Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/15bB_KMmh9BmItwfeo4tThjL9dg.roa
File:                     15bB_KMmh9BmItwfeo4tThjL9dg.roa (raw, json)
Hash identifier:          R3sQzBLvsvrxOYWMN6sCic7IoYIuRVQL3oGJM+1cwGg=
Subject key identifier:   D7:96:C1:FC:A3:26:87:D0:66:22:DC:1F:7A:8E:2D:4E:18:CB:F5:D8
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0A919FDB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/15bB_KMmh9BmItwfeo4tThjL9dg.roa
Signing time:             Mon 02 May 2022 06:58:23 +0000
ROA not before:           Mon 02 May 2022 06:58:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210441
IP address blocks:        89.117.68.0/24 maxlen: 24
                          89.117.70.0/23 maxlen: 24
                          89.117.72.0/21 maxlen: 21
                          89.117.84.0/23 maxlen: 24
                          89.117.80.0/22 maxlen: 24
                          89.117.88.0/22 maxlen: 24
                          89.117.96.0/22 maxlen: 24
                          89.117.94.0/23 maxlen: 24
                          89.117.102.0/23 maxlen: 24
                          89.117.112.0/22 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.117.116.0/23 maxlen: 24
                          89.117.12.0/23 maxlen: 24
                          89.117.24.0/23 maxlen: 24
                          89.117.28.0/22 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.117.36.0/23 maxlen: 24
                          89.117.64.0/22 maxlen: 24
                          89.117.188.0/24 maxlen: 24
                          89.117.190.0/24 maxlen: 24
                          89.117.218.0/24 maxlen: 24
                          89.117.215.0/24 maxlen: 24
                          89.117.222.0/24 maxlen: 24
                          89.117.132.0/22 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.117.139.0/24 maxlen: 24
                          89.117.142.0/23 maxlen: 24
                          89.117.158.0/23 maxlen: 24
                          89.117.160.0/22 maxlen: 24
                          84.46.234.0/23 maxlen: 24
                          89.116.108.0/24 maxlen: 24
                          89.116.106.0/23 maxlen: 24
                          86.38.246.0/23 maxlen: 24
                          89.116.125.0/24 maxlen: 24
                          89.116.130.0/23 maxlen: 24
                          89.116.126.0/23 maxlen: 24
                          89.116.132.0/24 maxlen: 24
                          89.116.128.0/24 maxlen: 24
                          89.116.137.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.141.0/24 maxlen: 24
                          89.116.148.0/23 maxlen: 24
                          89.116.150.0/24 maxlen: 24
                          89.116.153.0/24 maxlen: 24
                          89.116.158.0/24 maxlen: 24
                          89.116.154.0/24 maxlen: 24
                          89.116.58.0/23 maxlen: 24
                          89.116.70.0/24 maxlen: 24
                          89.116.68.0/23 maxlen: 24
                          86.38.202.0/23 maxlen: 24
                          89.116.76.0/24 maxlen: 24
                          89.116.88.0/23 maxlen: 24
                          89.116.91.0/24 maxlen: 24
                          89.116.92.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.116.253.0/24 maxlen: 24
                          89.116.255.0/24 maxlen: 24
                          89.117.6.0/23 maxlen: 24
                          89.117.8.0/23 maxlen: 24
                          89.116.163.0/24 maxlen: 24
                          89.116.161.0/24 maxlen: 24
                          89.116.166.0/24 maxlen: 24
                          89.116.172.0/23 maxlen: 24
                          89.116.179.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.186.0/24 maxlen: 24
                          89.116.184.0/23 maxlen: 24
                          89.116.189.0/24 maxlen: 24
                          89.116.190.0/24 maxlen: 24
                          89.116.193.0/24 maxlen: 24
                          89.116.210.0/23 maxlen: 24
                          86.38.178.0/23 maxlen: 24
                          86.38.186.0/23 maxlen: 24
                          86.38.184.0/23 maxlen: 24
                          86.38.182.0/23 maxlen: 24
                          89.117.228.0/23 maxlen: 24
                          89.117.245.0/24 maxlen: 24
                          89.117.250.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177315803 (0xa919fdb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: May  2 06:58:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d796c1fca32687d06622dc1f7a8e2d4e18cbf5d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:22:bf:5d:fc:ca:fa:ef:9d:cc:93:05:6f:a7:
                    0a:8c:41:f0:60:d9:2c:56:3c:cb:cb:2d:2e:23:16:
                    16:43:11:59:9f:01:47:f8:95:5e:8e:f2:73:8f:7e:
                    3d:61:1b:2f:2f:f0:2c:a1:cf:00:1b:23:c2:c2:62:
                    bb:f6:fa:80:ad:cd:5f:93:48:a1:65:ff:d1:82:5f:
                    d7:71:0d:5a:1b:78:d7:b4:bd:94:f3:3b:bf:e1:56:
                    34:17:a9:da:14:25:38:69:f2:33:cc:91:b4:bd:77:
                    ef:1b:2f:d8:50:ae:4c:dd:9e:0f:23:4b:5d:ba:29:
                    4b:29:e0:8e:07:5b:48:b5:74:b9:2f:45:c9:56:a7:
                    20:1b:0b:6b:fc:8c:9f:34:e9:05:4e:2a:fb:1e:26:
                    62:b1:4a:e0:8c:17:f2:d4:2d:d7:bb:1d:e3:1f:53:
                    1e:41:8e:2b:55:67:bd:00:b0:29:24:b1:48:43:b6:
                    24:02:15:a4:e1:71:59:21:42:6a:fb:dc:b8:80:02:
                    38:15:36:d2:5d:44:40:48:b0:a0:08:e0:13:35:3f:
                    5b:2d:34:db:c0:4c:f4:eb:ef:bc:b0:18:47:df:21:
                    32:b3:b0:06:7a:40:9e:14:49:e7:60:f2:d7:a6:7e:
                    08:99:e2:75:87:c1:c2:91:ea:d3:4b:df:ca:e8:fb:
                    eb:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:96:C1:FC:A3:26:87:D0:66:22:DC:1F:7A:8E:2D:4E:18:CB:F5:D8
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/15bB_KMmh9BmItwfeo4tThjL9dg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.46.234.0/23
                  86.38.178.0/23
                  86.38.182.0-86.38.187.255
                  86.38.202.0/23
                  86.38.246.0/23
                  89.116.58.0/23
                  89.116.68.0-89.116.70.255
                  89.116.76.0/24
                  89.116.88.0/23
                  89.116.91.0-89.116.92.255
                  89.116.106.0-89.116.108.255
                  89.116.125.0-89.116.128.255
                  89.116.130.0-89.116.132.255
                  89.116.135.0/24
                  89.116.137.0/24
                  89.116.141.0/24
                  89.116.148.0-89.116.150.255
                  89.116.153.0-89.116.154.255
                  89.116.158.0/24
                  89.116.161.0/24
                  89.116.163.0/24
                  89.116.166.0/24
                  89.116.172.0/23
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.179.0/24
                  89.116.184.0-89.116.186.255
                  89.116.189.0-89.116.190.255
                  89.116.193.0/24
                  89.116.210.0/23
                  89.116.218.0/24
                  89.116.252.0/23
                  89.116.255.0/24
                  89.117.6.0-89.117.9.255
                  89.117.12.0/23
                  89.117.24.0/23
                  89.117.28.0-89.117.33.255
                  89.117.36.0/23
                  89.117.64.0-89.117.68.255
                  89.117.70.0-89.117.85.255
                  89.117.88.0/22
                  89.117.94.0-89.117.99.255
                  89.117.102.0/23
                  89.117.109.0/24
                  89.117.112.0-89.117.117.255
                  89.117.129.0/24
                  89.117.132.0/22
                  89.117.139.0/24
                  89.117.142.0/23
                  89.117.158.0-89.117.163.255
                  89.117.188.0/24
                  89.117.190.0/24
                  89.117.215.0/24
                  89.117.218.0/24
                  89.117.222.0/24
                  89.117.228.0/23
                  89.117.245.0/24
                  89.117.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:00:60:93:76:94:80:21:7d:92:f7:00:53:01:5f:d5:e8:06:
         c4:06:91:5c:07:c2:47:41:c4:d0:a3:9e:b9:d3:ef:dc:c1:1f:
         7a:32:1a:a2:41:2d:00:d8:e9:5a:ad:2e:e0:d1:a5:fd:2f:8d:
         14:22:df:66:5a:88:43:63:e7:e6:69:dd:b0:9b:31:d8:12:dc:
         f1:fb:7c:b7:d1:fb:f8:63:5e:8a:55:ce:12:60:87:10:0c:c7:
         f1:33:32:00:73:be:c7:b3:1d:d5:7a:9e:11:0d:19:5e:a1:3c:
         e4:8a:db:6e:9d:f4:d7:3f:c2:78:7d:93:00:bd:cb:d9:06:23:
         ac:91:aa:64:77:c3:11:a6:82:eb:4e:f6:e1:6a:13:5d:9e:1e:
         1c:7b:ae:7d:6d:45:df:01:fc:6f:25:50:7e:16:70:75:fa:d0:
         b3:96:4a:39:54:91:74:27:3f:b6:ce:f6:2f:1f:c2:75:1d:95:
         a7:35:3a:db:84:5b:8e:41:54:ba:f0:3f:3a:db:c9:c1:de:f4:
         5f:ff:c4:cd:17:26:b6:f9:93:ee:ff:7c:bf:a3:7e:19:75:1d:
         1d:94:8f:c0:68:b1:06:67:f8:79:7e:54:8a:bd:16:ba:7a:f1:
         8e:3d:bf:30:7d:d6:e9:69:b6:5e:04:5d:c8:3a:d3:73:33:34:
         48:79:b7:5f
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgIECpGf2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUw
MjA2NTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc5NmMxZmNhMzI2
ODdkMDY2MjJkYzFmN2E4ZTJkNGUxOGNiZjVkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYiv138yvrvncyTBW+nCoxB8GDZLFY8y8stLiMWFkMRWZ8B
R/iVXo7yc49+PWEbLy/wLKHPABsjwsJiu/b6gK3NX5NIoWX/0YJf13ENWht417S9
lPM7v+FWNBep2hQlOGnyM8yRtL137xsv2FCuTN2eDyNLXbopSyngjgdbSLV0uS9F
yVanIBsLa/yMnzTpBU4q+x4mYrFK4IwX8tQt17sd4x9THkGOK1VnvQCwKSSxSEO2
JAIVpOFxWSFCavvcuIACOBU20l1EQEiwoAjgEzU/Wy0028BM9OvvvLAYR98hMrOw
BnpAnhRJ52Dy16Z+CJnidYfBwpHq00vfyuj7670CAwEAAaOCA/EwggPtMB0GA1Ud
DgQWBBTXlsH8oyaH0GYi3B96ji1OGMv12DAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzE1YkJfS01taDlCbUl0d2ZlbzR0VGhqTDlkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AgUGCCsGAQUFBwEHAQH/BIIB9DCCAfAwggHsBAIAATCCAeQDBAFULuoDBAFWJrIw
DAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OjAMAwQCWXREAwQAWXRGAwQA
WXRMAwQBWXRYMAwDBABZdFsDBABZdFwwDAMEAVl0agMEAFl0bDAMAwQAWXR9AwQA
WXSAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkDBABZdI0wDAMEAll0lAMEAFl0
ljAMAwQAWXSZAwQAWXSaAwQAWXSeAwQAWXShAwQAWXSjAwQAWXSmAwQBWXSsAwQA
WXSvAwQAWXSxAwQAWXSzMAwDBANZdLgDBABZdLowDAMEAFl0vQMEAFl0vgMEAFl0
wQMEAVl00gMEAFl02gMEAVl0/AMEAFl0/zAMAwQBWXUGAwQBWXUIAwQBWXUMAwQB
WXUYMAwDBAJZdRwDBAFZdSADBAFZdSQwDAMEBll1QAMEAFl1RDAMAwQBWXVGAwQB
WXVUAwQCWXVYMAwDBAFZdV4DBAJZdWADBAFZdWYDBABZdW0wDAMEBFl1cAMEAVl1
dAMEAFl1gQMEAll1hAMEAFl1iwMEAVl1jjAMAwQBWXWeAwQCWXWgAwQAWXW8AwQA
WXW+AwQAWXXXAwQAWXXaAwQAWXXeAwQBWXXkAwQAWXX1AwQAWXX6MA0GCSqGSIb3
DQEBCwUAA4IBAQBVAGCTdpSAIX2S9wBTAV/V6AbEBpFcB8JHQcTQo5650+/cwR96
MhqiQS0A2OlarS7g0aX9L40UIt9mWohDY+fmad2wmzHYEtzx+3y30fv4Y16KVc4S
YIcQDMfxMzIAc77Hsx3Vep4RDRleoTzkittunfTXP8J4fZMAvcvZBiOskapkd8MR
poLrTvbhahNdnh4ce659bUXfAfxvJVB+FnB1+tCzlko5VJF0Jz+2zvYvH8J1HZWn
NTrbhFuOQVS68D8628nB3vRf/8TNFya2+ZPu/3y/o34ZdR0dlI/AaLEGZ/h5flSK
vRa6evGOPb8wfdbpabZeBF3IOtNzMzRIebdf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org