Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/44bb80-d483-4a4a-ac63-98dece02099c/1/wvBgW9j4BhJ4QhSYS6OFkuFJBvs.roa
File:                     wvBgW9j4BhJ4QhSYS6OFkuFJBvs.roa (raw, json)
Hash identifier:          C+temY6meKAmem3x9y9yuB18TpS9bM8s+g9VJ5POOGM=
Subject key identifier:   C2:F0:60:5B:D8:F8:06:12:78:42:14:98:4B:A3:85:92:E1:49:06:FB
Certificate issuer:       /CN=09517b6de23db5f75b296e60fbe41869274a615f
Certificate serial:       06FB0961
Authority key identifier: 09:51:7B:6D:E2:3D:B5:F7:5B:29:6E:60:FB:E4:18:69:27:4A:61:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CVF7beI9tfdbKW5g--QYaSdKYV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/44bb80-d483-4a4a-ac63-98dece02099c/1/wvBgW9j4BhJ4QhSYS6OFkuFJBvs.roa
Signing time:             Sat 01 Jan 2022 12:56:19 +0000
ROA not before:           Sat 01 Jan 2022 12:56:19 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     205836
IP address blocks:        194.34.136.0/24 maxlen: 24
                          194.34.136.0/23 maxlen: 23
                          194.34.137.0/24 maxlen: 24
                          194.34.63.0/24 maxlen: 24
                          194.34.62.0/24 maxlen: 24
                          194.34.62.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117115233 (0x6fb0961)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09517b6de23db5f75b296e60fbe41869274a615f
        Validity
            Not Before: Jan  1 12:56:19 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=c2f0605bd8f80612784214984ba38592e14906fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d2:a8:d9:f6:50:1f:42:c8:71:66:11:10:51:
                    29:af:fe:0b:f6:61:bc:ae:a8:36:3b:99:b1:fa:9c:
                    20:20:dd:b2:10:4c:f5:ac:76:7a:3a:0c:a0:09:35:
                    14:63:67:e9:ec:d4:32:2e:e6:8c:b3:97:7e:49:44:
                    bf:1b:c1:60:7b:08:8b:b2:aa:12:49:8e:f4:de:46:
                    79:3c:18:3e:93:05:4e:c2:2e:68:0a:88:ff:69:8e:
                    c5:0a:f7:6d:f9:75:33:ab:41:65:4c:3b:00:ca:02:
                    e6:58:e2:eb:e9:09:df:a6:20:cd:06:bf:ef:ab:15:
                    f3:35:c4:61:f9:5d:07:46:15:59:b4:99:05:f8:50:
                    c0:f2:6e:60:16:6c:8e:7a:56:7c:45:d1:bf:de:b5:
                    3c:c4:1a:1e:c3:03:4f:3e:61:b3:10:2e:67:ae:41:
                    67:13:4b:79:46:bb:fc:a1:cd:6f:13:15:7e:c0:d9:
                    25:1e:63:20:d9:0c:af:ef:a8:a7:d2:9e:7a:79:e3:
                    b2:db:00:0a:bb:c7:48:2f:ea:e2:9b:66:7b:5f:25:
                    e0:06:78:26:a0:fc:bb:84:b6:9a:41:83:5a:f7:cd:
                    fd:e9:da:86:02:e5:a5:5b:da:6b:05:96:57:be:09:
                    cd:37:c7:cf:73:3b:41:62:1a:78:ad:ee:67:bd:c4:
                    4f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:F0:60:5B:D8:F8:06:12:78:42:14:98:4B:A3:85:92:E1:49:06:FB
            X509v3 Authority Key Identifier:
                keyid:09:51:7B:6D:E2:3D:B5:F7:5B:29:6E:60:FB:E4:18:69:27:4A:61:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVF7beI9tfdbKW5g--QYaSdKYV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/44bb80-d483-4a4a-ac63-98dece02099c/1/wvBgW9j4BhJ4QhSYS6OFkuFJBvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/44bb80-d483-4a4a-ac63-98dece02099c/1/CVF7beI9tfdbKW5g--QYaSdKYV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.62.0/23
                  194.34.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d6:23:bb:72:f5:88:44:c3:ee:1e:2d:63:58:54:8b:8c:0b:85:
         3e:d9:bc:ab:e2:f5:13:01:66:5b:fa:3e:5f:3b:6b:39:15:e9:
         db:6c:bd:f3:88:ac:c7:16:3a:7b:c1:6c:a4:2e:74:36:17:6a:
         26:d2:79:47:8b:2c:17:66:78:36:38:24:3e:89:b9:f9:5d:cd:
         f7:a6:80:d3:2b:e4:e9:5f:a4:38:20:55:67:1a:cf:33:14:f4:
         a6:9b:cc:cc:71:6a:52:0e:2c:d0:1d:f5:14:0c:6a:60:9b:c6:
         d0:28:c7:fd:74:71:08:cd:74:31:c6:64:5b:47:7e:db:e0:b8:
         4e:be:f6:6a:86:cc:bf:b8:01:b9:98:8b:99:7d:c0:aa:8f:38:
         78:60:40:9c:8b:da:72:4b:57:fc:87:92:73:03:eb:b7:59:15:
         e7:94:ba:75:96:78:51:be:09:52:5b:69:a2:65:9f:90:9d:51:
         e4:f2:04:70:3d:8c:02:b0:33:28:c9:85:ef:ca:d5:79:98:a4:
         0a:64:9d:ef:d4:0f:53:4b:4a:a1:fc:9a:c0:4f:6b:96:9a:13:
         2d:ee:87:78:b6:6c:46:7d:fe:8d:e0:b2:92:8d:c4:16:b2:f4:
         4b:44:fa:5c:53:a2:eb:98:f1:47:6f:e5:15:4c:63:5c:5c:d1:
         83:50:c6:de
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBvsJYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTUxN2I2ZGUyM2RiNWY3NWIyOTZlNjBmYmU0MTg2OTI3NGE2MTVmMB4XDTIyMDEw
MTEyNTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJmMDYwNWJkOGY4
MDYxMjc4NDIxNDk4NGJhMzg1OTJlMTQ5MDZmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3SqNn2UB9CyHFmERBRKa/+C/ZhvK6oNjuZsfqcICDdshBM
9ax2ejoMoAk1FGNn6ezUMi7mjLOXfklEvxvBYHsIi7KqEkmO9N5GeTwYPpMFTsIu
aAqI/2mOxQr3bfl1M6tBZUw7AMoC5lji6+kJ36YgzQa/76sV8zXEYfldB0YVWbSZ
BfhQwPJuYBZsjnpWfEXRv961PMQaHsMDTz5hsxAuZ65BZxNLeUa7/KHNbxMVfsDZ
JR5jINkMr++op9KeennjstsACrvHSC/q4ptme18l4AZ4JqD8u4S2mkGDWvfN/ena
hgLlpVvaawWWV74JzTfHz3M7QWIaeK3uZ73ET6sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTC8GBb2PgGEnhCFJhLo4WS4UkG+zAfBgNVHSMEGDAWgBQJUXtt4j2191sp
bmD75BhpJ0phXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NWRjdiZUk5dGZkYktXNWctLVFZYVNkS1lWOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvNDRiYjgwLWQ0ODMtNGE0YS1hYzYzLTk4ZGVjZTAyMDk5Yy8x
L3d2QmdXOWo0QmhKNFFoU1lTNk9Ga3VGSkJ2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
NDRiYjgwLWQ0ODMtNGE0YS1hYzYzLTk4ZGVjZTAyMDk5Yy8xL0NWRjdiZUk5dGZk
YktXNWctLVFZYVNkS1lWOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcIiPgMEAcIiiDANBgkqhkiG9w0B
AQsFAAOCAQEA1iO7cvWIRMPuHi1jWFSLjAuFPtm8q+L1EwFmW/o+XztrORXp22y9
84isxxY6e8FspC50NhdqJtJ5R4ssF2Z4NjgkPom5+V3N96aA0yvk6V+kOCBVZxrP
MxT0ppvMzHFqUg4s0B31FAxqYJvG0CjH/XRxCM10McZkW0d+2+C4Tr72aobMv7gB
uZiLmX3Aqo84eGBAnIvacktX/IeScwPrt1kV55S6dZZ4Ub4JUltpomWfkJ1R5PIE
cD2MArAzKMmF78rVeZikCmSd79QPU0tKofyawE9rlpoTLe6HeLZsRn3+jeCyko3E
FrL0S0T6XFOi65jxR2/lFUxjXFzRg1DG3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org