Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/c19da3-7a3b-4938-b7c7-17fb64fd8250/1/pMPvYkxmuBkK1mtMtSYEhnX7REw.roa
File:                     pMPvYkxmuBkK1mtMtSYEhnX7REw.roa (raw, json)
Hash identifier:          yP87feGK420/1NsOXJW9OUEMyY8RqukEdoMyKCHZ1kY=
Subject key identifier:   A4:C3:EF:62:4C:66:B8:19:0A:D6:6B:4C:B5:26:04:86:75:FB:44:4C
Certificate issuer:       /CN=084b2408adf9480e8268b7733be48127433ce4d4
Certificate serial:       010AADFF
Authority key identifier: 08:4B:24:08:AD:F9:48:0E:82:68:B7:73:3B:E4:81:27:43:3C:E4:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CEskCK35SA6CaLdzO-SBJ0M85NQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/c19da3-7a3b-4938-b7c7-17fb64fd8250/1/pMPvYkxmuBkK1mtMtSYEhnX7REw.roa
Signing time:             Sat 01 Jan 2022 07:56:03 +0000
ROA not before:           Sat 01 Jan 2022 07:56:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        185.235.224.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17477119 (0x10aadff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084b2408adf9480e8268b7733be48127433ce4d4
        Validity
            Not Before: Jan  1 07:56:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a4c3ef624c66b8190ad66b4cb526048675fb444c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e3:b3:97:8f:aa:e6:53:ef:95:20:ea:ba:95:
                    86:8d:54:cc:81:e5:e9:75:30:2b:2c:cd:04:01:83:
                    80:13:93:0d:dc:43:d6:57:03:de:2f:80:e8:ef:18:
                    58:16:fc:79:51:a9:fa:4a:d9:12:1d:35:23:f3:00:
                    97:76:2c:00:bc:d8:35:e3:6d:c4:ce:ae:01:e8:da:
                    93:2c:2a:23:f4:06:1a:95:db:f1:f9:89:4c:5e:e9:
                    e4:e2:bb:20:a5:85:80:91:a8:50:ff:f7:83:73:74:
                    46:64:c8:bd:2b:bf:77:3b:3c:05:32:d8:cd:ce:b7:
                    2d:bf:6e:ad:9d:4f:63:38:da:3a:95:a1:8a:22:5b:
                    9b:8e:d0:11:ac:1d:7d:53:74:4c:b3:a2:73:1c:4c:
                    ac:2a:43:21:a8:33:17:86:88:bb:7d:1d:f0:9c:cb:
                    99:79:89:99:89:6c:b7:fa:eb:f5:b7:4c:31:1d:74:
                    8d:59:91:e9:37:43:c9:ff:42:af:a0:ee:e7:44:61:
                    55:92:62:ac:3a:f9:0a:ac:89:4f:37:c5:8c:83:cb:
                    99:e1:80:2f:00:9b:a5:64:78:12:9c:02:22:e1:8d:
                    ff:52:6d:28:33:e3:52:27:08:e1:c1:00:7d:31:ee:
                    3e:fe:cb:c0:03:0d:07:88:08:b3:83:6b:93:6e:cf:
                    3a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C3:EF:62:4C:66:B8:19:0A:D6:6B:4C:B5:26:04:86:75:FB:44:4C
            X509v3 Authority Key Identifier:
                keyid:08:4B:24:08:AD:F9:48:0E:82:68:B7:73:3B:E4:81:27:43:3C:E4:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEskCK35SA6CaLdzO-SBJ0M85NQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c19da3-7a3b-4938-b7c7-17fb64fd8250/1/pMPvYkxmuBkK1mtMtSYEhnX7REw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/c19da3-7a3b-4938-b7c7-17fb64fd8250/1/CEskCK35SA6CaLdzO-SBJ0M85NQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:d7:c3:e7:ed:26:9c:32:30:99:e0:58:1c:0d:89:38:aa:13:
         73:2b:ad:f9:19:77:30:27:f9:5e:b1:c9:d2:45:42:9e:e1:c9:
         ec:59:33:f6:17:ec:f9:ce:dd:0c:de:c4:82:dc:4d:e1:83:b8:
         39:9c:ec:c4:03:f5:a8:17:5a:5b:bf:11:5f:0a:ee:9c:f6:28:
         5a:ca:e2:47:c4:3a:64:1c:b2:b6:c6:47:59:26:c7:cc:b4:8f:
         e9:1c:9e:9a:e1:7e:22:46:b5:74:42:37:c9:8b:2a:b5:2f:fb:
         40:81:ed:fa:c5:b1:00:8c:1a:d0:9e:ac:cf:36:4c:cf:3a:b4:
         eb:f8:0f:fe:91:07:94:bc:9f:b6:a0:2f:ac:e0:20:20:8b:e4:
         f6:2b:3c:71:de:ec:15:a6:d3:dc:68:cb:00:13:6c:f6:6d:a4:
         a7:9e:cb:de:f3:14:70:83:0f:cf:b3:3a:da:42:45:42:08:eb:
         e0:1d:78:9d:ed:46:17:c7:f2:9d:89:df:74:82:ea:35:8c:1b:
         a2:8a:a5:21:cb:0d:ae:ba:9c:8d:48:4b:21:f3:62:42:7c:ca:
         88:32:19:3d:eb:b5:0a:d2:bf:00:64:d1:d4:7f:db:c4:16:83:
         8f:30:57:1e:f4:ce:22:58:a4:e2:22:f9:02:c3:0b:ef:77:ee:
         2c:a7:7b:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQqt/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODRiMjQwOGFkZjk0ODBlODI2OGI3NzMzYmU0ODEyNzQzM2NlNGQ0MB4XDTIyMDEw
MTA3NTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRjM2VmNjI0YzY2
YjgxOTBhZDY2YjRjYjUyNjA0ODY3NWZiNDQ0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfjs5ePquZT75Ug6rqVho1UzIHl6XUwKyzNBAGDgBOTDdxD
1lcD3i+A6O8YWBb8eVGp+krZEh01I/MAl3YsALzYNeNtxM6uAejakywqI/QGGpXb
8fmJTF7p5OK7IKWFgJGoUP/3g3N0RmTIvSu/dzs8BTLYzc63Lb9urZ1PYzjaOpWh
iiJbm47QEawdfVN0TLOicxxMrCpDIagzF4aIu30d8JzLmXmJmYlst/rr9bdMMR10
jVmR6TdDyf9Cr6Du50RhVZJirDr5CqyJTzfFjIPLmeGALwCbpWR4EpwCIuGN/1Jt
KDPjUicI4cEAfTHuPv7LwAMNB4gIs4Nrk27POoUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkw+9iTGa4GQrWa0y1JgSGdftETDAfBgNVHSMEGDAWgBQISyQIrflIDoJo
t3M75IEnQzzk1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NFc2tDSzM1U0E2Q2FMZHpPLVNCSjBNODVOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYzE5ZGEzLTdhM2ItNDkzOC1iN2M3LTE3ZmI2NGZkODI1MC8x
L3BNUHZZa3htdUJrSzFtdE10U1lFaG5YN1JFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YzE5ZGEzLTdhM2ItNDkzOC1iN2M3LTE3ZmI2NGZkODI1MC8xL0NFc2tDSzM1U0E2
Q2FMZHpPLVNCSjBNODVOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnr4DANBgkqhkiG9w0BAQsFAAOC
AQEAcNfD5+0mnDIwmeBYHA2JOKoTcyut+Rl3MCf5XrHJ0kVCnuHJ7Fkz9hfs+c7d
DN7EgtxN4YO4OZzsxAP1qBdaW78RXwrunPYoWsriR8Q6ZByytsZHWSbHzLSP6Rye
muF+Ika1dEI3yYsqtS/7QIHt+sWxAIwa0J6szzZMzzq06/gP/pEHlLyftqAvrOAg
IIvk9is8cd7sFabT3GjLABNs9m2kp57L3vMUcIMPz7M62kJFQgjr4B14ne1GF8fy
nYnfdILqNYwbooqlIcsNrrqcjUhLIfNiQnzKiDIZPeu1CtK/AGTR1H/bxBaDjzBX
HvTOIlik4iL5AsML73fuLKd7dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:05 2024 by rpki-client on console-ams.rpki-client.org