Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/l20mc2GL0sFyqtTRMM3Bf70jeiU.roa
File:                     l20mc2GL0sFyqtTRMM3Bf70jeiU.roa (raw, json)
Hash identifier:          V4wCNu4SUTmv/Ac4MFvy6/9mLHnAZvQ18OoV3e5iIBc=
Subject key identifier:   97:6D:26:73:61:8B:D2:C1:72:AA:D4:D1:30:CD:C1:7F:BD:23:7A:25
Certificate issuer:       /CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
Certificate serial:       018655527526A6D84C26F6A7E130FD4AAC31
Authority key identifier: BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/l20mc2GL0sFyqtTRMM3Bf70jeiU.roa
Signing time:             Wed 15 Feb 2023 13:45:12 +0000
ROA not before:           Wed 15 Feb 2023 13:45:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        31.217.248.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:55:52:75:26:a6:d8:4c:26:f6:a7:e1:30:fd:4a:ac:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
        Validity
            Not Before: Feb 15 13:45:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=976d2673618bd2c172aad4d130cdc17fbd237a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:86:a6:a7:49:f6:e9:10:70:05:a8:5d:50:b3:
                    46:85:f7:de:6d:63:8c:b2:e8:2b:c4:80:fa:a8:57:
                    04:65:92:c8:47:85:c6:b8:2d:b2:d2:97:a2:bb:f6:
                    37:09:39:b9:98:fc:5e:62:5a:dd:b2:01:6b:c9:2a:
                    c5:1b:b6:20:21:45:b9:13:1e:4e:75:3a:7c:fb:ad:
                    cb:48:93:14:91:6e:a6:52:15:58:4e:6e:56:e6:94:
                    19:82:ee:9d:c3:44:4d:3e:20:ef:4a:46:ba:a0:c5:
                    aa:90:58:c8:ab:4c:94:3b:79:27:2a:89:68:db:f5:
                    51:1c:3c:ec:9d:93:82:81:9f:ec:f7:23:40:59:bb:
                    ab:e5:13:ce:f1:f3:99:04:cc:f4:ac:59:b9:3e:5d:
                    3e:88:f3:a7:15:70:80:ee:04:06:d0:f2:32:46:c0:
                    3c:02:6f:4f:be:9f:8e:4e:02:be:c4:1b:35:68:69:
                    94:5b:95:95:b2:79:fc:9a:a1:f6:59:a1:0f:b2:43:
                    52:10:14:b3:6d:fe:fc:44:5d:8c:95:55:3d:f7:52:
                    28:c8:26:b8:8e:a7:52:73:9f:66:55:32:1c:19:2d:
                    48:a9:eb:15:17:8c:e1:ce:51:ae:a6:5a:ae:35:d1:
                    98:3b:84:4a:45:ad:52:d1:95:f9:5a:28:5c:bb:f3:
                    7c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:6D:26:73:61:8B:D2:C1:72:AA:D4:D1:30:CD:C1:7F:BD:23:7A:25
            X509v3 Authority Key Identifier:
                keyid:BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/l20mc2GL0sFyqtTRMM3Bf70jeiU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.217.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:26:4d:b0:a4:45:62:6a:6f:cc:fc:0d:97:92:50:45:c1:72:
         c3:e1:18:63:fb:c1:d2:e3:47:57:a6:90:31:ef:c8:fa:0c:64:
         47:aa:da:f2:c0:c7:b4:82:cf:78:24:4f:dd:84:68:40:ee:25:
         b9:83:9d:75:ea:7e:b0:8f:73:f4:00:c2:d1:99:63:5d:0f:9b:
         6a:a2:cd:51:ee:6b:cb:57:b5:a6:80:af:24:97:bc:cf:10:77:
         af:7b:c8:2c:60:8c:92:cc:c3:d7:ab:43:c5:df:3f:94:08:93:
         d9:ed:0b:d1:77:d9:a9:ca:e6:e0:f1:87:3f:68:0a:09:ce:5e:
         92:8a:d6:f0:02:00:71:6e:46:77:2d:ab:06:3b:b5:b1:bb:e8:
         37:34:00:b3:cb:f0:07:0b:33:61:15:97:cb:fe:7e:12:4b:e1:
         e3:dd:55:c8:81:11:e0:37:90:58:0b:bb:96:e5:8f:1d:86:72:
         12:cb:47:e9:54:fd:ac:67:06:70:d3:c0:f4:77:9f:b2:19:09:
         f3:5d:ae:79:ab:29:48:b2:0b:e3:f9:a7:84:91:27:36:72:16:
         d6:cf:6d:ce:0e:27:f7:31:05:46:e0:d8:22:0e:aa:22:6d:46:
         ac:cd:b6:3b:84:7f:59:f5:df:d3:32:b1:b1:c7:2e:15:6a:1a:
         b8:b9:f7:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZVUnUmpthMJvan4TD9SqwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTYzZDNiYTZkYWU0YTQ0OTNiYzE0YTY3NWI5NGFkMmFh
NDViNjkwHhcNMjMwMjE1MTM0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZkMjY3MzYxOGJkMmMxNzJhYWQ0ZDEzMGNkYzE3ZmJkMjM3YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4amp0n26RBwBahdULNGhffebWOM
sugrxID6qFcEZZLIR4XGuC2y0peiu/Y3CTm5mPxeYlrdsgFrySrFG7YgIUW5Ex5O
dTp8+63LSJMUkW6mUhVYTm5W5pQZgu6dw0RNPiDvSka6oMWqkFjIq0yUO3knKolo
2/VRHDzsnZOCgZ/s9yNAWbur5RPO8fOZBMz0rFm5Pl0+iPOnFXCA7gQG0PIyRsA8
Am9Pvp+OTgK+xBs1aGmUW5WVsnn8mqH2WaEPskNSEBSzbf78RF2MlVU991IoyCa4
jqdSc59mVTIcGS1IqesVF4zhzlGuplquNdGYO4RKRa1S0ZX5Wihcu/N8TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdtJnNhi9LBcqrU0TDNwX+9I3olMB8GA1UdIwQY
MBaAFLqmPTum2uSkSTvBSmdblK0qpFtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2Mt
NGVkZjQyNDRhOWY5LzEvbDIwbWMyR0wwc0Z5cXRUUk1NM0JmNzBqZWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2MtNGVkZjQyNDRhOWY5
LzEvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9n4MA0G
CSqGSIb3DQEBCwUAA4IBAQBKJk2wpEViam/M/A2XklBFwXLD4Rhj+8HS40dXppAx
78j6DGRHqtrywMe0gs94JE/dhGhA7iW5g5116n6wj3P0AMLRmWNdD5tqos1R7mvL
V7WmgK8kl7zPEHeve8gsYIySzMPXq0PF3z+UCJPZ7QvRd9mpyubg8Yc/aAoJzl6S
itbwAgBxbkZ3LasGO7Wxu+g3NACzy/AHCzNhFZfL/n4SS+Hj3VXIgRHgN5BYC7uW
5Y8dhnISy0fpVP2sZwZw08D0d5+yGQnzXa55qylIsgvj+aeEkSc2chbWz23ODif3
MQVG4NgiDqoibUaszbY7hH9Z9d/TMrGxxy4Vahq4ufd3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:52 2024 by rpki-client on console-fra.rpki-client.org