Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/s7H3rBofLsJQwQ2v4nFldoumxDM.roa
File:                     s7H3rBofLsJQwQ2v4nFldoumxDM.roa (raw, json)
Hash identifier:          8BHdausQZTJL8dr4i06YawiGZ9UaIcIUtcoTBBzBC7o=
Subject key identifier:   B3:B1:F7:AC:1A:1F:2E:C2:50:C1:0D:AF:E2:71:65:76:8B:A6:C4:33
Certificate issuer:       /CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
Certificate serial:       01856D5D1931508276723FCA31410E149D70
Authority key identifier: 9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/s7H3rBofLsJQwQ2v4nFldoumxDM.roa
Signing time:             Sun 01 Jan 2023 12:44:55 +0000
ROA not before:           Sun 01 Jan 2023 12:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44066
IP address blocks:        185.210.137.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5d:19:31:50:82:76:72:3f:ca:31:41:0e:14:9d:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a04cdcdc1159c31eedb24cc7ac8b262b756227c
        Validity
            Not Before: Jan  1 12:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3b1f7ac1a1f2ec250c10dafe27165768ba6c433
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8c:18:22:ac:cf:35:9c:ff:d7:21:ff:83:5c:
                    27:d8:21:4f:3d:05:63:7e:40:3f:0a:e5:35:06:0f:
                    c5:0d:14:ad:bb:e0:9b:69:dd:b7:6c:d5:e6:63:88:
                    43:f6:0f:1e:00:d3:8b:59:be:22:83:c8:e1:d3:8e:
                    85:ff:ca:d4:06:ac:33:d1:44:ef:f1:25:d3:3a:b3:
                    f1:d4:18:33:b7:96:42:62:c1:0f:56:a0:e1:14:28:
                    0f:aa:15:42:81:d1:55:8b:69:da:e8:d0:32:a8:a9:
                    35:11:77:ab:a9:b3:2c:79:eb:be:76:06:93:a4:ef:
                    93:ae:b0:0a:95:97:ae:23:05:e7:e5:44:bf:be:83:
                    90:5f:36:8d:0b:02:2d:29:aa:bc:bd:80:54:2f:4a:
                    52:c5:c3:ca:b7:0b:12:f7:f6:4e:43:10:d2:73:9e:
                    b6:d8:4d:5e:4f:a6:6e:20:50:b6:b0:f4:e7:0d:d0:
                    18:ad:a4:39:53:22:5b:52:23:93:66:b9:54:47:65:
                    13:29:99:c3:19:e9:5d:59:63:c8:ad:ab:79:af:c3:
                    5d:ef:5a:ad:9e:c2:32:79:a4:44:63:be:5c:15:7f:
                    f1:76:e8:29:ea:24:2b:4e:c2:56:f8:c6:58:fd:2f:
                    66:4a:fe:95:b8:4e:26:16:76:86:ab:06:f5:0d:72:
                    05:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:B1:F7:AC:1A:1F:2E:C2:50:C1:0D:AF:E2:71:65:76:8B:A6:C4:33
            X509v3 Authority Key Identifier:
                keyid:9A:04:CD:CD:C1:15:9C:31:EE:DB:24:CC:7A:C8:B2:62:B7:56:22:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgTNzcEVnDHu2yTMesiyYrdWInw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/s7H3rBofLsJQwQ2v4nFldoumxDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62e43b-228a-4e85-834c-44c166014612/1/mgTNzcEVnDHu2yTMesiyYrdWInw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.210.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:fe:bd:1d:d5:aa:29:2c:69:6f:df:86:04:05:ed:34:f1:78:
         ad:ad:7d:4c:1c:96:bb:2c:f0:95:3f:c7:fe:19:e6:3e:35:e6:
         a7:8d:69:f0:f4:8a:c7:ad:06:f0:5d:56:6f:06:6b:54:2e:7a:
         b3:1e:0c:4f:82:b4:25:4d:23:01:1a:81:1b:14:ea:dc:fb:68:
         b4:a3:1c:3f:46:2d:6c:c2:18:ad:9e:12:fb:27:a0:23:a5:44:
         a7:56:06:8e:3e:95:a8:67:14:f1:3b:3c:28:80:3f:18:d6:c9:
         72:d6:5f:91:42:3a:d1:0e:60:46:24:33:89:d9:10:e5:06:ce:
         22:d8:f0:d3:cd:b0:e5:64:bd:73:3f:cd:6b:a7:60:03:5f:29:
         60:20:31:7b:c2:be:40:f1:8f:39:c9:7b:56:a4:4e:b0:4f:0d:
         74:41:2d:c6:4c:91:cf:f0:20:4f:59:be:58:8e:d2:75:b8:1a:
         6a:c7:27:c6:f7:e0:e2:24:32:05:d4:25:25:7f:1b:1b:7d:18:
         f9:f9:50:79:ad:a9:c8:03:9e:3a:0c:c2:12:0f:f4:43:9e:d8:
         d1:ff:6c:bb:b7:a8:b9:15:f2:a0:16:f1:d8:7e:e6:0d:d2:f0:
         6e:c5:94:5e:70:4c:d0:c4:88:67:e4:67:26:c5:47:fe:ac:4e:
         b3:39:66:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXRkxUIJ2cj/KMUEOFJ1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDRjZGNkYzExNTljMzFlZWRiMjRjYzdhYzhiMjYyYjc1
NjIyN2MwHhcNMjMwMTAxMTI0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2IxZjdhYzFhMWYyZWMyNTBjMTBkYWZlMjcxNjU3NjhiYTZjNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkowYIqzPNZz/1yH/g1wn2CFPPQVj
fkA/CuU1Bg/FDRStu+Cbad23bNXmY4hD9g8eANOLWb4ig8jh046F/8rUBqwz0UTv
8SXTOrPx1Bgzt5ZCYsEPVqDhFCgPqhVCgdFVi2na6NAyqKk1EXerqbMseeu+dgaT
pO+TrrAKlZeuIwXn5US/voOQXzaNCwItKaq8vYBUL0pSxcPKtwsS9/ZOQxDSc562
2E1eT6ZuIFC2sPTnDdAYraQ5UyJbUiOTZrlUR2UTKZnDGeldWWPIrat5r8Nd71qt
nsIyeaREY75cFX/xdugp6iQrTsJW+MZY/S9mSv6VuE4mFnaGqwb1DXIFNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOx96waHy7CUMENr+JxZXaLpsQzMB8GA1UdIwQY
MBaAFJoEzc3BFZwx7tskzHrIsmK3ViJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMt
NDRjMTY2MDE0NjEyLzEvczdIM3JCb2ZMc0pRd1EydjRuRmxkb3VteERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MmU0M2ItMjI4YS00ZTg1LTgzNGMtNDRjMTY2MDE0NjEy
LzEvbWdUTnpjRVZuREh1MnlUTWVzaXlZcmRXSW53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKJMA0G
CSqGSIb3DQEBCwUAA4IBAQBv/r0d1aopLGlv34YEBe008XitrX1MHJa7LPCVP8f+
GeY+NeanjWnw9IrHrQbwXVZvBmtULnqzHgxPgrQlTSMBGoEbFOrc+2i0oxw/Ri1s
whitnhL7J6AjpUSnVgaOPpWoZxTxOzwogD8Y1sly1l+RQjrRDmBGJDOJ2RDlBs4i
2PDTzbDlZL1zP81rp2ADXylgIDF7wr5A8Y85yXtWpE6wTw10QS3GTJHP8CBPWb5Y
jtJ1uBpqxyfG9+DiJDIF1CUlfxsbfRj5+VB5ranIA546DMISD/RDntjR/2y7t6i5
FfKgFvHYfuYN0vBuxZRecEzQxIhn5GcmxUf+rE6zOWa6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:30 2024 by rpki-client on console-ams.rpki-client.org