Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kRimqkgIUB3z2ywY0APaOPjVndc.roa
File:                     kRimqkgIUB3z2ywY0APaOPjVndc.roa (raw, json)
Hash identifier:          uJ16/r+s5bvYrzVPL3uaivJlc5Nebn0M/85VzsYldvU=
Subject key identifier:   91:18:A6:AA:48:08:50:1D:F3:DB:2C:18:D0:03:DA:38:F8:D5:9D:D7
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0AC242B9
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kRimqkgIUB3z2ywY0APaOPjVndc.roa
Signing time:             Tue 10 May 2022 07:09:33 +0000
ROA not before:           Tue 10 May 2022 07:09:33 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     207152
IP address blocks:        89.117.70.0/23 maxlen: 24
                          89.117.68.0/24 maxlen: 24
                          89.117.72.0/21 maxlen: 24
                          89.117.84.0/23 maxlen: 24
                          89.117.80.0/22 maxlen: 24
                          89.117.88.0/22 maxlen: 24
                          89.117.94.0/23 maxlen: 24
                          89.117.96.0/22 maxlen: 24
                          89.117.102.0/23 maxlen: 24
                          89.117.112.0/22 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.117.116.0/23 maxlen: 24
                          89.117.12.0/23 maxlen: 24
                          89.117.24.0/23 maxlen: 24
                          89.117.28.0/22 maxlen: 24
                          89.117.36.0/23 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.117.64.0/22 maxlen: 24
                          89.117.190.0/24 maxlen: 24
                          89.117.188.0/24 maxlen: 24
                          89.117.215.0/24 maxlen: 24
                          89.117.222.0/24 maxlen: 24
                          89.117.132.0/22 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.117.139.0/24 maxlen: 24
                          89.117.142.0/23 maxlen: 24
                          89.117.158.0/23 maxlen: 24
                          89.117.160.0/22 maxlen: 24
                          84.46.234.0/23 maxlen: 24
                          89.116.106.0/23 maxlen: 24
                          86.38.246.0/23 maxlen: 24
                          89.116.108.0/24 maxlen: 24
                          89.116.125.0/24 maxlen: 24
                          89.116.126.0/23 maxlen: 24
                          89.116.132.0/24 maxlen: 24
                          89.116.128.0/24 maxlen: 24
                          89.116.130.0/23 maxlen: 24
                          89.116.137.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.141.0/24 maxlen: 24
                          89.116.150.0/24 maxlen: 24
                          89.116.148.0/23 maxlen: 24
                          89.116.158.0/24 maxlen: 24
                          89.116.154.0/24 maxlen: 24
                          89.116.153.0/24 maxlen: 24
                          89.116.58.0/23 maxlen: 24
                          89.116.68.0/23 maxlen: 24
                          89.116.70.0/24 maxlen: 24
                          86.38.202.0/23 maxlen: 24
                          89.116.88.0/23 maxlen: 24
                          89.116.92.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.253.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.116.255.0/24 maxlen: 24
                          89.117.8.0/23 maxlen: 24
                          89.117.6.0/23 maxlen: 24
                          89.116.166.0/24 maxlen: 24
                          89.116.163.0/24 maxlen: 24
                          89.116.161.0/24 maxlen: 24
                          89.116.172.0/23 maxlen: 24
                          89.116.179.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.186.0/24 maxlen: 24
                          89.116.184.0/23 maxlen: 24
                          89.116.190.0/24 maxlen: 24
                          89.116.189.0/24 maxlen: 24
                          89.116.210.0/23 maxlen: 24
                          86.38.178.0/23 maxlen: 24
                          86.38.186.0/23 maxlen: 24
                          86.38.184.0/23 maxlen: 24
                          86.38.182.0/23 maxlen: 24
                          89.117.228.0/23 maxlen: 24
                          89.117.245.0/24 maxlen: 24
                          89.117.250.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 180503225 (0xac242b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: May 10 07:09:33 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=9118a6aa4808501df3db2c18d003da38f8d59dd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:dc:08:13:1d:d7:dd:a5:74:a0:7a:23:ed:72:
                    ae:9a:65:84:84:24:64:8c:1d:64:74:4f:1f:c6:16:
                    90:c0:92:22:43:53:99:27:67:68:1b:0a:ec:d1:22:
                    e8:e3:32:3e:a5:09:0a:23:d1:32:1d:80:62:44:a1:
                    38:aa:87:e6:f1:4c:b2:2c:7d:d6:e1:02:64:22:71:
                    11:92:de:c0:57:da:c8:9b:31:44:8e:f8:e7:92:07:
                    bb:e8:91:48:26:82:4c:49:6a:82:c9:e6:96:d2:d9:
                    95:01:75:65:d3:76:4b:a7:43:95:a0:eb:f3:01:4e:
                    74:08:2a:fd:8f:7b:a2:95:f2:85:56:a9:5d:0e:99:
                    8d:c3:41:b6:03:8f:f6:02:45:82:87:a0:c8:3f:bb:
                    91:d8:6f:03:a0:fa:20:76:14:94:bc:c9:e3:b2:1c:
                    eb:a0:eb:86:82:0d:52:f9:35:b6:46:70:87:04:87:
                    10:a9:78:22:ed:83:64:0a:1c:a8:39:f9:b3:3a:2a:
                    41:8d:e7:9a:ac:e1:4a:60:6b:18:f3:d3:b4:88:e8:
                    d0:39:06:58:ec:09:b5:74:01:08:64:3a:53:d6:e7:
                    13:da:e1:3c:1f:9f:f9:ff:9c:55:11:56:59:ab:56:
                    05:1f:62:d6:cd:ea:f5:71:60:85:36:3a:92:c4:c5:
                    ec:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:18:A6:AA:48:08:50:1D:F3:DB:2C:18:D0:03:DA:38:F8:D5:9D:D7
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kRimqkgIUB3z2ywY0APaOPjVndc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.46.234.0/23
                  86.38.178.0/23
                  86.38.182.0-86.38.187.255
                  86.38.202.0/23
                  86.38.246.0/23
                  89.116.58.0/23
                  89.116.68.0-89.116.70.255
                  89.116.88.0/23
                  89.116.92.0/24
                  89.116.106.0-89.116.108.255
                  89.116.125.0-89.116.128.255
                  89.116.130.0-89.116.132.255
                  89.116.135.0/24
                  89.116.137.0/24
                  89.116.141.0/24
                  89.116.148.0-89.116.150.255
                  89.116.153.0-89.116.154.255
                  89.116.158.0/24
                  89.116.161.0/24
                  89.116.163.0/24
                  89.116.166.0/24
                  89.116.172.0/23
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.179.0/24
                  89.116.184.0-89.116.186.255
                  89.116.189.0-89.116.190.255
                  89.116.210.0/23
                  89.116.218.0/24
                  89.116.252.0/23
                  89.116.255.0/24
                  89.117.6.0-89.117.9.255
                  89.117.12.0/23
                  89.117.24.0/23
                  89.117.28.0-89.117.33.255
                  89.117.36.0/23
                  89.117.64.0-89.117.68.255
                  89.117.70.0-89.117.85.255
                  89.117.88.0/22
                  89.117.94.0-89.117.99.255
                  89.117.102.0/23
                  89.117.109.0/24
                  89.117.112.0-89.117.117.255
                  89.117.129.0/24
                  89.117.132.0/22
                  89.117.139.0/24
                  89.117.142.0/23
                  89.117.158.0-89.117.163.255
                  89.117.188.0/24
                  89.117.190.0/24
                  89.117.215.0/24
                  89.117.222.0/24
                  89.117.228.0/23
                  89.117.245.0/24
                  89.117.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:09:71:d4:50:26:00:5b:a2:92:44:64:e4:9a:15:0c:56:9b:
         5f:65:56:c2:f4:96:8b:7a:65:f5:04:42:4d:d6:bc:21:5d:bb:
         4f:e1:1f:cc:0d:98:e2:df:62:2e:7a:50:a1:a4:fc:43:f9:c6:
         47:44:54:ff:24:62:18:7e:48:0b:13:79:2b:d9:86:39:be:4d:
         28:75:76:f2:b6:5a:3c:61:92:55:65:6c:b3:29:b6:f3:be:d4:
         a7:02:57:bd:f3:0a:81:a7:41:d6:b8:7a:5f:b5:82:49:11:b0:
         53:e9:4d:32:15:5a:b7:59:b0:e8:18:bf:7c:79:e0:62:3f:bd:
         2d:18:3d:72:79:d7:39:a1:44:cf:0e:37:09:2e:7c:4f:49:63:
         63:64:6e:cf:75:de:86:98:60:77:2a:2b:2e:41:71:d4:cd:91:
         7d:c0:a6:e2:1b:a3:fa:fb:f3:c9:b0:27:34:fd:1d:62:24:b9:
         a7:07:50:6a:a1:e3:b4:73:51:00:86:96:9a:06:6d:5f:66:34:
         20:f5:08:77:6c:f8:1d:74:e2:7a:eb:b9:95:97:66:cd:df:cb:
         df:d2:9a:ef:0f:6e:49:b9:10:22:3e:bf:a3:26:93:cb:bf:a3:
         0b:25:a2:6d:75:1b:7a:b0:b2:2c:04:20:fa:85:eb:f2:c7:d3:
         3e:79:27:dd
-----BEGIN CERTIFICATE-----
MIIGvTCCBaWgAwIBAgIECsJCuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUx
MDA3MDkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTExOGE2YWE0ODA4
NTAxZGYzZGIyYzE4ZDAwM2RhMzhmOGQ1OWRkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjcCBMd192ldKB6I+1yrpplhIQkZIwdZHRPH8YWkMCSIkNT
mSdnaBsK7NEi6OMyPqUJCiPRMh2AYkShOKqH5vFMsix91uECZCJxEZLewFfayJsx
RI7455IHu+iRSCaCTElqgsnmltLZlQF1ZdN2S6dDlaDr8wFOdAgq/Y97opXyhVap
XQ6ZjcNBtgOP9gJFgoegyD+7kdhvA6D6IHYUlLzJ47Ic66DrhoINUvk1tkZwhwSH
EKl4Iu2DZAocqDn5szoqQY3nmqzhSmBrGPPTtIjo0DkGWOwJtXQBCGQ6U9bnE9rh
PB+f+f+cVRFWWatWBR9i1s3q9XFghTY6ksTF7OkCAwEAAaOCA9cwggPTMB0GA1Ud
DgQWBBSRGKaqSAhQHfPbLBjQA9o4+NWd1zAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2tSaW1xa2dJVUIzejJ5d1kwQVBhT1BqVm5kYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AesGCCsGAQUFBwEHAQH/BIIB2jCCAdYwggHSBAIAATCCAcoDBAFULuoDBAFWJrIw
DAMEAVYmtgMEAlYmuAMEAVYmygMEAVYm9gMEAVl0OjAMAwQCWXREAwQAWXRGAwQB
WXRYAwQAWXRcMAwDBAFZdGoDBABZdGwwDAMEAFl0fQMEAFl0gDAMAwQBWXSCAwQA
WXSEAwQAWXSHAwQAWXSJAwQAWXSNMAwDBAJZdJQDBABZdJYwDAMEAFl0mQMEAFl0
mgMEAFl0ngMEAFl0oQMEAFl0owMEAFl0pgMEAVl0rAMEAFl0rwMEAFl0sQMEAFl0
szAMAwQDWXS4AwQAWXS6MAwDBABZdL0DBABZdL4DBAFZdNIDBABZdNoDBAFZdPwD
BABZdP8wDAMEAVl1BgMEAVl1CAMEAVl1DAMEAVl1GDAMAwQCWXUcAwQBWXUgAwQB
WXUkMAwDBAZZdUADBABZdUQwDAMEAVl1RgMEAVl1VAMEAll1WDAMAwQBWXVeAwQC
WXVgAwQBWXVmAwQAWXVtMAwDBARZdXADBAFZdXQDBABZdYEDBAJZdYQDBABZdYsD
BAFZdY4wDAMEAVl1ngMEAll1oAMEAFl1vAMEAFl1vgMEAFl11wMEAFl13gMEAVl1
5AMEAFl19QMEAFl1+jANBgkqhkiG9w0BAQsFAAOCAQEAzQlx1FAmAFuikkRk5JoV
DFabX2VWwvSWi3pl9QRCTda8IV27T+EfzA2Y4t9iLnpQoaT8Q/nGR0RU/yRiGH5I
CxN5K9mGOb5NKHV28rZaPGGSVWVssym2877UpwJXvfMKgadB1rh6X7WCSRGwU+lN
MhVat1mw6Bi/fHngYj+9LRg9cnnXOaFEzw43CS58T0ljY2Ruz3XehphgdyorLkFx
1M2RfcCm4huj+vvzybAnNP0dYiS5pwdQaqHjtHNRAIaWmgZtX2Y0IPUId2z4HXTi
euu5lZdmzd/L39Ka7w9uSbkQIj6/oyaTy7+jCyWibXUberCyLAQg+oXr8sfTPnkn
3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org