Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/7FMK3Oi8aQ1I5YsYWciWn6J2ybA.roa
File:                     7FMK3Oi8aQ1I5YsYWciWn6J2ybA.roa (raw, json)
Hash identifier:          cSm56xyY05661GUUGu0lbtw7vGPGnqWJEu+1zt/ObfQ=
Subject key identifier:   EC:53:0A:DC:E8:BC:69:0D:48:E5:8B:18:59:C8:96:9F:A2:76:C9:B0
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0A15BAC4
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/7FMK3Oi8aQ1I5YsYWciWn6J2ybA.roa
Signing time:             Wed 30 Mar 2022 10:57:48 +0000
ROA not before:           Wed 30 Mar 2022 10:57:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     210443
IP address blocks:        89.117.68.0/24 maxlen: 24
                          89.117.70.0/23 maxlen: 24
                          89.117.72.0/21 maxlen: 24
                          89.117.80.0/22 maxlen: 24
                          89.117.84.0/23 maxlen: 24
                          89.117.88.0/22 maxlen: 24
                          89.117.94.0/23 maxlen: 24
                          89.117.96.0/22 maxlen: 24
                          89.117.102.0/23 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.117.112.0/22 maxlen: 24
                          89.117.116.0/23 maxlen: 24
                          89.117.12.0/23 maxlen: 24
                          89.117.24.0/23 maxlen: 24
                          89.117.28.0/22 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.117.36.0/23 maxlen: 24
                          89.117.64.0/22 maxlen: 24
                          89.117.188.0/24 maxlen: 24
                          89.117.190.0/24 maxlen: 24
                          89.117.218.0/24 maxlen: 24
                          89.117.215.0/24 maxlen: 24
                          89.117.216.0/23 maxlen: 24
                          89.117.222.0/24 maxlen: 24
                          89.117.226.0/23 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.117.132.0/22 maxlen: 24
                          89.117.139.0/24 maxlen: 24
                          89.117.142.0/23 maxlen: 24
                          89.117.158.0/23 maxlen: 24
                          89.117.160.0/22 maxlen: 24
                          84.46.234.0/23 maxlen: 24
                          89.117.168.0/23 maxlen: 24
                          89.117.167.0/24 maxlen: 24
                          86.38.246.0/23 maxlen: 24
                          89.116.108.0/24 maxlen: 24
                          89.116.106.0/23 maxlen: 24
                          89.116.125.0/24 maxlen: 24
                          89.116.130.0/23 maxlen: 24
                          89.116.126.0/23 maxlen: 24
                          89.116.132.0/24 maxlen: 24
                          89.116.128.0/24 maxlen: 24
                          89.116.137.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.141.0/24 maxlen: 24
                          89.116.148.0/23 maxlen: 24
                          89.116.146.0/23 maxlen: 24
                          89.116.150.0/24 maxlen: 24
                          89.116.153.0/24 maxlen: 24
                          89.116.158.0/24 maxlen: 24
                          89.116.154.0/24 maxlen: 24
                          89.116.52.0/23 maxlen: 24
                          89.116.58.0/23 maxlen: 24
                          86.38.202.0/23 maxlen: 24
                          89.116.70.0/24 maxlen: 24
                          89.116.68.0/23 maxlen: 24
                          89.116.76.0/24 maxlen: 24
                          86.38.220.0/23 maxlen: 24
                          89.116.88.0/23 maxlen: 24
                          89.116.91.0/24 maxlen: 24
                          89.116.92.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.239.0/24 maxlen: 24
                          89.116.242.0/23 maxlen: 24
                          89.116.250.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.116.253.0/24 maxlen: 24
                          89.116.255.0/24 maxlen: 24
                          89.117.6.0/23 maxlen: 24
                          89.117.8.0/23 maxlen: 24
                          89.116.163.0/24 maxlen: 24
                          89.116.161.0/24 maxlen: 24
                          89.116.164.0/23 maxlen: 24
                          89.116.166.0/24 maxlen: 24
                          89.116.179.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.184.0/23 maxlen: 24
                          89.116.186.0/24 maxlen: 24
                          89.116.189.0/24 maxlen: 24
                          89.116.190.0/24 maxlen: 24
                          89.116.202.0/24 maxlen: 24
                          89.116.210.0/23 maxlen: 24
                          86.38.4.0/23 maxlen: 24
                          86.38.178.0/23 maxlen: 24
                          86.38.186.0/23 maxlen: 24
                          86.38.184.0/23 maxlen: 24
                          86.38.182.0/23 maxlen: 24
                          89.117.228.0/23 maxlen: 24
                          89.117.245.0/24 maxlen: 24
                          89.117.250.0/24 maxlen: 24
                          89.117.254.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 169196228 (0xa15bac4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Mar 30 10:57:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ec530adce8bc690d48e58b1859c8969fa276c9b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d4:56:17:c5:75:ca:7e:e0:d7:b8:8d:55:68:
                    0c:a1:af:0b:49:d2:d3:64:32:7a:d0:46:f9:e2:f3:
                    ac:5e:67:39:ff:e9:85:ab:69:ea:8c:0a:1c:ba:62:
                    8e:58:35:4a:aa:18:0d:12:72:d1:7e:9f:b3:4a:d2:
                    bb:18:3d:cb:2b:fd:1b:68:21:be:b3:59:c5:8a:8f:
                    58:c2:b7:61:53:10:81:33:aa:2c:d7:b1:61:d4:67:
                    48:7a:78:bd:e3:23:3e:40:05:59:8f:d5:48:c8:f8:
                    1b:0c:49:c7:e0:96:2c:3a:b3:e3:f5:bc:1d:f4:ca:
                    de:b5:0c:b5:ba:11:1c:18:39:97:6b:fc:e5:6b:fe:
                    5e:2c:8b:41:77:e9:1c:1f:dd:59:77:99:42:c9:33:
                    dd:92:eb:6e:46:65:79:a8:d9:89:8c:ff:9f:18:69:
                    a4:49:2b:87:2e:a8:33:51:e6:a9:9c:ed:e9:16:de:
                    35:62:ef:fb:3f:da:22:c3:d3:cd:7f:67:61:76:0d:
                    bf:fe:09:5f:5b:38:8f:67:b5:2c:1b:1b:4a:40:f2:
                    8f:e4:cb:bc:f4:b0:80:b5:6a:61:4b:84:62:50:dd:
                    69:9f:5d:ba:2c:7e:d2:5f:ee:29:bd:0d:81:16:f8:
                    02:80:5d:54:6d:d4:95:da:99:6f:ba:56:32:81:c2:
                    61:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:53:0A:DC:E8:BC:69:0D:48:E5:8B:18:59:C8:96:9F:A2:76:C9:B0
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/7FMK3Oi8aQ1I5YsYWciWn6J2ybA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.46.234.0/23
                  86.38.4.0/23
                  86.38.178.0/23
                  86.38.182.0-86.38.187.255
                  86.38.202.0/23
                  86.38.220.0/23
                  86.38.246.0/23
                  89.116.52.0/23
                  89.116.58.0/23
                  89.116.68.0-89.116.70.255
                  89.116.76.0/24
                  89.116.88.0/23
                  89.116.91.0-89.116.92.255
                  89.116.106.0-89.116.108.255
                  89.116.125.0-89.116.128.255
                  89.116.130.0-89.116.132.255
                  89.116.135.0/24
                  89.116.137.0/24
                  89.116.141.0/24
                  89.116.146.0-89.116.150.255
                  89.116.153.0-89.116.154.255
                  89.116.158.0/24
                  89.116.161.0/24
                  89.116.163.0-89.116.166.255
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.179.0/24
                  89.116.184.0-89.116.186.255
                  89.116.189.0-89.116.190.255
                  89.116.202.0/24
                  89.116.210.0/23
                  89.116.218.0/24
                  89.116.239.0/24
                  89.116.242.0/23
                  89.116.250.0/24
                  89.116.252.0/23
                  89.116.255.0/24
                  89.117.6.0-89.117.9.255
                  89.117.12.0/23
                  89.117.24.0/23
                  89.117.28.0-89.117.33.255
                  89.117.36.0/23
                  89.117.64.0-89.117.68.255
                  89.117.70.0-89.117.85.255
                  89.117.88.0/22
                  89.117.94.0-89.117.99.255
                  89.117.102.0/23
                  89.117.109.0/24
                  89.117.112.0-89.117.117.255
                  89.117.129.0/24
                  89.117.132.0/22
                  89.117.139.0/24
                  89.117.142.0/23
                  89.117.158.0-89.117.163.255
                  89.117.167.0-89.117.169.255
                  89.117.188.0/24
                  89.117.190.0/24
                  89.117.215.0-89.117.218.255
                  89.117.222.0/24
                  89.117.226.0-89.117.229.255
                  89.117.245.0/24
                  89.117.250.0/24
                  89.117.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:01:53:8e:85:e2:29:66:44:b2:44:34:3d:fa:dc:f3:0d:62:
         e0:b5:8c:8b:36:92:4a:93:39:4b:d5:a4:a7:51:ec:7c:8b:b6:
         ff:63:37:b3:c4:b6:d9:c6:aa:34:06:38:df:c4:88:63:a4:1b:
         5e:72:8b:26:fe:80:70:c1:1f:f3:50:5d:ed:54:27:a7:84:1e:
         26:e7:f3:ce:a2:36:e5:ae:ca:0e:ec:46:94:d6:30:52:90:a3:
         e0:4b:b3:db:87:67:94:6b:1a:bd:f9:1d:24:ee:3e:f3:7a:c8:
         b4:3c:4c:ce:43:9c:16:65:71:c2:ee:1b:a2:ce:71:ec:80:cc:
         83:77:d9:cd:3e:91:21:15:e5:40:19:42:3a:61:71:5e:59:bc:
         cc:01:df:08:3c:37:f2:e6:e0:62:3d:63:6b:04:33:53:66:c9:
         d0:1c:e0:73:dc:8f:3a:8b:61:d4:83:45:04:50:6e:bf:7d:94:
         bd:70:98:87:5a:36:fd:b6:57:a8:fe:2f:84:72:ce:0e:2f:28:
         38:e5:9b:2f:85:c2:ee:fd:e3:cb:42:a8:8f:b8:4f:12:41:ff:
         0f:b1:03:83:a1:f3:fc:29:8c:16:c0:ab:95:c3:85:52:53:db:
         6d:fd:3d:1d:5d:bc:67:63:df:61:26:06:ed:4e:d6:8e:55:24:
         d3:7f:6d:44
-----BEGIN CERTIFICATE-----
MIIHFTCCBf2gAwIBAgIEChW6xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDMz
MDEwNTc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWM1MzBhZGNlOGJj
NjkwZDQ4ZTU4YjE4NTljODk2OWZhMjc2YzliMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7UVhfFdcp+4Ne4jVVoDKGvC0nS02QyetBG+eLzrF5nOf/p
hatp6owKHLpijlg1SqoYDRJy0X6fs0rSuxg9yyv9G2ghvrNZxYqPWMK3YVMQgTOq
LNexYdRnSHp4veMjPkAFWY/VSMj4GwxJx+CWLDqz4/W8HfTK3rUMtboRHBg5l2v8
5Wv+XiyLQXfpHB/dWXeZQskz3ZLrbkZleajZiYz/nxhppEkrhy6oM1HmqZzt6Rbe
NWLv+z/aIsPTzX9nYXYNv/4JX1s4j2e1LBsbSkDyj+TLvPSwgLVqYUuEYlDdaZ9d
uix+0l/uKb0NgRb4AoBdVG3UldqZb7pWMoHCYX0CAwEAAaOCBC8wggQrMB0GA1Ud
DgQWBBTsUwrc6LxpDUjlixhZyJafonbJsDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
LzdGTUszT2k4YVExSTVZc1lXY2lXbjZKMnliQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AkMGCCsGAQUFBwEHAQH/BIICMjCCAi4wggIqBAIAATCCAiIDBAFULuoDBAFWJgQD
BAFWJrIwDAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm3AMEAVYm9gMEAVl0NAMEAVl0
OjAMAwQCWXREAwQAWXRGAwQAWXRMAwQBWXRYMAwDBABZdFsDBABZdFwwDAMEAVl0
agMEAFl0bDAMAwQAWXR9AwQAWXSAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkD
BABZdI0wDAMEAVl0kgMEAFl0ljAMAwQAWXSZAwQAWXSaAwQAWXSeAwQAWXShMAwD
BABZdKMDBABZdKYDBABZdK8DBABZdLEDBABZdLMwDAMEA1l0uAMEAFl0ujAMAwQA
WXS9AwQAWXS+AwQAWXTKAwQBWXTSAwQAWXTaAwQAWXTvAwQBWXTyAwQAWXT6AwQB
WXT8AwQAWXT/MAwDBAFZdQYDBAFZdQgDBAFZdQwDBAFZdRgwDAMEAll1HAMEAVl1
IAMEAVl1JDAMAwQGWXVAAwQAWXVEMAwDBAFZdUYDBAFZdVQDBAJZdVgwDAMEAVl1
XgMEAll1YAMEAVl1ZgMEAFl1bTAMAwQEWXVwAwQBWXV0AwQAWXWBAwQCWXWEAwQA
WXWLAwQBWXWOMAwDBAFZdZ4DBAJZdaAwDAMEAFl1pwMEAVl1qAMEAFl1vAMEAFl1
vjAMAwQAWXXXAwQAWXXaAwQAWXXeMAwDBAFZdeIDBAFZdeQDBABZdfUDBABZdfoD
BABZdf4wDQYJKoZIhvcNAQELBQADggEBADIBU46F4ilmRLJEND363PMNYuC1jIs2
kkqTOUvVpKdR7HyLtv9jN7PEttnGqjQGON/EiGOkG15yiyb+gHDBH/NQXe1UJ6eE
Hibn886iNuWuyg7sRpTWMFKQo+BLs9uHZ5RrGr35HSTuPvN6yLQ8TM5DnBZlccLu
G6LOceyAzIN32c0+kSEV5UAZQjphcV5ZvMwB3wg8N/Lm4GI9Y2sEM1NmydAc4HPc
jzqLYdSDRQRQbr99lL1wmIdaNv22V6j+L4Ryzg4vKDjlmy+Fwu7948tCqI+4TxJB
/w+xA4Oh8/wpjBbAq5XDhVJT2239PR1dvGdj32EmBu1O1o5VJNN/bUQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org