Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/CreBPoazJRLXXfiEp8ojx5HqCJU.roa
File:                     CreBPoazJRLXXfiEp8ojx5HqCJU.roa (raw, json)
Hash identifier:          bPObBbimKnusWjcSv9SX4BYWeDdSD6IPW+/Fo/hac78=
Subject key identifier:   0A:B7:81:3E:86:B3:25:12:D7:5D:F8:84:A7:CA:23:C7:91:EA:08:95
Certificate issuer:       /CN=308e4f050668d45e3918384500b175a87680199c
Certificate serial:       01863DC5A448FE0943802F11447AAB6413F7
Authority key identifier: 30:8E:4F:05:06:68:D4:5E:39:18:38:45:00:B1:75:A8:76:80:19:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MI5PBQZo1F45GDhFALF1qHaAGZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/CreBPoazJRLXXfiEp8ojx5HqCJU.roa
Signing time:             Sat 11 Feb 2023 00:00:08 +0000
ROA not before:           Sat 11 Feb 2023 00:00:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        62.204.37.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3d:c5:a4:48:fe:09:43:80:2f:11:44:7a:ab:64:13:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=308e4f050668d45e3918384500b175a87680199c
        Validity
            Not Before: Feb 11 00:00:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ab7813e86b32512d75df884a7ca23c791ea0895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f0:3c:a5:a1:66:60:e9:e0:a0:a6:31:06:15:
                    97:29:4a:92:3f:e6:f6:cd:71:bd:7b:42:aa:57:44:
                    25:0b:1a:ed:b0:0b:41:f1:29:70:62:8c:88:ad:cf:
                    5b:c5:04:a0:bd:70:81:86:6f:a5:08:e7:ad:96:5b:
                    23:f9:ee:2b:a5:a0:32:9f:d6:06:f2:f0:79:a7:7b:
                    ae:2c:28:a4:2e:4f:a2:52:4f:18:b0:38:68:78:fa:
                    fd:93:13:44:00:c4:1b:bd:7a:3e:35:b6:42:ea:24:
                    c9:5f:58:ea:81:cd:83:16:6c:57:f7:b0:be:79:cf:
                    f9:bf:18:3f:b9:78:af:fd:74:d0:24:0b:d8:12:18:
                    4d:0e:70:9c:2f:9e:4c:47:dd:bb:d0:16:e6:57:f3:
                    b7:75:21:46:fc:af:26:6e:85:cc:cd:2c:b6:1b:6a:
                    5f:01:9f:33:a4:28:02:f6:35:36:5c:4c:ba:93:85:
                    d9:72:5a:9b:51:0c:d6:77:85:6c:a0:f0:3a:2e:70:
                    21:3d:0b:12:24:89:aa:78:c3:7f:36:68:1d:c0:18:
                    88:be:f3:80:04:b5:b1:8f:d4:54:cb:62:b0:f6:a8:
                    37:6d:b1:a3:e7:12:86:36:4f:d0:df:b1:69:71:7f:
                    b6:a7:59:ec:5d:36:0f:63:78:b4:3a:78:a3:ea:90:
                    86:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B7:81:3E:86:B3:25:12:D7:5D:F8:84:A7:CA:23:C7:91:EA:08:95
            X509v3 Authority Key Identifier:
                keyid:30:8E:4F:05:06:68:D4:5E:39:18:38:45:00:B1:75:A8:76:80:19:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MI5PBQZo1F45GDhFALF1qHaAGZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/CreBPoazJRLXXfiEp8ojx5HqCJU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/MI5PBQZo1F45GDhFALF1qHaAGZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:07:e8:f8:9b:26:69:3b:b3:b7:9d:7a:5d:ec:4f:f8:cb:db:
         fd:f6:7d:73:89:39:b0:b6:a2:a7:d5:63:98:3e:82:c1:e8:9e:
         c2:44:e0:b8:7e:df:b0:02:55:1a:26:e8:07:0e:e2:32:0c:dd:
         f1:4b:2e:63:ad:24:a3:61:d1:5f:4d:99:30:9b:96:58:1c:f4:
         e6:bb:76:d1:5b:59:4b:4c:9a:9e:93:49:80:7c:9d:2d:36:04:
         e7:cd:2e:62:8c:62:1f:4b:48:21:bf:47:4b:67:02:de:dc:00:
         d9:a0:86:ca:59:e2:11:2b:ab:c7:a4:ec:d0:44:7c:2b:c0:e1:
         0c:1b:4d:da:1d:c0:77:f1:ae:96:c4:52:cd:9b:17:c9:18:e1:
         03:c0:ee:b8:90:e5:1c:7f:c2:3c:6e:68:19:2d:27:4e:7a:90:
         e3:57:62:c3:5e:b0:ff:08:dd:65:67:3f:53:92:b6:11:49:fa:
         61:87:47:f9:47:57:0d:56:16:ea:8a:72:36:09:c3:52:a5:79:
         83:ac:3a:8c:50:64:e9:a7:fe:05:ae:4f:27:ab:dc:43:ab:cf:
         0c:8a:84:21:72:c9:c1:c8:e7:1c:86:8e:91:ff:b6:1a:ac:95:
         f5:ad:46:b1:5c:62:a0:35:b0:f3:7e:df:f7:22:ea:2d:ad:7d:
         2e:af:dc:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY9xaRI/glDgC8RRHqrZBP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOGU0ZjA1MDY2OGQ0NWUzOTE4Mzg0NTAwYjE3NWE4NzY4
MDE5OWMwHhcNMjMwMjExMDAwMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI3ODEzZTg2YjMyNTEyZDc1ZGY4ODRhN2NhMjNjNzkxZWEwODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/A8paFmYOngoKYxBhWXKUqSP+b2
zXG9e0KqV0QlCxrtsAtB8SlwYoyIrc9bxQSgvXCBhm+lCOetllsj+e4rpaAyn9YG
8vB5p3uuLCikLk+iUk8YsDhoePr9kxNEAMQbvXo+NbZC6iTJX1jqgc2DFmxX97C+
ec/5vxg/uXiv/XTQJAvYEhhNDnCcL55MR9270BbmV/O3dSFG/K8mboXMzSy2G2pf
AZ8zpCgC9jU2XEy6k4XZclqbUQzWd4VsoPA6LnAhPQsSJImqeMN/NmgdwBiIvvOA
BLWxj9RUy2Kw9qg3bbGj5xKGNk/Q37FpcX+2p1nsXTYPY3i0Onij6pCGnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq3gT6GsyUS1134hKfKI8eR6giVMB8GA1UdIwQY
MBaAFDCOTwUGaNReORg4RQCxdah2gBmcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUk1UEJRWm8xRjQ1R0RoRkFMRjFxSGFBR1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kZGVkOWMtODU0OC00NGVmLTkxOWUt
NWZjNzJiYmJjMTkyLzEvQ3JlQlBvYXpKUkxYWGZpRXA4b2p4NUhxQ0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kZGVkOWMtODU0OC00NGVmLTkxOWUtNWZjNzJiYmJjMTky
LzEvTUk1UEJRWm8xRjQ1R0RoRkFMRjFxSGFBR1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPswlMA0G
CSqGSIb3DQEBCwUAA4IBAQCBB+j4myZpO7O3nXpd7E/4y9v99n1ziTmwtqKn1WOY
PoLB6J7CROC4ft+wAlUaJugHDuIyDN3xSy5jrSSjYdFfTZkwm5ZYHPTmu3bRW1lL
TJqek0mAfJ0tNgTnzS5ijGIfS0ghv0dLZwLe3ADZoIbKWeIRK6vHpOzQRHwrwOEM
G03aHcB38a6WxFLNmxfJGOEDwO64kOUcf8I8bmgZLSdOepDjV2LDXrD/CN1lZz9T
krYRSfphh0f5R1cNVhbqinI2CcNSpXmDrDqMUGTpp/4Frk8nq9xDq88MioQhcsnB
yOccho6R/7YarJX1rUaxXGKgNbDzft/3IuotrX0ur9yY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org