:a0:4d:5e:93:5e:
         56:ca:c5:16:3e:19:12:b7:6b:7a:17:34:04:b8:44:95:61:ac:
         d2:bc:68:c7:7c:d6:cd:8a:84:6c:94:08:ae:7d:8b:66:bf:f7:
         f6:e0:f6:0c:ba:5c:66:9b:57:5d:1c:42:00:1e:8b:72:02:c5:
         f9:b1:6e:0d:e4:0e:d1:f4:3d:29:42:34:cc:24:71:e5:91:5b:
         4d:9b:b2:c2:5d:f3:31:e2:59:80:cf:5e:c8:90:cd:a3:2b:66:
         8e:82:00:c5:85:2e:83:b5:42:4d:9b:91:09:7a:ae:19:fa:ab:
         4e:94:a7:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnQalp5QG+A4w+voYWi1b2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2E0ZGM5YzcwNjYxZjcyMWQ2OGNlNTM2MDFkM2Q1Zjlh
YThjMzIwHhcNMjMwODA3MTQzMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU3MTBlZjNjZjAyZjEzODgzYzQ3NGQyMjg5ZWE4YmIwNDBjZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZMC3pRxyq5ea1eY6G0ShhIZJMl0
oFqn4FrW3gI6tJiTe2cnGzkNgkQosp3vStObxx6ilRnuB6hwJVgcWzBz3pCik4Z1
9k2Sgqt2frPkCSY+3BtK7mNd8VI32PXjkQHOpZ5VYRLjN/Er1ZOt7xCdSB1bYdMl
XzdHNq9zZhIsZncr2tV4wyJA/rzeYpYyPD7n1qq0ny/xWeDBp3aNfER5K76aAlPM
GUzDX/QD96edxMMW+x53P2zxhDNu4zibwpTGzkVV8k0Dlws6Xp/R81x3xGTQI+k3
NfBivmjojGybuQrxrXlOZx2ZmWO/lx29DrCYsVrzWGc9r9Qwgp/lEWYSIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhXEO888C8TiDxHTSKJ6ouwQM3CMB8GA1UdIwQY
MBaAFEbKTcnHBmH3IdaM5TYB09X5qowyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODct
YTA3YTRmYzdiNDVjLzEvMkZjUTd6endMeE9JUEVkTklvbnFpN0JBemNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wMGIxNWEtMzBhZi00MmNhLWFlODctYTA3YTRmYzdiNDVj
LzEvUnNwTnljY0dZZmNoMW96bE5nSFQxZm1xakRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1CKAMA0G
CSqGSIb3DQEBCwUAA4IBAQCzlUuJy9Nxw8W9JioBzp/TWi7xvDHdTd7WvzRwGfF7
dKArVmBDnmGC4tlvqMxYIIF/wn1RwZv7+2pY9VsikeXRK8y1iFvCA9/L9KNAk036
gGoLrPKRf6Qf09MDwsOBNc9CVittzvP88WvtC1h35bTLj35VRrFSwLxF+hhVCY2i
/biDfUAL4kzyrPtooE1ek15WysUWPhkSt2t6FzQEuESVYazSvGjHfNbNioRslAiu
fYtmv/f24PYMulxmm1ddHEIAHotyAsX5sW4N5A7R9D0pQjTMJHHlkVtNm7LCXfMx
4lmAz17IkM2jK2aOggDFhS6DtUJNm5EJeq4Z+qtOlKfn
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:42:20 2025 by rpki-client