Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa
File:                     tXuBUJV8lBpEf8oOppq6w0yMbwM.roa (raw, json)
Hash identifier:          t85gj7Cb/8J/rEgphAYF4ittKM7V6wTJcDSwDGB2nOs=
Subject key identifier:   B5:7B:81:50:95:7C:94:1A:44:7F:CA:0E:A6:9A:BA:C3:4C:8C:6F:03
Certificate issuer:       /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial:       018CC2DAB11076909BC63B11EC7A66F4AA4F
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa
Signing time:             Mon 01 Jan 2024 02:29:21 +0000
ROA not before:           Mon 01 Jan 2024 02:29:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24935
IP address blocks:        195.74.80.0/24 maxlen: 24
                          185.161.45.0/24 maxlen: 24
                          185.161.47.0/24 maxlen: 24
                          185.252.159.0/24 maxlen: 24
                          185.252.158.0/24 maxlen: 24
                          185.252.156.0/24 maxlen: 24
                          46.29.123.0/24 maxlen: 24
                          46.29.122.0/24 maxlen: 24
                          37.235.93.0/24 maxlen: 24
                          37.235.92.0/24 maxlen: 24
                          194.213.30.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:da:b1:10:76:90:9b:c6:3b:11:ec:7a:66:f4:aa:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
        Validity
            Not Before: Jan  1 02:29:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b57b8150957c941a447fca0ea69abac34c8c6f03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d7:5e:62:d8:9c:d4:01:27:5c:86:36:bb:13:
                    19:55:9a:7e:3a:e3:81:1b:79:58:dc:0d:29:9f:66:
                    09:d0:b2:bb:04:5a:e8:bc:88:94:7b:b3:6c:68:98:
                    bb:08:b5:93:47:05:44:9b:6e:42:82:7b:c2:ae:cd:
                    d1:ee:0d:e3:d1:20:cc:0c:1c:b6:56:2e:f1:9f:ff:
                    88:31:5c:15:67:c6:a1:78:f8:68:7d:c1:13:2b:0d:
                    b7:be:e3:8e:da:cf:ea:91:3d:92:ff:7f:22:d2:b1:
                    e5:9f:49:6d:92:80:ca:85:9f:ad:a3:bb:27:32:78:
                    96:18:32:6e:0d:92:e8:23:8b:28:c2:59:ff:39:d8:
                    4d:f2:ac:e6:11:65:c0:69:7e:1d:d8:20:14:74:58:
                    6f:04:1d:7d:54:13:0a:01:43:c0:14:06:7c:3a:33:
                    57:d8:fa:52:90:fe:fb:dd:09:1b:c7:f1:00:00:ab:
                    6d:d7:8d:fb:44:e7:ea:3d:7c:c0:66:58:2a:f3:77:
                    93:5d:2f:28:4b:52:bf:2a:9a:af:52:1b:87:22:32:
                    d6:2e:88:1b:2b:78:a9:78:70:6d:be:d5:fc:1f:65:
                    29:0c:20:b9:e6:ca:e8:43:27:24:32:5f:a5:be:e3:
                    db:78:a7:7e:4a:5c:67:5f:57:4b:da:75:c1:1c:14:
                    4f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:7B:81:50:95:7C:94:1A:44:7F:CA:0E:A6:9A:BA:C3:4C:8C:6F:03
            X509v3 Authority Key Identifier:
                keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.92.0/23
                  46.29.122.0/23
                  185.161.45.0/24
                  185.161.47.0/24
                  185.252.156.0/24
                  185.252.158.0/23
                  194.213.30.0/24
                  195.74.80.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:95:ce:f3:26:9c:31:39:48:d9:c2:f4:11:d2:e0:23:3d:f0:
         da:7a:5e:9e:28:52:c4:22:c5:0f:1a:f3:12:7a:bb:06:4f:a1:
         c5:9f:7b:b1:07:36:52:d6:d5:62:61:c0:67:f3:e6:fe:c3:c9:
         a0:48:ea:0d:5e:3c:b9:1b:a8:11:31:be:01:a7:ee:ce:79:e0:
         5b:3e:fd:28:6a:f4:1e:e6:3c:20:a0:0f:82:8c:87:da:d6:e9:
         62:17:92:17:72:b1:3e:da:09:55:f6:47:5f:4f:eb:c8:61:b8:
         da:8a:18:2c:d8:95:a9:a3:3f:ef:6c:7e:39:ba:67:53:71:39:
         39:88:dc:71:2e:63:a7:a8:19:ce:2d:c6:1e:e2:8a:8c:f5:a6:
         41:c8:94:fb:d9:52:cc:f4:9a:4a:55:58:3d:cd:32:42:0f:2a:
         3d:e8:a1:62:dd:a3:14:26:f0:27:a4:11:be:ac:c7:4d:da:af:
         44:45:a0:31:4f:4d:ab:cd:4a:69:ea:ad:f8:ee:6d:2c:82:1b:
         b0:f2:eb:57:ff:6b:b8:30:16:71:00:69:fb:9a:72:b2:29:f1:
         8f:96:99:ee:0a:98:42:b2:7a:22:0b:3d:0f:67:ef:36:d5:19:
         c2:ad:df:ad:e4:a1:69:65:87:86:c0:de:f6:e3:4a:24:88:13:
         a8:16:2a:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzC2rEQdpCbxjsR7Hpm9KpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdiODE1MDk1N2M5NDFhNDQ3ZmNhMGVhNjlhYmFjMzRjOGM2ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptdeYtic1AEnXIY2uxMZVZp+OuOB
G3lY3A0pn2YJ0LK7BFrovIiUe7NsaJi7CLWTRwVEm25CgnvCrs3R7g3j0SDMDBy2
Vi7xn/+IMVwVZ8ahePhofcETKw23vuOO2s/qkT2S/38i0rHln0ltkoDKhZ+to7sn
MniWGDJuDZLoI4sowln/OdhN8qzmEWXAaX4d2CAUdFhvBB19VBMKAUPAFAZ8OjNX
2PpSkP773Qkbx/EAAKtt1437ROfqPXzAZlgq83eTXS8oS1K/KpqvUhuHIjLWLogb
K3ipeHBtvtX8H2UpDCC55sroQyckMl+lvuPbeKd+SlxnX1dL2nXBHBRPiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLV7gVCVfJQaRH/KDqaausNMjG8DMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvdFh1QlVKVjhsQnBFZjhvT3BwcTZ3MHlNYndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBJetcAwQB
Lh16AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0GCSqGSIb3
DQEBCwUAA4IBAQBZlc7zJpwxOUjZwvQR0uAjPfDael6eKFLEIsUPGvMSersGT6HF
n3uxBzZS1tViYcBn8+b+w8mgSOoNXjy5G6gRMb4Bp+7OeeBbPv0oavQe5jwgoA+C
jIfa1uliF5IXcrE+2glV9kdfT+vIYbjaihgs2JWpoz/vbH45umdTcTk5iNxxLmOn
qBnOLcYe4oqM9aZByJT72VLM9JpKVVg9zTJCDyo96KFi3aMUJvAnpBG+rMdN2q9E
RaAxT02rzUpp6q347m0sghuw8utX/2u4MBZxAGn7mnKyKfGPlpnuCphCsnoiCz0P
Z+821RnCrd+t5KFpZYeGwN7240okiBOoFiop
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:05 2024 by rpki-client on console-fra.rpki-client.org