Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/xs535l7l_CT8V3ergkSdkqRa5Xc.roa
File:                     xs535l7l_CT8V3ergkSdkqRa5Xc.roa (raw, json)
Hash identifier:          wgVF47cbIIRSTVqbr5Foqqyhf1ofblSjuOpAmC99FtM=
Subject key identifier:   C6:CE:77:E6:5E:E5:FC:24:FC:57:77:AB:82:44:9D:92:A4:5A:E5:77
Certificate issuer:       /CN=2c57dd0f9a03833e74e47b990f1a4895b52104a4
Certificate serial:       018D2D73AC7932AF3FBFC1EF053E9293AF17
Authority key identifier: 2C:57:DD:0F:9A:03:83:3E:74:E4:7B:99:0F:1A:48:95:B5:21:04:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LFfdD5oDgz505HuZDxpIlbUhBKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/xs535l7l_CT8V3ergkSdkqRa5Xc.roa
Signing time:             Sun 21 Jan 2024 19:16:11 +0000
ROA not before:           Sun 21 Jan 2024 19:16:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12722
IP address blocks:        213.109.206.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:2d:73:ac:79:32:af:3f:bf:c1:ef:05:3e:92:93:af:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c57dd0f9a03833e74e47b990f1a4895b52104a4
        Validity
            Not Before: Jan 21 19:16:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c6ce77e65ee5fc24fc5777ab82449d92a45ae577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9f:e2:e9:dc:e4:ba:dd:50:7e:e2:e3:15:43:
                    97:1b:55:d9:49:d3:8f:e8:d6:43:4c:81:e0:d7:2d:
                    16:5b:2f:14:39:df:de:60:60:19:e5:c1:fe:97:41:
                    c1:02:10:8d:6d:85:91:87:70:e1:ff:e5:57:fd:56:
                    57:50:f4:c1:ba:dc:53:b0:0c:ce:7b:ad:fd:69:5d:
                    dc:53:80:4f:67:47:60:c7:0c:fc:6f:1d:2e:84:c3:
                    0e:08:32:c0:b0:02:33:88:6f:e0:37:2a:49:eb:d3:
                    d6:c0:b7:05:25:bd:26:96:4f:98:ef:b8:c3:51:78:
                    5c:3a:76:34:09:ca:9c:c2:96:94:0f:d2:7b:93:b2:
                    3c:3f:fd:a6:90:4e:32:05:b0:53:ec:2b:7d:d3:b1:
                    5f:be:44:0c:0a:4e:6f:d0:11:32:fb:cf:1e:e1:36:
                    19:29:af:aa:7f:84:00:e0:b5:4d:a4:0b:42:d7:86:
                    52:c4:a9:51:bc:01:c0:9b:aa:45:11:26:dd:cc:f2:
                    a6:ef:96:bf:91:24:da:fd:ad:11:d4:14:b5:b5:c3:
                    6c:97:b9:db:b9:cc:81:13:2e:84:8f:09:fb:2d:e2:
                    9b:5b:0b:b1:06:c8:06:69:0f:9d:9a:38:29:28:94:
                    62:10:9d:e8:be:68:6a:ff:7d:5a:cb:b4:c4:e1:96:
                    70:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:CE:77:E6:5E:E5:FC:24:FC:57:77:AB:82:44:9D:92:A4:5A:E5:77
            X509v3 Authority Key Identifier:
                keyid:2C:57:DD:0F:9A:03:83:3E:74:E4:7B:99:0F:1A:48:95:B5:21:04:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFfdD5oDgz505HuZDxpIlbUhBKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/xs535l7l_CT8V3ergkSdkqRa5Xc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d81e08-19c1-434a-bd06-474106e5c687/1/LFfdD5oDgz505HuZDxpIlbUhBKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.109.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:c0:c9:8b:67:8a:7e:74:5b:dd:7a:ef:05:10:41:30:3f:9c:
         ad:cb:53:6a:98:3d:22:54:38:7a:80:0f:ff:a3:7a:a3:c2:fe:
         a5:8b:52:6c:6d:67:b9:c8:0e:3d:32:94:02:ab:5e:d7:18:03:
         39:c8:0a:61:7d:d0:13:ec:03:65:6e:af:d6:72:ab:ff:8d:9d:
         92:f5:60:22:42:ee:aa:d4:77:3b:2a:64:34:2d:92:fe:ec:e1:
         c7:78:4e:e4:d9:1d:9c:82:c3:6d:01:ec:0c:08:10:ed:1b:f1:
         69:27:f6:2b:97:19:c0:35:8b:49:90:fb:90:9e:1c:69:c9:38:
         6d:35:af:a8:fa:3f:6f:8f:a7:79:92:30:de:99:bc:85:fb:83:
         01:90:13:3e:9a:d5:c1:d8:0b:37:58:0b:26:52:04:c9:cd:c2:
         5b:67:fe:87:e1:90:d3:5b:cd:65:b7:99:7a:eb:63:bb:39:4f:
         fc:63:b8:2c:0c:c2:a4:6e:9a:2d:d5:7f:aa:7a:c5:3a:dd:18:
         cc:a0:03:21:56:77:8f:e9:eb:ed:eb:b0:da:64:45:0b:7c:b7:
         47:75:c3:40:41:94:38:76:dd:7b:09:17:e2:ca:3e:d3:ef:41:
         cb:72:36:35:8d:03:32:ef:2c:a9:00:e8:8c:81:f2:f2:47:66:
         33:8d:57:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0tc6x5Mq8/v8HvBT6Sk68XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNTdkZDBmOWEwMzgzM2U3NGU0N2I5OTBmMWE0ODk1YjUy
MTA0YTQwHhcNMjQwMTIxMTkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmNlNzdlNjVlZTVmYzI0ZmM1Nzc3YWI4MjQ0OWQ5MmE0NWFlNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ/i6dzkut1QfuLjFUOXG1XZSdOP
6NZDTIHg1y0WWy8UOd/eYGAZ5cH+l0HBAhCNbYWRh3Dh/+VX/VZXUPTButxTsAzO
e639aV3cU4BPZ0dgxwz8bx0uhMMOCDLAsAIziG/gNypJ69PWwLcFJb0mlk+Y77jD
UXhcOnY0CcqcwpaUD9J7k7I8P/2mkE4yBbBT7Ct907FfvkQMCk5v0BEy+88e4TYZ
Ka+qf4QA4LVNpAtC14ZSxKlRvAHAm6pFESbdzPKm75a/kSTa/a0R1BS1tcNsl7nb
ucyBEy6Ejwn7LeKbWwuxBsgGaQ+dmjgpKJRiEJ3ovmhq/31ay7TE4ZZwhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbOd+Ze5fwk/Fd3q4JEnZKkWuV3MB8GA1UdIwQY
MBaAFCxX3Q+aA4M+dOR7mQ8aSJW1IQSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEZmZEQ1b0RnejUwNUh1WkR4cElsYlVoQktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kODFlMDgtMTljMS00MzRhLWJkMDYt
NDc0MTA2ZTVjNjg3LzEveHM1MzVsN2xfQ1Q4VjNlcmdrU2RrcVJhNVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kODFlMDgtMTljMS00MzRhLWJkMDYtNDc0MTA2ZTVjNjg3
LzEvTEZmZEQ1b0RnejUwNUh1WkR4cElsYlVoQktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W3OMA0G
CSqGSIb3DQEBCwUAA4IBAQApwMmLZ4p+dFvdeu8FEEEwP5yty1NqmD0iVDh6gA//
o3qjwv6li1JsbWe5yA49MpQCq17XGAM5yAphfdAT7ANlbq/Wcqv/jZ2S9WAiQu6q
1Hc7KmQ0LZL+7OHHeE7k2R2cgsNtAewMCBDtG/FpJ/YrlxnANYtJkPuQnhxpyTht
Na+o+j9vj6d5kjDembyF+4MBkBM+mtXB2As3WAsmUgTJzcJbZ/6H4ZDTW81lt5l6
62O7OU/8Y7gsDMKkbpot1X+qesU63RjMoAMhVneP6evt67DaZEULfLdHdcNAQZQ4
dt17CRfiyj7T70HLcjY1jQMy7yypAOiMgfLyR2YzjVc0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:59 2024 by rpki-client on console-fra.rpki-client.org