Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/2sJJMiczCDXe4Pi4J7CJHQOAmQQ.roa
File:                     2sJJMiczCDXe4Pi4J7CJHQOAmQQ.roa (raw, json)
Hash identifier:          Oy6wuGxHAbw7cIFJnoWZX1hXZdPa+duvm90LRqkqbiU=
Subject key identifier:   DA:C2:49:32:27:33:08:35:DE:E0:F8:B8:27:B0:89:1D:03:80:99:04
Certificate issuer:       /CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Certificate serial:       0185701EF373CF9B16CEFD4817C32B0433DF
Authority key identifier: C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/2sJJMiczCDXe4Pi4J7CJHQOAmQQ.roa
Signing time:             Mon 02 Jan 2023 01:35:54 +0000
ROA not before:           Mon 02 Jan 2023 01:35:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44203
IP address blocks:        185.211.202.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:f3:73:cf:9b:16:ce:fd:48:17:c3:2b:04:33:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
        Validity
            Not Before: Jan  2 01:35:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dac2493227330835dee0f8b827b0891d03809904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:62:3b:43:76:a4:34:3e:65:75:32:8b:e1:10:
                    75:eb:be:c1:38:61:86:2e:16:ec:cb:58:ea:32:71:
                    55:37:3b:d2:35:1f:e3:e0:0c:2f:1b:ca:74:22:68:
                    6d:2b:bb:b7:c2:d3:ff:4c:6e:b4:2e:da:f9:74:03:
                    a5:39:6e:82:59:cf:e4:ba:60:b4:d0:64:98:c6:71:
                    c6:cb:24:48:f5:3d:3d:31:b2:f2:d9:5a:eb:e4:e6:
                    05:16:ab:d1:77:30:74:e6:a3:f4:fb:71:8f:1b:a6:
                    4e:d4:e8:26:11:99:72:b8:81:32:ac:13:91:64:c5:
                    6a:81:2c:d4:8b:0a:33:05:b2:77:f3:80:7c:96:e2:
                    ce:35:bf:d6:dd:ed:14:70:b1:af:cf:19:ad:bb:d3:
                    14:b0:08:e0:36:fc:d5:14:06:9f:02:66:de:b2:45:
                    68:ea:ec:25:f7:ac:aa:67:a7:08:f3:d5:ab:4a:b1:
                    0b:02:8e:e5:0c:00:fd:0b:08:ff:71:5b:7d:9a:60:
                    c7:59:87:87:28:ef:5f:7d:d0:5b:38:82:b3:08:6f:
                    5e:08:98:f1:87:1d:fd:82:a3:d5:a1:89:c4:14:58:
                    5c:c0:e0:63:27:5e:4d:e6:90:2b:83:7b:d2:0b:97:
                    56:64:88:49:5d:97:ac:c3:07:f8:6f:c2:70:1e:93:
                    14:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C2:49:32:27:33:08:35:DE:E0:F8:B8:27:B0:89:1D:03:80:99:04
            X509v3 Authority Key Identifier:
                keyid:C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/2sJJMiczCDXe4Pi4J7CJHQOAmQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:1c:9b:76:2d:a1:b0:1e:3b:79:93:11:a9:2c:8d:e5:5c:6e:
         3b:5d:ff:04:f6:de:9d:f1:00:31:e1:a5:68:8e:9b:0a:c6:66:
         d9:2e:ec:db:b5:02:fe:20:25:f1:f1:39:4e:b5:34:c0:73:b0:
         01:0c:2d:e9:9a:7b:ee:ad:e0:1a:fd:bc:7f:be:0b:3e:8c:ce:
         da:b9:72:f5:1f:67:25:19:32:3d:cf:55:40:3a:65:93:18:d1:
         c9:77:e7:83:56:0d:15:a1:a0:1d:b3:18:06:8d:b0:cc:f5:3e:
         5b:1e:49:7a:fc:88:dd:fc:8c:d8:d2:3e:be:b1:11:2d:4e:e4:
         fc:a9:81:8f:a6:40:12:61:64:0f:a8:4c:ca:6b:bc:73:75:e5:
         fe:61:31:da:c3:c3:00:b9:dd:d6:93:fb:8b:9f:ff:c6:48:36:
         b0:e2:a8:c9:13:ed:11:25:37:01:b7:79:76:3e:24:50:cd:9c:
         31:7c:60:44:16:86:74:ec:a6:bd:25:a9:fd:fe:90:db:22:eb:
         a4:1c:1a:1a:36:a2:7c:c5:07:5b:03:0a:71:c3:de:24:73:39:
         44:8f:d7:1f:34:39:e1:d0:a9:39:7f:d5:97:16:a2:97:55:84:
         73:fc:0d:22:c6:2e:f2:0e:04:38:e2:70:22:24:e1:3f:18:e3:
         70:4d:0f:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHvNzz5sWzv1IF8MrBDPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGViN2VhMzUyMzhkMDI5OTdjNDJlYjU3NGEzOGEzMGU1
ZDAwZTcwHhcNMjMwMTAyMDEzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMyNDkzMjI3MzMwODM1ZGVlMGY4YjgyN2IwODkxZDAzODA5OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimI7Q3akND5ldTKL4RB1677BOGGG
Lhbsy1jqMnFVNzvSNR/j4AwvG8p0ImhtK7u3wtP/TG60Ltr5dAOlOW6CWc/kumC0
0GSYxnHGyyRI9T09MbLy2Vrr5OYFFqvRdzB05qP0+3GPG6ZO1OgmEZlyuIEyrBOR
ZMVqgSzUiwozBbJ384B8luLONb/W3e0UcLGvzxmtu9MUsAjgNvzVFAafAmbeskVo
6uwl96yqZ6cI89WrSrELAo7lDAD9Cwj/cVt9mmDHWYeHKO9ffdBbOIKzCG9eCJjx
hx39gqPVoYnEFFhcwOBjJ15N5pArg3vSC5dWZIhJXZeswwf4b8JwHpMUKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrCSTInMwg13uD4uCewiR0DgJkEMB8GA1UdIwQY
MBaAFMdOt+o1I40CmXxC61dKOKMOXQDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEt
MTU3ZTNjMTY5OTE4LzEvMnNKSk1pY3pDRFhlNFBpNEo3Q0pIUU9BbVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEtMTU3ZTNjMTY5OTE4
LzEveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCLHJt2LaGwHjt5kxGpLI3lXG47Xf8E9t6d8QAx4aVo
jpsKxmbZLuzbtQL+ICXx8TlOtTTAc7ABDC3pmnvureAa/bx/vgs+jM7auXL1H2cl
GTI9z1VAOmWTGNHJd+eDVg0VoaAdsxgGjbDM9T5bHkl6/Ijd/IzY0j6+sREtTuT8
qYGPpkASYWQPqEzKa7xzdeX+YTHaw8MAud3Wk/uLn//GSDaw4qjJE+0RJTcBt3l2
PiRQzZwxfGBEFoZ07Ka9Jan9/pDbIuukHBoaNqJ8xQdbAwpxw94kczlEj9cfNDnh
0Kk5f9WXFqKXVYRz/A0ixi7yDgQ44nAiJOE/GONwTQ+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:00 2024 by rpki-client on console-fra.rpki-client.org