Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/Th_EQyyg-hBuBA4UNKbKrVVSbbI.roa
File:                     Th_EQyyg-hBuBA4UNKbKrVVSbbI.roa (raw, json)
Hash identifier:          Rt8zyg1gdI+w6OGhKstnghIxKu341QKtJiz43iGssC8=
Subject key identifier:   4E:1F:C4:43:2C:A0:FA:10:6E:04:0E:14:34:A6:CA:AD:55:52:6D:B2
Certificate issuer:       /CN=23f87aa18dda6a5d48af80390b2827808cfef285
Certificate serial:       01822263D1565C29390B06EB9B4EC186DC80
Authority key identifier: 23:F8:7A:A1:8D:DA:6A:5D:48:AF:80:39:0B:28:27:80:8C:FE:F2:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_h6oY3aal1Ir4A5CygngIz-8oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/Th_EQyyg-hBuBA4UNKbKrVVSbbI.roa
Signing time:             Thu 21 Jul 2022 20:12:23 +0000
ROA not before:           Thu 21 Jul 2022 20:12:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     35112
IP address blocks:        31.24.87.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:22:63:d1:56:5c:29:39:0b:06:eb:9b:4e:c1:86:dc:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f87aa18dda6a5d48af80390b2827808cfef285
        Validity
            Not Before: Jul 21 20:12:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4e1fc4432ca0fa106e040e1434a6caad55526db2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ba:ce:02:fd:3d:ac:5b:b8:b7:57:08:68:8c:
                    35:00:ee:9d:e1:91:e2:93:6f:67:7a:49:d7:0f:97:
                    08:a9:a9:47:a0:48:99:c4:b5:e2:77:d3:54:9c:01:
                    fc:40:d6:d0:4e:4d:8d:c0:03:0f:1d:fa:25:3b:d8:
                    ae:53:d5:9c:0d:a6:65:27:50:fa:0c:e4:3b:ac:87:
                    48:31:b8:a1:ff:92:fa:15:75:93:17:11:4a:e2:22:
                    1d:c7:72:88:67:00:02:be:1d:01:4c:15:6d:95:d2:
                    a0:76:91:75:b3:c9:35:58:f0:72:c8:17:65:0e:43:
                    af:45:bf:ed:58:93:bf:52:d0:6f:50:2a:77:9b:5a:
                    07:5c:02:ba:38:c0:78:2a:9d:0e:ab:b8:1a:73:46:
                    37:d7:5b:b3:f8:e8:05:7a:84:c6:f8:85:9b:d1:5e:
                    2c:0e:71:31:e8:fe:d9:71:ff:cd:f8:ca:26:7f:b5:
                    1d:bc:ac:bd:a1:45:d5:c9:43:6d:44:ad:d0:85:1b:
                    85:aa:6f:14:a1:bd:8f:8a:22:6a:27:be:48:95:6b:
                    02:64:47:59:52:9e:ca:42:9d:82:4f:e3:73:ac:bd:
                    6e:37:76:85:d4:6e:f4:d5:1a:65:6c:9e:56:a9:fc:
                    94:fa:ab:f9:49:40:e2:df:fe:77:6a:cc:5a:88:b1:
                    c4:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:1F:C4:43:2C:A0:FA:10:6E:04:0E:14:34:A6:CA:AD:55:52:6D:B2
            X509v3 Authority Key Identifier:
                keyid:23:F8:7A:A1:8D:DA:6A:5D:48:AF:80:39:0B:28:27:80:8C:FE:F2:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_h6oY3aal1Ir4A5CygngIz-8oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/Th_EQyyg-hBuBA4UNKbKrVVSbbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/I_h6oY3aal1Ir4A5CygngIz-8oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.24.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:a2:32:e2:82:d7:6f:27:89:c5:82:1c:b1:ad:54:dd:99:4f:
         e5:55:cf:55:4a:cd:4d:ec:33:42:ab:a6:22:ab:be:9d:de:cd:
         7c:bf:94:ce:d8:79:6b:07:d3:04:7d:87:05:19:0e:f2:2e:d1:
         09:7a:94:42:cd:d8:46:c6:bd:b7:62:c7:b0:34:8c:04:68:b4:
         30:43:03:96:62:02:ce:69:51:60:63:28:76:3a:3f:71:1d:0a:
         75:37:fe:63:1b:e8:00:56:83:70:71:b5:98:0e:6a:6a:46:80:
         f3:f8:46:a3:6c:47:da:33:d3:7f:07:38:5c:0e:a3:e5:10:67:
         bb:d9:4f:ff:7b:1e:40:4e:a0:23:ad:f6:f1:07:9a:a0:3b:92:
         a3:d4:9e:e2:c9:4c:31:73:49:dd:94:0e:12:59:c3:f8:fe:f1:
         ec:07:37:ec:1d:0d:1d:8c:19:1d:63:90:ef:03:fb:23:c4:79:
         6d:8b:df:24:3c:f8:e9:4d:66:bc:36:d3:44:fd:51:05:e5:b6:
         81:0a:0b:76:0c:10:c2:14:e6:7b:fd:44:f2:8d:28:89:ef:71:
         2d:b6:bc:2c:d3:00:7f:c7:8e:23:26:ec:c6:49:f3:07:0f:54:
         5b:03:9e:dd:1b:20:df:81:32:6c:cb:ab:83:23:3f:17:88:0b:
         82:58:7c:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIiY9FWXCk5Cwbrm07BhtyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjg3YWExOGRkYTZhNWQ0OGFmODAzOTBiMjgyNzgwOGNm
ZWYyODUwHhcNMjIwNzIxMjAxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFmYzQ0MzJjYTBmYTEwNmUwNDBlMTQzNGE2Y2FhZDU1NTI2ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7rOAv09rFu4t1cIaIw1AO6d4ZHi
k29neknXD5cIqalHoEiZxLXid9NUnAH8QNbQTk2NwAMPHfolO9iuU9WcDaZlJ1D6
DOQ7rIdIMbih/5L6FXWTFxFK4iIdx3KIZwACvh0BTBVtldKgdpF1s8k1WPByyBdl
DkOvRb/tWJO/UtBvUCp3m1oHXAK6OMB4Kp0Oq7gac0Y311uz+OgFeoTG+IWb0V4s
DnEx6P7Zcf/N+Momf7UdvKy9oUXVyUNtRK3QhRuFqm8Uob2PiiJqJ75IlWsCZEdZ
Up7KQp2CT+NzrL1uN3aF1G701RplbJ5WqfyU+qv5SUDi3/53asxaiLHEbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4fxEMsoPoQbgQOFDSmyq1VUm2yMB8GA1UdIwQY
MBaAFCP4eqGN2mpdSK+AOQsoJ4CM/vKFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9oNm9ZM2FhbDFJcjRBNUN5Z25nSXotOG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9jMTg1ZjYtNjI3NC00OWRhLWIyZWYt
NjAwMGNiMmQ1OTkwLzEvVGhfRVF5eWctaEJ1QkE0VU5LYktyVlZTYmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9jMTg1ZjYtNjI3NC00OWRhLWIyZWYtNjAwMGNiMmQ1OTkw
LzEvSV9oNm9ZM2FhbDFJcjRBNUN5Z25nSXotOG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxhXMA0G
CSqGSIb3DQEBCwUAA4IBAQCNojLigtdvJ4nFghyxrVTdmU/lVc9VSs1N7DNCq6Yi
q76d3s18v5TO2HlrB9MEfYcFGQ7yLtEJepRCzdhGxr23YsewNIwEaLQwQwOWYgLO
aVFgYyh2Oj9xHQp1N/5jG+gAVoNwcbWYDmpqRoDz+EajbEfaM9N/BzhcDqPlEGe7
2U//ex5ATqAjrfbxB5qgO5Kj1J7iyUwxc0ndlA4SWcP4/vHsBzfsHQ0djBkdY5Dv
A/sjxHlti98kPPjpTWa8NtNE/VEF5baBCgt2DBDCFOZ7/UTyjSiJ73Ettrws0wB/
x44jJuzGSfMHD1RbA57dGyDfgTJsy6uDIz8XiAuCWHzU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:03 2024 by rpki-client on console-fra.rpki-client.org