Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WXTaNa0qhGPkW1P3V03hBBejF94.roa
File:                     WXTaNa0qhGPkW1P3V03hBBejF94.roa (raw, json)
Hash identifier:          AdJyfvRkcjnTvYIf2VxYg1ya8AiJac2xwp/MuvEWIe0=
Subject key identifier:   59:74:DA:35:AD:2A:84:63:E4:5B:53:F7:57:4D:E1:04:17:A3:17:DE
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0182CF52F26CBCDCA08425268A7A3BBA28D4
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WXTaNa0qhGPkW1P3V03hBBejF94.roa
Signing time:             Wed 24 Aug 2022 10:08:15 +0000
ROA not before:           Wed 24 Aug 2022 10:08:15 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204968
IP address blocks:        89.116.132.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.116.150.0/24 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.116.92.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.117.190.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.117.222.0/24 maxlen: 24
                          89.116.163.0/24 maxlen: 24
                          89.116.166.0/24 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.186.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:cf:52:f2:6c:bc:dc:a0:84:25:26:8a:7a:3b:ba:28:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Aug 24 10:08:15 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5974da35ad2a8463e45b53f7574de10417a317de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:7f:7e:31:f0:9f:06:50:5a:0b:7e:0b:64:
                    28:de:e2:16:e9:45:5c:cd:e6:95:db:79:1c:60:25:
                    be:e5:46:ec:dc:b4:20:c9:09:9c:6f:f4:f6:99:14:
                    25:2d:25:a0:14:a3:55:87:5c:68:73:13:17:ba:ff:
                    07:9c:1b:73:6b:72:91:b2:fe:61:7f:d0:cb:f2:80:
                    29:f3:ec:4e:ed:89:4c:54:4c:f6:85:60:52:ce:b8:
                    be:95:31:e5:61:71:4b:df:3e:7b:61:2c:b7:9c:d5:
                    fe:52:61:37:cd:83:ac:c3:16:6e:4a:dc:18:c5:06:
                    24:05:7a:e7:1f:f8:7f:b9:a9:ad:25:7c:2d:3c:e8:
                    03:4b:13:df:04:22:fc:c9:36:f8:e5:69:60:8b:ab:
                    65:8f:66:df:fe:63:b7:bd:b9:c7:5f:5f:e6:61:7f:
                    a8:a9:85:4b:dc:4b:29:19:bf:46:e8:18:ea:4d:5c:
                    5d:ce:29:5e:41:80:43:43:83:6e:d9:f9:00:f7:e9:
                    ee:d4:5c:27:c7:45:e4:f7:ca:ff:a2:31:86:ef:eb:
                    6d:9b:33:4a:91:59:32:2e:58:54:d0:8e:46:33:f0:
                    62:6b:da:ba:7b:25:f4:fb:7a:86:74:24:64:f7:42:
                    11:91:24:cc:61:59:b2:4c:3f:96:f1:d9:1e:5a:f5:
                    b1:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:74:DA:35:AD:2A:84:63:E4:5B:53:F7:57:4D:E1:04:17:A3:17:DE
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/WXTaNa0qhGPkW1P3V03hBBejF94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.116.92.0/24
                  89.116.132.0/24
                  89.116.135.0/24
                  89.116.150.0/24
                  89.116.163.0/24
                  89.116.166.0/24
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.186.0/24
                  89.116.218.0/24
                  89.116.252.0/24
                  89.117.32.0/23
                  89.117.109.0/24
                  89.117.129.0/24
                  89.117.190.0/24
                  89.117.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:64:16:bf:21:70:71:d4:b8:27:15:2e:36:fe:19:ac:97:f9:
         e9:9b:49:c8:53:3e:bb:82:e7:5b:bc:a9:3d:3c:87:e3:87:c9:
         46:3a:7d:bb:bf:62:02:5c:6f:af:f5:cf:eb:e2:72:ef:2b:91:
         0f:81:58:3a:fd:6d:55:c4:dc:e0:e0:b7:27:15:97:7d:a0:a7:
         0e:54:8b:25:bd:80:24:a0:6d:6f:64:cb:d6:74:bd:58:0b:d9:
         63:47:94:fe:6d:89:95:0d:39:d6:9a:a2:5a:ba:04:42:da:66:
         02:f5:ac:f3:70:1d:32:7f:13:f8:1d:f7:7f:f1:c3:66:90:11:
         33:03:6b:f5:5e:3d:bd:16:3a:df:e1:ac:a3:30:59:83:e0:a4:
         4d:55:b1:a2:59:df:65:97:e4:b1:67:31:61:31:87:c7:54:92:
         33:41:5c:ff:4b:0c:82:9f:29:5f:95:7b:07:04:1e:07:f6:cb:
         6a:f7:d6:b3:27:d3:98:42:f3:6e:90:83:52:d7:a3:63:f5:dc:
         2b:5d:ee:3a:3b:ac:cc:0a:89:b7:83:a3:b8:d7:e0:c8:cb:95:
         94:d8:73:be:f9:14:f1:1f:58:a3:f7:37:a6:64:53:4e:3f:82:
         42:cc:db:f7:57:7a:44:8e:85:a9:2f:c5:36:aa:1d:56:e0:fc:
         50:32:cc:09
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYLPUvJsvNyghCUmino7uijUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODI0MTAwODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc0ZGEzNWFkMmE4NDYzZTQ1YjUzZjc1NzRkZTEwNDE3YTMxN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0x/fjHwnwZQWgt+C2Qo3uIW6UVc
zeaV23kcYCW+5Ubs3LQgyQmcb/T2mRQlLSWgFKNVh1xocxMXuv8HnBtza3KRsv5h
f9DL8oAp8+xO7YlMVEz2hWBSzri+lTHlYXFL3z57YSy3nNX+UmE3zYOswxZuStwY
xQYkBXrnH/h/uamtJXwtPOgDSxPfBCL8yTb45Wlgi6tlj2bf/mO3vbnHX1/mYX+o
qYVL3EspGb9G6BjqTVxdzileQYBDQ4Nu2fkA9+nu1Fwnx0Xk98r/ojGG7+ttmzNK
kVkyLlhU0I5GM/Bia9q6eyX0+3qGdCRk90IRkSTMYVmyTD+W8dkeWvWxQQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFFl02jWtKoRj5FtT91dN4QQXoxfeMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvV1hUYU5hMHFoR1BrVzFQM1YwM2hCQmVqRjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAWXRcAwQA
WXSEAwQAWXSHAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSxAwQAWXS6AwQA
WXTaAwQAWXT8AwQBWXUgAwQAWXVtAwQAWXWBAwQAWXW+AwQAWXXeMA0GCSqGSIb3
DQEBCwUAA4IBAQABZBa/IXBx1LgnFS42/hmsl/npm0nIUz67gudbvKk9PIfjh8lG
On27v2ICXG+v9c/r4nLvK5EPgVg6/W1VxNzg4LcnFZd9oKcOVIslvYAkoG1vZMvW
dL1YC9ljR5T+bYmVDTnWmqJaugRC2mYC9azzcB0yfxP4Hfd/8cNmkBEzA2v1Xj29
Fjrf4ayjMFmD4KRNVbGiWd9ll+SxZzFhMYfHVJIzQVz/SwyCnylflXsHBB4H9stq
99azJ9OYQvNukINS16Nj9dwrXe46O6zMCom3g6O41+DIy5WU2HO++RTxH1ij9zem
ZFNOP4JCzNv3V3pEjoWpL8U2qh1W4PxQMswJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org