Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/HxunonfuFVc65blEMIU6rlXdrqw.roa
File:                     HxunonfuFVc65blEMIU6rlXdrqw.roa (raw, json)
Hash identifier:          JQX4pIknXaBemIjMRvF1vSIQ9aRRI44WWx+kvpcfKT8=
Subject key identifier:   1F:1B:A7:A2:77:EE:15:57:3A:E5:B9:44:30:85:3A:AE:55:DD:AE:AC
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0A2054DF
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/HxunonfuFVc65blEMIU6rlXdrqw.roa
Signing time:             Tue 05 Apr 2022 05:16:34 +0000
ROA not before:           Tue 05 Apr 2022 05:16:34 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        84.46.170.0/24 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          82.140.183.0/24 maxlen: 24
                          82.140.182.0/24 maxlen: 24
                          86.38.4.0/23 maxlen: 24
                          89.117.48.0/20 maxlen: 24
                          86.38.175.0/24 maxlen: 24
                          86.38.180.0/23 maxlen: 24
                          89.117.120.0/22 maxlen: 24
                          84.46.200.0/24 maxlen: 24
                          86.38.242.0/23 maxlen: 24
                          86.38.241.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.156.0/24 maxlen: 24
                          89.116.158.0/24 maxlen: 24
                          89.116.56.0/24 maxlen: 24
                          86.38.189.0/24 maxlen: 24
                          86.38.190.0/24 maxlen: 24
                          86.38.200.0/24 maxlen: 24
                          86.38.214.0/24 maxlen: 24
                          86.38.216.0/22 maxlen: 24
                          86.38.220.0/23 maxlen: 24
                          86.38.225.0/24 maxlen: 24
                          86.38.226.0/24 maxlen: 24
                          89.116.96.0/24 maxlen: 24
                          86.38.238.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.242.0/23 maxlen: 24
                          89.116.246.0/23 maxlen: 24
                          89.117.11.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 169891039 (0xa2054df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Apr  5 05:16:34 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=1f1ba7a277ee15573ae5b94430853aae55ddaeac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:eb:43:c3:4a:37:af:20:49:99:42:35:a2:2b:
                    b0:ca:c9:cf:88:46:87:5b:19:0a:c7:1a:39:a1:24:
                    3d:1a:7e:2b:ae:00:f9:cf:77:70:32:c9:56:25:4c:
                    93:fd:36:31:2b:f9:f1:ef:82:e8:d4:e7:18:8c:d0:
                    14:c3:0d:71:57:34:27:72:e3:3a:79:5f:0b:89:16:
                    31:de:5e:5b:17:f7:eb:56:3c:06:07:ac:12:ed:0c:
                    a9:79:a8:fc:df:00:56:5b:99:c4:06:18:3d:46:89:
                    f6:80:7d:9c:97:a2:7b:f7:63:5c:59:ef:05:6a:f5:
                    e9:b8:30:ae:6f:90:68:d9:1b:83:fd:41:f1:2e:d6:
                    07:1f:72:45:52:0d:38:a0:d1:07:16:30:de:50:3e:
                    e7:cd:90:82:50:a9:f1:4e:a9:dd:54:43:a4:8f:98:
                    83:d7:27:22:83:2f:12:90:3d:44:34:40:2d:1e:2d:
                    8b:32:1c:b6:29:b8:33:0a:a4:ad:67:f0:07:1f:9d:
                    6c:e3:8c:54:31:91:9b:c8:c1:bd:8f:0a:61:71:ba:
                    98:84:fc:fa:0c:80:5d:f4:50:a8:a4:1a:f5:01:58:
                    02:a5:07:fc:05:36:c3:2f:61:48:74:96:d7:cd:bf:
                    7a:2a:56:08:90:bd:af:b4:c4:be:2f:58:cf:5e:75:
                    2a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:1B:A7:A2:77:EE:15:57:3A:E5:B9:44:30:85:3A:AE:55:DD:AE:AC
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/HxunonfuFVc65blEMIU6rlXdrqw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.140.182.0/23
                  84.46.170.0/24
                  84.46.200.0/24
                  86.38.4.0/23
                  86.38.175.0/24
                  86.38.180.0/23
                  86.38.189.0-86.38.190.255
                  86.38.200.0/24
                  86.38.214.0/24
                  86.38.216.0-86.38.221.255
                  86.38.225.0-86.38.226.255
                  86.38.238.0/24
                  86.38.241.0-86.38.243.255
                  89.116.56.0/24
                  89.116.96.0/24
                  89.116.135.0/24
                  89.116.156.0/24
                  89.116.158.0/24
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.218.0/24
                  89.116.242.0/23
                  89.116.246.0/23
                  89.117.11.0/24
                  89.117.48.0/20
                  89.117.109.0/24
                  89.117.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         89:7f:d5:25:16:fb:a2:f6:de:b5:65:c8:7a:83:51:39:78:96:
         a1:c0:ed:7b:ee:d1:0d:60:be:ba:2d:3b:d9:60:02:c9:ba:de:
         49:2a:65:8e:58:ab:75:99:9b:36:71:8c:1e:5f:e8:0d:94:ba:
         75:f0:d6:6b:80:c8:a7:80:4c:3f:09:45:65:4c:16:a9:4e:5c:
         08:ab:42:2c:83:10:0b:79:a6:be:72:32:98:a6:63:4d:84:bb:
         37:46:6c:e6:83:1d:f5:1a:07:3c:bb:55:df:a8:5e:c4:5d:a4:
         5f:6a:42:67:75:da:b9:48:eb:80:87:26:44:c7:c4:51:de:6e:
         d0:01:b4:8d:1c:45:8c:f6:13:6f:ea:f2:49:05:ab:51:bb:57:
         ad:0a:75:b9:71:2d:57:9f:e0:80:e8:d0:a7:e7:c8:4a:09:9b:
         38:da:20:ce:86:47:01:61:ac:f5:a7:fa:90:1c:fb:69:79:fa:
         5e:bf:4c:36:41:c8:c4:b1:ba:da:33:58:89:ba:ab:6c:31:d7:
         b3:24:9c:d3:64:1c:c5:db:0e:3f:41:66:4d:e6:8c:70:cd:28:
         48:ce:52:a4:cc:26:cc:b8:49:f4:76:e7:65:a2:03:17:74:fb:
         92:36:12:61:1e:27:fc:6f:7c:88:29:c6:88:c2:75:58:c3:f1:
         2d:e1:5d:0b
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIECiBU3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQw
NTA1MTYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYxYmE3YTI3N2Vl
MTU1NzNhZTViOTQ0MzA4NTNhYWU1NWRkYWVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvrQ8NKN68gSZlCNaIrsMrJz4hGh1sZCscaOaEkPRp+K64A
+c93cDLJViVMk/02MSv58e+C6NTnGIzQFMMNcVc0J3LjOnlfC4kWMd5eWxf361Y8
BgesEu0MqXmo/N8AVluZxAYYPUaJ9oB9nJeie/djXFnvBWr16bgwrm+QaNkbg/1B
8S7WBx9yRVINOKDRBxYw3lA+582QglCp8U6p3VRDpI+Yg9cnIoMvEpA9RDRALR4t
izIctim4MwqkrWfwBx+dbOOMVDGRm8jBvY8KYXG6mIT8+gyAXfRQqKQa9QFYAqUH
/AU2wy9hSHSW182/eipWCJC9r7TEvi9Yz151Kk8CAwEAAaOCAsowggLGMB0GA1Ud
DgQWBBQfG6eid+4VVzrluUQwhTquVd2urDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L0h4dW5vbmZ1RlZjNjVibEVNSVU2cmxYZHJxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
3wYIKwYBBQUHAQcBAf8Egc8wgcwwgckEAgABMIHCAwQBUoy2AwQAVC6qAwQAVC7I
AwQBViYEAwQAViavAwQBVia0MAwDBABWJr0DBABWJr4DBABWJsgDBABWJtYwDAME
A1Ym2AMEAVYm3DAMAwQAVibhAwQAVibiAwQAVibuMAwDBABWJvEDBAJWJvADBABZ
dDgDBABZdGADBABZdIcDBABZdJwDBABZdJ4DBABZdK8DBABZdLEDBABZdNoDBAFZ
dPIDBAFZdPYDBABZdQsDBARZdTADBABZdW0DBAJZdXgwDQYJKoZIhvcNAQELBQAD
ggEBAIl/1SUW+6L23rVlyHqDUTl4lqHA7Xvu0Q1gvrotO9lgAsm63kkqZY5Yq3WZ
mzZxjB5f6A2UunXw1muAyKeATD8JRWVMFqlOXAirQiyDEAt5pr5yMpimY02EuzdG
bOaDHfUaBzy7Vd+oXsRdpF9qQmd12rlI64CHJkTHxFHebtABtI0cRYz2E2/q8kkF
q1G7V60KdblxLVef4IDo0KfnyEoJmzjaIM6GRwFhrPWn+pAc+2l5+l6/TDZByMSx
utozWIm6q2wx17MknNNkHMXbDj9BZk3mjHDNKEjOUqTMJsy4SfR252WiAxd0+5I2
EmEeJ/xvfIgpxojCdVjD8S3hXQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org