Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/oLDJWvKwzrEEHRihQUwkU8kC630.roa
File:                     oLDJWvKwzrEEHRihQUwkU8kC630.roa (raw, json)
Hash identifier:          KJ/zl0AJdokv40kYvXjZU/fC9DQvUS2btb9sIFNTqFk=
Subject key identifier:   A0:B0:C9:5A:F2:B0:CE:B1:04:1D:18:A1:41:4C:24:53:C9:02:EB:7D
Certificate issuer:       /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial:       0A63AD8D
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/oLDJWvKwzrEEHRihQUwkU8kC630.roa
Signing time:             Sun 17 Apr 2022 08:37:25 +0000
ROA not before:           Sun 17 Apr 2022 08:37:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60721
IP address blocks:        89.117.101.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 174304653 (0xa63ad8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
        Validity
            Not Before: Apr 17 08:37:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=a0b0c95af2b0ceb1041d18a1414c2453c902eb7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:a5:76:53:04:04:f2:d0:f3:c6:0a:8f:4e:7e:
                    e3:94:b0:7f:79:12:6b:32:75:bd:74:da:c3:da:03:
                    5d:c9:41:ac:b2:e7:24:63:53:8d:6a:cf:09:e4:26:
                    28:c0:7b:2a:ac:75:0e:ef:6b:27:23:d2:ce:60:c5:
                    c1:ed:5c:1d:eb:2a:87:12:fc:98:82:e8:cb:cf:9a:
                    00:ab:ac:7d:38:52:74:a0:e4:e7:c3:75:b7:0a:3c:
                    1b:00:5c:29:7d:42:1c:a4:24:85:24:51:aa:51:d5:
                    a7:3d:2d:e5:bd:19:d9:5f:75:b4:52:3e:49:65:72:
                    e6:b1:02:15:f3:e2:c2:28:87:02:d2:d1:6e:82:2f:
                    69:d1:7f:b2:d6:0b:70:d0:b2:a5:be:ad:b2:fe:92:
                    06:75:e7:92:da:da:d5:73:77:45:4c:30:d2:09:4e:
                    d9:d5:73:66:37:19:08:a9:e8:7f:a5:93:28:cc:fd:
                    91:5b:db:8c:6e:28:47:45:4c:df:ad:79:50:9f:ff:
                    8f:9d:16:6f:f5:34:4b:cd:49:92:db:77:4c:a7:65:
                    21:3e:49:39:e2:9f:3a:29:14:bb:9d:9a:51:57:34:
                    27:45:34:32:9c:7d:c5:ef:ad:89:77:49:da:8d:d0:
                    dd:15:c2:be:aa:f4:b9:30:17:21:db:44:fa:6d:51:
                    b0:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:B0:C9:5A:F2:B0:CE:B1:04:1D:18:A1:41:4C:24:53:C9:02:EB:7D
            X509v3 Authority Key Identifier:
                keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/oLDJWvKwzrEEHRihQUwkU8kC630.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.117.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:31:4a:55:ca:df:2c:fb:53:5c:c3:48:44:8e:ac:33:34:a6:
         a1:71:ad:cc:a1:33:9d:60:24:4e:f9:d9:9d:f6:ae:24:7b:d5:
         ad:8c:19:b5:ae:f7:fe:29:a4:c8:1d:ef:cf:a2:b0:25:94:66:
         0a:17:31:52:dd:51:51:29:31:30:6c:14:46:be:bf:12:1b:44:
         d2:07:0c:a1:8c:81:81:19:6d:4b:51:30:4c:a4:f1:a1:69:93:
         7c:65:b8:ea:61:b3:61:25:8c:e4:d4:3e:36:97:2c:75:d6:cd:
         cb:f9:d4:10:ed:0e:cf:e9:40:a1:1d:9f:cd:b5:ec:58:66:fc:
         ef:23:ce:88:57:a2:b6:b0:68:22:ad:80:e2:65:55:c3:50:e9:
         a2:62:d2:7b:77:c7:30:e7:53:fc:0f:97:7c:ce:24:b9:56:1e:
         24:d8:f4:6a:7c:83:49:33:bf:23:b5:bb:a9:8e:08:64:e6:95:
         7f:65:30:03:29:5f:17:b2:93:b9:00:f9:92:df:5f:94:dc:3b:
         a3:6a:5e:dd:93:70:83:de:4e:c9:18:78:9e:10:4b:0b:78:3b:
         2b:c0:55:1b:83:bf:c3:20:3c:74:4d:99:ca:f7:85:e4:82:41:
         1d:4f:97:07:aa:81:f0:4e:88:2e:66:0c:d4:53:23:87:10:ad:
         4b:0a:a2:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECmOtjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDQx
NzA4MzcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBiMGM5NWFmMmIw
Y2ViMTA0MWQxOGExNDE0YzI0NTNjOTAyZWI3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIuldlMEBPLQ88YKj05+45Swf3kSazJ1vXTaw9oDXclBrLLn
JGNTjWrPCeQmKMB7Kqx1Du9rJyPSzmDFwe1cHesqhxL8mILoy8+aAKusfThSdKDk
58N1two8GwBcKX1CHKQkhSRRqlHVpz0t5b0Z2V91tFI+SWVy5rECFfPiwiiHAtLR
boIvadF/stYLcNCypb6tsv6SBnXnktra1XN3RUww0glO2dVzZjcZCKnof6WTKMz9
kVvbjG4oR0VM3615UJ//j50Wb/U0S81Jktt3TKdlIT5JOeKfOikUu52aUVc0J0U0
Mpx9xe+tiXdJ2o3Q3RXCvqr0uTAXIdtE+m1RsJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgsMla8rDOsQQdGKFBTCRTyQLrfTAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L29MREpXdkt3enJFRUhSaWhRVXdrVThrQzYzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl1ZTANBgkqhkiG9w0BAQsFAAOC
AQEAOzFKVcrfLPtTXMNIRI6sMzSmoXGtzKEznWAkTvnZnfauJHvVrYwZta73/imk
yB3vz6KwJZRmChcxUt1RUSkxMGwURr6/EhtE0gcMoYyBgRltS1EwTKTxoWmTfGW4
6mGzYSWM5NQ+NpcsddbNy/nUEO0Oz+lAoR2fzbXsWGb87yPOiFeitrBoIq2A4mVV
w1DpomLSe3fHMOdT/A+XfM4kuVYeJNj0anyDSTO/I7W7qY4IZOaVf2UwAylfF7KT
uQD5kt9flNw7o2pe3ZNwg95OyRh4nhBLC3g7K8BVG4O/wyA8dE2ZyveF5IJBHU+X
B6qB8E6ILmYM1FMjhxCtSwqivw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:14 2024 by rpki-client on console-fra.rpki-client.org