Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/sNQdpZjKqgl5leW4uyYdEBbwscQ.roa
File:                     sNQdpZjKqgl5leW4uyYdEBbwscQ.roa (raw, json)
Hash identifier:          31zjAkGXpVygvnYLcxKLaKeJN3aUqllrenIhs37V5ew=
Subject key identifier:   B0:D4:1D:A5:98:CA:AA:09:79:95:E5:B8:BB:26:1D:10:16:F0:B1:C4
Certificate issuer:       /CN=c4c20ab2f244ec6a7f09cf1eb1752e8c328248f2
Certificate serial:       1B290FB1
Authority key identifier: C4:C2:0A:B2:F2:44:EC:6A:7F:09:CF:1E:B1:75:2E:8C:32:82:48:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xMIKsvJE7Gp_Cc8esXUujDKCSPI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/sNQdpZjKqgl5leW4uyYdEBbwscQ.roa
Signing time:             Sat 01 Jan 2022 13:59:07 +0000
ROA not before:           Sat 01 Jan 2022 13:59:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     203382
IP address blocks:        185.97.100.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 455675825 (0x1b290fb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4c20ab2f244ec6a7f09cf1eb1752e8c328248f2
        Validity
            Not Before: Jan  1 13:59:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b0d41da598caaa097995e5b8bb261d1016f0b1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:95:38:0e:81:1a:dd:44:13:aa:d3:10:4b:7c:
                    ba:9c:2b:bd:2b:66:07:aa:8e:d3:bc:02:aa:9c:4a:
                    fa:3f:46:22:eb:29:fe:b5:bd:95:23:c7:8a:ba:fa:
                    75:e8:05:58:fd:1d:47:05:55:87:45:79:11:9a:87:
                    21:d3:08:bd:30:7a:bc:33:b6:32:5f:8a:12:c3:74:
                    cd:8b:36:92:05:6a:3e:31:82:ef:50:f8:92:87:89:
                    71:93:a1:29:6f:d7:c9:91:89:6c:3f:a3:e6:0d:3c:
                    00:2c:0d:f3:78:be:04:d7:cc:95:d0:e0:f5:b5:28:
                    be:f5:f5:76:59:99:4c:73:92:ba:d1:1d:fd:bf:73:
                    16:e2:3d:2d:e7:32:43:03:e7:4a:d6:eb:e4:f5:d2:
                    dd:5b:35:a3:04:83:00:23:7c:dc:b6:21:6b:ce:10:
                    c7:5f:0e:58:12:44:ee:9c:0d:69:87:f8:39:86:e7:
                    11:4c:62:ad:8b:84:ea:c7:20:2b:b3:70:49:a6:b9:
                    25:10:3e:b4:fb:16:65:09:b7:6e:ce:fd:ef:63:28:
                    25:9d:4d:ef:09:6f:78:98:fd:b1:ce:ce:45:60:07:
                    21:27:45:97:10:7e:c9:37:02:24:75:82:9b:5a:5d:
                    57:f0:83:48:bc:87:74:16:db:87:df:58:a0:12:85:
                    47:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D4:1D:A5:98:CA:AA:09:79:95:E5:B8:BB:26:1D:10:16:F0:B1:C4
            X509v3 Authority Key Identifier:
                keyid:C4:C2:0A:B2:F2:44:EC:6A:7F:09:CF:1E:B1:75:2E:8C:32:82:48:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMIKsvJE7Gp_Cc8esXUujDKCSPI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/sNQdpZjKqgl5leW4uyYdEBbwscQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/xMIKsvJE7Gp_Cc8esXUujDKCSPI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.97.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:2e:bb:4f:60:42:bc:ef:63:23:2a:7b:7c:be:8d:ed:19:ec:
         c5:53:aa:00:c3:dd:aa:04:9a:b3:91:7c:cf:f2:36:8f:07:40:
         b4:15:8d:0c:3b:a2:ba:41:8d:92:d6:c0:21:f3:98:36:95:b2:
         48:c1:ac:b8:58:ee:0c:38:2e:03:9d:f1:b9:83:5e:74:ad:68:
         52:bf:a6:35:9e:00:c1:77:b3:06:c0:df:9a:26:c8:1b:b7:ae:
         e8:16:58:6f:ae:82:c8:fd:01:59:d5:01:34:9c:61:a5:ac:e3:
         6c:ec:98:46:16:76:70:5e:bd:20:f6:a8:5a:00:79:57:8f:3b:
         3c:af:ad:03:d6:ba:31:f8:d2:28:7d:48:54:2a:03:c1:b4:ad:
         43:c6:63:9b:86:bd:a0:a7:3a:13:3d:15:bd:6f:46:69:1e:73:
         4b:3c:6b:87:6c:65:2b:f5:4c:c8:a9:43:62:a7:73:94:f5:30:
         f3:6f:d2:9c:26:fb:08:3d:c2:42:54:71:74:96:24:7a:ef:44:
         cd:ac:53:69:d6:93:16:42:a4:75:c1:ab:25:f3:2a:6d:5a:96:
         a8:2c:65:13:d8:20:41:7b:fb:6f:3d:f5:90:ae:0d:97:1e:40:
         04:19:a8:57:4f:c3:97:8f:46:c6:5c:2f:24:dd:79:e3:15:5d:
         59:7d:f2:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGykPsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGMyMGFiMmYyNDRlYzZhN2YwOWNmMWViMTc1MmU4YzMyODI0OGYyMB4XDTIyMDEw
MTEzNTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBkNDFkYTU5OGNh
YWEwOTc5OTVlNWI4YmIyNjFkMTAxNmYwYjFjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2VOA6BGt1EE6rTEEt8upwrvStmB6qO07wCqpxK+j9GIusp
/rW9lSPHirr6degFWP0dRwVVh0V5EZqHIdMIvTB6vDO2Ml+KEsN0zYs2kgVqPjGC
71D4koeJcZOhKW/XyZGJbD+j5g08ACwN83i+BNfMldDg9bUovvX1dlmZTHOSutEd
/b9zFuI9LecyQwPnStbr5PXS3Vs1owSDACN83LYha84Qx18OWBJE7pwNaYf4OYbn
EUxirYuE6scgK7NwSaa5JRA+tPsWZQm3bs7972MoJZ1N7wlveJj9sc7ORWAHISdF
lxB+yTcCJHWCm1pdV/CDSLyHdBbbh99YoBKFR6ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSw1B2lmMqqCXmV5bi7Jh0QFvCxxDAfBgNVHSMEGDAWgBTEwgqy8kTsan8J
zx6xdS6MMoJI8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hNSUtzdkpFN0dwX0NjOGVzWFV1akRLQ1NQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvZDczMTM3LWIwODktNGRiNC1iNmIyLTUwNzg5MTM5NTQxNy8x
L3NOUWRwWmpLcWdsNWxlVzR1eVlkRUJid3NjUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
ZDczMTM3LWIwODktNGRiNC1iNmIyLTUwNzg5MTM5NTQxNy8xL3hNSUtzdkpFN0dw
X0NjOGVzWFV1akRLQ1NQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlhZDANBgkqhkiG9w0BAQsFAAOC
AQEAei67T2BCvO9jIyp7fL6N7RnsxVOqAMPdqgSas5F8z/I2jwdAtBWNDDuiukGN
ktbAIfOYNpWySMGsuFjuDDguA53xuYNedK1oUr+mNZ4AwXezBsDfmibIG7eu6BZY
b66CyP0BWdUBNJxhpazjbOyYRhZ2cF69IPaoWgB5V487PK+tA9a6MfjSKH1IVCoD
wbStQ8Zjm4a9oKc6Ez0VvW9GaR5zSzxrh2xlK/VMyKlDYqdzlPUw82/SnCb7CD3C
QlRxdJYkeu9EzaxTadaTFkKkdcGrJfMqbVqWqCxlE9ggQXv7bz31kK4Nlx5ABBmo
V0/Dl49GxlwvJN154xVdWX3yBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:01 2024 by rpki-client on console-ams.rpki-client.org