Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e3867f-1d60-489e-83ad-6c3e766caa1f/1/2HirR9PvBzwNv6t-OTBEGGTsEc0.roa
File:                     2HirR9PvBzwNv6t-OTBEGGTsEc0.roa (raw, json)
Hash identifier:          FaMWArKCcCqfS5FRV132BkVp2w7TG4yB+oeSqyLjNc4=
Subject key identifier:   D8:78:AB:47:D3:EF:07:3C:0D:BF:AB:7E:39:30:44:18:64:EC:11:CD
Certificate issuer:       /CN=9bae744a04c9a34ddc7040292ce559344506876c
Certificate serial:       0186B08D610C7D2C577BA492E5A99FCC282C
Authority key identifier: 9B:AE:74:4A:04:C9:A3:4D:DC:70:40:29:2C:E5:59:34:45:06:87:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/m650SgTJo03ccEApLOVZNEUGh2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/e3867f-1d60-489e-83ad-6c3e766caa1f/1/2HirR9PvBzwNv6t-OTBEGGTsEc0.roa
Signing time:             Sun 05 Mar 2023 06:55:00 +0000
ROA not before:           Sun 05 Mar 2023 06:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        37.140.244.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b0:8d:61:0c:7d:2c:57:7b:a4:92:e5:a9:9f:cc:28:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9bae744a04c9a34ddc7040292ce559344506876c
        Validity
            Not Before: Mar  5 06:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d878ab47d3ef073c0dbfab7e3930441864ec11cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ef:b0:3a:07:71:d4:d1:14:47:37:e8:ae:a1:
                    7c:ac:d7:23:a4:b9:9e:23:2e:25:15:db:ef:12:77:
                    de:8d:7c:4a:c7:2b:f3:66:86:a3:ba:50:bb:be:31:
                    63:01:da:75:f5:aa:d0:0d:40:4c:32:66:78:2b:d8:
                    10:17:96:21:5c:bd:67:de:48:e9:c1:f6:1f:f5:5e:
                    ce:eb:88:02:a3:75:98:4c:25:34:66:ca:ee:82:04:
                    b8:e6:bb:53:eb:82:93:82:d8:3b:5e:48:04:df:7c:
                    9c:6f:d7:99:cc:3d:79:e2:b8:55:0e:1f:fe:bf:3c:
                    f0:c1:ae:57:04:a4:53:47:17:71:05:de:98:91:36:
                    23:4d:21:64:8c:45:7a:cd:11:21:6d:9b:23:e1:17:
                    16:d2:c2:8c:0b:90:e0:48:33:63:69:67:57:2d:68:
                    c5:2a:0c:61:7c:69:01:9f:79:9c:75:81:d6:aa:2b:
                    58:f1:f9:a9:e1:cb:4b:db:98:94:1b:ac:3f:13:77:
                    31:9d:ba:c1:ca:c3:4f:03:88:6a:fb:f0:02:d4:36:
                    de:c5:cf:4a:db:99:b9:1c:f7:6e:ab:b4:5a:43:3b:
                    99:eb:cf:17:18:98:b5:a3:35:13:4f:6b:23:58:41:
                    26:75:d9:6c:c8:7e:3b:97:eb:48:4b:d7:37:1d:fc:
                    2f:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:78:AB:47:D3:EF:07:3C:0D:BF:AB:7E:39:30:44:18:64:EC:11:CD
            X509v3 Authority Key Identifier:
                keyid:9B:AE:74:4A:04:C9:A3:4D:DC:70:40:29:2C:E5:59:34:45:06:87:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m650SgTJo03ccEApLOVZNEUGh2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e3867f-1d60-489e-83ad-6c3e766caa1f/1/2HirR9PvBzwNv6t-OTBEGGTsEc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e3867f-1d60-489e-83ad-6c3e766caa1f/1/m650SgTJo03ccEApLOVZNEUGh2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:48:f0:c9:17:cb:b2:1e:ed:8f:e6:47:85:55:80:18:42:3c:
         d2:7b:32:2e:9e:91:5c:6e:8a:55:a8:b5:39:88:a5:9d:af:e5:
         28:10:11:e3:4a:04:e1:2c:35:c1:5f:4d:d7:10:71:6e:2d:c8:
         b9:54:2b:81:e8:ad:ec:ee:2c:43:0b:bf:c9:bb:6b:b2:07:e5:
         67:5c:f9:d6:43:37:b4:be:72:0d:0e:be:81:27:6e:11:a0:25:
         7c:ec:7b:c1:24:09:8e:70:d6:28:7d:b5:0c:33:93:24:59:68:
         6a:44:01:07:9f:87:61:f8:2f:51:df:39:a2:9c:f8:1c:2d:22:
         7f:7b:1a:64:9c:87:79:0e:25:de:68:b1:1f:14:cd:e5:4c:f6:
         ba:3f:77:30:40:da:13:e2:86:4a:90:c9:19:8b:d3:9e:90:69:
         c1:c4:e5:5d:a9:3f:c1:7b:bb:21:75:4f:09:7c:61:61:2b:f3:
         71:26:ed:27:09:38:ed:5c:4c:da:67:dc:db:22:de:bd:6e:b3:
         4e:b4:5b:d3:7d:43:60:0a:1d:e9:dd:87:f6:93:09:b6:3c:66:
         d9:e9:64:56:84:e7:8a:03:69:a8:b2:6f:69:4e:36:12:d5:70:
         69:55:7a:59:a2:d2:2d:b7:8d:f8:4f:0f:a2:1b:d1:9d:47:e2:
         64:fb:13:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYawjWEMfSxXe6SS5amfzCgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYWU3NDRhMDRjOWEzNGRkYzcwNDAyOTJjZTU1OTM0NDUw
Njg3NmMwHhcNMjMwMzA1MDY1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc4YWI0N2QzZWYwNzNjMGRiZmFiN2UzOTMwNDQxODY0ZWMxMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO+wOgdx1NEURzforqF8rNcjpLme
Iy4lFdvvEnfejXxKxyvzZoajulC7vjFjAdp19arQDUBMMmZ4K9gQF5YhXL1n3kjp
wfYf9V7O64gCo3WYTCU0ZsruggS45rtT64KTgtg7XkgE33ycb9eZzD154rhVDh/+
vzzwwa5XBKRTRxdxBd6YkTYjTSFkjEV6zREhbZsj4RcW0sKMC5DgSDNjaWdXLWjF
KgxhfGkBn3mcdYHWqitY8fmp4ctL25iUG6w/E3cxnbrBysNPA4hq+/AC1Dbexc9K
25m5HPduq7RaQzuZ688XGJi1ozUTT2sjWEEmddlsyH47l+tIS9c3HfwvSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNh4q0fT7wc8Db+rfjkwRBhk7BHNMB8GA1UdIwQY
MBaAFJuudEoEyaNN3HBAKSzlWTRFBodsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTY1MFNnVEpvMDNjY0VBcExPVlpORVVHaDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lMzg2N2YtMWQ2MC00ODllLTgzYWQt
NmMzZTc2NmNhYTFmLzEvMkhpclI5UHZCendOdjZ0LU9UQkVHR1RzRWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lMzg2N2YtMWQ2MC00ODllLTgzYWQtNmMzZTc2NmNhYTFm
LzEvbTY1MFNnVEpvMDNjY0VBcExPVlpORVVHaDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz0MA0G
CSqGSIb3DQEBCwUAA4IBAQAdSPDJF8uyHu2P5keFVYAYQjzSezIunpFcbopVqLU5
iKWdr+UoEBHjSgThLDXBX03XEHFuLci5VCuB6K3s7ixDC7/Ju2uyB+VnXPnWQze0
vnINDr6BJ24RoCV87HvBJAmOcNYofbUMM5MkWWhqRAEHn4dh+C9R3zminPgcLSJ/
expknId5DiXeaLEfFM3lTPa6P3cwQNoT4oZKkMkZi9OekGnBxOVdqT/Be7shdU8J
fGFhK/NxJu0nCTjtXEzaZ9zbIt69brNOtFvTfUNgCh3p3Yf2kwm2PGbZ6WRWhOeK
A2mosm9pTjYS1XBpVXpZotItt434Tw+iG9GdR+Jk+xOG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:56 2024 by rpki-client on console-fra.rpki-client.org