Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcb2cd-403b-4671-a965-7c9227adc126/1/R0iof4oezORHTw6RxTFUlpJyoNE.roa
File:                     R0iof4oezORHTw6RxTFUlpJyoNE.roa (raw, json)
Hash identifier:          3hXbmMJR+HPQYnlYgeN89lAobGThhxI1CxixxdbUvQ8=
Subject key identifier:   47:48:A8:7F:8A:1E:CC:E4:47:4F:0E:91:C5:31:54:96:92:72:A0:D1
Certificate issuer:       /CN=d173b28579634dd908c4ef216e05ceb6bdf99f77
Certificate serial:       01856F94CB98478069D700A0BE4D61536C38
Authority key identifier: D1:73:B2:85:79:63:4D:D9:08:C4:EF:21:6E:05:CE:B6:BD:F9:9F:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XOyhXljTdkIxO8hbgXOtr35n3c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/dcb2cd-403b-4671-a965-7c9227adc126/1/R0iof4oezORHTw6RxTFUlpJyoNE.roa
Signing time:             Sun 01 Jan 2023 23:05:00 +0000
ROA not before:           Sun 01 Jan 2023 23:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        176.97.219.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:cb:98:47:80:69:d7:00:a0:be:4d:61:53:6c:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d173b28579634dd908c4ef216e05ceb6bdf99f77
        Validity
            Not Before: Jan  1 23:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4748a87f8a1ecce4474f0e91c53154969272a0d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:bf:4a:90:ee:48:a4:64:1a:61:d7:63:76:01:
                    c3:a1:c8:09:f8:05:cb:10:86:c1:54:18:41:18:a6:
                    ab:da:d5:25:7e:bd:7d:84:24:d3:65:cf:32:8a:9f:
                    71:5c:6e:b6:43:e5:9b:9f:88:81:84:7b:c5:6e:57:
                    78:00:5a:78:5e:96:05:a7:7b:19:1e:17:f1:ac:bd:
                    6b:98:86:62:2a:9e:64:f9:97:6b:12:ff:76:1a:5a:
                    0c:a7:b5:64:14:23:7b:38:34:b9:64:71:67:e1:f7:
                    34:80:89:9f:4b:fa:d6:bc:b0:2c:bc:b6:e7:0d:70:
                    81:fd:e0:e5:11:f2:0a:3c:d5:96:70:0f:cc:f9:f9:
                    75:8f:39:be:ee:d2:c9:4d:4f:c9:9a:a4:9e:ba:b5:
                    3c:df:d3:14:9e:cb:b5:48:59:51:d8:b1:94:00:85:
                    6d:7c:20:22:6b:96:5d:a1:24:c6:a7:56:cf:87:3d:
                    6d:9f:05:c3:51:c7:d3:1e:de:48:c1:a9:02:bb:10:
                    49:67:b6:cb:83:aa:c1:39:d3:d9:5c:0c:e0:da:34:
                    a0:c4:d0:74:93:da:7a:93:5c:e2:cc:96:4d:2d:c3:
                    d4:aa:fa:bb:0f:c9:3a:18:3b:db:7c:02:52:8b:3a:
                    88:c5:0b:8a:5e:f7:44:40:c0:61:0f:fc:60:84:59:
                    69:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:48:A8:7F:8A:1E:CC:E4:47:4F:0E:91:C5:31:54:96:92:72:A0:D1
            X509v3 Authority Key Identifier:
                keyid:D1:73:B2:85:79:63:4D:D9:08:C4:EF:21:6E:05:CE:B6:BD:F9:9F:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XOyhXljTdkIxO8hbgXOtr35n3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcb2cd-403b-4671-a965-7c9227adc126/1/R0iof4oezORHTw6RxTFUlpJyoNE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcb2cd-403b-4671-a965-7c9227adc126/1/0XOyhXljTdkIxO8hbgXOtr35n3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.97.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:93:f0:51:48:c8:ba:5b:40:13:05:c3:ef:d5:ce:2c:bb:1b:
         09:9e:54:87:2a:95:ec:b0:83:48:13:a2:7c:72:4e:1e:0c:76:
         79:c1:c0:af:14:66:cd:95:fb:6f:63:07:70:4b:1a:fd:8a:03:
         c3:91:8e:2b:f9:a5:3c:6a:37:c6:69:89:59:de:f5:e8:d2:05:
         ef:cd:c6:8b:f0:4d:9e:86:12:34:3f:ef:74:4b:20:8c:b0:7d:
         a8:1d:03:03:11:a4:0b:ea:8c:1c:f4:fc:ce:0d:33:45:3e:62:
         65:7c:9f:eb:73:43:cc:58:9e:01:13:f0:81:b9:cc:96:6b:bf:
         3a:1e:c8:89:a3:97:fa:ef:c4:25:b6:fe:fc:c7:58:b6:58:c1:
         6d:3d:a8:f9:72:8c:b4:b0:a0:3a:c2:59:e7:f9:43:c2:34:7e:
         40:d3:1e:77:10:60:49:af:19:f0:d3:43:be:d1:3e:58:35:b1:
         2e:07:2c:f5:4c:3a:56:81:3c:5d:28:51:40:c9:90:23:e6:0c:
         53:cd:b2:c3:19:75:bc:11:cb:87:d4:b7:32:0a:13:ae:cd:60:
         c0:62:fd:50:04:03:cb:82:38:5c:c6:dd:81:3b:21:19:88:b5:
         15:46:ad:99:93:13:de:60:96:fa:ec:fb:2a:93:f1:c8:3f:bd:
         78:89:33:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlMuYR4Bp1wCgvk1hU2w4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzNiMjg1Nzk2MzRkZDkwOGM0ZWYyMTZlMDVjZWI2YmRm
OTlmNzcwHhcNMjMwMTAxMjMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQ4YTg3ZjhhMWVjY2U0NDc0ZjBlOTFjNTMxNTQ5NjkyNzJhMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr9KkO5IpGQaYddjdgHDocgJ+AXL
EIbBVBhBGKar2tUlfr19hCTTZc8yip9xXG62Q+Wbn4iBhHvFbld4AFp4XpYFp3sZ
HhfxrL1rmIZiKp5k+ZdrEv92GloMp7VkFCN7ODS5ZHFn4fc0gImfS/rWvLAsvLbn
DXCB/eDlEfIKPNWWcA/M+fl1jzm+7tLJTU/JmqSeurU839MUnsu1SFlR2LGUAIVt
fCAia5ZdoSTGp1bPhz1tnwXDUcfTHt5IwakCuxBJZ7bLg6rBOdPZXAzg2jSgxNB0
k9p6k1zizJZNLcPUqvq7D8k6GDvbfAJSizqIxQuKXvdEQMBhD/xghFlpTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdIqH+KHszkR08OkcUxVJaScqDRMB8GA1UdIwQY
MBaAFNFzsoV5Y03ZCMTvIW4Fzra9+Z93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhPeWhYbGpUZGtJeE84aGJnWE90cjM1bjNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2IyY2QtNDAzYi00NjcxLWE5NjUt
N2M5MjI3YWRjMTI2LzEvUjBpb2Y0b2V6T1JIVHc2UnhURlVscEp5b05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kY2IyY2QtNDAzYi00NjcxLWE5NjUtN2M5MjI3YWRjMTI2
LzEvMFhPeWhYbGpUZGtJeE84aGJnWE90cjM1bjNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHbMA0G
CSqGSIb3DQEBCwUAA4IBAQAck/BRSMi6W0ATBcPv1c4suxsJnlSHKpXssINIE6J8
ck4eDHZ5wcCvFGbNlftvYwdwSxr9igPDkY4r+aU8ajfGaYlZ3vXo0gXvzcaL8E2e
hhI0P+90SyCMsH2oHQMDEaQL6owc9PzODTNFPmJlfJ/rc0PMWJ4BE/CBucyWa786
HsiJo5f678Qltv78x1i2WMFtPaj5coy0sKA6wlnn+UPCNH5A0x53EGBJrxnw00O+
0T5YNbEuByz1TDpWgTxdKFFAyZAj5gxTzbLDGXW8EcuH1LcyChOuzWDAYv1QBAPL
gjhcxt2BOyEZiLUVRq2ZkxPeYJb67Psqk/HIP714iTMo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:59 2024 by rpki-client on console-ams.rpki-client.org