Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/UIlJrPVxR90z8iTX8Q5WTpnr-qw.roa
File:                     UIlJrPVxR90z8iTX8Q5WTpnr-qw.roa (raw, json)
Hash identifier:          sZjGXmfTnfBJyWA6FOTe37yrO+KCO8EUzv6vhTwKLMo=
Subject key identifier:   50:89:49:AC:F5:71:47:DD:33:F2:24:D7:F1:0E:56:4E:99:EB:FA:AC
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0183C33113A3FFD96DCF9B10DAE92C3BC0AF
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/UIlJrPVxR90z8iTX8Q5WTpnr-qw.roa
Signing time:             Mon 10 Oct 2022 18:38:36 +0000
ROA not before:           Mon 10 Oct 2022 18:38:36 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     206995
IP address blocks:        89.117.167.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:83:c3:31:13:a3:ff:d9:6d:cf:9b:10:da:e9:2c:3b:c0:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Oct 10 18:38:36 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=508949acf57147dd33f224d7f10e564e99ebfaac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:19:28:e0:3f:b8:07:18:dd:01:a8:e2:5d:73:
                    f2:60:ff:60:c8:b3:2e:4f:e2:c7:9d:76:75:03:a1:
                    68:fd:9b:85:9d:e8:cd:ad:b7:87:72:c5:96:d0:43:
                    cb:bd:2e:35:b8:49:29:24:e5:89:39:9b:4f:fa:b9:
                    57:30:ce:19:ec:64:05:0a:65:fd:44:a4:88:97:6f:
                    a2:74:50:5b:f0:1a:17:ba:8c:db:13:c8:75:78:41:
                    ef:09:80:0b:18:86:70:36:6b:c3:a8:f2:7e:38:f3:
                    10:e0:e3:81:68:38:58:e7:3f:4e:6b:1f:6c:40:bc:
                    7b:32:06:a2:2b:66:3b:3d:0a:93:47:26:aa:64:06:
                    94:46:d2:9a:da:80:1c:68:58:4b:c9:c7:bf:02:ba:
                    2b:c4:bf:29:1e:05:7a:e2:b6:8a:3b:3a:78:d3:4c:
                    5c:85:40:4e:29:2f:97:3b:8f:59:18:eb:2e:d2:b7:
                    93:da:8c:96:a7:72:b3:72:14:e7:04:82:d0:3c:78:
                    fa:ab:f0:a5:db:eb:34:95:4a:a1:9f:7d:a2:b4:cd:
                    27:0f:9c:75:2c:40:fc:c1:72:7a:46:74:2e:91:e9:
                    36:8c:68:0a:d3:c8:60:d1:9c:28:11:47:20:0c:07:
                    34:6e:67:46:cb:74:a3:11:1e:bc:7d:56:ed:1d:2c:
                    fd:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:89:49:AC:F5:71:47:DD:33:F2:24:D7:F1:0E:56:4E:99:EB:FA:AC
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/UIlJrPVxR90z8iTX8Q5WTpnr-qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.117.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:15:08:f2:fe:5b:a2:fe:b3:66:f9:40:74:d8:38:12:bc:fc:
         ea:ab:6d:ac:16:f0:7a:4f:8a:10:00:47:b9:29:f8:73:ef:88:
         be:c4:c4:34:6d:d5:33:4e:6e:ba:60:47:1c:1c:26:38:a9:61:
         3d:6d:c6:87:e4:20:69:50:25:e9:cf:f8:ac:ee:e0:cd:39:64:
         e7:2b:0b:b8:12:93:40:02:7a:b0:7b:9c:44:2c:8c:f0:52:e1:
         bb:d3:9b:c1:15:22:51:39:96:6a:57:8a:d6:d0:71:e9:6f:c8:
         e5:d8:10:0f:1a:b8:7e:3c:81:88:88:39:a4:35:ac:36:5d:37:
         fb:9b:af:46:54:b7:99:e9:3e:76:01:7d:01:6f:85:c8:80:06:
         b4:9e:d7:e4:16:3d:d4:e9:22:40:1e:a4:84:68:a5:7d:e8:50:
         cc:3d:1a:04:36:fe:66:da:d9:a2:61:d0:7c:2a:8b:a0:e2:27:
         69:0c:aa:17:32:fc:b1:44:f2:bf:63:91:5e:37:77:9a:09:e4:
         c8:94:bc:17:44:67:76:35:5e:1f:7c:69:d0:43:27:ac:d5:04:
         7b:97:4b:f2:d2:96:c8:75:bc:0d:15:ec:a4:12:2d:eb:3b:13:
         84:1f:68:c6:dd:e2:06:24:05:91:a3:89:11:bd:40:e2:fe:95:
         66:54:c7:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPDMROj/9ltz5sQ2uksO8CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIxMDEwMTgzODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg5NDlhY2Y1NzE0N2RkMzNmMjI0ZDdmMTBlNTY0ZTk5ZWJmYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxko4D+4BxjdAajiXXPyYP9gyLMu
T+LHnXZ1A6Fo/ZuFnejNrbeHcsWW0EPLvS41uEkpJOWJOZtP+rlXMM4Z7GQFCmX9
RKSIl2+idFBb8BoXuozbE8h1eEHvCYALGIZwNmvDqPJ+OPMQ4OOBaDhY5z9Oax9s
QLx7MgaiK2Y7PQqTRyaqZAaURtKa2oAcaFhLyce/ArorxL8pHgV64raKOzp400xc
hUBOKS+XO49ZGOsu0reT2oyWp3KzchTnBILQPHj6q/Cl2+s0lUqhn32itM0nD5x1
LED8wXJ6RnQukek2jGgK08hg0ZwoEUcgDAc0bmdGy3SjER68fVbtHSz9PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCJSaz1cUfdM/Ik1/EOVk6Z6/qsMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvVUlsSnJQVnhSOTB6OGlUWDhRNVdUcG5yLXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWXWnMA0G
CSqGSIb3DQEBCwUAA4IBAQCWFQjy/lui/rNm+UB02DgSvPzqq22sFvB6T4oQAEe5
Kfhz74i+xMQ0bdUzTm66YEccHCY4qWE9bcaH5CBpUCXpz/is7uDNOWTnKwu4EpNA
Anqwe5xELIzwUuG705vBFSJROZZqV4rW0HHpb8jl2BAPGrh+PIGIiDmkNaw2XTf7
m69GVLeZ6T52AX0Bb4XIgAa0ntfkFj3U6SJAHqSEaKV96FDMPRoENv5m2tmiYdB8
Koug4idpDKoXMvyxRPK/Y5FeN3eaCeTIlLwXRGd2NV4ffGnQQyes1QR7l0vy0pbI
dbwNFeykEi3rOxOEH2jG3eIGJAWRo4kRvUDi/pVmVMf4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org