Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3faba7-3529-414d-a79f-25ff96d41afb/1/AJQpqN2y7Sbg1y5TKHzju3DyOsQ.roa
File:                     AJQpqN2y7Sbg1y5TKHzju3DyOsQ.roa (raw, json)
Hash identifier:          G3AhwLlNxrhd3rsA8tzjDrrua4xGmcuxcM31DNzxQa8=
Subject key identifier:   00:94:29:A8:DD:B2:ED:26:E0:D7:2E:53:28:7C:E3:BB:70:F2:3A:C4
Certificate issuer:       /CN=823b669a87620faf0c422710e26ee3000c9a9a41
Certificate serial:       0187ACAEAD17BBB17343524CA08EB95413AA
Authority key identifier: 82:3B:66:9A:87:62:0F:AF:0C:42:27:10:E2:6E:E3:00:0C:9A:9A:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gjtmmodiD68MQicQ4m7jAAyamkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/3faba7-3529-414d-a79f-25ff96d41afb/1/AJQpqN2y7Sbg1y5TKHzju3DyOsQ.roa
Signing time:             Sun 23 Apr 2023 05:55:41 +0000
ROA not before:           Sun 23 Apr 2023 05:55:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        193.243.186.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ac:ae:ad:17:bb:b1:73:43:52:4c:a0:8e:b9:54:13:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=823b669a87620faf0c422710e26ee3000c9a9a41
        Validity
            Not Before: Apr 23 05:55:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=009429a8ddb2ed26e0d72e53287ce3bb70f23ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4e:93:1d:00:77:d1:b8:c4:b8:e4:a3:36:43:
                    67:0e:e3:e8:09:9d:71:62:c4:53:47:9a:ae:2a:97:
                    75:82:f5:44:ae:4d:1b:09:9a:53:cb:80:9f:6c:c6:
                    79:f8:ac:30:6e:f4:56:f0:80:b8:65:bc:7f:80:13:
                    42:4a:36:f7:89:1a:b7:a5:c4:f8:6b:57:fb:6f:81:
                    d3:8b:6d:de:46:34:1d:77:1d:bf:7c:db:fb:f9:73:
                    b1:ff:9a:2d:b8:d1:a2:be:42:c9:c9:d5:e3:bf:aa:
                    1e:e8:a6:28:a6:bf:56:dd:23:78:7c:e9:21:8c:0e:
                    57:21:01:a0:fb:25:64:89:3a:d0:a3:ed:59:a4:f2:
                    02:57:6f:63:46:82:7c:a7:2b:26:7a:34:28:43:74:
                    ed:82:dd:da:32:23:55:a9:70:2a:6a:25:03:9e:f0:
                    d3:f0:f3:94:5f:af:47:c5:c3:9d:89:d5:cf:87:06:
                    44:7d:98:04:64:65:0d:cd:b6:3c:c4:ef:5f:3c:bc:
                    76:ae:a6:bd:9f:98:ea:eb:20:52:7d:79:4e:a7:6b:
                    04:7c:17:45:9b:44:d2:51:c0:17:6a:cd:18:91:39:
                    bc:ac:e2:8f:f7:a1:7f:fc:ff:6c:58:d0:a1:93:78:
                    07:12:d5:de:83:67:bd:c0:3d:69:27:84:1f:40:f5:
                    9d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:94:29:A8:DD:B2:ED:26:E0:D7:2E:53:28:7C:E3:BB:70:F2:3A:C4
            X509v3 Authority Key Identifier:
                keyid:82:3B:66:9A:87:62:0F:AF:0C:42:27:10:E2:6E:E3:00:0C:9A:9A:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gjtmmodiD68MQicQ4m7jAAyamkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3faba7-3529-414d-a79f-25ff96d41afb/1/AJQpqN2y7Sbg1y5TKHzju3DyOsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3faba7-3529-414d-a79f-25ff96d41afb/1/gjtmmodiD68MQicQ4m7jAAyamkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.243.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:35:04:52:83:0c:7d:d2:35:48:d3:08:e1:a2:de:cd:5f:41:
         7f:b4:b0:b2:90:6e:f4:74:1f:7b:04:1e:95:15:88:a9:3b:a7:
         79:6f:ed:db:56:33:c3:f1:bf:dc:89:85:be:ce:3a:b4:7f:e9:
         ea:6a:c6:1b:fa:8c:4a:63:f8:2f:57:c2:25:89:0f:7c:31:bb:
         1f:90:c1:3f:a2:1c:41:a8:31:4d:69:54:7c:aa:20:a7:ac:d0:
         9f:1d:66:ae:d4:53:e9:57:56:11:54:cb:12:c6:38:a7:84:95:
         f5:c2:e9:93:01:de:67:ac:ea:22:4c:20:e7:87:69:71:e8:71:
         12:35:c7:4d:3e:90:d2:1e:8e:53:60:f1:81:0d:3c:86:70:2b:
         80:93:66:ab:58:d0:32:a5:3a:46:37:b3:dd:bc:26:5e:91:6e:
         fe:ac:07:63:cf:9c:94:d5:ea:88:65:46:6d:05:b0:e4:9e:fa:
         c6:74:d4:ec:9e:e0:2d:41:8d:56:93:95:17:aa:41:b8:f8:d1:
         54:b0:46:54:7c:21:f4:0b:f5:2a:0f:f5:ec:5b:ea:0a:5a:4c:
         7b:85:d2:92:a0:e4:eb:f1:50:c1:78:94:db:ab:38:ec:a0:f0:
         19:0a:ae:c3:8a:ea:1e:e9:f5:42:72:a1:d0:97:29:89:18:54:
         09:db:eb:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYesrq0Xu7FzQ1JMoI65VBOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyM2I2NjlhODc2MjBmYWYwYzQyMjcxMGUyNmVlMzAwMGM5
YTlhNDEwHhcNMjMwNDIzMDU1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDk0MjlhOGRkYjJlZDI2ZTBkNzJlNTMyODdjZTNiYjcwZjIzYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU6THQB30bjEuOSjNkNnDuPoCZ1x
YsRTR5quKpd1gvVErk0bCZpTy4CfbMZ5+KwwbvRW8IC4Zbx/gBNCSjb3iRq3pcT4
a1f7b4HTi23eRjQddx2/fNv7+XOx/5otuNGivkLJydXjv6oe6KYopr9W3SN4fOkh
jA5XIQGg+yVkiTrQo+1ZpPICV29jRoJ8pysmejQoQ3Ttgt3aMiNVqXAqaiUDnvDT
8POUX69HxcOdidXPhwZEfZgEZGUNzbY8xO9fPLx2rqa9n5jq6yBSfXlOp2sEfBdF
m0TSUcAXas0YkTm8rOKP96F//P9sWNChk3gHEtXeg2e9wD1pJ4QfQPWdbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACUKajdsu0m4NcuUyh847tw8jrEMB8GA1UdIwQY
MBaAFII7ZpqHYg+vDEInEOJu4wAMmppBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2p0bW1vZGlENjhNUWljUTRtN2pBQXlhbWtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8zZmFiYTctMzUyOS00MTRkLWE3OWYt
MjVmZjk2ZDQxYWZiLzEvQUpRcHFOMnk3U2JnMXk1VEtIemp1M0R5T3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8zZmFiYTctMzUyOS00MTRkLWE3OWYtMjVmZjk2ZDQxYWZi
LzEvZ2p0bW1vZGlENjhNUWljUTRtN2pBQXlhbWtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfO6MA0G
CSqGSIb3DQEBCwUAA4IBAQBENQRSgwx90jVI0wjhot7NX0F/tLCykG70dB97BB6V
FYipO6d5b+3bVjPD8b/ciYW+zjq0f+nqasYb+oxKY/gvV8IliQ98MbsfkME/ohxB
qDFNaVR8qiCnrNCfHWau1FPpV1YRVMsSxjinhJX1wumTAd5nrOoiTCDnh2lx6HES
NcdNPpDSHo5TYPGBDTyGcCuAk2arWNAypTpGN7PdvCZekW7+rAdjz5yU1eqIZUZt
BbDknvrGdNTsnuAtQY1Wk5UXqkG4+NFUsEZUfCH0C/UqD/XsW+oKWkx7hdKSoOTr
8VDBeJTbqzjsoPAZCq7Diuoe6fVCcqHQlymJGFQJ2+vh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:40 2024 by rpki-client on console-fra.rpki-client.org