Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/8dbf34-d49a-4e5c-80cd-6acdf4751a48/1/osxcayyRDFDxxYYXjjIgW2A9v-Q.roa
File:                     osxcayyRDFDxxYYXjjIgW2A9v-Q.roa (raw, json)
Hash identifier:          6dXZdFo8TNAh+DtywrHh/pDM9Ath0MU9vbvA+RZGAmo=
Subject key identifier:   A2:CC:5C:6B:2C:91:0C:50:F1:C5:86:17:8E:32:20:5B:60:3D:BF:E4
Certificate issuer:       /CN=a7a96242b4919622bf29949d27138f6412a36f17
Certificate serial:       0852FC11
Authority key identifier: A7:A9:62:42:B4:91:96:22:BF:29:94:9D:27:13:8F:64:12:A3:6F:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p6liQrSRliK_KZSdJxOPZBKjbxc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/8dbf34-d49a-4e5c-80cd-6acdf4751a48/1/osxcayyRDFDxxYYXjjIgW2A9v-Q.roa
Signing time:             Sat 01 Jan 2022 14:08:03 +0000
ROA not before:           Sat 01 Jan 2022 14:08:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     24940
IP address blocks:        185.36.144.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139656209 (0x852fc11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7a96242b4919622bf29949d27138f6412a36f17
        Validity
            Not Before: Jan  1 14:08:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a2cc5c6b2c910c50f1c586178e32205b603dbfe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ca:b8:25:ac:9c:24:2c:10:64:07:9b:81:6c:
                    0a:be:98:4c:e5:27:46:06:b6:0c:80:52:fb:38:97:
                    02:69:4a:cd:cf:86:61:d9:21:ec:f3:6b:89:8c:b7:
                    37:25:fe:34:98:c3:99:c6:82:c9:f3:bb:62:97:0f:
                    45:a0:3b:be:7e:a5:e2:42:1c:a7:24:f9:2f:3c:5a:
                    26:cd:aa:0b:d6:6b:56:c5:7b:f7:88:c0:d5:7c:91:
                    3c:ca:0c:29:fd:4c:d9:f3:e5:e6:e8:25:10:59:26:
                    c8:d7:8e:d4:4d:c2:55:6b:9f:b9:74:8c:69:72:cf:
                    75:5a:2e:cc:3d:c1:0a:89:e7:a5:33:7d:59:bc:3a:
                    55:dd:3e:8a:18:c3:f2:8c:e4:53:74:78:32:f0:bc:
                    d6:fa:a3:df:76:9d:ce:71:bb:26:70:ae:54:c2:64:
                    48:8c:b7:d0:91:04:73:ab:1c:59:1b:a0:92:03:be:
                    5e:e8:5c:b3:a9:b7:c2:a1:8a:3b:fc:ac:be:15:e6:
                    f1:f9:f4:57:79:18:00:e0:c3:b2:4a:c3:ab:87:59:
                    1c:a9:f6:01:e3:a7:cb:50:9a:f6:c9:60:f7:73:0b:
                    cc:2c:e5:36:d3:cf:93:93:9e:84:cc:77:1f:56:c7:
                    27:da:db:94:32:96:7f:ef:c2:38:63:3f:85:c7:f8:
                    af:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:CC:5C:6B:2C:91:0C:50:F1:C5:86:17:8E:32:20:5B:60:3D:BF:E4
            X509v3 Authority Key Identifier:
                keyid:A7:A9:62:42:B4:91:96:22:BF:29:94:9D:27:13:8F:64:12:A3:6F:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6liQrSRliK_KZSdJxOPZBKjbxc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8dbf34-d49a-4e5c-80cd-6acdf4751a48/1/osxcayyRDFDxxYYXjjIgW2A9v-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/8dbf34-d49a-4e5c-80cd-6acdf4751a48/1/p6liQrSRliK_KZSdJxOPZBKjbxc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.36.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:38:c5:7c:b7:5b:dc:b4:12:30:fa:f6:32:7d:4f:0e:e9:54:
         73:b0:75:6e:b5:8b:ee:4e:32:2b:fd:bc:ae:46:21:b6:4f:ba:
         d0:fb:b7:02:8c:14:78:3c:4b:e9:b9:71:87:3f:30:09:2b:9b:
         53:36:df:d9:30:24:d0:6d:28:4a:d3:77:a4:fb:cd:cc:4c:1c:
         25:a1:81:b2:7c:64:6a:1f:a4:85:5b:8f:69:89:96:ba:94:c6:
         2a:ea:87:e9:31:44:17:af:ec:94:10:15:e4:83:3d:78:54:a7:
         79:c5:6a:f1:9d:5e:38:fc:71:b5:e5:e5:da:6d:11:08:53:8b:
         9c:cb:12:f6:f9:d8:ec:01:ec:87:8d:9e:27:f3:82:55:7a:c4:
         07:7a:ba:94:53:99:5c:96:02:53:14:b9:01:71:3b:df:54:1c:
         f1:6c:46:ed:65:dd:e3:35:d3:0c:3a:83:b5:35:e8:4e:9d:6c:
         fe:0d:67:98:9c:a5:47:52:dc:c1:56:14:59:43:18:b1:02:05:
         15:95:2b:b9:7c:5c:fa:71:97:9f:90:7c:79:e4:6f:51:2f:5d:
         17:bc:41:d9:ca:ff:20:80:ba:f6:74:07:92:43:02:8c:1d:be:
         2a:59:d8:72:8b:5d:8f:ba:e2:dc:a3:9c:7e:35:45:fd:20:32:
         f8:77:ee:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECFL8ETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2E5NjI0MmI0OTE5NjIyYmYyOTk0OWQyNzEzOGY2NDEyYTM2ZjE3MB4XDTIyMDEw
MTE0MDgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJjYzVjNmIyYzkx
MGM1MGYxYzU4NjE3OGUzMjIwNWI2MDNkYmZlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjKuCWsnCQsEGQHm4FsCr6YTOUnRga2DIBS+ziXAmlKzc+G
Ydkh7PNriYy3NyX+NJjDmcaCyfO7YpcPRaA7vn6l4kIcpyT5LzxaJs2qC9ZrVsV7
94jA1XyRPMoMKf1M2fPl5uglEFkmyNeO1E3CVWufuXSMaXLPdVouzD3BConnpTN9
Wbw6Vd0+ihjD8ozkU3R4MvC81vqj33adznG7JnCuVMJkSIy30JEEc6scWRugkgO+
Xuhcs6m3wqGKO/ysvhXm8fn0V3kYAODDskrDq4dZHKn2AeOny1Ca9slg93MLzCzl
NtPPk5OehMx3H1bHJ9rblDKWf+/COGM/hcf4r7cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSizFxrLJEMUPHFhheOMiBbYD2/5DAfBgNVHSMEGDAWgBSnqWJCtJGWIr8p
lJ0nE49kEqNvFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A2bGlRclNSbGlLX0taU2RKeE9QWkJLamJ4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTYvOGRiZjM0LWQ0OWEtNGU1Yy04MGNkLTZhY2RmNDc1MWE0OC8x
L29zeGNheXlSREZEeHhZWVhqaklnVzJBOXYtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYv
OGRiZjM0LWQ0OWEtNGU1Yy04MGNkLTZhY2RmNDc1MWE0OC8xL3A2bGlRclNSbGlL
X0taU2RKeE9QWkJLamJ4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkkkDANBgkqhkiG9w0BAQsFAAOC
AQEAdjjFfLdb3LQSMPr2Mn1PDulUc7B1brWL7k4yK/28rkYhtk+60Pu3AowUeDxL
6blxhz8wCSubUzbf2TAk0G0oStN3pPvNzEwcJaGBsnxkah+khVuPaYmWupTGKuqH
6TFEF6/slBAV5IM9eFSnecVq8Z1eOPxxteXl2m0RCFOLnMsS9vnY7AHsh42eJ/OC
VXrEB3q6lFOZXJYCUxS5AXE731Qc8WxG7WXd4zXTDDqDtTXoTp1s/g1nmJylR1Lc
wVYUWUMYsQIFFZUruXxc+nGXn5B8eeRvUS9dF7xB2cr/IIC69nQHkkMCjB2+KlnY
cotdj7ri3KOcfjVF/SAy+HfujA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:45 2024 by rpki-client on console-ams.rpki-client.org