Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/DH5z4uBFu0Fcjynhv_L2Fgz01s8.roa
File:                     DH5z4uBFu0Fcjynhv_L2Fgz01s8.roa (raw, json)
Hash identifier:          x7ArHuPLAV77hVt+c94uj52flyCc8tQ9gfTBOUyCTEA=
Subject key identifier:   0C:7E:73:E2:E0:45:BB:41:5C:8F:29:E1:BF:F2:F6:16:0C:F4:D6:CF
Certificate issuer:       /CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Certificate serial:       017B4DC2
Authority key identifier: 2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/DH5z4uBFu0Fcjynhv_L2Fgz01s8.roa
Signing time:             Sat 01 Jan 2022 09:03:42 +0000
ROA not before:           Sat 01 Jan 2022 09:03:42 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        80.64.24.0/24 maxlen: 24
                          80.64.28.0/24 maxlen: 24
                          80.64.31.0/24 maxlen: 24
                          80.64.29.0/24 maxlen: 24
                          80.64.25.0/24 maxlen: 24
                          80.64.26.0/24 maxlen: 24
                          80.64.27.0/24 maxlen: 24
                          80.64.30.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24858050 (0x17b4dc2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
        Validity
            Not Before: Jan  1 09:03:42 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=0c7e73e2e045bb415c8f29e1bff2f6160cf4d6cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:52:80:86:7c:60:a1:63:6d:08:9f:0c:d0:4d:
                    01:7b:b6:3e:d0:24:da:cd:f5:f0:44:61:34:a8:68:
                    a6:87:46:1e:d0:c4:d6:60:04:15:a4:5c:0e:41:4f:
                    d5:2c:13:30:76:a1:4d:97:17:9b:53:89:f0:39:47:
                    aa:af:7f:16:07:7b:8c:96:ae:a2:43:b2:7a:89:f9:
                    5c:e8:af:b5:40:54:97:69:9a:1a:5b:c6:ca:a9:79:
                    a5:cd:f3:1d:a0:c5:67:c5:f8:da:ce:e4:79:90:1b:
                    67:2d:be:75:d9:23:34:62:26:92:97:18:8b:e2:18:
                    c8:a3:33:cb:00:85:ce:d7:36:c6:79:6a:f7:72:d2:
                    78:09:48:e4:42:4b:22:51:ef:5e:d9:c7:7e:28:72:
                    24:ca:84:92:ec:92:e3:b3:34:ce:79:17:11:ff:af:
                    6a:11:d8:96:58:6f:52:93:59:e1:e3:11:4a:1a:dd:
                    80:cb:1b:30:d2:ab:ce:f9:7f:dd:b0:90:0d:30:83:
                    86:00:8d:05:53:a0:e2:c3:9a:73:b9:9b:27:4b:ae:
                    cd:78:f5:7f:a6:e2:be:40:38:66:b4:c8:9f:e9:4c:
                    ee:d4:66:28:36:40:36:99:07:db:a2:1d:99:08:7f:
                    50:41:31:f1:22:c4:59:57:c0:cf:2f:ad:47:e5:35:
                    55:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:7E:73:E2:E0:45:BB:41:5C:8F:29:E1:BF:F2:F6:16:0C:F4:D6:CF
            X509v3 Authority Key Identifier:
                keyid:2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/DH5z4uBFu0Fcjynhv_L2Fgz01s8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.64.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         bb:d9:9c:6a:a0:c0:97:42:28:10:c8:a8:16:05:18:1c:26:a2:
         07:9a:9b:74:c6:62:70:de:92:90:bb:4d:36:d0:a9:50:49:c7:
         fe:17:57:ff:1a:cf:c7:59:10:c1:19:7f:5f:00:30:f7:6a:e7:
         4e:43:0c:7f:4f:3a:e7:5e:30:67:1c:ce:ea:a8:ca:e4:bf:47:
         a7:7e:93:d5:d7:b9:65:cc:ac:1a:52:1d:2e:15:61:22:ee:bc:
         d1:aa:83:f8:95:f6:e4:a0:39:04:be:7a:31:a3:ac:28:33:1b:
         db:e4:82:4f:93:4a:c5:e8:c7:98:7c:00:00:44:93:79:c6:d5:
         0d:98:3e:3f:c5:77:57:8b:57:6a:05:b5:05:f6:9c:a0:10:04:
         54:de:fe:62:53:e9:8a:f4:96:0a:68:9f:d4:3c:3c:57:b6:5c:
         5b:9e:45:68:a5:59:33:fc:a8:e2:e3:ca:14:47:68:85:9c:25:
         c3:09:64:28:69:ad:2f:0c:4e:78:d3:f8:97:0d:75:14:57:a1:
         39:2a:84:92:2b:c2:cd:fe:8c:a9:e2:7b:32:d7:c0:f6:05:36:
         1f:db:64:ab:e3:f7:f9:10:5a:83:fa:65:30:56:5e:da:bb:30:
         c6:e4:0f:fc:80:64:82:91:3e:aa:36:37:47:01:f4:01:7d:4f:
         6e:4a:3e:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXtNwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2Q5NTE2ZGI5NDE3OTUyZGVkZDkyNTJmZTVkODNmMDlhM2Q5OWY1MB4XDTIyMDEw
MTA5MDM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM3ZTczZTJlMDQ1
YmI0MTVjOGYyOWUxYmZmMmY2MTYwY2Y0ZDZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxSgIZ8YKFjbQifDNBNAXu2PtAk2s318ERhNKhopodGHtDE
1mAEFaRcDkFP1SwTMHahTZcXm1OJ8DlHqq9/Fgd7jJauokOyeon5XOivtUBUl2ma
GlvGyql5pc3zHaDFZ8X42s7keZAbZy2+ddkjNGImkpcYi+IYyKMzywCFztc2xnlq
93LSeAlI5EJLIlHvXtnHfihyJMqEkuyS47M0znkXEf+vahHYllhvUpNZ4eMRShrd
gMsbMNKrzvl/3bCQDTCDhgCNBVOg4sOac7mbJ0uuzXj1f6bivkA4ZrTIn+lM7tRm
KDZANpkH26IdmQh/UEEx8SLEWVfAzy+tR+U1Vf0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMfnPi4EW7QVyPKeG/8vYWDPTWzzAfBgNVHSMEGDAWgBQs2VFtuUF5Ut7d
klL+XYPwmj2Z9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xObFJiYmxCZVZMZTNaSlNfbDJEOEpvOW1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvYmFiNTNiLTMxMTUtNDFjNS04N2VhLWMwMDQ1NGUwYjEyYS8x
L0RINXo0dUJGdTBGY2p5bmh2X0wyRmd6MDFzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
YmFiNTNiLTMxMTUtNDFjNS04N2VhLWMwMDQ1NGUwYjEyYS8xL0xObFJiYmxCZVZM
ZTNaSlNfbDJEOEpvOW1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1BAGDANBgkqhkiG9w0BAQsFAAOC
AQEAu9mcaqDAl0IoEMioFgUYHCaiB5qbdMZicN6SkLtNNtCpUEnH/hdX/xrPx1kQ
wRl/XwAw92rnTkMMf086514wZxzO6qjK5L9Hp36T1de5ZcysGlIdLhVhIu680aqD
+JX25KA5BL56MaOsKDMb2+SCT5NKxejHmHwAAESTecbVDZg+P8V3V4tXagW1Bfac
oBAEVN7+YlPpivSWCmif1Dw8V7ZcW55FaKVZM/yo4uPKFEdohZwlwwlkKGmtLwxO
eNP4lw11FFehOSqEkivCzf6MqeJ7MtfA9gU2H9tkq+P3+RBag/plMFZe2rswxuQP
/IBkgpE+qjY3RwH0AX1Pbko+tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:37 2024 by rpki-client on console-ams.rpki-client.org