Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/1SUl-1bQHIIwqbo7TUlVy5oBRjE.roa
File:                     1SUl-1bQHIIwqbo7TUlVy5oBRjE.roa (raw, json)
Hash identifier:          awLjGBIAuAzJlSPAn+uRtEuHM99ARBIYDfI9R5+gEzk=
Subject key identifier:   D5:25:25:FB:56:D0:1C:82:30:A9:BA:3B:4D:49:55:CB:9A:01:46:31
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       096B43BB
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/1SUl-1bQHIIwqbo7TUlVy5oBRjE.roa
Signing time:             Wed 09 Feb 2022 07:22:07 +0000
ROA not before:           Wed 09 Feb 2022 07:22:07 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        89.117.109.0/24 maxlen: 24
                          82.140.183.0/24 maxlen: 24
                          82.140.182.0/24 maxlen: 24
                          86.38.175.0/24 maxlen: 24
                          86.38.180.0/23 maxlen: 24
                          89.117.120.0/22 maxlen: 24
                          84.46.200.0/24 maxlen: 24
                          86.38.242.0/23 maxlen: 24
                          86.38.241.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.156.0/24 maxlen: 24
                          89.116.158.0/24 maxlen: 24
                          89.116.56.0/24 maxlen: 24
                          86.38.190.0/24 maxlen: 24
                          86.38.189.0/24 maxlen: 24
                          86.38.200.0/24 maxlen: 24
                          86.38.214.0/24 maxlen: 24
                          86.38.216.0/22 maxlen: 24
                          86.38.225.0/24 maxlen: 24
                          86.38.226.0/24 maxlen: 24
                          89.116.96.0/24 maxlen: 24
                          86.38.238.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158024635 (0x96b43bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Feb  9 07:22:07 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d52525fb56d01c8230a9ba3b4d4955cb9a014631
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ef:4b:ed:df:f5:ba:25:25:94:9b:9e:af:20:
                    59:11:cf:3b:58:87:2c:6d:ab:47:ce:89:e3:c5:66:
                    01:75:73:c2:de:29:71:06:b2:4b:64:4f:1a:15:56:
                    4a:76:e4:aa:f4:2a:46:2d:71:7a:0a:57:dd:f3:bd:
                    a6:70:a4:47:0c:17:ac:73:27:44:43:90:16:0a:bf:
                    a6:b2:7c:7c:b4:b9:10:c0:ee:e8:dc:dd:ab:d7:9c:
                    dc:1f:9d:dc:1b:06:d4:5c:d7:24:a4:dc:a6:e6:0e:
                    3c:63:fd:ef:74:6d:f4:29:09:79:19:23:e4:7b:e9:
                    1d:62:4f:34:76:7e:b4:44:03:68:67:76:7a:9b:22:
                    cd:a4:52:40:3e:87:2e:ce:4c:8e:12:94:45:12:42:
                    94:bf:7a:2a:ff:74:c2:4c:b3:8b:ed:21:c5:cc:8b:
                    8a:5c:58:84:69:60:9a:bc:d6:dc:25:52:96:fb:da:
                    91:63:c5:8c:e8:49:41:d6:d3:cd:cd:8b:d4:14:e2:
                    46:94:f5:b9:d2:8f:f9:c9:cf:e8:a6:9a:b2:2a:76:
                    53:70:39:00:80:79:9b:2f:2e:c9:df:f3:10:21:bc:
                    77:e5:28:5d:9c:77:ec:a4:5b:d8:03:03:cb:0d:6c:
                    ad:1b:1d:d4:19:5f:30:8c:2d:75:25:c0:06:67:17:
                    2a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:25:25:FB:56:D0:1C:82:30:A9:BA:3B:4D:49:55:CB:9A:01:46:31
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/1SUl-1bQHIIwqbo7TUlVy5oBRjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.140.182.0/23
                  84.46.200.0/24
                  86.38.175.0/24
                  86.38.180.0/23
                  86.38.189.0-86.38.190.255
                  86.38.200.0/24
                  86.38.214.0/24
                  86.38.216.0/22
                  86.38.225.0-86.38.226.255
                  86.38.238.0/24
                  86.38.241.0-86.38.243.255
                  89.116.56.0/24
                  89.116.96.0/24
                  89.116.135.0/24
                  89.116.156.0/24
                  89.116.158.0/24
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.218.0/24
                  89.117.109.0/24
                  89.117.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:84:2f:18:77:49:df:f9:08:e8:72:32:9e:03:06:ef:c7:2b:
         79:e0:d8:1f:ef:28:04:47:e8:6e:27:d5:c9:76:84:33:70:df:
         ef:a1:b3:fc:4f:ca:a6:0a:e3:ee:d5:e4:12:1e:61:64:4b:0c:
         15:24:63:3b:73:01:ca:2b:54:3c:8a:85:e3:20:6b:b2:d4:ae:
         d0:85:6d:65:e3:56:74:ce:40:5e:c2:cc:1d:51:af:15:d4:0b:
         d6:9e:ea:d1:5a:a7:b8:a2:5e:df:42:20:cd:48:52:94:e5:10:
         5b:37:af:8d:aa:54:38:cb:97:1b:8d:73:33:5d:0f:3d:33:f2:
         ef:7f:df:b0:b8:99:16:53:79:6b:38:10:3b:ec:35:72:ef:0c:
         b4:a5:ff:11:9a:40:76:6d:c8:2a:e4:72:b9:b0:cf:ca:fc:52:
         7e:36:0a:93:18:fe:e6:d6:48:5c:e8:f8:71:64:43:93:6e:74:
         60:bd:6a:ef:df:4a:56:c8:75:f0:d0:05:0d:9c:90:94:ed:e0:
         1b:a6:f9:f1:47:a8:2b:df:45:dc:f6:d6:78:29:cf:a8:cc:71:
         8c:70:d5:49:45:0e:a6:3f:5f:e8:85:10:bd:ea:fe:0c:0a:6b:
         b7:69:ad:e8:ac:0d:01:fd:36:fa:c1:9b:5f:d7:8d:82:1f:1f:
         01:19:b0:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIECWtDuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIw
OTA3MjIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUyNTI1ZmI1NmQw
MWM4MjMwYTliYTNiNGQ0OTU1Y2I5YTAxNDYzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/vS+3f9bolJZSbnq8gWRHPO1iHLG2rR86J48VmAXVzwt4p
cQayS2RPGhVWSnbkqvQqRi1xegpX3fO9pnCkRwwXrHMnREOQFgq/prJ8fLS5EMDu
6Nzdq9ec3B+d3BsG1FzXJKTcpuYOPGP973Rt9CkJeRkj5HvpHWJPNHZ+tEQDaGd2
epsizaRSQD6HLs5MjhKURRJClL96Kv90wkyzi+0hxcyLilxYhGlgmrzW3CVSlvva
kWPFjOhJQdbTzc2L1BTiRpT1udKP+cnP6Kaasip2U3A5AIB5my8uyd/zECG8d+Uo
XZx37KRb2AMDyw1srRsd1BlfMIwtdSXABmcXKvcCAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBTVJSX7VtAcgjCpujtNSVXLmgFGMTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzFTVWwtMWJRSElJd3FibzdUVWxWeTVvQlJqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQBUoy2AwQAVC7IAwQAViav
AwQBVia0MAwDBABWJr0DBABWJr4DBABWJsgDBABWJtYDBAJWJtgwDAMEAFYm4QME
AFYm4gMEAFYm7jAMAwQAVibxAwQCVibwAwQAWXQ4AwQAWXRgAwQAWXSHAwQAWXSc
AwQAWXSeAwQAWXSvAwQAWXSxAwQAWXTaAwQAWXVtAwQCWXV4MA0GCSqGSIb3DQEB
CwUAA4IBAQAZhC8Yd0nf+QjocjKeAwbvxyt54Ngf7ygER+huJ9XJdoQzcN/vobP8
T8qmCuPu1eQSHmFkSwwVJGM7cwHKK1Q8ioXjIGuy1K7QhW1l41Z0zkBewswdUa8V
1AvWnurRWqe4ol7fQiDNSFKU5RBbN6+NqlQ4y5cbjXMzXQ89M/Lvf9+wuJkWU3lr
OBA77DVy7wy0pf8RmkB2bcgq5HK5sM/K/FJ+NgqTGP7m1khc6PhxZEOTbnRgvWrv
30pWyHXw0AUNnJCU7eAbpvnxR6gr30Xc9tZ4Kc+ozHGMcNVJRQ6mP1/ohRC96v4M
Cmu3aa3orA0B/Tb6wZtf142CHx8BGbDz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org