Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b4b509-4a06-4bc4-9384-53e410825676/1/AC1dF0w-Q4k_Iwk_t3SmTQgWc4A.roa
File:                     AC1dF0w-Q4k_Iwk_t3SmTQgWc4A.roa (raw, json)
Hash identifier:          uzSkMTF30TOsw2H9LTGvxFIIwZx/XARxDP5m5H5gtZo=
Subject key identifier:   00:2D:5D:17:4C:3E:43:89:3F:23:09:3F:B7:74:A6:4D:08:16:73:80
Certificate issuer:       /CN=4dbc0c0633cbef2e97fceac797633d4912f76f96
Certificate serial:       018570D50E452E64557638BE66A8C2AEBA7A
Authority key identifier: 4D:BC:0C:06:33:CB:EF:2E:97:FC:EA:C7:97:63:3D:49:12:F7:6F:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TbwMBjPL7y6X_OrHl2M9SRL3b5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/b4b509-4a06-4bc4-9384-53e410825676/1/AC1dF0w-Q4k_Iwk_t3SmTQgWc4A.roa
Signing time:             Mon 02 Jan 2023 04:54:49 +0000
ROA not before:           Mon 02 Jan 2023 04:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        193.246.4.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d5:0e:45:2e:64:55:76:38:be:66:a8:c2:ae:ba:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4dbc0c0633cbef2e97fceac797633d4912f76f96
        Validity
            Not Before: Jan  2 04:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=002d5d174c3e43893f23093fb774a64d08167380
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d4:ae:1b:90:02:9b:71:d0:a7:03:02:b2:f2:
                    b7:95:10:2f:f9:86:07:59:86:81:74:52:43:3e:56:
                    76:84:45:47:c5:20:a3:34:47:1e:ce:c1:f5:94:65:
                    04:68:81:12:bd:9a:2e:ac:df:bc:43:a7:00:0b:de:
                    d7:33:31:25:70:ba:a2:ae:6c:df:9e:9d:4a:82:0b:
                    65:b2:6a:78:45:29:04:83:6d:6c:09:db:15:da:1b:
                    19:d8:d9:e0:34:ba:a2:45:ad:20:e2:34:50:6e:a6:
                    7e:a1:24:a0:70:05:19:39:43:ee:f2:63:1c:21:1d:
                    04:f5:e3:d4:bc:e4:e2:14:e8:e9:5a:57:e4:12:be:
                    fa:dc:2b:d5:42:c7:3e:5a:70:b0:f4:15:c3:c6:dd:
                    86:98:a9:73:86:94:0d:b6:fb:48:03:f9:56:b9:7d:
                    87:a2:7b:54:1c:3d:2e:f2:2a:b8:bd:98:7c:af:d2:
                    e4:17:af:90:b3:21:22:bf:5f:06:3b:83:75:53:53:
                    b1:29:28:2b:5d:09:60:bc:9b:fd:be:68:98:00:2c:
                    9a:35:65:d2:89:cd:7f:f3:8e:3c:de:88:a6:fd:69:
                    fd:f1:f3:d4:69:8b:c0:34:f3:2e:6b:1f:33:ca:53:
                    e3:37:38:16:de:66:77:ab:16:38:eb:26:e0:5e:e4:
                    42:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:2D:5D:17:4C:3E:43:89:3F:23:09:3F:B7:74:A6:4D:08:16:73:80
            X509v3 Authority Key Identifier:
                keyid:4D:BC:0C:06:33:CB:EF:2E:97:FC:EA:C7:97:63:3D:49:12:F7:6F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TbwMBjPL7y6X_OrHl2M9SRL3b5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b4b509-4a06-4bc4-9384-53e410825676/1/AC1dF0w-Q4k_Iwk_t3SmTQgWc4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b4b509-4a06-4bc4-9384-53e410825676/1/TbwMBjPL7y6X_OrHl2M9SRL3b5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.246.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:35:1e:91:73:0c:37:44:fe:f8:46:5a:13:08:a5:0c:04:29:
         9c:fa:18:83:e8:8e:e9:38:20:62:14:da:b9:c7:a8:94:4c:13:
         b1:bf:94:72:78:76:39:f6:32:d7:a3:26:22:02:d7:4b:a0:19:
         b2:c1:ec:ca:82:8b:9a:c5:65:d1:75:b9:68:f6:3a:c6:d2:af:
         5b:0d:82:dd:40:cc:d6:eb:a8:e5:66:f7:a9:f3:3f:8f:d3:88:
         c2:d3:2f:65:a6:00:80:6e:47:08:f4:dd:6f:49:23:f5:e0:b0:
         f3:9b:1b:81:7c:e6:19:b2:6c:e1:53:50:9b:3a:b9:83:2d:e8:
         87:33:e4:d9:f5:1c:1b:6f:06:7d:da:8d:45:a8:46:20:3a:3c:
         8c:db:a1:66:9e:11:75:c6:46:c4:73:16:37:5f:c8:c1:71:0b:
         0c:24:61:b2:c1:90:86:7a:07:f0:94:1a:c7:64:60:e7:b6:e5:
         b3:a3:6f:c2:70:11:a4:78:21:52:e6:97:49:5e:00:9f:3a:1a:
         44:89:6e:23:cf:53:3c:6f:48:49:b4:04:a0:11:96:fd:bc:d9:
         46:e8:9f:85:d9:3c:4f:bb:02:85:de:8a:e8:54:53:0f:77:fe:
         23:93:54:fd:00:24:8e:36:26:8e:54:13:bc:37:ac:6b:96:97:
         82:67:81:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1Q5FLmRVdji+ZqjCrrp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYmMwYzA2MzNjYmVmMmU5N2ZjZWFjNzk3NjMzZDQ5MTJm
NzZmOTYwHhcNMjMwMTAyMDQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDJkNWQxNzRjM2U0Mzg5M2YyMzA5M2ZiNzc0YTY0ZDA4MTY3MzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtSuG5ACm3HQpwMCsvK3lRAv+YYH
WYaBdFJDPlZ2hEVHxSCjNEcezsH1lGUEaIESvZourN+8Q6cAC97XMzElcLqirmzf
np1Kggtlsmp4RSkEg21sCdsV2hsZ2NngNLqiRa0g4jRQbqZ+oSSgcAUZOUPu8mMc
IR0E9ePUvOTiFOjpWlfkEr763CvVQsc+WnCw9BXDxt2GmKlzhpQNtvtIA/lWuX2H
ontUHD0u8iq4vZh8r9LkF6+QsyEiv18GO4N1U1OxKSgrXQlgvJv9vmiYACyaNWXS
ic1/84483oim/Wn98fPUaYvANPMuax8zylPjNzgW3mZ3qxY46ybgXuRCQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAAtXRdMPkOJPyMJP7d0pk0IFnOAMB8GA1UdIwQY
MBaAFE28DAYzy+8ul/zqx5djPUkS92+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGJ3TUJqUEw3eTZYX09ySGwyTTlTUkwzYjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iNGI1MDktNGEwNi00YmM0LTkzODQt
NTNlNDEwODI1Njc2LzEvQUMxZEYwdy1RNGtfSXdrX3QzU21UUWdXYzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iNGI1MDktNGEwNi00YmM0LTkzODQtNTNlNDEwODI1Njc2
LzEvVGJ3TUJqUEw3eTZYX09ySGwyTTlTUkwzYjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfYEMA0G
CSqGSIb3DQEBCwUAA4IBAQCNNR6Rcww3RP74RloTCKUMBCmc+hiD6I7pOCBiFNq5
x6iUTBOxv5RyeHY59jLXoyYiAtdLoBmywezKgouaxWXRdblo9jrG0q9bDYLdQMzW
66jlZvep8z+P04jC0y9lpgCAbkcI9N1vSSP14LDzmxuBfOYZsmzhU1CbOrmDLeiH
M+TZ9RwbbwZ92o1FqEYgOjyM26FmnhF1xkbEcxY3X8jBcQsMJGGywZCGegfwlBrH
ZGDntuWzo2/CcBGkeCFS5pdJXgCfOhpEiW4jz1M8b0hJtASgEZb9vNlG6J+F2TxP
uwKF3oroVFMPd/4jk1T9ACSONiaOVBO8N6xrlpeCZ4El
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:42 2025 by rpki-client