Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/A3H2STYgAMdN13O-74z_hj89coM.roa
File:                     A3H2STYgAMdN13O-74z_hj89coM.roa (raw, json)
Hash identifier:          J6a/+fDV/iNoAyK9kclx8+Oc1zHpkanOn04vf3ZuGEs=
Subject key identifier:   03:71:F6:49:36:20:00:C7:4D:D7:73:BE:EF:8C:FF:86:3F:3D:72:83
Certificate issuer:       /CN=8c3d7d885b9fcf06c88f0fe2af10e3ae97ff5b6e
Certificate serial:       0188598984DE85383027DA6A804299D6F2DD
Authority key identifier: 8C:3D:7D:88:5B:9F:CF:06:C8:8F:0F:E2:AF:10:E3:AE:97:FF:5B:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jD19iFufzwbIjw_irxDjrpf_W24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/A3H2STYgAMdN13O-74z_hj89coM.roa
Signing time:             Fri 26 May 2023 19:29:24 +0000
ROA not before:           Fri 26 May 2023 19:29:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        195.225.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:59:89:84:de:85:38:30:27:da:6a:80:42:99:d6:f2:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c3d7d885b9fcf06c88f0fe2af10e3ae97ff5b6e
        Validity
            Not Before: May 26 19:29:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0371f649362000c74dd773beef8cff863f3d7283
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4d:0d:d3:67:58:34:87:6b:c4:4d:0c:f2:d1:
                    2b:62:70:e9:b2:5c:92:fd:8d:9f:8a:af:1f:d8:17:
                    7b:ec:93:03:f6:c4:b1:aa:1c:1b:f2:bb:a6:8c:1e:
                    7e:df:e2:a0:71:d5:91:c0:e2:d8:ee:b5:8d:51:c2:
                    75:3e:f6:8b:bb:5a:52:71:64:44:93:88:f3:3c:55:
                    5f:f3:f7:6b:f0:f7:bf:0c:6a:ff:47:c3:e7:19:c0:
                    f6:eb:ca:2e:68:06:e3:21:84:6d:08:b3:13:29:b2:
                    ff:60:93:9e:1f:e9:8d:72:7c:6a:74:bb:e7:f3:57:
                    0e:2b:cd:ac:7b:14:65:d4:93:78:f6:45:95:1b:23:
                    94:b2:55:56:55:9b:3f:f2:d6:21:c3:ef:40:c1:43:
                    26:32:5c:da:dc:3d:fb:41:01:ea:0b:ca:18:da:53:
                    5c:4c:73:d2:82:d7:81:66:dd:78:f0:b8:18:89:bd:
                    f2:d1:af:be:78:e7:fa:28:ff:1a:9c:45:0b:14:3f:
                    5d:59:d5:5a:c0:5d:a1:dc:3f:2a:26:c1:21:be:18:
                    6e:fe:01:5c:99:bc:d8:b5:0b:93:6b:4b:3f:b3:e2:
                    cf:77:4d:ab:ce:da:94:ca:e6:45:93:53:17:df:7c:
                    54:f8:e9:12:27:1f:f5:8c:35:1e:48:64:6b:8e:92:
                    f9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:71:F6:49:36:20:00:C7:4D:D7:73:BE:EF:8C:FF:86:3F:3D:72:83
            X509v3 Authority Key Identifier:
                keyid:8C:3D:7D:88:5B:9F:CF:06:C8:8F:0F:E2:AF:10:E3:AE:97:FF:5B:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jD19iFufzwbIjw_irxDjrpf_W24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/A3H2STYgAMdN13O-74z_hj89coM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/jD19iFufzwbIjw_irxDjrpf_W24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:09:16:e7:6f:5f:56:a3:99:3c:ec:21:d5:af:4f:bc:88:36:
         e6:07:06:3a:4d:67:41:7c:d4:94:8c:f2:80:9f:1c:8f:4e:02:
         06:88:bb:e4:ab:e1:be:26:b1:a0:9c:2a:20:68:91:ae:62:dc:
         f8:26:78:6d:d8:31:ee:f8:70:68:fb:eb:19:51:f4:0e:9f:9b:
         4c:ce:64:7a:9a:09:07:bf:ef:47:07:af:25:05:89:1d:e7:89:
         19:42:db:16:f2:44:57:53:c2:60:e0:2c:a9:f6:dd:d1:d9:c9:
         49:1d:fd:1a:6a:7a:20:dc:fb:41:40:50:07:28:a0:d6:11:9a:
         12:91:31:2d:65:c7:44:96:95:a7:b2:c3:3d:32:23:42:e9:0c:
         7a:7c:b6:25:6c:0f:54:94:73:7d:22:4d:bb:b8:5a:e7:6c:75:
         9c:3d:a9:dc:ad:00:b9:e5:43:72:0d:58:ea:a8:ab:f9:9a:27:
         63:10:96:5f:25:e8:46:7f:27:52:1d:ea:2b:0e:8d:a5:87:92:
         2a:66:68:8a:3b:9e:59:54:46:f0:7b:10:f8:80:b2:b7:bb:9f:
         37:b7:83:20:48:4e:95:db:57:d3:33:ea:0a:ed:53:0a:e0:38:
         47:e8:04:27:54:86:ad:9f:49:70:19:66:4f:ae:87:44:b4:18:
         d3:95:8d:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhZiYTehTgwJ9pqgEKZ1vLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjM2Q3ZDg4NWI5ZmNmMDZjODhmMGZlMmFmMTBlM2FlOTdm
ZjViNmUwHhcNMjMwNTI2MTkyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzcxZjY0OTM2MjAwMGM3NGRkNzczYmVlZjhjZmY4NjNmM2Q3MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE0N02dYNIdrxE0M8tErYnDpslyS
/Y2fiq8f2Bd77JMD9sSxqhwb8rumjB5+3+KgcdWRwOLY7rWNUcJ1PvaLu1pScWRE
k4jzPFVf8/dr8Pe/DGr/R8PnGcD268ouaAbjIYRtCLMTKbL/YJOeH+mNcnxqdLvn
81cOK82sexRl1JN49kWVGyOUslVWVZs/8tYhw+9AwUMmMlza3D37QQHqC8oY2lNc
THPSgteBZt148LgYib3y0a++eOf6KP8anEULFD9dWdVawF2h3D8qJsEhvhhu/gFc
mbzYtQuTa0s/s+LPd02rztqUyuZFk1MX33xU+OkSJx/1jDUeSGRrjpL5jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANx9kk2IADHTddzvu+M/4Y/PXKDMB8GA1UdIwQY
MBaAFIw9fYhbn88GyI8P4q8Q466X/1tuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakQxOWlGdWZ6d2JJandfaXJ4RGpycGZfVzI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhOTItOTc2Mi00NDUwLTgzZTct
ZTBjY2E1ZTIwZjRmLzEvQTNIMlNUWWdBTWROMTNPLTc0el9oajg5Y29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhOTItOTc2Mi00NDUwLTgzZTctZTBjY2E1ZTIwZjRm
LzEvakQxOWlGdWZ6d2JJandfaXJ4RGpycGZfVzI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+FiMA0G
CSqGSIb3DQEBCwUAA4IBAQCxCRbnb19Wo5k87CHVr0+8iDbmBwY6TWdBfNSUjPKA
nxyPTgIGiLvkq+G+JrGgnCogaJGuYtz4Jnht2DHu+HBo++sZUfQOn5tMzmR6mgkH
v+9HB68lBYkd54kZQtsW8kRXU8Jg4Cyp9t3R2clJHf0aanog3PtBQFAHKKDWEZoS
kTEtZcdElpWnssM9MiNC6Qx6fLYlbA9UlHN9Ik27uFrnbHWcPancrQC55UNyDVjq
qKv5midjEJZfJehGfydSHeorDo2lh5IqZmiKO55ZVEbwexD4gLK3u583t4MgSE6V
21fTM+oK7VMK4DhH6AQnVIatn0lwGWZProdEtBjTlY37
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org