Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Fb-OXkP7DPtncETwD6-WAxdWaBA.roa
File:                     Fb-OXkP7DPtncETwD6-WAxdWaBA.roa (raw, json)
Hash identifier:          LvNPIs91ehYF/QYbhv+sUEWvxxBRvy/OEf5HjNZQtWQ=
Subject key identifier:   15:BF:8E:5E:43:FB:0C:FB:67:70:44:F0:0F:AF:96:03:17:56:68:10
Certificate issuer:       /CN=22fd6c153b46ee4f621da74fd572983bcaff0632
Certificate serial:       018A4BBF53179689C5F77F8BD263D90E6856
Authority key identifier: 22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Fb-OXkP7DPtncETwD6-WAxdWaBA.roa
Signing time:             Thu 31 Aug 2023 13:19:04 +0000
ROA not before:           Thu 31 Aug 2023 13:19:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.222.42.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:4b:bf:53:17:96:89:c5:f7:7f:8b:d2:63:d9:0e:68:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fd6c153b46ee4f621da74fd572983bcaff0632
        Validity
            Not Before: Aug 31 13:19:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=15bf8e5e43fb0cfb677044f00faf960317566810
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f9:a0:7e:b8:1f:aa:c5:1a:b8:4d:4a:d8:56:
                    88:b7:fb:ef:c3:e9:44:37:c4:62:01:d3:60:3e:60:
                    2d:f0:de:ed:20:1a:01:8a:c5:ac:a2:5c:41:ad:19:
                    65:4e:a9:81:1c:a6:99:21:ac:a6:c5:b8:44:cd:52:
                    a8:e9:b7:e1:c0:2f:3b:2f:82:a0:ab:61:90:e0:c3:
                    f3:1e:89:40:87:20:73:c4:dc:2a:9e:73:eb:e1:ba:
                    b3:4c:d6:c1:4d:70:63:fc:f1:5f:65:1b:e2:e0:18:
                    dc:d4:a8:b7:8b:83:02:9f:11:c7:c2:5e:f3:ce:79:
                    85:5c:6e:a8:a7:46:8a:24:8c:7a:9f:4f:f0:dd:b1:
                    fa:5b:f7:79:80:3f:10:3a:57:5d:3d:f4:9e:a5:59:
                    1a:34:39:3e:53:8f:a9:16:3b:60:75:db:da:85:d1:
                    44:ff:84:1d:35:4a:87:9a:c8:85:52:b6:3b:f0:db:
                    1c:13:04:d9:7d:77:3f:6f:8d:38:1c:45:44:c5:bb:
                    12:64:19:69:ee:29:76:63:6b:25:4c:e6:ff:b6:d4:
                    dd:d0:3a:b0:21:c4:d3:74:99:a6:77:79:16:28:71:
                    f7:f3:82:c7:05:b2:55:dc:ce:38:2a:7c:5c:e4:a2:
                    ac:6d:a0:13:06:c3:6b:2d:19:ad:46:29:9e:ff:10:
                    7e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:BF:8E:5E:43:FB:0C:FB:67:70:44:F0:0F:AF:96:03:17:56:68:10
            X509v3 Authority Key Identifier:
                keyid:22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Fb-OXkP7DPtncETwD6-WAxdWaBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Iv1sFTtG7k9iHadP1XKYO8r_BjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.222.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:55:83:2c:83:47:89:05:51:1a:be:b5:22:f2:17:ed:7e:96:
         01:b8:20:20:85:4d:e8:63:d4:f8:83:f0:26:0a:12:2e:85:b6:
         7c:dd:67:2d:c4:cf:fd:21:79:43:26:0d:bd:a5:7a:3c:47:7f:
         9b:2c:94:d7:89:81:93:7d:a5:fe:6c:67:52:be:c4:07:f2:df:
         a9:7b:00:9a:22:2d:8e:c7:46:ad:59:0b:8f:17:f2:5b:30:aa:
         f1:c2:6e:ab:d2:55:cf:bd:f5:8d:b5:a2:f9:95:36:91:98:0b:
         d9:80:f5:ca:f6:f9:3c:b6:28:f6:03:d6:70:7e:46:6a:f4:46:
         65:dc:d4:a1:f4:31:2a:e1:b7:26:19:ee:a2:8e:e6:1f:d9:1d:
         6c:dc:5a:ac:20:cc:45:05:b0:f8:ec:69:69:41:7b:67:8d:4b:
         91:60:97:87:36:6b:ee:be:3c:8b:eb:d9:22:12:95:74:39:83:
         98:f2:0d:7f:b2:00:94:98:6e:1a:18:b3:5d:41:ce:ff:c3:8e:
         ce:b4:74:6f:27:5a:39:cd:6d:5e:77:27:2a:62:13:e1:aa:86:
         7b:71:39:26:92:cc:47:47:49:78:bb:76:bb:c7:48:8b:61:3e:
         fa:2a:88:ee:1b:55:80:4e:af:09:59:0d:f2:6e:d9:72:fd:91:
         4c:44:33:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpLv1MXlonF93+L0mPZDmhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmQ2YzE1M2I0NmVlNGY2MjFkYTc0ZmQ1NzI5ODNiY2Fm
ZjA2MzIwHhcNMjMwODMxMTMxOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJmOGU1ZTQzZmIwY2ZiNjc3MDQ0ZjAwZmFmOTYwMzE3NTY2ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfmgfrgfqsUauE1K2FaIt/vvw+lE
N8RiAdNgPmAt8N7tIBoBisWsolxBrRllTqmBHKaZIaymxbhEzVKo6bfhwC87L4Kg
q2GQ4MPzHolAhyBzxNwqnnPr4bqzTNbBTXBj/PFfZRvi4Bjc1Ki3i4MCnxHHwl7z
znmFXG6op0aKJIx6n0/w3bH6W/d5gD8QOlddPfSepVkaNDk+U4+pFjtgddvahdFE
/4QdNUqHmsiFUrY78NscEwTZfXc/b404HEVExbsSZBlp7il2Y2slTOb/ttTd0Dqw
IcTTdJmmd3kWKHH384LHBbJV3M44Knxc5KKsbaATBsNrLRmtRime/xB+iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBW/jl5D+wz7Z3BE8A+vlgMXVmgQMB8GA1UdIwQY
MBaAFCL9bBU7Ru5PYh2nT9VymDvK/wYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXYxc0ZUdEc3azlpSGFkUDFYS1lPOHJfQmpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wODVjZjctZDRlYy00ODE3LTg4YTkt
N2JlY2YyOTJlOGRmLzEvRmItT1hrUDdEUHRuY0VUd0Q2LVdBeGRXYUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wODVjZjctZDRlYy00ODE3LTg4YTktN2JlY2YyOTJlOGRm
LzEvSXYxc0ZUdEc3azlpSGFkUDFYS1lPOHJfQmpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4qMA0G
CSqGSIb3DQEBCwUAA4IBAQAWVYMsg0eJBVEavrUi8hftfpYBuCAghU3oY9T4g/Am
ChIuhbZ83WctxM/9IXlDJg29pXo8R3+bLJTXiYGTfaX+bGdSvsQH8t+pewCaIi2O
x0atWQuPF/JbMKrxwm6r0lXPvfWNtaL5lTaRmAvZgPXK9vk8tij2A9ZwfkZq9EZl
3NSh9DEq4bcmGe6ijuYf2R1s3FqsIMxFBbD47GlpQXtnjUuRYJeHNmvuvjyL69ki
EpV0OYOY8g1/sgCUmG4aGLNdQc7/w47OtHRvJ1o5zW1edycqYhPhqoZ7cTkmksxH
R0l4u3a7x0iLYT76KojuG1WATq8JWQ3ybtly/ZFMRDOF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:36 2024 by rpki-client on console-ams.rpki-client.org