Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/6NrphOKtH_chMtAKbWnWnGY0Amo.roa
File:                     6NrphOKtH_chMtAKbWnWnGY0Amo.roa (raw, json)
Hash identifier:          WT05BryzKQ59IpzQ1w0UNaT5sHht+9tbCMz2IuZNSn8=
Subject key identifier:   E8:DA:E9:84:E2:AD:1F:F7:21:32:D0:0A:6D:69:D6:9C:66:34:02:6A
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       01835ADAC9560B2B3B48CC339065A805FAD7
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/6NrphOKtH_chMtAKbWnWnGY0Amo.roa
Signing time:             Tue 20 Sep 2022 12:23:51 +0000
ROA not before:           Tue 20 Sep 2022 12:23:51 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211975
IP address blocks:        86.38.151.0/24 maxlen: 24
                          84.46.171.0/24 maxlen: 24
                          89.117.118.0/24 maxlen: 24
                          89.117.15.0/24 maxlen: 24
                          89.117.124.0/24 maxlen: 24
                          89.116.168.0/24 maxlen: 24
                          89.117.136.0/24 maxlen: 24
                          82.140.182.0/24 maxlen: 24
                          89.117.38.0/24 maxlen: 24
                          89.116.193.0/24 maxlen: 24
                          86.38.7.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:5a:da:c9:56:0b:2b:3b:48:cc:33:90:65:a8:05:fa:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Sep 20 12:23:51 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8dae984e2ad1ff72132d00a6d69d69c6634026a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:95:c3:a3:12:c7:2b:9d:8b:95:a4:e9:ae:b3:
                    ba:cf:6b:98:79:66:52:bb:0e:e3:51:2f:40:71:f8:
                    06:b8:17:c6:c4:6f:76:6d:d4:ab:b7:2b:c9:00:c1:
                    85:2c:b5:87:f7:ce:d5:b1:3a:1e:bc:1f:64:1d:ad:
                    db:fd:1d:08:8f:e5:0c:72:84:29:17:cf:3f:6e:af:
                    4d:c7:b8:28:b7:28:21:87:fc:1a:7e:a0:53:b9:8a:
                    79:15:75:53:07:ce:2f:b2:50:12:9e:8b:50:e0:eb:
                    06:d3:d6:93:79:e2:de:8d:66:55:29:4d:52:d7:f4:
                    e6:ce:d1:35:a4:4b:1e:55:ef:39:4e:6e:e1:7a:e9:
                    0f:01:5f:fc:19:1d:52:76:46:35:ea:2e:9f:51:fc:
                    53:c3:2d:8f:af:e4:94:dc:de:e0:fb:d7:32:b6:af:
                    bb:ab:8a:78:6a:ed:c7:63:64:76:21:cb:45:0d:22:
                    6a:b6:c0:94:c8:dd:60:39:59:1b:c2:c5:96:b2:d4:
                    2f:df:d8:86:77:13:b4:d0:fb:94:fe:bf:0d:6c:b1:
                    87:85:d2:56:6a:3b:ac:5d:bc:21:0e:ff:7c:db:1b:
                    e8:f4:3a:a8:9b:7a:34:cd:fa:c8:da:ba:31:47:9f:
                    fb:99:f0:c7:59:17:3a:0e:47:e1:ad:b8:c5:34:eb:
                    0f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:DA:E9:84:E2:AD:1F:F7:21:32:D0:0A:6D:69:D6:9C:66:34:02:6A
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/6NrphOKtH_chMtAKbWnWnGY0Amo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.140.182.0/24
                  84.46.171.0/24
                  86.38.7.0/24
                  86.38.151.0/24
                  89.116.168.0/24
                  89.116.193.0/24
                  89.117.15.0/24
                  89.117.38.0/24
                  89.117.118.0/24
                  89.117.124.0/24
                  89.117.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:d5:ba:6c:50:9e:86:bb:c8:45:47:38:77:0b:2a:e5:13:0a:
         f6:5a:d3:1f:c2:cf:e8:9f:fd:40:c0:57:ae:e4:16:77:ab:f1:
         e1:b0:94:0d:fd:3b:c0:fe:57:8f:bd:45:71:ee:f9:7d:6d:dc:
         61:91:77:26:16:86:60:3e:42:6d:bd:54:d1:81:cb:34:88:48:
         4a:3f:93:c8:5d:66:73:b2:67:c9:73:60:2d:2f:9f:c6:00:00:
         d8:eb:b5:13:95:9e:57:71:74:d3:81:1d:6f:d1:ae:fb:de:ec:
         47:52:d4:e6:fd:2b:27:ef:55:43:1e:a0:c3:03:4e:8e:b2:7a:
         ae:64:74:ae:e2:64:1a:d5:2d:fd:05:60:08:72:90:d5:71:be:
         a1:53:7f:3c:d9:10:fb:29:12:16:8d:90:e8:2b:d4:8a:42:b0:
         7f:eb:a0:be:76:06:3e:f8:d0:c3:28:a2:0b:4c:42:13:c4:43:
         95:3d:bf:6d:f2:b3:6e:78:9e:68:4f:8c:4e:79:ca:71:f6:51:
         95:36:b7:ef:ed:6e:76:fb:57:13:7e:74:68:5f:b0:94:98:24:
         85:2b:21:df:ac:c9:e8:12:45:be:b6:4f:b3:1b:07:5c:32:05:
         46:4e:33:6c:c9:a9:a5:cb:0d:e7:7b:52:47:19:45:d5:73:81:
         05:95:cd:2c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYNa2slWCys7SMwzkGWoBfrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwOTIwMTIyMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRhZTk4NGUyYWQxZmY3MjEzMmQwMGE2ZDY5ZDY5YzY2MzQwMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5XDoxLHK52LlaTprrO6z2uYeWZS
uw7jUS9AcfgGuBfGxG92bdSrtyvJAMGFLLWH987VsToevB9kHa3b/R0Ij+UMcoQp
F88/bq9Nx7gotyghh/wafqBTuYp5FXVTB84vslASnotQ4OsG09aTeeLejWZVKU1S
1/TmztE1pEseVe85Tm7heukPAV/8GR1SdkY16i6fUfxTwy2Pr+SU3N7g+9cytq+7
q4p4au3HY2R2IctFDSJqtsCUyN1gOVkbwsWWstQv39iGdxO00PuU/r8NbLGHhdJW
ajusXbwhDv982xvo9Dqom3o0zfrI2roxR5/7mfDHWRc6DkfhrbjFNOsPFwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOja6YTirR/3ITLQCm1p1pxmNAJqMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvNk5ycGhPS3RIX2NoTXRBS2JXblduR1kwQW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUoy2AwQA
VC6rAwQAViYHAwQAViaXAwQAWXSoAwQAWXTBAwQAWXUPAwQAWXUmAwQAWXV2AwQA
WXV8AwQAWXWIMA0GCSqGSIb3DQEBCwUAA4IBAQDE1bpsUJ6Gu8hFRzh3CyrlEwr2
WtMfws/on/1AwFeu5BZ3q/HhsJQN/TvA/lePvUVx7vl9bdxhkXcmFoZgPkJtvVTR
gcs0iEhKP5PIXWZzsmfJc2AtL5/GAADY67UTlZ5XcXTTgR1v0a773uxHUtTm/Ssn
71VDHqDDA06OsnquZHSu4mQa1S39BWAIcpDVcb6hU3882RD7KRIWjZDoK9SKQrB/
66C+dgY++NDDKKILTEITxEOVPb9t8rNueJ5oT4xOecpx9lGVNrfv7W52+1cTfnRo
X7CUmCSFKyHfrMnoEkW+tk+zGwdcMgVGTjNsyamlyw3ne1JHGUXVc4EFlc0s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org