Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/974238-01fa-4c15-b942-52d50b75d70c/1/IWRmPsESOjDd9C-CS8GQEZOMSbg.roa
File:                     IWRmPsESOjDd9C-CS8GQEZOMSbg.roa (raw, json)
Hash identifier:          DLao9uFsv7ZZBEQhdwobslNs2wxSPEptYiPtR9Ze7PE=
Subject key identifier:   21:64:66:3E:C1:12:3A:30:DD:F4:2F:82:4B:C1:90:11:93:8C:49:B8
Certificate issuer:       /CN=5e2f2e4b664d3edba236a8768dc9541e7d9d529c
Certificate serial:       EAA41E
Authority key identifier: 5E:2F:2E:4B:66:4D:3E:DB:A2:36:A8:76:8D:C9:54:1E:7D:9D:52:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xi8uS2ZNPtuiNqh2jclUHn2dUpw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/974238-01fa-4c15-b942-52d50b75d70c/1/IWRmPsESOjDd9C-CS8GQEZOMSbg.roa
Signing time:             Tue 15 Mar 2022 12:10:41 +0000
ROA not before:           Tue 15 Mar 2022 12:10:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        195.96.132.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15377438 (0xeaa41e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e2f2e4b664d3edba236a8768dc9541e7d9d529c
        Validity
            Not Before: Mar 15 12:10:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2164663ec1123a30ddf42f824bc19011938c49b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f7:fd:41:6c:0a:26:6a:58:ac:83:1a:ae:90:
                    10:95:86:92:97:19:21:9a:c9:5a:7e:b1:f4:00:e9:
                    fd:94:2a:72:77:e4:7b:d7:7b:5c:65:90:9b:43:ec:
                    e3:5b:8b:43:3d:a0:87:22:d7:5b:1c:0b:5a:0d:c2:
                    c9:cd:ef:25:eb:6c:53:55:0a:38:86:bf:17:bf:b3:
                    98:86:dc:87:f7:19:9d:b9:5f:ff:22:aa:c6:ff:21:
                    10:ca:00:44:fe:23:42:72:26:89:b3:66:db:88:85:
                    72:be:a8:5c:f7:90:7f:89:1a:ab:59:a9:9c:8a:39:
                    eb:e1:e0:e8:a7:b0:a7:41:e5:7f:94:69:58:aa:b3:
                    56:9d:d4:0f:bd:09:a8:c7:f5:30:c1:8e:92:88:01:
                    a5:78:e7:b7:39:59:57:41:30:7d:ad:6d:e2:33:ab:
                    86:bb:10:48:83:c0:49:41:2d:e1:db:d9:fd:97:8a:
                    aa:94:ef:62:c2:73:b8:b0:d1:34:c3:0a:81:31:8a:
                    99:e2:c8:91:89:b3:a5:3d:39:13:f9:c5:62:d8:05:
                    53:89:02:dd:01:e7:6e:d3:89:70:ba:aa:21:30:36:
                    c0:3f:9a:30:89:82:6c:5c:fd:3a:51:b0:cf:2f:93:
                    74:f9:b5:18:d6:32:b3:3e:f7:8d:88:78:9c:a9:f8:
                    36:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:64:66:3E:C1:12:3A:30:DD:F4:2F:82:4B:C1:90:11:93:8C:49:B8
            X509v3 Authority Key Identifier:
                keyid:5E:2F:2E:4B:66:4D:3E:DB:A2:36:A8:76:8D:C9:54:1E:7D:9D:52:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xi8uS2ZNPtuiNqh2jclUHn2dUpw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/974238-01fa-4c15-b942-52d50b75d70c/1/IWRmPsESOjDd9C-CS8GQEZOMSbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/974238-01fa-4c15-b942-52d50b75d70c/1/Xi8uS2ZNPtuiNqh2jclUHn2dUpw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.96.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:a7:1a:61:4c:e6:bc:3c:cf:42:80:c3:bf:27:73:5e:86:96:
         42:83:05:0c:44:98:89:f9:be:94:42:58:90:02:cc:94:f2:d7:
         8f:17:e2:ed:c3:e9:cb:42:fa:ab:96:81:34:c3:10:92:d4:65:
         81:32:98:79:f6:ab:1f:a4:66:fd:a6:08:3d:1d:b6:d6:08:75:
         ee:33:14:ea:9d:75:b1:ba:fe:0a:7c:dd:c5:2d:58:17:cf:a9:
         1b:95:4f:fc:bd:cf:9a:d3:96:28:53:ac:63:66:9f:08:d6:17:
         89:64:b2:d1:8b:57:45:5a:78:41:d7:d0:72:89:70:f5:18:5f:
         e1:58:4f:ab:7f:66:19:b8:0d:92:60:ac:44:51:b5:2e:35:56:
         c2:89:f1:ce:ea:a8:11:9d:70:79:ed:22:ee:2c:35:19:2f:4a:
         4a:bf:ff:a6:67:d4:91:2e:2b:0d:84:29:2d:33:f8:41:24:8a:
         2e:9c:c5:e9:52:38:e3:0b:c1:1e:9c:71:43:8d:0f:0f:fe:2a:
         b9:bf:7d:98:80:23:9b:bf:41:a1:d6:7d:8c:7f:d0:60:99:8b:
         29:ce:13:bb:d4:24:ea:10:6a:b3:b7:ff:66:70:1a:e3:7f:2c:
         74:ce:2f:41:c0:8d:9b:ea:99:58:82:be:f5:fe:82:c9:5c:e3:
         d6:7c:55:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOqkHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTJmMmU0YjY2NGQzZWRiYTIzNmE4NzY4ZGM5NTQxZTdkOWQ1MjljMB4XDTIyMDMx
NTEyMTA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE2NDY2M2VjMTEy
M2EzMGRkZjQyZjgyNGJjMTkwMTE5MzhjNDliODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH3/UFsCiZqWKyDGq6QEJWGkpcZIZrJWn6x9ADp/ZQqcnfk
e9d7XGWQm0Ps41uLQz2ghyLXWxwLWg3Cyc3vJetsU1UKOIa/F7+zmIbch/cZnblf
/yKqxv8hEMoARP4jQnImibNm24iFcr6oXPeQf4kaq1mpnIo56+Hg6Kewp0Hlf5Rp
WKqzVp3UD70JqMf1MMGOkogBpXjntzlZV0Ewfa1t4jOrhrsQSIPASUEt4dvZ/ZeK
qpTvYsJzuLDRNMMKgTGKmeLIkYmzpT05E/nFYtgFU4kC3QHnbtOJcLqqITA2wD+a
MImCbFz9OlGwzy+TdPm1GNYysz73jYh4nKn4NpUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhZGY+wRI6MN30L4JLwZARk4xJuDAfBgNVHSMEGDAWgBReLy5LZk0+26I2
qHaNyVQefZ1SnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hpOHVTMlpOUHR1aU5xaDJqY2xVSG4yZFVwdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvOTc0MjM4LTAxZmEtNGMxNS1iOTQyLTUyZDUwYjc1ZDcwYy8x
L0lXUm1Qc0VTT2pEZDlDLUNTOEdRRVpPTVNiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
OTc0MjM4LTAxZmEtNGMxNS1iOTQyLTUyZDUwYjc1ZDcwYy8xL1hpOHVTMlpOUHR1
aU5xaDJqY2xVSG4yZFVwdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNghDANBgkqhkiG9w0BAQsFAAOC
AQEAEacaYUzmvDzPQoDDvydzXoaWQoMFDESYifm+lEJYkALMlPLXjxfi7cPpy0L6
q5aBNMMQktRlgTKYefarH6Rm/aYIPR221gh17jMU6p11sbr+CnzdxS1YF8+pG5VP
/L3PmtOWKFOsY2afCNYXiWSy0YtXRVp4QdfQcolw9Rhf4VhPq39mGbgNkmCsRFG1
LjVWwonxzuqoEZ1wee0i7iw1GS9KSr//pmfUkS4rDYQpLTP4QSSKLpzF6VI44wvB
HpxxQ40PD/4qub99mIAjm79BodZ9jH/QYJmLKc4Tu9Qk6hBqs7f/ZnAa438sdM4v
QcCNm+qZWIK+9f6CyVzj1nxV3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org