Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/TUZF7IuCr3Z_cHgPpjhaOCzUqso.roa
File:                     TUZF7IuCr3Z_cHgPpjhaOCzUqso.roa (raw, json)
Hash identifier:          IdEiPZHJFtjXPMISl/olZOrgSVOXDw/gaKT4uyN97/8=
Subject key identifier:   4D:46:45:EC:8B:82:AF:76:7F:70:78:0F:A6:38:5A:38:2C:D4:AA:CA
Certificate issuer:       /CN=1f25852874331c01a43555e7e3b72ba6a80be85f
Certificate serial:       01857142E73D23A2FF4742FF4C3920A7BDB3
Authority key identifier: 1F:25:85:28:74:33:1C:01:A4:35:55:E7:E3:B7:2B:A6:A8:0B:E8:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HyWFKHQzHAGkNVXn47crpqgL6F8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/TUZF7IuCr3Z_cHgPpjhaOCzUqso.roa
Signing time:             Mon 02 Jan 2023 06:54:47 +0000
ROA not before:           Mon 02 Jan 2023 06:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57878
IP address blocks:        185.205.68.0/24 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:42:e7:3d:23:a2:ff:47:42:ff:4c:39:20:a7:bd:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f25852874331c01a43555e7e3b72ba6a80be85f
        Validity
            Not Before: Jan  2 06:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d4645ec8b82af767f70780fa6385a382cd4aaca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:95:a4:67:bf:a3:cf:12:37:e1:b3:a5:de:cd:
                    60:25:0c:3b:aa:e8:cb:71:f5:e4:10:90:58:9d:a6:
                    9f:0c:fe:bc:92:04:bf:10:ec:f8:e8:1a:13:e2:7d:
                    b6:33:9b:17:f6:c4:29:be:dc:27:ed:21:6c:47:39:
                    83:e4:5c:3e:3c:24:16:5e:18:26:87:f8:93:5d:a5:
                    3a:ca:4a:57:ed:23:d5:b3:cd:4b:48:56:c1:d1:e9:
                    b0:23:54:18:39:f1:65:58:4c:bc:b2:2f:6b:7d:48:
                    10:f4:e8:18:c6:29:83:34:21:81:56:ad:94:53:d8:
                    69:a3:5c:8c:dd:38:4d:1d:74:5f:52:39:98:bf:4c:
                    7e:26:2d:4a:b7:83:a5:d8:e0:7b:b3:4e:9d:7d:96:
                    91:c0:c4:13:93:c2:51:91:0e:bc:b2:f0:bd:0d:fd:
                    92:6f:27:2c:7f:dc:3c:fa:75:ca:60:3c:6c:6e:21:
                    0e:11:8c:94:0d:6a:8e:35:98:ed:50:97:71:85:59:
                    28:f8:46:22:a1:75:63:c8:86:9f:c4:52:e4:b4:e3:
                    e2:d6:66:b6:dd:02:60:90:08:71:35:e1:af:e9:78:
                    fe:d7:e6:68:ac:79:db:3d:ef:66:88:2b:ee:d5:78:
                    e4:b0:d0:f4:09:47:68:85:1a:eb:54:ef:2a:18:17:
                    62:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:46:45:EC:8B:82:AF:76:7F:70:78:0F:A6:38:5A:38:2C:D4:AA:CA
            X509v3 Authority Key Identifier:
                keyid:1F:25:85:28:74:33:1C:01:A4:35:55:E7:E3:B7:2B:A6:A8:0B:E8:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyWFKHQzHAGkNVXn47crpqgL6F8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/TUZF7IuCr3Z_cHgPpjhaOCzUqso.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/84ac9b-0870-4c3f-af5c-637cbad64e03/1/HyWFKHQzHAGkNVXn47crpqgL6F8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.205.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:18:2a:d4:75:34:64:58:13:d3:6f:1d:31:5f:86:cc:ed:fe:
         95:dd:1b:c3:ab:b1:4b:5c:ea:50:46:10:ab:a7:5c:01:01:5f:
         d9:b7:4b:07:7a:67:b2:2c:c1:86:c2:e9:b5:85:22:c4:1b:62:
         3f:ef:71:31:c4:9b:f0:ad:45:76:f5:49:5e:b1:b8:a8:ec:a1:
         41:07:18:ac:25:97:1b:c6:fb:09:fa:62:92:b6:d6:7b:f7:75:
         ae:10:dd:a5:9c:33:89:23:d3:cd:46:c1:60:46:13:84:34:fc:
         c6:14:fb:c7:df:38:0b:4e:33:0a:1b:f5:96:4a:d9:02:ac:f2:
         6d:d7:c4:fc:aa:26:f8:ea:d5:ad:4a:e9:29:15:97:11:f6:eb:
         06:ec:24:2e:85:e1:f0:ce:9c:be:42:fc:03:af:d6:44:7d:29:
         1f:d7:0d:60:fb:e3:d3:c8:35:fa:fc:86:08:55:0f:35:08:9b:
         43:a5:08:a9:a2:4c:d7:77:27:84:d7:9d:d2:0f:33:a7:bc:5f:
         3b:5a:d7:d9:75:4c:13:93:a8:64:51:ba:72:3b:3b:c5:a1:38:
         1b:a2:d9:b6:90:85:d8:19:03:13:1c:aa:2f:e8:79:bf:f0:d6:
         58:e3:a2:0a:15:28:76:07:97:1c:27:b7:6d:6b:78:b3:00:7d:
         4d:86:a5:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxQuc9I6L/R0L/TDkgp72zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjU4NTI4NzQzMzFjMDFhNDM1NTVlN2UzYjcyYmE2YTgw
YmU4NWYwHhcNMjMwMTAyMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ2NDVlYzhiODJhZjc2N2Y3MDc4MGZhNjM4NWEzODJjZDRhYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5WkZ7+jzxI34bOl3s1gJQw7qujL
cfXkEJBYnaafDP68kgS/EOz46BoT4n22M5sX9sQpvtwn7SFsRzmD5Fw+PCQWXhgm
h/iTXaU6ykpX7SPVs81LSFbB0emwI1QYOfFlWEy8si9rfUgQ9OgYximDNCGBVq2U
U9hpo1yM3ThNHXRfUjmYv0x+Ji1Kt4Ol2OB7s06dfZaRwMQTk8JRkQ68svC9Df2S
bycsf9w8+nXKYDxsbiEOEYyUDWqONZjtUJdxhVko+EYioXVjyIafxFLktOPi1ma2
3QJgkAhxNeGv6Xj+1+ZorHnbPe9miCvu1XjksND0CUdohRrrVO8qGBdibQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1GReyLgq92f3B4D6Y4Wjgs1KrKMB8GA1UdIwQY
MBaAFB8lhSh0MxwBpDVV5+O3K6aoC+hfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlXRktIUXpIQUdrTlZYbjQ3Y3JwcWdMNkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC84NGFjOWItMDg3MC00YzNmLWFmNWMt
NjM3Y2JhZDY0ZTAzLzEvVFVaRjdJdUNyM1pfY0hnUHBqaGFPQ3pVcXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC84NGFjOWItMDg3MC00YzNmLWFmNWMtNjM3Y2JhZDY0ZTAz
LzEvSHlXRktIUXpIQUdrTlZYbjQ3Y3JwcWdMNkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc1EMA0G
CSqGSIb3DQEBCwUAA4IBAQCAGCrUdTRkWBPTbx0xX4bM7f6V3RvDq7FLXOpQRhCr
p1wBAV/Zt0sHemeyLMGGwum1hSLEG2I/73ExxJvwrUV29Ulesbio7KFBBxisJZcb
xvsJ+mKSttZ793WuEN2lnDOJI9PNRsFgRhOENPzGFPvH3zgLTjMKG/WWStkCrPJt
18T8qib46tWtSukpFZcR9usG7CQuheHwzpy+QvwDr9ZEfSkf1w1g++PTyDX6/IYI
VQ81CJtDpQipokzXdyeE153SDzOnvF87WtfZdUwTk6hkUbpyOzvFoTgbotm2kIXY
GQMTHKov6Hm/8NZY46IKFSh2B5ccJ7dta3izAH1NhqUM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org