Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/RRyUpYgE1K--jGl2kozTI9uopJM.roa
File:                     RRyUpYgE1K--jGl2kozTI9uopJM.roa (raw, json)
Hash identifier:          M9/mByBOSF6fBa7W1OGp9dzFXiGTMGnNxKOvGTV9NcM=
Subject key identifier:   45:1C:94:A5:88:04:D4:AF:BE:8C:69:76:92:8C:D3:23:DB:A8:A4:93
Certificate issuer:       /CN=22fd6c153b46ee4f621da74fd572983bcaff0632
Certificate serial:       0180634B
Authority key identifier: 22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/RRyUpYgE1K--jGl2kozTI9uopJM.roa
Signing time:             Sat 01 Jan 2022 05:55:50 +0000
ROA not before:           Sat 01 Jan 2022 05:55:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211032
IP address blocks:        185.222.42.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25191243 (0x180634b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fd6c153b46ee4f621da74fd572983bcaff0632
        Validity
            Not Before: Jan  1 05:55:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=451c94a58804d4afbe8c6976928cd323dba8a493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:fe:57:70:80:e1:83:4d:4d:5e:29:98:63:c4:
                    90:36:13:76:51:18:34:74:7e:a3:24:a8:cd:b5:0b:
                    79:51:f4:0b:29:d8:b0:46:c8:55:98:0e:58:00:ae:
                    e4:ba:ad:f1:19:b5:9a:40:ee:de:6c:1c:28:26:44:
                    47:f1:d6:2b:1d:a6:76:65:f3:56:89:54:df:c4:a1:
                    76:45:13:3b:91:0f:ae:f4:e9:c7:21:35:4f:94:f9:
                    b4:1d:26:9a:9c:d3:09:ed:8a:bb:6a:bd:22:79:80:
                    34:25:a2:0f:23:1c:1c:91:d4:8f:04:7b:ad:3e:f1:
                    a6:7b:59:01:55:30:55:2a:9c:e6:be:c3:c1:d8:5b:
                    7b:b7:c4:34:fb:82:71:e5:5b:bb:fd:86:30:85:d9:
                    c8:d1:62:2f:1a:b9:8a:72:4d:5f:91:ba:a3:10:cf:
                    7f:0d:1c:c9:c4:9a:9a:f3:33:6d:c2:7b:bc:4e:55:
                    28:de:d7:bb:4c:86:ef:f4:a0:5a:29:c6:13:c5:4b:
                    2a:4b:a0:ce:c1:b6:44:e4:88:8b:00:52:de:42:40:
                    23:a7:e9:d2:d9:ce:8a:bd:e1:63:ff:cc:d4:be:d7:
                    a5:c0:1e:df:63:b7:8e:a7:aa:79:86:c7:fb:b3:00:
                    ab:7f:e5:5f:d0:33:4e:f3:fd:80:1c:55:a4:2e:44:
                    f5:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:1C:94:A5:88:04:D4:AF:BE:8C:69:76:92:8C:D3:23:DB:A8:A4:93
            X509v3 Authority Key Identifier:
                keyid:22:FD:6C:15:3B:46:EE:4F:62:1D:A7:4F:D5:72:98:3B:CA:FF:06:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv1sFTtG7k9iHadP1XKYO8r_BjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/RRyUpYgE1K--jGl2kozTI9uopJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/085cf7-d4ec-4817-88a9-7becf292e8df/1/Iv1sFTtG7k9iHadP1XKYO8r_BjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.222.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:9b:fa:c0:06:99:9c:a9:c5:d9:75:2f:af:2f:f7:10:29:49:
         24:cf:43:89:6a:c2:86:f7:cf:ee:13:53:53:a7:49:ed:bb:9f:
         73:ac:3a:30:b9:de:b3:82:02:46:a0:db:c2:5c:04:3e:a5:35:
         12:83:f2:c9:68:dc:2f:cd:ed:ed:e6:fc:f7:2f:06:c8:f6:eb:
         71:a9:06:0d:65:5c:4e:c7:27:f3:59:76:2a:ca:da:70:09:dc:
         b7:1a:0c:15:18:5c:bb:be:65:2f:d5:79:c4:0b:76:c7:6e:71:
         37:e5:8d:0d:35:fe:66:8f:1e:9c:6d:01:90:94:d7:18:3e:78:
         94:c7:3b:60:6d:d5:9d:e4:38:9c:fd:9a:59:7e:4e:43:43:73:
         ae:85:af:ba:1a:8b:33:b2:33:20:cc:51:f4:75:d8:83:68:67:
         b9:dc:54:db:28:27:75:17:b0:29:ac:42:c7:26:16:30:e6:62:
         c3:82:71:c9:b5:64:b8:4a:9f:39:59:28:ea:1f:50:41:8c:c0:
         2f:6f:6a:6d:d0:9d:3c:a3:76:19:8b:d4:e8:0a:ab:48:94:99:
         bb:51:eb:48:16:2c:04:82:85:8d:18:95:69:b0:8b:64:1a:97:
         6c:f3:24:11:2b:74:53:4d:9c:1d:d0:ce:27:fa:80:b2:36:14:
         49:93:3a:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYBjSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmZkNmMxNTNiNDZlZTRmNjIxZGE3NGZkNTcyOTgzYmNhZmYwNjMyMB4XDTIyMDEw
MTA1NTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDUxYzk0YTU4ODA0
ZDRhZmJlOGM2OTc2OTI4Y2QzMjNkYmE4YTQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO3+V3CA4YNNTV4pmGPEkDYTdlEYNHR+oySozbULeVH0CynY
sEbIVZgOWACu5Lqt8Rm1mkDu3mwcKCZER/HWKx2mdmXzVolU38ShdkUTO5EPrvTp
xyE1T5T5tB0mmpzTCe2Ku2q9InmANCWiDyMcHJHUjwR7rT7xpntZAVUwVSqc5r7D
wdhbe7fENPuCceVbu/2GMIXZyNFiLxq5inJNX5G6oxDPfw0cycSamvMzbcJ7vE5V
KN7Xu0yG7/SgWinGE8VLKkugzsG2ROSIiwBS3kJAI6fp0tnOir3hY//M1L7XpcAe
32O3jqeqeYbH+7MAq3/lX9AzTvP9gBxVpC5E9esCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRFHJSliATUr76MaXaSjNMj26ikkzAfBgNVHSMEGDAWgBQi/WwVO0buT2Id
p0/Vcpg7yv8GMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2MXNGVHRHN2s5aUhhZFAxWEtZTzhyX0JqSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMDg1Y2Y3LWQ0ZWMtNDgxNy04OGE5LTdiZWNmMjkyZThkZi8x
L1JSeVVwWWdFMUstLWpHbDJrb3pUSTl1b3BKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MDg1Y2Y3LWQ0ZWMtNDgxNy04OGE5LTdiZWNmMjkyZThkZi8xL0l2MXNGVHRHN2s5
aUhhZFAxWEtZTzhyX0JqSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALneKjANBgkqhkiG9w0BAQsFAAOC
AQEAWpv6wAaZnKnF2XUvry/3EClJJM9DiWrChvfP7hNTU6dJ7bufc6w6MLnes4IC
RqDbwlwEPqU1EoPyyWjcL83t7eb89y8GyPbrcakGDWVcTscn81l2KsracAnctxoM
FRhcu75lL9V5xAt2x25xN+WNDTX+Zo8enG0BkJTXGD54lMc7YG3VneQ4nP2aWX5O
Q0NzroWvuhqLM7IzIMxR9HXYg2hnudxU2ygndRewKaxCxyYWMOZiw4JxybVkuEqf
OVko6h9QQYzAL29qbdCdPKN2GYvU6AqrSJSZu1HrSBYsBIKFjRiVabCLZBqXbPMk
ESt0U02cHdDOJ/qAsjYUSZM6eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:36 2024 by rpki-client on console-ams.rpki-client.org