Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/uHepLHyQY_Bb1evMD9URaJeN2ZY.roa
File:                     uHepLHyQY_Bb1evMD9URaJeN2ZY.roa (raw, json)
Hash identifier:          2A2trQqCB8RyvPt3CCQBO5S6bxb2bUry+OuxosnC1zw=
Subject key identifier:   B8:77:A9:2C:7C:90:63:F0:5B:D5:EB:CC:0F:D5:11:68:97:8D:D9:96
Certificate issuer:       /CN=8c3d7d885b9fcf06c88f0fe2af10e3ae97ff5b6e
Certificate serial:       01856C783F3AA380708D94BF5F5F194C5CF5
Authority key identifier: 8C:3D:7D:88:5B:9F:CF:06:C8:8F:0F:E2:AF:10:E3:AE:97:FF:5B:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jD19iFufzwbIjw_irxDjrpf_W24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/uHepLHyQY_Bb1evMD9URaJeN2ZY.roa
Signing time:             Sun 01 Jan 2023 08:34:57 +0000
ROA not before:           Sun 01 Jan 2023 08:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        195.225.98.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:78:3f:3a:a3:80:70:8d:94:bf:5f:5f:19:4c:5c:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c3d7d885b9fcf06c88f0fe2af10e3ae97ff5b6e
        Validity
            Not Before: Jan  1 08:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b877a92c7c9063f05bd5ebcc0fd51168978dd996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bf:bf:73:c6:c9:eb:ac:a0:3e:0e:98:25:d8:
                    56:63:f6:49:f1:de:d5:c3:97:d0:09:68:2c:c3:77:
                    5e:04:f4:d8:6b:d3:c6:31:6c:50:3b:14:38:66:26:
                    5c:08:c9:14:f3:70:43:e1:a6:71:8e:56:5f:e5:05:
                    3d:52:ca:7c:fb:8e:8f:66:8e:9f:e9:24:b5:63:db:
                    d6:3f:f1:9d:e8:17:4c:7c:19:f3:83:11:9d:e2:95:
                    7e:ba:4b:4d:06:87:e5:d4:7c:a4:55:0b:cc:26:9e:
                    33:ce:58:d5:27:e4:9d:d9:d9:5a:2e:a2:81:3f:92:
                    10:45:b4:8c:33:f8:5b:ce:69:51:23:12:6a:56:c1:
                    20:ef:00:dd:da:eb:f3:45:ab:45:ce:d1:86:bf:3a:
                    fa:a4:63:d8:27:84:89:53:17:8f:10:33:7b:ae:ce:
                    63:cc:0d:a2:7f:9d:34:ea:b5:fa:23:62:9a:7e:60:
                    1a:66:93:a5:0a:10:d9:60:fe:86:2b:5b:26:ae:2b:
                    2e:09:0d:22:75:ea:ad:e7:dd:f4:f2:2c:88:52:c7:
                    b9:57:e5:fe:74:00:e2:c1:2d:9f:25:06:22:9e:94:
                    38:8d:71:47:2a:34:3b:2b:7a:fe:18:ce:a2:e0:bc:
                    60:62:cd:32:a4:e3:a0:94:ce:bb:32:f4:61:fc:3f:
                    25:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:77:A9:2C:7C:90:63:F0:5B:D5:EB:CC:0F:D5:11:68:97:8D:D9:96
            X509v3 Authority Key Identifier:
                keyid:8C:3D:7D:88:5B:9F:CF:06:C8:8F:0F:E2:AF:10:E3:AE:97:FF:5B:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jD19iFufzwbIjw_irxDjrpf_W24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/uHepLHyQY_Bb1evMD9URaJeN2ZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a92-9762-4450-83e7-e0cca5e20f4f/1/jD19iFufzwbIjw_irxDjrpf_W24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:0f:ac:5a:ed:f0:7b:90:e6:3c:32:07:2a:6e:d9:ba:e2:fa:
         a6:1a:0d:6e:4c:fd:18:42:4f:9d:0f:7d:d8:0c:31:9e:d9:8b:
         f3:42:80:77:60:f8:28:8b:13:27:dc:bc:6c:e1:04:24:e3:72:
         8d:3d:c9:f7:2a:d1:93:c9:fd:d5:34:37:76:e2:4f:cc:81:09:
         d3:d7:93:13:e0:0a:d6:12:f8:55:9f:f3:2f:ea:f1:68:cc:fe:
         a6:19:aa:2c:4f:86:f8:d0:d5:d2:34:3c:d6:37:29:f3:44:da:
         11:35:17:48:a2:6e:7c:69:5a:e0:08:78:76:a5:4b:e4:fe:50:
         c4:7f:8b:a0:09:50:a6:89:9d:88:0d:21:c8:a3:cc:14:f9:bd:
         fe:73:db:57:6e:43:bc:b4:2b:2c:01:8b:46:0f:89:da:6c:de:
         2a:19:c9:eb:87:83:d4:03:8c:4e:12:4e:a8:70:7c:6c:7c:aa:
         48:6f:91:bf:50:73:bd:f2:6c:ba:03:c4:6e:37:2e:ad:4d:54:
         11:f1:ef:7b:d9:6b:d1:8e:32:bc:8b:4f:26:99:cc:f1:ae:f8:
         71:40:44:51:a4:74:8b:16:a4:e4:5d:6e:1c:9f:cd:ab:6b:2f:
         4b:12:d3:cd:4b:0f:6d:72:34:a1:95:e6:ac:0b:1e:ab:14:e3:
         dc:09:a9:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseD86o4BwjZS/X18ZTFz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjM2Q3ZDg4NWI5ZmNmMDZjODhmMGZlMmFmMTBlM2FlOTdm
ZjViNmUwHhcNMjMwMTAxMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODc3YTkyYzdjOTA2M2YwNWJkNWViY2MwZmQ1MTE2ODk3OGRkOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb+/c8bJ66ygPg6YJdhWY/ZJ8d7V
w5fQCWgsw3deBPTYa9PGMWxQOxQ4ZiZcCMkU83BD4aZxjlZf5QU9Usp8+46PZo6f
6SS1Y9vWP/Gd6BdMfBnzgxGd4pV+uktNBofl1HykVQvMJp4zzljVJ+Sd2dlaLqKB
P5IQRbSMM/hbzmlRIxJqVsEg7wDd2uvzRatFztGGvzr6pGPYJ4SJUxePEDN7rs5j
zA2if5006rX6I2KafmAaZpOlChDZYP6GK1smrisuCQ0ideqt59308iyIUse5V+X+
dADiwS2fJQYinpQ4jXFHKjQ7K3r+GM6i4LxgYs0ypOOglM67MvRh/D8lgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLh3qSx8kGPwW9XrzA/VEWiXjdmWMB8GA1UdIwQY
MBaAFIw9fYhbn88GyI8P4q8Q466X/1tuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakQxOWlGdWZ6d2JJandfaXJ4RGpycGZfVzI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhOTItOTc2Mi00NDUwLTgzZTct
ZTBjY2E1ZTIwZjRmLzEvdUhlcExIeVFZX0JiMWV2TUQ5VVJhSmVOMlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhOTItOTc2Mi00NDUwLTgzZTctZTBjY2E1ZTIwZjRm
LzEvakQxOWlGdWZ6d2JJandfaXJ4RGpycGZfVzI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+FiMA0G
CSqGSIb3DQEBCwUAA4IBAQBTD6xa7fB7kOY8Mgcqbtm64vqmGg1uTP0YQk+dD33Y
DDGe2YvzQoB3YPgoixMn3Lxs4QQk43KNPcn3KtGTyf3VNDd24k/MgQnT15MT4ArW
EvhVn/Mv6vFozP6mGaosT4b40NXSNDzWNynzRNoRNRdIom58aVrgCHh2pUvk/lDE
f4ugCVCmiZ2IDSHIo8wU+b3+c9tXbkO8tCssAYtGD4nabN4qGcnrh4PUA4xOEk6o
cHxsfKpIb5G/UHO98my6A8RuNy6tTVQR8e972WvRjjK8i08mmczxrvhxQERRpHSL
FqTkXW4cn82ray9LEtPNSw9tcjShleasCx6rFOPcCal2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org