Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a3cd28-ca3b-45ae-8135-387e7a5b150a/1/vtTC8Q75I5itM3FtyPpcKMcow9c.roa
File:                     vtTC8Q75I5itM3FtyPpcKMcow9c.roa (raw, json)
Hash identifier:          keDOqR5T/KsZtO2xCZM6CwXOUnLqFIVXp3hB+mqAyYE=
Subject key identifier:   BE:D4:C2:F1:0E:F9:23:98:AD:33:71:6D:C8:FA:5C:28:C7:28:C3:D7
Certificate issuer:       /CN=1f41ba8a1cefdb8948113701bfd1d076dea6767d
Certificate serial:       0181D283E34F1F5F8087B6D9F101D80ABD10
Authority key identifier: 1F:41:BA:8A:1C:EF:DB:89:48:11:37:01:BF:D1:D0:76:DE:A6:76:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H0G6ihzv24lIETcBv9HQdt6mdn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/a3cd28-ca3b-45ae-8135-387e7a5b150a/1/vtTC8Q75I5itM3FtyPpcKMcow9c.roa
Signing time:             Wed 06 Jul 2022 07:57:47 +0000
ROA not before:           Wed 06 Jul 2022 07:57:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     200845
IP address blocks:        185.248.98.0/24 maxlen: 24
                          185.248.97.0/24 maxlen: 24
                          185.248.96.0/22 maxlen: 24
                          185.248.99.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:81:d2:83:e3:4f:1f:5f:80:87:b6:d9:f1:01:d8:0a:bd:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f41ba8a1cefdb8948113701bfd1d076dea6767d
        Validity
            Not Before: Jul  6 07:57:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=bed4c2f10ef92398ad33716dc8fa5c28c728c3d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:08:7a:da:c5:e0:83:2a:14:46:53:e9:9b:a5:
                    42:0f:44:d7:27:7c:96:3b:80:90:a9:b6:21:44:13:
                    92:24:bb:2f:9f:6f:2d:bf:2f:db:1e:ec:0c:f5:b5:
                    c1:9a:77:df:04:5d:bc:bb:81:6a:61:60:3a:b8:a7:
                    45:ad:87:1c:fb:45:31:42:f0:ae:43:30:3b:59:9f:
                    4f:8a:da:9b:64:07:a1:58:99:d0:0b:e0:08:fa:e3:
                    a9:3c:cb:f9:be:00:3d:1d:ec:b4:5c:51:04:c5:90:
                    37:6e:13:1b:13:ed:e0:52:27:96:4d:d9:0b:c1:b3:
                    46:c1:73:d7:35:8e:06:35:10:e9:b2:de:e2:ab:71:
                    bd:7e:ae:46:d3:20:6a:f1:57:1f:3a:8b:6c:20:b6:
                    b4:37:e6:dd:95:10:6e:d8:5f:da:d7:4e:dc:ee:28:
                    df:d5:09:a3:8a:54:e8:c6:71:b9:6b:96:86:d7:be:
                    83:c4:7e:f9:c4:c1:45:61:8d:28:59:e6:e6:64:3f:
                    1c:44:a5:73:d0:8b:54:7f:07:aa:69:a9:e9:6c:ce:
                    57:f3:e2:78:66:5b:f4:7a:1f:71:48:51:f6:3f:da:
                    fc:96:77:0f:66:28:8f:27:38:cf:18:1f:48:fc:30:
                    9d:66:d5:aa:73:32:04:96:1d:00:8f:19:6b:da:5f:
                    0a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:D4:C2:F1:0E:F9:23:98:AD:33:71:6D:C8:FA:5C:28:C7:28:C3:D7
            X509v3 Authority Key Identifier:
                keyid:1F:41:BA:8A:1C:EF:DB:89:48:11:37:01:BF:D1:D0:76:DE:A6:76:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0G6ihzv24lIETcBv9HQdt6mdn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a3cd28-ca3b-45ae-8135-387e7a5b150a/1/vtTC8Q75I5itM3FtyPpcKMcow9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a3cd28-ca3b-45ae-8135-387e7a5b150a/1/H0G6ihzv24lIETcBv9HQdt6mdn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:79:8e:fd:e7:09:37:42:7a:6e:dd:a4:c2:2e:4e:36:f1:4b:
         a9:d0:cc:1e:65:3b:0f:c1:87:4c:37:72:68:07:48:5a:11:98:
         b6:47:83:e4:47:d3:11:b6:24:7e:e3:27:06:b5:6c:90:2b:a9:
         c4:e0:15:38:35:cf:c5:ee:16:1d:b2:b1:5a:4d:ad:46:86:67:
         8c:d8:82:ec:85:01:14:18:83:49:09:2e:fd:68:d8:3e:96:f5:
         d5:e4:98:49:8b:2d:74:bc:12:3c:ba:a2:85:c9:5e:a0:12:5e:
         c0:1b:9c:e0:06:4c:60:58:9e:26:8b:d4:de:75:7a:69:78:ff:
         4a:ee:0a:90:ba:8a:cc:79:b4:60:f9:1b:12:b9:7f:d7:ab:16:
         98:b4:05:c2:9a:1f:4d:61:3c:7f:4f:3a:73:41:5d:92:82:9e:
         fa:07:9f:b3:93:a9:e4:38:8e:d8:5a:b3:ab:87:53:0a:8d:4a:
         9c:4a:f5:2b:f9:66:64:fd:2f:1b:25:8f:9a:c8:93:bf:48:1e:
         19:d9:2e:26:d3:d7:63:b6:5f:b1:e4:36:5f:1b:2d:2e:34:5b:
         fc:79:8d:bb:6c:11:35:40:60:42:dd:2a:c1:7f:56:b5:20:d8:
         8c:ec:8a:ab:8a:26:1d:cc:04:b5:74:49:95:91:e5:4e:f4:6f:
         fb:88:83:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHSg+NPH1+Ah7bZ8QHYCr0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDFiYThhMWNlZmRiODk0ODExMzcwMWJmZDFkMDc2ZGVh
Njc2N2QwHhcNMjIwNzA2MDc1NzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQ0YzJmMTBlZjkyMzk4YWQzMzcxNmRjOGZhNWMyOGM3MjhjM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ah62sXggyoURlPpm6VCD0TXJ3yW
O4CQqbYhRBOSJLsvn28tvy/bHuwM9bXBmnffBF28u4FqYWA6uKdFrYcc+0UxQvCu
QzA7WZ9PitqbZAehWJnQC+AI+uOpPMv5vgA9Hey0XFEExZA3bhMbE+3gUieWTdkL
wbNGwXPXNY4GNRDpst7iq3G9fq5G0yBq8VcfOotsILa0N+bdlRBu2F/a107c7ijf
1QmjilToxnG5a5aG176DxH75xMFFYY0oWebmZD8cRKVz0ItUfweqaanpbM5X8+J4
Zlv0eh9xSFH2P9r8lncPZiiPJzjPGB9I/DCdZtWqczIElh0Ajxlr2l8KNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL7UwvEO+SOYrTNxbcj6XCjHKMPXMB8GA1UdIwQY
MBaAFB9Buooc79uJSBE3Ab/R0HbepnZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBHNmloenYyNGxJRVRjQnY5SFFkdDZtZG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hM2NkMjgtY2EzYi00NWFlLTgxMzUt
Mzg3ZTdhNWIxNTBhLzEvdnRUQzhRNzVJNWl0TTNGdHlQcGNLTWNvdzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hM2NkMjgtY2EzYi00NWFlLTgxMzUtMzg3ZTdhNWIxNTBh
LzEvSDBHNmloenYyNGxJRVRjQnY5SFFkdDZtZG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufhgMA0G
CSqGSIb3DQEBCwUAA4IBAQAdeY795wk3Qnpu3aTCLk428Uup0MweZTsPwYdMN3Jo
B0haEZi2R4PkR9MRtiR+4ycGtWyQK6nE4BU4Nc/F7hYdsrFaTa1GhmeM2ILshQEU
GINJCS79aNg+lvXV5JhJiy10vBI8uqKFyV6gEl7AG5zgBkxgWJ4mi9TedXppeP9K
7gqQuorMebRg+RsSuX/XqxaYtAXCmh9NYTx/TzpzQV2Sgp76B5+zk6nkOI7YWrOr
h1MKjUqcSvUr+WZk/S8bJY+ayJO/SB4Z2S4m09djtl+x5DZfGy0uNFv8eY27bBE1
QGBC3SrBf1a1INiM7IqriiYdzAS1dEmVkeVO9G/7iIOI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:48 2024 by rpki-client on console-ams.rpki-client.org