Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cMr9cfdDerW3e3tUKELTrAXmJL0.roa
File:                     cMr9cfdDerW3e3tUKELTrAXmJL0.roa (raw, json)
Hash identifier:          SKbjor1TaPIj0dQMw449TWSJ5KjCgFDE4Dd4lVKmBuo=
Subject key identifier:   70:CA:FD:71:F7:43:7A:B5:B7:7B:7B:54:28:42:D3:AC:05:E6:24:BD
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       018225A986CECBA232EE4D7D3CAA85EB443B
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cMr9cfdDerW3e3tUKELTrAXmJL0.roa
Signing time:             Fri 22 Jul 2022 11:27:23 +0000
ROA not before:           Fri 22 Jul 2022 11:27:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     204968
IP address blocks:        89.116.132.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.141.0/24 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.116.150.0/24 maxlen: 24
                          89.117.24.0/23 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.116.92.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.117.190.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.116.253.0/24 maxlen: 24
                          89.116.255.0/24 maxlen: 24
                          89.117.222.0/24 maxlen: 24
                          89.116.163.0/24 maxlen: 24
                          89.116.166.0/24 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.179.0/24 maxlen: 24
                          89.116.186.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:25:a9:86:ce:cb:a2:32:ee:4d:7d:3c:aa:85:eb:44:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Jul 22 11:27:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=70cafd71f7437ab5b77b7b542842d3ac05e624bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ac:42:57:81:69:e2:bf:98:27:c1:c8:db:57:
                    d1:73:21:b3:49:5a:92:0e:57:ed:69:36:a9:47:e1:
                    47:15:b4:fe:07:dd:e1:51:3e:88:79:65:f9:6e:d7:
                    7a:6c:56:d8:7d:4f:95:3d:0f:da:fc:5a:62:cf:60:
                    ab:3f:02:84:f6:e0:05:92:e4:30:88:1f:3b:9d:f5:
                    aa:a4:13:6b:99:ab:29:df:6c:71:3a:54:88:51:ac:
                    76:4c:5c:a8:a1:0b:ca:d0:d6:03:e5:58:9b:cf:94:
                    d9:af:ae:a8:33:ae:53:c3:1c:52:11:67:b8:c2:bc:
                    5b:4b:12:b5:ca:68:95:66:b6:b4:4d:ed:2d:b5:d0:
                    4e:21:91:50:b5:ba:14:1d:08:e7:71:9f:f1:25:01:
                    e0:f5:81:45:d9:51:a7:53:fd:b0:fb:70:b3:f1:b7:
                    31:89:37:82:cd:27:69:0c:74:3b:55:53:00:b5:24:
                    0c:2c:f7:60:69:e1:41:61:85:21:26:d8:1d:0f:e9:
                    23:c5:7d:8d:a5:fa:76:dc:d9:74:c6:01:d9:49:a4:
                    00:3e:47:51:bc:9d:e4:f9:a5:8b:6e:52:19:66:16:
                    50:76:93:67:0e:23:f3:f8:a2:49:3b:8b:97:f2:fb:
                    a3:8f:66:6f:2f:6f:a0:93:fa:f0:51:83:56:85:a7:
                    3b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CA:FD:71:F7:43:7A:B5:B7:7B:7B:54:28:42:D3:AC:05:E6:24:BD
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/cMr9cfdDerW3e3tUKELTrAXmJL0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.116.92.0/24
                  89.116.132.0/24
                  89.116.135.0/24
                  89.116.141.0/24
                  89.116.150.0/24
                  89.116.163.0/24
                  89.116.166.0/24
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.179.0/24
                  89.116.186.0/24
                  89.116.218.0/24
                  89.116.252.0/23
                  89.116.255.0/24
                  89.117.24.0/23
                  89.117.32.0/23
                  89.117.109.0/24
                  89.117.129.0/24
                  89.117.190.0/24
                  89.117.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:f3:2e:84:e6:eb:80:61:6e:d1:58:c8:82:27:91:77:c6:58:
         ae:4f:f4:79:23:e9:e8:9d:fa:3a:b4:6d:c9:e6:cb:f2:dd:46:
         74:46:3d:a5:f1:82:98:6c:4b:2e:f9:35:87:39:32:2e:9a:2b:
         86:e2:4d:38:90:fd:14:f0:8d:cf:f0:2f:5e:07:1d:c0:0f:cd:
         b3:cb:43:bf:87:e6:ae:8a:71:9a:47:51:54:8c:e4:94:cf:53:
         80:ca:d7:fe:fc:83:8c:0b:86:80:92:56:53:50:fe:bf:f9:3c:
         d2:77:cd:bd:90:c7:9e:77:d6:bd:15:6b:1b:87:47:97:4e:7a:
         4e:8a:22:5c:81:31:e6:3f:e1:d1:4c:41:d9:56:24:6f:6c:a4:
         e6:42:ea:b1:79:b2:dc:20:ad:46:0a:c1:e5:8a:26:80:ac:4b:
         7e:2c:0e:48:60:e8:c8:f7:97:34:2f:e3:eb:a6:62:f9:67:34:
         eb:57:aa:c0:02:ca:13:08:d0:c6:0f:17:62:2b:5a:64:10:8a:
         86:80:47:bc:b1:a0:55:9f:a7:16:59:87:d1:c6:4b:c6:0e:e5:
         11:5b:a6:36:42:fe:51:36:b1:e7:5d:58:36:4d:fe:aa:c1:c8:
         76:0d:3b:15:80:ba:1d:80:6e:2f:10:86:3f:0d:e0:53:3d:da:
         cf:f8:a4:a2
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYIlqYbOy6Iy7k19PKqF60Q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwNzIyMTEyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNhZmQ3MWY3NDM3YWI1Yjc3YjdiNTQyODQyZDNhYzA1ZTYyNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqxCV4Fp4r+YJ8HI21fRcyGzSVqS
DlftaTapR+FHFbT+B93hUT6IeWX5btd6bFbYfU+VPQ/a/Fpiz2CrPwKE9uAFkuQw
iB87nfWqpBNrmasp32xxOlSIUax2TFyooQvK0NYD5Vibz5TZr66oM65TwxxSEWe4
wrxbSxK1ymiVZra0Te0ttdBOIZFQtboUHQjncZ/xJQHg9YFF2VGnU/2w+3Cz8bcx
iTeCzSdpDHQ7VVMAtSQMLPdgaeFBYYUhJtgdD+kjxX2Npfp23Nl0xgHZSaQAPkdR
vJ3k+aWLblIZZhZQdpNnDiPz+KJJO4uX8vujj2ZvL2+gk/rwUYNWhac71wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHDK/XH3Q3q1t3t7VChC06wF5iS9MB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvY01yOWNmZERlclczZTN0VUtFTFRyQVhtSkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAWXRc
AwQAWXSEAwQAWXSHAwQAWXSNAwQAWXSWAwQAWXSjAwQAWXSmAwQAWXSvAwQAWXSx
AwQAWXSzAwQAWXS6AwQAWXTaAwQBWXT8AwQAWXT/AwQBWXUYAwQBWXUgAwQAWXVt
AwQAWXWBAwQAWXW+AwQAWXXeMA0GCSqGSIb3DQEBCwUAA4IBAQBA8y6E5uuAYW7R
WMiCJ5F3xliuT/R5I+nonfo6tG3J5svy3UZ0Rj2l8YKYbEsu+TWHOTIumiuG4k04
kP0U8I3P8C9eBx3AD82zy0O/h+auinGaR1FUjOSUz1OAytf+/IOMC4aAklZTUP6/
+TzSd829kMeed9a9FWsbh0eXTnpOiiJcgTHmP+HRTEHZViRvbKTmQuqxebLcIK1G
CsHliiaArEt+LA5IYOjI95c0L+PrpmL5ZzTrV6rAAsoTCNDGDxdiK1pkEIqGgEe8
saBVn6cWWYfRxkvGDuURW6Y2Qv5RNrHnXVg2Tf6qwch2DTsVgLodgG4vEIY/DeBT
PdrP+KSi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org