Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/VStxx4noK-s3sbpfmxi-jC3q5gE.roa
File:                     VStxx4noK-s3sbpfmxi-jC3q5gE.roa (raw, json)
Hash identifier:          /CJeoasOFGTTSY4CmeAVdFanIqMx5LPiD5CNB3WP+Bc=
Subject key identifier:   55:2B:71:C7:89:E8:2B:EB:37:B1:BA:5F:9B:18:BE:8C:2D:EA:E6:01
Certificate issuer:       /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial:       01887535ADC2E0EBD6AF32504D5228B29650
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/VStxx4noK-s3sbpfmxi-jC3q5gE.roa
Signing time:             Thu 01 Jun 2023 04:27:12 +0000
ROA not before:           Thu 01 Jun 2023 04:27:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     328867
IP address blocks:        194.62.214.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:75:35:ad:c2:e0:eb:d6:af:32:50:4d:52:28:b2:96:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
        Validity
            Not Before: Jun  1 04:27:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=552b71c789e82beb37b1ba5f9b18be8c2deae601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:14:ec:59:c0:80:18:01:c4:66:31:c8:b9:a0:
                    ec:d5:5f:9b:73:74:66:b2:46:bd:ed:48:ad:de:d5:
                    03:b2:34:29:d2:29:8f:71:1e:ea:d1:da:57:12:8c:
                    7d:6a:8d:8e:3b:68:3c:e6:64:78:c5:5b:be:94:cf:
                    a0:3a:6b:95:24:b4:62:32:a7:e6:73:04:a7:1c:69:
                    07:28:20:62:80:61:9e:79:0b:a4:37:d1:a0:ab:3c:
                    2b:f4:3c:2e:31:0d:6c:ac:29:57:39:63:03:ad:b2:
                    7d:e5:44:18:ee:5f:75:8e:f4:1e:78:55:75:d2:69:
                    1b:16:4d:dd:35:52:fd:0f:3d:44:0e:71:22:e0:2c:
                    02:10:ae:13:b3:da:c8:51:f1:d5:5d:9e:67:14:ca:
                    71:48:aa:5a:09:69:fa:0c:a8:c7:75:b7:bc:57:33:
                    92:87:98:b9:50:54:0d:8d:70:b9:06:20:ae:74:73:
                    67:5d:b6:a6:ab:42:d0:69:93:15:41:b9:d1:4a:92:
                    aa:33:8f:24:19:27:51:bd:33:0a:aa:bf:64:9c:d6:
                    0a:98:8a:ec:f6:31:a9:4a:d5:4f:60:b1:fe:2e:be:
                    47:f3:37:00:a7:e6:8b:77:f9:16:30:89:3e:34:88:
                    ed:a3:6b:a1:4d:a3:1a:6f:76:23:4c:5d:e9:a4:f3:
                    c8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:2B:71:C7:89:E8:2B:EB:37:B1:BA:5F:9B:18:BE:8C:2D:EA:E6:01
            X509v3 Authority Key Identifier:
                keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/VStxx4noK-s3sbpfmxi-jC3q5gE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.62.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:e8:bc:be:50:33:cf:a7:2b:ed:f9:99:12:de:8e:64:2c:50:
         44:a6:60:4a:e8:a2:aa:93:15:23:da:f9:87:2a:af:db:b8:e4:
         6d:b8:52:9f:6c:c4:47:e3:e3:65:c3:2b:f9:29:84:1d:30:8f:
         55:5c:5e:14:c8:0e:70:7a:d4:82:da:ca:14:ff:18:ed:64:80:
         94:8a:ad:e2:da:f9:5e:6b:1a:00:6a:e4:62:86:fc:d0:e8:2e:
         15:52:f1:ce:8c:22:31:7d:42:b1:d8:c7:a6:61:14:18:c4:5d:
         5d:ef:0d:03:83:00:0e:f5:01:c5:2f:77:0a:db:8d:5f:1f:17:
         a9:d5:cb:d5:23:54:8a:10:bd:8e:00:20:70:bf:ec:bc:f2:4e:
         a2:7a:43:7e:95:ce:93:9d:b3:7d:19:cc:cc:0b:60:7f:40:a2:
         b4:d2:af:7e:3a:9f:65:d4:a7:32:70:12:32:2b:5b:18:54:c3:
         b0:e1:fc:c8:08:f7:a4:70:a5:30:ce:9d:9e:4e:94:53:07:3e:
         6b:f1:00:07:0f:12:29:ba:22:cd:f5:57:db:de:68:89:93:88:
         bd:f7:1a:b4:da:34:bb:6f:6d:1d:75:a2:ef:01:ff:c7:df:50:
         81:71:87:a4:27:0c:60:3d:09:88:48:62:3d:84:aa:b6:ac:36:
         13:ad:fc:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh1Na3C4OvWrzJQTVIospZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwNjAxMDQyNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTJiNzFjNzg5ZTgyYmViMzdiMWJhNWY5YjE4YmU4YzJkZWFlNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghTsWcCAGAHEZjHIuaDs1V+bc3Rm
ska97Uit3tUDsjQp0imPcR7q0dpXEox9ao2OO2g85mR4xVu+lM+gOmuVJLRiMqfm
cwSnHGkHKCBigGGeeQukN9Ggqzwr9DwuMQ1srClXOWMDrbJ95UQY7l91jvQeeFV1
0mkbFk3dNVL9Dz1EDnEi4CwCEK4Ts9rIUfHVXZ5nFMpxSKpaCWn6DKjHdbe8VzOS
h5i5UFQNjXC5BiCudHNnXbamq0LQaZMVQbnRSpKqM48kGSdRvTMKqr9knNYKmIrs
9jGpStVPYLH+Lr5H8zcAp+aLd/kWMIk+NIjto2uhTaMab3YjTF3ppPPIoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFUrcceJ6CvrN7G6X5sYvowt6uYBMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvVlN0eHg0bm9LLXMzc2JwZm14aS1qQzNxNWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj7WMA0G
CSqGSIb3DQEBCwUAA4IBAQA86Ly+UDPPpyvt+ZkS3o5kLFBEpmBK6KKqkxUj2vmH
Kq/buORtuFKfbMRH4+Nlwyv5KYQdMI9VXF4UyA5wetSC2soU/xjtZICUiq3i2vle
axoAauRihvzQ6C4VUvHOjCIxfUKx2MemYRQYxF1d7w0DgwAO9QHFL3cK241fHxep
1cvVI1SKEL2OACBwv+y88k6iekN+lc6TnbN9GczMC2B/QKK00q9+Op9l1KcycBIy
K1sYVMOw4fzICPekcKUwzp2eTpRTBz5r8QAHDxIpuiLN9Vfb3miJk4i99xq02jS7
b20ddaLvAf/H31CBcYekJwxgPQmISGI9hKq2rDYTrfyJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:37 2024 by rpki-client on console-ams.rpki-client.org