Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2812b8-a2ab-4f73-b8d7-0a5cee43e454/1/DJrT3WEEVznBBRE2xMZrHVEvg30.roa
File:                     DJrT3WEEVznBBRE2xMZrHVEvg30.roa (raw, json)
Hash identifier:          5cVRsSKxNAHarVcm3cVmaMbPw+Y9G9eZBWy8NUFk9IM=
Subject key identifier:   0C:9A:D3:DD:61:04:57:39:C1:05:11:36:C4:C6:6B:1D:51:2F:83:7D
Certificate issuer:       /CN=e2287273e21c30682a7a32143d5718029a976820
Certificate serial:       01856B93212EED6CD5C356062413F697B728
Authority key identifier: E2:28:72:73:E2:1C:30:68:2A:7A:32:14:3D:57:18:02:9A:97:68:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ihyc-IcMGgqejIUPVcYApqXaCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/2812b8-a2ab-4f73-b8d7-0a5cee43e454/1/DJrT3WEEVznBBRE2xMZrHVEvg30.roa
Signing time:             Sun 01 Jan 2023 04:24:42 +0000
ROA not before:           Sun 01 Jan 2023 04:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212667
IP address blocks:        195.225.96.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:93:21:2e:ed:6c:d5:c3:56:06:24:13:f6:97:b7:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2287273e21c30682a7a32143d5718029a976820
        Validity
            Not Before: Jan  1 04:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c9ad3dd61045739c1051136c4c66b1d512f837d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:17:25:78:37:bb:64:25:6c:9d:75:4a:62:16:
                    06:0c:39:03:76:b3:ea:86:72:44:78:17:6e:91:a0:
                    da:fd:42:ee:94:0e:d0:0f:5f:93:ab:82:97:81:48:
                    a6:32:96:72:0c:fb:ae:53:30:68:b4:2b:33:97:bc:
                    79:5b:ec:31:74:7e:e5:66:b5:fc:73:4c:5e:3c:21:
                    6b:3a:39:23:83:f0:d3:98:1c:83:18:0e:9e:77:fd:
                    fd:9b:3b:2c:64:af:47:47:fa:b4:8c:0a:ca:a3:f9:
                    6f:95:bc:af:28:39:c9:4a:03:d3:fa:a7:bc:ac:8c:
                    fb:3d:7c:65:96:26:69:c7:9c:4e:60:8d:72:6f:bb:
                    cb:e4:79:b8:36:70:c8:7c:2f:ff:6b:a8:15:70:bd:
                    8b:bf:6e:00:b7:01:27:b5:58:98:5c:e9:52:43:fe:
                    c4:e6:10:8d:7b:19:cc:94:78:02:0f:76:16:0f:0b:
                    a6:f3:2f:c9:e1:41:3a:b9:fa:f7:79:95:ce:61:ea:
                    6d:b8:28:12:f5:01:fb:37:65:a9:3d:46:ea:ad:75:
                    14:ef:b5:4b:28:7a:97:97:e1:e1:86:b5:53:7b:bb:
                    ea:fe:23:7d:3b:5e:32:3c:60:2b:23:6e:b4:eb:c4:
                    f7:57:8e:02:da:ce:ec:2c:b8:d9:d5:ee:fb:b0:e4:
                    0a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:9A:D3:DD:61:04:57:39:C1:05:11:36:C4:C6:6B:1D:51:2F:83:7D
            X509v3 Authority Key Identifier:
                keyid:E2:28:72:73:E2:1C:30:68:2A:7A:32:14:3D:57:18:02:9A:97:68:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ihyc-IcMGgqejIUPVcYApqXaCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2812b8-a2ab-4f73-b8d7-0a5cee43e454/1/DJrT3WEEVznBBRE2xMZrHVEvg30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2812b8-a2ab-4f73-b8d7-0a5cee43e454/1/4ihyc-IcMGgqejIUPVcYApqXaCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.225.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:e4:c2:29:bb:af:a9:77:9c:4b:40:1f:58:9c:23:fc:aa:7b:
         5e:78:0e:35:b4:79:f5:64:26:0e:b7:b1:9b:8e:8c:eb:0e:81:
         ae:4d:8d:2c:32:cb:dd:60:f1:a3:21:44:55:b7:87:3b:7b:16:
         2d:b4:86:61:c2:be:80:52:7a:30:76:bd:83:f5:91:75:1e:73:
         ce:b9:54:e0:6a:b4:4e:61:17:bc:fb:ab:59:50:2a:a0:84:0a:
         ad:b7:fa:c9:f8:26:30:35:e3:58:72:b4:71:1e:03:41:6f:a8:
         04:79:99:90:78:91:1d:34:3b:23:aa:9c:45:aa:3c:01:44:69:
         23:b2:fa:17:88:ba:76:e6:96:eb:0a:a8:d0:9b:fb:c5:59:ef:
         4d:73:ba:3a:6f:51:2a:ec:bc:ca:eb:5c:c9:28:c4:09:80:56:
         f4:63:26:cc:e9:7a:a6:94:2a:c0:66:96:25:04:bb:cb:77:a7:
         40:c2:a0:fd:77:fe:16:fc:d4:f7:17:54:04:05:6f:81:27:83:
         7e:e2:5a:76:d7:95:a3:b6:c2:56:1a:39:d1:d1:58:fc:8b:3f:
         dd:a9:31:2e:de:d0:03:73:61:48:7c:0f:ac:a4:b4:55:f7:03:
         6e:0a:7c:a8:67:c0:89:5e:21:04:c8:02:fd:c5:99:db:2d:d2:
         f2:35:d6:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrkyEu7WzVw1YGJBP2l7coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjg3MjczZTIxYzMwNjgyYTdhMzIxNDNkNTcxODAyOWE5
NzY4MjAwHhcNMjMwMTAxMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzlhZDNkZDYxMDQ1NzM5YzEwNTExMzZjNGM2NmIxZDUxMmY4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhcleDe7ZCVsnXVKYhYGDDkDdrPq
hnJEeBdukaDa/ULulA7QD1+Tq4KXgUimMpZyDPuuUzBotCszl7x5W+wxdH7lZrX8
c0xePCFrOjkjg/DTmByDGA6ed/39mzssZK9HR/q0jArKo/lvlbyvKDnJSgPT+qe8
rIz7PXxlliZpx5xOYI1yb7vL5Hm4NnDIfC//a6gVcL2Lv24AtwEntViYXOlSQ/7E
5hCNexnMlHgCD3YWDwum8y/J4UE6ufr3eZXOYeptuCgS9QH7N2WpPUbqrXUU77VL
KHqXl+HhhrVTe7vq/iN9O14yPGArI26068T3V44C2s7sLLjZ1e77sOQKAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAya091hBFc5wQURNsTGax1RL4N9MB8GA1UdIwQY
MBaAFOIocnPiHDBoKnoyFD1XGAKal2ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGloeWMtSWNNR2dxZWpJVVBWY1lBcHFYYUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yODEyYjgtYTJhYi00ZjczLWI4ZDct
MGE1Y2VlNDNlNDU0LzEvREpyVDNXRUVWem5CQlJFMnhNWnJIVkV2ZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yODEyYjgtYTJhYi00ZjczLWI4ZDctMGE1Y2VlNDNlNDU0
LzEvNGloeWMtSWNNR2dxZWpJVVBWY1lBcHFYYUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+FgMA0G
CSqGSIb3DQEBCwUAA4IBAQCf5MIpu6+pd5xLQB9YnCP8qnteeA41tHn1ZCYOt7Gb
jozrDoGuTY0sMsvdYPGjIURVt4c7exYttIZhwr6AUnowdr2D9ZF1HnPOuVTgarRO
YRe8+6tZUCqghAqtt/rJ+CYwNeNYcrRxHgNBb6gEeZmQeJEdNDsjqpxFqjwBRGkj
svoXiLp25pbrCqjQm/vFWe9Nc7o6b1Eq7LzK61zJKMQJgFb0YybM6XqmlCrAZpYl
BLvLd6dAwqD9d/4W/NT3F1QEBW+BJ4N+4lp215WjtsJWGjnR0Vj8iz/dqTEu3tAD
c2FIfA+spLRV9wNuCnyoZ8CJXiEEyAL9xZnbLdLyNdZs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:27 2024 by rpki-client on console-ams.rpki-client.org