Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/abeb11-e681-434c-8558-ab7700b1627f/1/zeE7LDYW8S6VFeQxGAAUbA9B5Mc.roa
File:                     zeE7LDYW8S6VFeQxGAAUbA9B5Mc.roa (raw, json)
Hash identifier:          Eo16ePyErqss+zoE8fETDei9lVNGPpmgAYnFkH59s+E=
Subject key identifier:   CD:E1:3B:2C:36:16:F1:2E:95:15:E4:31:18:00:14:6C:0F:41:E4:C7
Certificate issuer:       /CN=6b2f22abf5747fdfcd5163cb924608e1c78cd182
Certificate serial:       018CC5DC366C1615A8D19D1688A3C23BA254
Authority key identifier: 6B:2F:22:AB:F5:74:7F:DF:CD:51:63:CB:92:46:08:E1:C7:8C:D1:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ay8iq_V0f9_NUWPLkkYI4ceM0YI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/abeb11-e681-434c-8558-ab7700b1627f/1/zeE7LDYW8S6VFeQxGAAUbA9B5Mc.roa
Signing time:             Mon 01 Jan 2024 16:29:52 +0000
ROA not before:           Mon 01 Jan 2024 16:29:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48551
IP address blocks:        185.128.40.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:36:6c:16:15:a8:d1:9d:16:88:a3:c2:3b:a2:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b2f22abf5747fdfcd5163cb924608e1c78cd182
        Validity
            Not Before: Jan  1 16:29:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cde13b2c3616f12e9515e4311800146c0f41e4c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:78:3f:eb:99:18:55:d0:d0:7f:a6:5a:53:43:
                    93:b9:d1:35:e2:0d:82:16:5d:3a:11:de:08:f6:c8:
                    f8:77:37:55:f8:91:f8:cd:53:f7:ae:cf:8a:a4:f2:
                    e9:2f:82:cd:de:0d:7f:b5:1c:fa:db:c3:33:ae:69:
                    81:52:24:1a:51:58:8c:09:7e:4a:ad:29:b0:50:bd:
                    9f:0d:f5:53:e0:6a:93:23:0f:5b:d3:8c:ac:1e:1a:
                    72:59:ad:6f:e1:9d:0d:71:de:8f:19:b8:c3:4e:9c:
                    ea:ca:47:a9:e9:f7:8b:80:27:cd:5f:61:7e:95:45:
                    f3:ea:d4:21:02:66:f8:0a:ca:e6:d5:52:f5:75:9b:
                    41:da:39:c4:bf:7b:58:aa:7f:32:dd:da:9d:30:d3:
                    35:33:68:94:40:b2:09:3d:fc:b6:04:17:f5:ed:08:
                    c6:a8:39:5e:76:ac:0e:b6:6f:6c:ed:79:5f:ae:f1:
                    32:70:a4:bf:e5:1c:47:6f:e6:9d:4d:91:9c:d4:8a:
                    f9:ea:93:ed:dd:6a:23:0c:f6:b8:7d:1a:ac:39:9a:
                    07:07:19:e7:06:fc:94:41:42:2d:d4:05:0a:ce:9f:
                    99:bf:c5:4f:3b:b0:d2:a2:eb:a7:29:26:a5:e9:5f:
                    20:fa:c0:df:94:57:52:50:1d:87:8e:70:8a:8c:f8:
                    7d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:E1:3B:2C:36:16:F1:2E:95:15:E4:31:18:00:14:6C:0F:41:E4:C7
            X509v3 Authority Key Identifier:
                keyid:6B:2F:22:AB:F5:74:7F:DF:CD:51:63:CB:92:46:08:E1:C7:8C:D1:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ay8iq_V0f9_NUWPLkkYI4ceM0YI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/abeb11-e681-434c-8558-ab7700b1627f/1/zeE7LDYW8S6VFeQxGAAUbA9B5Mc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/abeb11-e681-434c-8558-ab7700b1627f/1/ay8iq_V0f9_NUWPLkkYI4ceM0YI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:ea:b9:04:e6:b0:ae:85:8f:b6:b1:b4:09:6b:da:49:0e:4b:
         8a:6a:fc:b4:18:8f:fa:30:1a:c8:30:f2:a3:d3:f8:b2:ae:8f:
         61:94:bb:cf:a2:7c:4e:59:5c:fe:37:07:ca:34:78:d5:11:75:
         31:92:c6:85:71:6e:ea:3e:cb:84:25:b6:64:52:b7:14:c3:b0:
         76:17:8b:04:11:23:87:a9:d8:02:bc:54:54:0e:fb:36:99:7c:
         6b:c5:69:08:c4:55:bc:a1:f8:e5:d7:47:2a:b0:96:65:44:d1:
         98:2e:30:d4:60:1d:f5:74:ec:0c:dd:43:25:97:68:16:c8:fb:
         56:97:52:c7:33:0c:99:5a:69:0e:41:8f:0e:29:a9:39:fe:76:
         d0:44:45:88:7c:ef:b3:38:87:8a:03:05:a6:92:2c:16:24:a0:
         29:8e:30:73:ee:12:b7:12:93:bc:65:8f:3f:b0:50:66:ce:db:
         66:d9:4d:a2:b6:6f:9c:ed:e6:08:d7:0a:a2:a7:78:d2:f6:1e:
         3d:49:e6:ef:6a:f2:da:1c:5c:35:d9:a2:57:63:b0:85:a7:be:
         a9:a9:8f:10:31:68:e7:5d:0b:65:a8:29:24:7a:d0:e7:35:78:
         0b:0a:1f:8e:aa:ed:ec:f8:63:6f:e1:e4:1f:7a:c2:bf:04:a9:
         32:b0:82:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DZsFhWo0Z0WiKPCO6JUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMmYyMmFiZjU3NDdmZGZjZDUxNjNjYjkyNDYwOGUxYzc4
Y2QxODIwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGUxM2IyYzM2MTZmMTJlOTUxNWU0MzExODAwMTQ2YzBmNDFlNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXg/65kYVdDQf6ZaU0OTudE14g2C
Fl06Ed4I9sj4dzdV+JH4zVP3rs+KpPLpL4LN3g1/tRz628MzrmmBUiQaUViMCX5K
rSmwUL2fDfVT4GqTIw9b04ysHhpyWa1v4Z0Ncd6PGbjDTpzqykep6feLgCfNX2F+
lUXz6tQhAmb4Csrm1VL1dZtB2jnEv3tYqn8y3dqdMNM1M2iUQLIJPfy2BBf17QjG
qDledqwOtm9s7XlfrvEycKS/5RxHb+adTZGc1Ir56pPt3WojDPa4fRqsOZoHBxnn
BvyUQUIt1AUKzp+Zv8VPO7DSouunKSal6V8g+sDflFdSUB2HjnCKjPh9zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3hOyw2FvEulRXkMRgAFGwPQeTHMB8GA1UdIwQY
MBaAFGsvIqv1dH/fzVFjy5JGCOHHjNGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXk4aXFfVjBmOV9OVVdQTGtrWUk0Y2VNMFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9hYmViMTEtZTY4MS00MzRjLTg1NTgt
YWI3NzAwYjE2MjdmLzEvemVFN0xEWVc4UzZWRmVReEdBQVViQTlCNU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9hYmViMTEtZTY4MS00MzRjLTg1NTgtYWI3NzAwYjE2Mjdm
LzEvYXk4aXFfVjBmOV9OVVdQTGtrWUk0Y2VNMFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYAoMA0G
CSqGSIb3DQEBCwUAA4IBAQAL6rkE5rCuhY+2sbQJa9pJDkuKavy0GI/6MBrIMPKj
0/iyro9hlLvPonxOWVz+NwfKNHjVEXUxksaFcW7qPsuEJbZkUrcUw7B2F4sEESOH
qdgCvFRUDvs2mXxrxWkIxFW8ofjl10cqsJZlRNGYLjDUYB31dOwM3UMll2gWyPtW
l1LHMwyZWmkOQY8OKak5/nbQREWIfO+zOIeKAwWmkiwWJKApjjBz7hK3EpO8ZY8/
sFBmzttm2U2itm+c7eYI1wqip3jS9h49SebvavLaHFw12aJXY7CFp76pqY8QMWjn
XQtlqCkketDnNXgLCh+Oqu3s+GNv4eQfesK/BKkysIJD
-----END CERTIFICATE-----
Generated at Thu Oct 10 19:31:45 2024 by rpki-client on console-fra.rpki-client.org