Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/cjaoLk85joO6Y-mRCncqnXjaH6A.roa
File:                     cjaoLk85joO6Y-mRCncqnXjaH6A.roa (raw, json)
Hash identifier:          DTNo+vE9+gtfobRKFHO4yZ6AV91fVzLscFUg/t5TRlw=
Subject key identifier:   72:36:A8:2E:4F:39:8E:83:BA:63:E9:91:0A:77:2A:9D:78:DA:1F:A0
Certificate issuer:       /CN=00ca712bb4911b7674c7af047ddd86aa2063ce00
Certificate serial:       0187CE797DDAE8AD845A051A3FA8BA1D3FC7
Authority key identifier: 00:CA:71:2B:B4:91:1B:76:74:C7:AF:04:7D:DD:86:AA:20:63:CE:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AMpxK7SRG3Z0x68Efd2GqiBjzgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/cjaoLk85joO6Y-mRCncqnXjaH6A.roa
Signing time:             Sat 29 Apr 2023 19:24:41 +0000
ROA not before:           Sat 29 Apr 2023 19:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        194.104.135.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ce:79:7d:da:e8:ad:84:5a:05:1a:3f:a8:ba:1d:3f:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00ca712bb4911b7674c7af047ddd86aa2063ce00
        Validity
            Not Before: Apr 29 19:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7236a82e4f398e83ba63e9910a772a9d78da1fa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:4c:10:87:e0:cd:b3:57:84:79:65:96:71:f8:
                    60:43:f2:73:7a:09:58:8e:94:c9:a5:29:3c:7e:9b:
                    8b:dd:48:fd:ba:73:7f:0b:cf:3c:67:50:21:5d:4a:
                    84:77:4f:02:33:c3:ea:8c:c6:5f:22:9a:77:a3:e3:
                    89:4e:d8:9d:81:53:8c:ea:c5:25:8d:a0:07:49:d7:
                    7d:e9:05:eb:71:c7:ba:6d:37:00:2a:2a:b8:1e:51:
                    5c:cd:76:5b:e1:d2:8f:9d:bd:5c:74:47:39:42:f4:
                    b9:dd:9d:5c:27:22:39:5c:c7:05:91:f0:ce:b8:98:
                    21:95:7e:63:8c:e2:ef:f4:c6:0c:ca:67:7d:b3:61:
                    ed:45:f5:6a:d0:7f:12:4b:00:57:8b:22:ea:09:6d:
                    d3:91:97:3b:23:f9:64:70:d7:a5:90:c2:e6:ff:18:
                    57:73:7c:19:9f:0a:23:43:6a:79:c4:45:0d:c6:27:
                    a6:ea:92:3c:02:4e:73:c3:b5:88:34:e3:be:c9:15:
                    73:f5:01:4a:05:8b:96:e7:b6:83:b1:14:a7:64:c8:
                    61:48:0a:88:1e:72:0c:c0:2a:41:fc:1c:b5:06:88:
                    1c:65:c9:ce:a7:09:a5:f9:57:7c:98:ac:82:2c:38:
                    12:32:d6:19:58:f5:bc:6d:39:db:ed:70:9a:8b:e9:
                    60:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:36:A8:2E:4F:39:8E:83:BA:63:E9:91:0A:77:2A:9D:78:DA:1F:A0
            X509v3 Authority Key Identifier:
                keyid:00:CA:71:2B:B4:91:1B:76:74:C7:AF:04:7D:DD:86:AA:20:63:CE:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AMpxK7SRG3Z0x68Efd2GqiBjzgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/cjaoLk85joO6Y-mRCncqnXjaH6A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3822e5-07a4-4a38-ae68-b6c04330ccd1/1/AMpxK7SRG3Z0x68Efd2GqiBjzgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:86:f8:9c:71:2f:52:d7:e0:05:a5:1a:7a:5e:ee:d5:2d:3b:
         5d:d3:68:37:9d:c4:9c:07:e5:8e:c7:7a:1c:d4:81:e0:b0:5e:
         2a:98:05:de:81:31:d0:61:62:1f:a5:29:10:92:bc:80:b7:52:
         e5:39:b5:cb:3a:33:d5:cf:75:f4:09:67:9d:4b:31:5e:c8:0a:
         a2:cb:3d:6f:3d:a2:a4:5f:fe:ac:e1:3e:62:8a:af:58:b0:7f:
         b0:8a:c2:ea:74:ef:21:39:77:b2:ec:8b:3c:36:c6:57:68:cd:
         b6:2a:15:6a:35:66:29:59:bf:34:e8:f3:ab:4e:82:0e:f7:51:
         bd:9d:24:76:77:4b:fc:31:66:8a:4a:8b:02:41:95:54:87:17:
         8a:b6:f7:96:83:eb:c8:2e:e3:75:1a:25:66:19:98:71:cb:e9:
         c7:5a:23:ad:3e:42:76:1e:c6:38:7e:91:3f:81:fd:0e:6c:67:
         4b:d9:a8:96:ee:7c:20:87:19:8d:aa:d8:27:59:35:ce:d4:12:
         09:63:63:dd:fe:d8:40:ec:90:fb:ec:50:bb:6b:51:ff:79:51:
         2b:6e:c8:95:d5:e1:90:3a:ca:aa:78:6e:5c:93:02:5f:59:7a:
         7c:c8:bb:02:35:85:e0:c2:9f:d6:69:a8:9e:69:1a:bc:68:d0:
         ff:6c:74:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfOeX3a6K2EWgUaP6i6HT/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwY2E3MTJiYjQ5MTFiNzY3NGM3YWYwNDdkZGQ4NmFhMjA2
M2NlMDAwHhcNMjMwNDI5MTkyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM2YTgyZTRmMzk4ZTgzYmE2M2U5OTEwYTc3MmE5ZDc4ZGExZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEwQh+DNs1eEeWWWcfhgQ/JzeglY
jpTJpSk8fpuL3Uj9unN/C888Z1AhXUqEd08CM8PqjMZfIpp3o+OJTtidgVOM6sUl
jaAHSdd96QXrcce6bTcAKiq4HlFczXZb4dKPnb1cdEc5QvS53Z1cJyI5XMcFkfDO
uJghlX5jjOLv9MYMymd9s2HtRfVq0H8SSwBXiyLqCW3TkZc7I/lkcNelkMLm/xhX
c3wZnwojQ2p5xEUNxiem6pI8Ak5zw7WINOO+yRVz9QFKBYuW57aDsRSnZMhhSAqI
HnIMwCpB/By1BogcZcnOpwml+Vd8mKyCLDgSMtYZWPW8bTnb7XCai+lgOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHI2qC5POY6DumPpkQp3Kp142h+gMB8GA1UdIwQY
MBaAFADKcSu0kRt2dMevBH3dhqogY84AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU1weEs3U1JHM1oweDY4RWZkMkdxaUJqemdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zODIyZTUtMDdhNC00YTM4LWFlNjgt
YjZjMDQzMzBjY2QxLzEvY2phb0xrODVqb082WS1tUkNuY3FuWGphSDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zODIyZTUtMDdhNC00YTM4LWFlNjgtYjZjMDQzMzBjY2Qx
LzEvQU1weEs3U1JHM1oweDY4RWZkMkdxaUJqemdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiHMA0G
CSqGSIb3DQEBCwUAA4IBAQCKhviccS9S1+AFpRp6Xu7VLTtd02g3ncScB+WOx3oc
1IHgsF4qmAXegTHQYWIfpSkQkryAt1LlObXLOjPVz3X0CWedSzFeyAqiyz1vPaKk
X/6s4T5iiq9YsH+wisLqdO8hOXey7Is8NsZXaM22KhVqNWYpWb806POrToIO91G9
nSR2d0v8MWaKSosCQZVUhxeKtveWg+vILuN1GiVmGZhxy+nHWiOtPkJ2HsY4fpE/
gf0ObGdL2aiW7nwghxmNqtgnWTXO1BIJY2Pd/thA7JD77FC7a1H/eVErbsiV1eGQ
OsqqeG5ckwJfWXp8yLsCNYXgwp/WaaieaRq8aND/bHRz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org