Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/0b7251-beb8-4e36-8e37-34091351a710/1/Qd2_LBIR5CA1tUQ-ObY7C1WwnyQ.roa
File:                     Qd2_LBIR5CA1tUQ-ObY7C1WwnyQ.roa (raw, json)
Hash identifier:          Y1PVdLtHL9tSapnCpi4ZQ9TmWLWt1J2+OUqxeX1Js+E=
Subject key identifier:   41:DD:BF:2C:12:11:E4:20:35:B5:44:3E:39:B6:3B:0B:55:B0:9F:24
Certificate issuer:       /CN=b26514285449df35e0e39c38ffb2a58b9eed4eb9
Certificate serial:       01856FF056DD2F3EE1459CFB339DAEA2C10B
Authority key identifier: B2:65:14:28:54:49:DF:35:E0:E3:9C:38:FF:B2:A5:8B:9E:ED:4E:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/smUUKFRJ3zXg45w4_7Kli57tTrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/0b7251-beb8-4e36-8e37-34091351a710/1/Qd2_LBIR5CA1tUQ-ObY7C1WwnyQ.roa
Signing time:             Mon 02 Jan 2023 00:44:59 +0000
ROA not before:           Mon 02 Jan 2023 00:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56769
IP address blocks:        185.248.27.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:56:dd:2f:3e:e1:45:9c:fb:33:9d:ae:a2:c1:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b26514285449df35e0e39c38ffb2a58b9eed4eb9
        Validity
            Not Before: Jan  2 00:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=41ddbf2c1211e42035b5443e39b63b0b55b09f24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:52:77:18:e0:ab:b5:95:44:16:4a:03:71:93:
                    d5:62:76:b6:7a:6d:9c:fb:fe:0d:54:42:4c:7e:c9:
                    2a:c6:76:29:cd:57:b3:7e:77:3c:76:b0:39:32:88:
                    2f:d8:3b:10:a9:8a:33:3d:35:e3:e5:60:0e:27:55:
                    e3:00:2e:36:28:fc:54:a3:a9:a7:00:03:2b:47:1f:
                    af:b3:e2:1d:66:7e:29:61:8e:8f:2d:cb:47:9e:b7:
                    ac:2f:30:1b:8c:11:fb:19:dc:03:81:77:76:d4:f1:
                    16:93:14:0d:89:f4:4f:4b:28:dd:9e:7f:2a:2c:fe:
                    08:04:5f:ba:6c:a2:0a:fe:f0:52:e8:4b:67:08:e6:
                    e5:33:d5:89:44:d1:86:07:57:25:01:3b:b5:32:d1:
                    08:11:95:55:20:af:58:ae:88:53:e8:d2:d4:af:98:
                    0e:3f:8a:cf:c6:58:7c:6f:aa:8d:6a:89:17:82:e1:
                    1e:39:cb:c3:8d:ab:e6:50:71:9c:45:b0:75:0e:58:
                    17:a1:8f:1f:43:5b:c6:6b:61:53:6f:e7:c0:9b:35:
                    98:44:47:13:82:b2:15:93:23:a8:61:44:ee:bb:e8:
                    89:99:79:b9:0b:42:92:f8:11:18:86:6d:a2:9e:2b:
                    3d:fa:90:9d:59:33:ab:29:b6:5f:84:b8:90:5f:76:
                    a4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:DD:BF:2C:12:11:E4:20:35:B5:44:3E:39:B6:3B:0B:55:B0:9F:24
            X509v3 Authority Key Identifier:
                keyid:B2:65:14:28:54:49:DF:35:E0:E3:9C:38:FF:B2:A5:8B:9E:ED:4E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smUUKFRJ3zXg45w4_7Kli57tTrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/0b7251-beb8-4e36-8e37-34091351a710/1/Qd2_LBIR5CA1tUQ-ObY7C1WwnyQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/0b7251-beb8-4e36-8e37-34091351a710/1/smUUKFRJ3zXg45w4_7Kli57tTrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:b0:e7:53:9c:b3:87:fd:5a:49:45:2d:ea:cd:13:60:df:1f:
         ce:e2:6e:79:84:15:71:67:78:b2:9f:a7:76:ec:67:72:da:d4:
         03:d9:b7:b3:ae:71:bd:27:9c:33:d7:1e:54:41:6d:5a:32:73:
         f1:36:bb:e8:14:84:21:43:0d:06:2a:ca:fd:44:f7:c2:e7:03:
         ca:4c:f3:14:9e:62:79:1b:c4:e2:05:e1:b3:e7:42:92:22:4e:
         f2:e1:d9:51:ae:f2:d9:da:65:9d:59:24:2d:51:9c:57:53:d2:
         4b:b4:b3:2c:fd:29:29:f8:43:a1:49:d0:7c:d3:bd:63:59:27:
         18:a5:78:1d:d0:47:47:8a:86:9e:c5:f8:31:7d:05:a4:05:47:
         a2:25:44:d2:0d:85:65:ef:b0:46:af:de:9b:92:be:31:74:f7:
         22:bb:32:60:3f:50:51:70:61:25:f9:dd:eb:57:f8:91:b9:6f:
         d7:2f:1d:39:e2:ff:d8:08:3b:d5:8d:f5:44:0a:58:e3:e9:a7:
         8b:7a:07:6f:51:98:08:11:da:37:2e:00:d4:5b:73:b5:bb:42:
         b5:55:f9:7b:2e:e8:59:b1:c4:18:24:2c:cd:0d:6e:1f:d1:1e:
         33:08:f5:b6:6a:7f:75:bb:2d:74:8b:c6:31:a8:a1:98:d9:70:
         84:b2:19:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8FbdLz7hRZz7M52uosELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjUxNDI4NTQ0OWRmMzVlMGUzOWMzOGZmYjJhNThiOWVl
ZDRlYjkwHhcNMjMwMTAyMDA0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRkYmYyYzEyMTFlNDIwMzViNTQ0M2UzOWI2M2IwYjU1YjA5ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlJ3GOCrtZVEFkoDcZPVYna2em2c
+/4NVEJMfskqxnYpzVezfnc8drA5Mogv2DsQqYozPTXj5WAOJ1XjAC42KPxUo6mn
AAMrRx+vs+IdZn4pYY6PLctHnresLzAbjBH7GdwDgXd21PEWkxQNifRPSyjdnn8q
LP4IBF+6bKIK/vBS6EtnCOblM9WJRNGGB1clATu1MtEIEZVVIK9YrohT6NLUr5gO
P4rPxlh8b6qNaokXguEeOcvDjavmUHGcRbB1DlgXoY8fQ1vGa2FTb+fAmzWYREcT
grIVkyOoYUTuu+iJmXm5C0KS+BEYhm2inis9+pCdWTOrKbZfhLiQX3akCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHdvywSEeQgNbVEPjm2OwtVsJ8kMB8GA1UdIwQY
MBaAFLJlFChUSd814OOcOP+ypYue7U65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21VVUtGUkozelhnNDV3NF83S2xpNTd0VHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8wYjcyNTEtYmViOC00ZTM2LThlMzct
MzQwOTEzNTFhNzEwLzEvUWQyX0xCSVI1Q0ExdFVRLU9iWTdDMVd3bnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8wYjcyNTEtYmViOC00ZTM2LThlMzctMzQwOTEzNTFhNzEw
LzEvc21VVUtGUkozelhnNDV3NF83S2xpNTd0VHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgbMA0G
CSqGSIb3DQEBCwUAA4IBAQBAsOdTnLOH/VpJRS3qzRNg3x/O4m55hBVxZ3iyn6d2
7Gdy2tQD2bezrnG9J5wz1x5UQW1aMnPxNrvoFIQhQw0GKsr9RPfC5wPKTPMUnmJ5
G8TiBeGz50KSIk7y4dlRrvLZ2mWdWSQtUZxXU9JLtLMs/Skp+EOhSdB8071jWScY
pXgd0EdHioaexfgxfQWkBUeiJUTSDYVl77BGr96bkr4xdPciuzJgP1BRcGEl+d3r
V/iRuW/XLx054v/YCDvVjfVECljj6aeLegdvUZgIEdo3LgDUW3O1u0K1Vfl7LuhZ
scQYJCzNDW4f0R4zCPW2an91uy10i8YxqKGY2XCEshlM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:52 2024 by rpki-client on console-fra.rpki-client.org