Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/YwXRHPMrguB-QT1wMDkWZvqFMXc.roa
File:                     YwXRHPMrguB-QT1wMDkWZvqFMXc.roa (raw, json)
Hash identifier:          LyAByl8TbbDsCG5Zs+HdU9IYhT/pWmi9Q0CY0368PWM=
Subject key identifier:   63:05:D1:1C:F3:2B:82:E0:7E:41:3D:70:30:39:16:66:FA:85:31:77
Certificate issuer:       /CN=aa563f5200a4933024e7b47d778619458568adb0
Certificate serial:       01886C4EE8F3394D5D7BB812BE8975C6AE1E
Authority key identifier: AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/YwXRHPMrguB-QT1wMDkWZvqFMXc.roa
Signing time:             Tue 30 May 2023 10:58:10 +0000
ROA not before:           Tue 30 May 2023 10:58:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        194.26.223.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:6c:4e:e8:f3:39:4d:5d:7b:b8:12:be:89:75:c6:ae:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa563f5200a4933024e7b47d778619458568adb0
        Validity
            Not Before: May 30 10:58:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6305d11cf32b82e07e413d7030391666fa853177
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:7e:95:23:c4:9a:ce:c1:ec:f3:a4:2a:44:fb:
                    3a:1f:61:69:a2:48:fb:6d:2f:f0:4a:80:dd:60:47:
                    29:59:09:af:0c:23:cb:26:c6:33:e3:d9:b8:82:70:
                    27:e2:79:e7:3a:53:0a:dd:d3:d4:1e:f7:fe:49:23:
                    56:92:f5:0d:a9:20:4d:14:7f:91:a4:d4:9b:c0:29:
                    4d:a4:e4:a6:bc:81:c7:41:ee:8a:aa:c0:9e:1c:38:
                    3b:c5:74:c3:1f:f6:d2:6c:21:c7:06:3b:95:f5:4c:
                    3b:ad:a6:94:ea:3e:ea:4d:91:07:b8:bf:f8:93:13:
                    12:f6:86:88:5a:c3:2f:fe:9e:d6:43:48:2e:94:5a:
                    b3:ea:bb:a3:67:31:b9:7d:b8:0a:30:dd:ae:ef:3c:
                    4d:33:76:7a:93:cf:0d:ca:2f:25:69:27:b5:da:0b:
                    84:4d:43:c2:a1:9c:67:7a:b1:c2:46:6c:8c:38:e4:
                    ab:94:26:00:3d:78:99:dd:76:bb:39:51:3d:22:16:
                    8f:3e:b0:82:f6:2f:76:1b:9a:7d:fa:5c:31:38:a4:
                    19:93:9b:5d:99:d6:63:3a:e7:2d:48:06:7a:d7:49:
                    04:6f:9b:e2:df:f1:05:7b:b3:6a:fb:5d:ef:43:82:
                    48:94:a9:05:3d:3b:42:7f:c1:11:22:ec:1c:75:ea:
                    b7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:05:D1:1C:F3:2B:82:E0:7E:41:3D:70:30:39:16:66:FA:85:31:77
            X509v3 Authority Key Identifier:
                keyid:AA:56:3F:52:00:A4:93:30:24:E7:B4:7D:77:86:19:45:85:68:AD:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlY_UgCkkzAk57R9d4YZRYVorbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/YwXRHPMrguB-QT1wMDkWZvqFMXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/31f397-4315-44f0-bad9-2649e1fda0f5/1/qlY_UgCkkzAk57R9d4YZRYVorbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:6d:68:ac:73:16:ac:05:d7:26:b3:09:13:fc:32:3f:44:6f:
         30:62:63:c9:63:52:37:40:ca:80:5c:ea:cb:46:ac:31:22:cd:
         9b:26:d2:3e:43:fd:84:05:6d:58:ad:35:c1:25:c6:e1:bc:46:
         d6:8e:ce:06:88:ec:fc:6d:50:dd:74:0e:79:5e:7f:b3:1b:6a:
         b0:62:dd:c7:1e:7c:6d:4d:6f:1f:fa:7d:93:28:e8:04:21:fa:
         be:3b:ae:08:c9:03:28:1d:a5:60:88:16:ab:a4:c5:20:73:c8:
         f7:ee:10:a6:61:64:61:88:b4:8e:5b:d1:a9:d8:fc:2c:06:0e:
         50:6e:45:31:d3:bb:a1:db:a3:e0:00:57:c8:5c:04:d6:ad:e0:
         08:51:f6:c1:9b:e7:d1:04:b8:b5:f1:77:ff:3e:84:2c:e0:21:
         6a:20:27:ba:65:ba:1d:05:9a:b2:f2:4e:df:61:ff:be:7c:3e:
         f3:fe:c2:3a:4a:bf:57:c9:9d:cd:10:c1:e1:f6:2e:ec:f7:20:
         a8:dd:25:fd:6d:ce:b8:e8:1e:0c:04:35:6d:6b:8a:1a:99:64:
         6b:cd:6f:bf:3f:a1:49:8a:32:23:1a:3a:21:91:21:3f:90:46:
         64:55:c9:02:57:9e:b1:7c:e4:90:75:69:c9:f7:98:03:7b:d7:
         50:bd:62:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhsTujzOU1de7gSvol1xq4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTYzZjUyMDBhNDkzMzAyNGU3YjQ3ZDc3ODYxOTQ1ODU2
OGFkYjAwHhcNMjMwNTMwMTA1ODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA1ZDExY2YzMmI4MmUwN2U0MTNkNzAzMDM5MTY2NmZhODUzMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH6VI8SazsHs86QqRPs6H2Fpokj7
bS/wSoDdYEcpWQmvDCPLJsYz49m4gnAn4nnnOlMK3dPUHvf+SSNWkvUNqSBNFH+R
pNSbwClNpOSmvIHHQe6KqsCeHDg7xXTDH/bSbCHHBjuV9Uw7raaU6j7qTZEHuL/4
kxMS9oaIWsMv/p7WQ0gulFqz6rujZzG5fbgKMN2u7zxNM3Z6k88Nyi8laSe12guE
TUPCoZxnerHCRmyMOOSrlCYAPXiZ3Xa7OVE9IhaPPrCC9i92G5p9+lwxOKQZk5td
mdZjOuctSAZ610kEb5vi3/EFe7Nq+13vQ4JIlKkFPTtCf8ERIuwcdeq3WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMF0RzzK4LgfkE9cDA5Fmb6hTF3MB8GA1UdIwQY
MBaAFKpWP1IApJMwJOe0fXeGGUWFaK2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxZX1VnQ2trekFrNTdSOWQ0WVpSWVZvcmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8zMWYzOTctNDMxNS00NGYwLWJhZDkt
MjY0OWUxZmRhMGY1LzEvWXdYUkhQTXJndUItUVQxd01Ea1dadnFGTVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8zMWYzOTctNDMxNS00NGYwLWJhZDktMjY0OWUxZmRhMGY1
LzEvcWxZX1VnQ2trekFrNTdSOWQ0WVpSWVZvcmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrfMA0G
CSqGSIb3DQEBCwUAA4IBAQBXbWiscxasBdcmswkT/DI/RG8wYmPJY1I3QMqAXOrL
RqwxIs2bJtI+Q/2EBW1YrTXBJcbhvEbWjs4GiOz8bVDddA55Xn+zG2qwYt3HHnxt
TW8f+n2TKOgEIfq+O64IyQMoHaVgiBarpMUgc8j37hCmYWRhiLSOW9Gp2PwsBg5Q
bkUx07uh26PgAFfIXATWreAIUfbBm+fRBLi18Xf/PoQs4CFqICe6ZbodBZqy8k7f
Yf++fD7z/sI6Sr9XyZ3NEMHh9i7s9yCo3SX9bc646B4MBDVta4oamWRrzW+/P6FJ
ijIjGjohkSE/kEZkVckCV56xfOSQdWnJ95gDe9dQvWIj
-----END CERTIFICATE-----
Generated at Mon Oct 30 09:12:23 2023 by rpki-client on console-fra.rpki-client.org