Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/_NTiJ7ij9axXOcKPvvGLL70Bo40.roa
File:                     _NTiJ7ij9axXOcKPvvGLL70Bo40.roa (raw, json)
Hash identifier:          8ulw3jB6Jdg/zH1YrRjLKEH5Bnw6xHxU1L6YQ/QyJSA=
Subject key identifier:   FC:D4:E2:27:B8:A3:F5:AC:57:39:C2:8F:BE:F1:8B:2F:BD:01:A3:8D
Certificate issuer:       /CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Certificate serial:       018E0DF5C34AF17B1D2430211C7A6F3C6286
Authority key identifier: 52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/_NTiJ7ij9axXOcKPvvGLL70Bo40.roa
Signing time:             Tue 05 Mar 2024 09:33:13 +0000
ROA not before:           Tue 05 Mar 2024 09:33:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48597
IP address blocks:        80.75.213.0/24 maxlen: 24
                          2a09:2b80:1::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:0d:f5:c3:4a:f1:7b:1d:24:30:21:1c:7a:6f:3c:62:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
        Validity
            Not Before: Mar  5 09:33:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fcd4e227b8a3f5ac5739c28fbef18b2fbd01a38d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:da:d6:a4:0e:d5:5a:81:2f:65:b9:80:3e:3d:
                    94:87:7d:49:57:f4:37:fe:38:24:07:ca:41:c1:d9:
                    31:4a:c7:c7:eb:85:37:c1:de:a2:5c:73:e2:58:e4:
                    36:bb:93:e1:29:6d:3f:e3:9c:56:8d:12:7b:00:57:
                    bd:41:8f:91:b0:b1:69:bc:73:74:6c:d2:2d:1a:0f:
                    46:bf:2a:a2:17:e2:4e:2e:d1:0a:97:dd:3a:ef:8a:
                    c2:ff:63:81:cf:17:49:94:89:6d:da:8d:27:c7:4e:
                    86:1e:08:6b:2a:3d:c7:f6:bc:84:0d:62:ac:d9:2a:
                    ef:29:66:71:4c:23:86:c6:94:80:46:6d:e5:19:e6:
                    6c:b4:ed:1e:11:9a:27:61:7b:d0:b8:fa:d3:0f:d4:
                    c8:ea:e5:04:9f:66:09:df:8b:71:de:a5:5f:a3:97:
                    9e:22:32:59:60:71:32:73:fc:cc:9c:ba:b8:f3:ed:
                    0f:5f:1e:90:a8:f1:e2:55:56:15:0f:4d:75:c7:9c:
                    1b:06:89:a6:1a:91:8c:09:75:3f:3f:80:7a:c0:8a:
                    83:07:1b:47:8e:80:77:ab:d5:01:4d:62:65:f0:ad:
                    a0:3e:ad:c9:09:77:42:97:b1:b5:a0:15:a1:c0:f9:
                    9c:ae:12:0b:c8:c6:25:de:f8:3d:d0:f6:dd:b5:f1:
                    b5:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D4:E2:27:B8:A3:F5:AC:57:39:C2:8F:BE:F1:8B:2F:BD:01:A3:8D
            X509v3 Authority Key Identifier:
                keyid:52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/_NTiJ7ij9axXOcKPvvGLL70Bo40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/UlAqKawGtl6TLhvZfX_PKcNxyz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.75.213.0/24
                IPv6:
                  2a09:2b80:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:f5:f4:8e:52:4e:a5:84:d2:08:fa:13:43:2e:be:63:44:fc:
         df:44:3b:ef:9f:70:3d:69:62:2e:a9:5a:af:1f:45:fc:d2:7e:
         5a:45:cf:4f:60:2e:9d:4d:28:8c:60:e1:08:53:67:5f:2c:f6:
         17:89:6c:43:c9:41:62:92:8e:7e:e1:e8:db:a6:4e:ce:f2:1a:
         f1:25:30:eb:d8:8f:01:99:24:ea:2f:42:bc:5f:74:59:9c:0d:
         cc:69:d0:9a:eb:31:6f:77:9f:ba:e4:2d:e6:fe:a0:04:40:fe:
         d5:9e:62:31:cf:97:5a:62:7d:82:04:67:15:7e:23:a5:66:5e:
         21:7a:3e:b6:bc:fb:35:d9:27:f0:fd:c3:89:b1:28:4e:9f:2f:
         c7:3f:5b:90:1f:ad:6b:dc:a5:f7:91:2d:4f:9a:5d:8d:4a:9d:
         d2:f5:4f:15:ab:f4:90:d9:38:1d:e4:52:f8:f9:a3:9c:18:4f:
         3c:bd:cb:13:92:ba:2e:ac:d7:83:a8:e9:76:4c:bb:c1:e9:fe:
         dc:2e:a0:de:16:d8:0a:0e:22:23:12:a3:d7:94:05:8b:0c:4e:
         9d:ca:7b:7d:91:49:ce:0f:56:92:46:dc:6a:73:07:27:89:57:
         9c:e7:7a:15:cc:e5:80:7b:e0:a3:49:22:8c:15:9d:11:b2:0d:
         05:93:d1:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4N9cNK8XsdJDAhHHpvPGKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTAyYTI5YWMwNmI2NWU5MzJlMWJkOTdkN2ZjZjI5YzM3
MWNiM2QwHhcNMjQwMzA1MDkzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q0ZTIyN2I4YTNmNWFjNTczOWMyOGZiZWYxOGIyZmJkMDFhMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9rWpA7VWoEvZbmAPj2Uh31JV/Q3
/jgkB8pBwdkxSsfH64U3wd6iXHPiWOQ2u5PhKW0/45xWjRJ7AFe9QY+RsLFpvHN0
bNItGg9GvyqiF+JOLtEKl90674rC/2OBzxdJlIlt2o0nx06GHghrKj3H9ryEDWKs
2SrvKWZxTCOGxpSARm3lGeZstO0eEZonYXvQuPrTD9TI6uUEn2YJ34tx3qVfo5ee
IjJZYHEyc/zMnLq48+0PXx6QqPHiVVYVD011x5wbBommGpGMCXU/P4B6wIqDBxtH
joB3q9UBTWJl8K2gPq3JCXdCl7G1oBWhwPmcrhILyMYl3vg90PbdtfG1pwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPzU4ie4o/WsVznCj77xiy+9AaONMB8GA1UdIwQY
MBaAFFJQKimsBrZeky4b2X1/zynDccs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUt
ZDY0OWUyMjcwOTdmLzEvX05UaUo3aWo5YXhYT2NLUHZ2R0xMNzBCbzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUtZDY0OWUyMjcwOTdm
LzEvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUEvVMA8E
AgACMAkDBwAqCSuAAAEwDQYJKoZIhvcNAQELBQADggEBAHf19I5STqWE0gj6E0Mu
vmNE/N9EO++fcD1pYi6pWq8fRfzSflpFz09gLp1NKIxg4QhTZ18s9heJbEPJQWKS
jn7h6NumTs7yGvElMOvYjwGZJOovQrxfdFmcDcxp0JrrMW93n7rkLeb+oARA/tWe
YjHPl1pifYIEZxV+I6VmXiF6Pra8+zXZJ/D9w4mxKE6fL8c/W5AfrWvcpfeRLU+a
XY1KndL1TxWr9JDZOB3kUvj5o5wYTzy9yxOSui6s14Oo6XZMu8Hp/twuoN4W2AoO
IiMSo9eUBYsMTp3Ke32RSc4PVpJG3GpzByeJV5znehXM5YB74KNJIowVnRGyDQWT
0Ts=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:13 2024 by rpki-client on console-fra.rpki-client.org