Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/QbpISltUinKugvl9s9f7I_uJ0Rs.roa
File:                     QbpISltUinKugvl9s9f7I_uJ0Rs.roa (raw, json)
Hash identifier:          DbaRtfe+Ezj+l+ZyeS7SRKUXJMqG0UcDJkOdqvbHZoc=
Subject key identifier:   41:BA:48:4A:5B:54:8A:72:AE:82:F9:7D:B3:D7:FB:23:FB:89:D1:1B
Certificate issuer:       /CN=308e4f050668d45e3918384500b175a87680199c
Certificate serial:       835CFD
Authority key identifier: 30:8E:4F:05:06:68:D4:5E:39:18:38:45:00:B1:75:A8:76:80:19:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MI5PBQZo1F45GDhFALF1qHaAGZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/QbpISltUinKugvl9s9f7I_uJ0Rs.roa
Signing time:             Sat 01 Jan 2022 02:01:52 +0000
ROA not before:           Sat 01 Jan 2022 02:01:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        62.204.37.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8609021 (0x835cfd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=308e4f050668d45e3918384500b175a87680199c
        Validity
            Not Before: Jan  1 02:01:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=41ba484a5b548a72ae82f97db3d7fb23fb89d11b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:16:61:70:cb:1e:1d:43:13:72:ff:8a:9d:ea:
                    48:6a:1f:47:93:e9:a7:12:de:3f:d3:5e:ae:8e:d7:
                    15:4f:df:15:18:a6:fc:41:fd:da:f6:49:06:e7:a3:
                    37:96:ea:26:9f:9b:00:c5:20:c7:ad:40:6d:49:01:
                    d3:96:09:0c:21:37:37:fa:6e:84:1d:a8:cf:d2:44:
                    30:2a:53:a1:31:5b:c4:a6:eb:a1:0f:fd:bd:d7:25:
                    8f:b4:53:1b:f4:0e:d2:61:02:1d:d1:8b:0d:50:e8:
                    22:c3:c0:bb:ad:25:e7:cc:9b:98:4d:8f:20:de:80:
                    50:30:7d:29:e2:51:68:5f:ea:5e:9a:8d:af:0a:ca:
                    98:58:f3:da:4a:bf:2f:f3:ba:97:5b:51:bb:0a:28:
                    ae:9b:02:2a:4a:2b:bf:16:79:aa:83:30:c8:c3:d0:
                    e6:b2:03:08:cc:e6:ba:b8:ad:70:9c:53:3d:3b:61:
                    e7:08:2f:c0:03:a0:1d:bf:c7:c6:f3:d9:83:6b:73:
                    1f:c6:f0:c9:01:63:6f:da:ce:69:a8:6a:29:65:a5:
                    75:16:30:70:aa:19:b5:93:80:98:96:2f:2e:cb:68:
                    99:fc:cd:78:13:eb:03:43:df:0f:57:98:f5:49:69:
                    6d:c9:2a:c0:58:57:5a:94:82:36:e1:bc:d2:6a:43:
                    cf:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:BA:48:4A:5B:54:8A:72:AE:82:F9:7D:B3:D7:FB:23:FB:89:D1:1B
            X509v3 Authority Key Identifier:
                keyid:30:8E:4F:05:06:68:D4:5E:39:18:38:45:00:B1:75:A8:76:80:19:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MI5PBQZo1F45GDhFALF1qHaAGZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/QbpISltUinKugvl9s9f7I_uJ0Rs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dded9c-8548-44ef-919e-5fc72bbbc192/1/MI5PBQZo1F45GDhFALF1qHaAGZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.204.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:fe:38:7b:70:04:49:e4:75:d0:fa:a2:64:25:60:f9:a3:66:
         96:0f:39:27:62:10:fc:b6:02:b7:22:54:47:97:27:c7:c2:aa:
         2c:01:02:69:fe:34:a4:2f:c3:19:eb:bf:4b:9a:c9:2f:e2:98:
         50:b5:11:2b:87:8e:62:24:a6:a3:38:f3:58:cd:c4:0c:a2:8b:
         d0:1b:e7:97:4f:2a:15:a1:e9:4e:d8:21:87:e2:b7:2d:d3:4b:
         59:6b:68:ab:df:37:d2:d0:17:71:17:e2:0b:dd:79:79:8d:f9:
         b7:d1:42:2f:86:49:72:4b:55:bd:27:f4:78:a7:ad:aa:a7:e3:
         33:2c:70:2b:07:6a:cb:7a:cb:d2:ba:2d:c4:64:82:51:19:7c:
         6e:69:1f:ed:5c:20:bd:22:cb:e6:14:e3:f4:65:56:ee:eb:dd:
         fb:62:7a:0d:dc:96:33:fc:13:e3:15:a6:2f:9e:df:6a:7a:cb:
         90:b4:15:ec:3b:f8:f8:99:1c:95:74:10:48:e2:38:a8:74:44:
         42:bd:f0:59:63:84:bf:21:b1:35:95:88:eb:26:de:eb:de:cb:
         0d:38:f3:7d:0c:32:f0:a0:2a:9f:ea:e2:67:74:b4:5c:73:f6:
         b4:03:5f:d5:88:ed:2f:38:61:d2:a5:ea:9c:dc:10:62:32:e1:
         c2:65:f1:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAINc/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDhlNGYwNTA2NjhkNDVlMzkxODM4NDUwMGIxNzVhODc2ODAxOTljMB4XDTIyMDEw
MTAyMDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFiYTQ4NGE1YjU0
OGE3MmFlODJmOTdkYjNkN2ZiMjNmYjg5ZDExYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKMWYXDLHh1DE3L/ip3qSGofR5PppxLeP9Nero7XFU/fFRim
/EH92vZJBuejN5bqJp+bAMUgx61AbUkB05YJDCE3N/puhB2oz9JEMCpToTFbxKbr
oQ/9vdclj7RTG/QO0mECHdGLDVDoIsPAu60l58ybmE2PIN6AUDB9KeJRaF/qXpqN
rwrKmFjz2kq/L/O6l1tRuwoorpsCKkorvxZ5qoMwyMPQ5rIDCMzmuritcJxTPTth
5wgvwAOgHb/HxvPZg2tzH8bwyQFjb9rOaahqKWWldRYwcKoZtZOAmJYvLstomfzN
eBPrA0PfD1eY9UlpbckqwFhXWpSCNuG80mpDz6cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRBukhKW1SKcq6C+X2z1/sj+4nRGzAfBgNVHSMEGDAWgBQwjk8FBmjUXjkY
OEUAsXWodoAZnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01JNVBCUVpvMUY0NUdEaEZBTEYxcUhhQUdady5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvZGRlZDljLTg1NDgtNDRlZi05MTllLTVmYzcyYmJiYzE5Mi8x
L1FicElTbHRVaW5LdWd2bDlzOWY3SV91SjBScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
ZGRlZDljLTg1NDgtNDRlZi05MTllLTVmYzcyYmJiYzE5Mi8xL01JNVBCUVpvMUY0
NUdEaEZBTEYxcUhhQUdady5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7MJTANBgkqhkiG9w0BAQsFAAOC
AQEAkP44e3AESeR10PqiZCVg+aNmlg85J2IQ/LYCtyJUR5cnx8KqLAECaf40pC/D
Geu/S5rJL+KYULURK4eOYiSmozjzWM3EDKKL0Bvnl08qFaHpTtghh+K3LdNLWWto
q9830tAXcRfiC915eY35t9FCL4ZJcktVvSf0eKetqqfjMyxwKwdqy3rL0rotxGSC
URl8bmkf7VwgvSLL5hTj9GVW7uvd+2J6DdyWM/wT4xWmL57fanrLkLQV7Dv4+Jkc
lXQQSOI4qHREQr3wWWOEvyGxNZWI6ybe697LDTjzfQwy8KAqn+riZ3S0XHP2tANf
1YjtLzhh0qXqnNwQYjLhwmXx8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:27 2024 by rpki-client on console-ams.rpki-client.org