Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/81db49-fb83-4219-9f89-619d31b554b3/1/xAq-u2rVsdWUT7N4YDrRq7kK_VI.roa
File:                     xAq-u2rVsdWUT7N4YDrRq7kK_VI.roa (raw, json)
Hash identifier:          RG6KBUXhFnpcU7l5q5eUUZUEjdmkDyMaNL+ZfxNtzCQ=
Subject key identifier:   C4:0A:BE:BB:6A:D5:B1:D5:94:4F:B3:78:60:3A:D1:AB:B9:0A:FD:52
Certificate issuer:       /CN=b0cc4a043d3f45f3feabf7ec0620637f461ae7f8
Certificate serial:       018571B0E4E0C66C0761155AB4605B95CBB4
Authority key identifier: B0:CC:4A:04:3D:3F:45:F3:FE:AB:F7:EC:06:20:63:7F:46:1A:E7:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sMxKBD0_RfP-q_fsBiBjf0Ya5_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/81db49-fb83-4219-9f89-619d31b554b3/1/xAq-u2rVsdWUT7N4YDrRq7kK_VI.roa
Signing time:             Mon 02 Jan 2023 08:54:56 +0000
ROA not before:           Mon 02 Jan 2023 08:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        94.154.113.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b0:e4:e0:c6:6c:07:61:15:5a:b4:60:5b:95:cb:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0cc4a043d3f45f3feabf7ec0620637f461ae7f8
        Validity
            Not Before: Jan  2 08:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c40abebb6ad5b1d5944fb378603ad1abb90afd52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:58:d6:f0:69:fd:8a:46:1d:e2:6a:01:1b:72:
                    f8:f5:8e:10:16:f1:81:1c:5f:77:b8:24:2a:3d:b3:
                    a4:d6:fb:0f:36:16:84:d8:79:a2:d9:58:17:59:99:
                    85:bf:db:ba:52:48:20:54:a4:d7:45:2b:87:3b:42:
                    23:35:bd:da:68:6f:ad:f5:6c:4d:75:47:6a:2f:58:
                    58:4e:e8:81:ff:be:4c:fd:55:6a:72:f6:c1:4e:e1:
                    06:70:f9:cc:91:96:38:b9:de:41:51:5d:e3:ec:61:
                    e3:33:19:ab:e1:0b:44:5c:95:2f:36:bb:fb:e3:c9:
                    dc:72:7d:67:3f:03:5b:dc:32:f0:37:b2:be:50:b1:
                    20:51:f1:0f:33:59:6a:1e:72:56:03:81:58:b9:d4:
                    dc:33:c3:4c:45:3c:51:ad:4e:c7:70:ab:47:19:be:
                    c1:89:82:61:e1:e7:c7:e6:3e:2e:3a:0f:45:bd:d3:
                    88:8a:63:3c:1f:31:6b:76:b9:aa:f6:bf:0f:ad:37:
                    8d:2d:46:47:a3:3a:92:dc:87:83:96:b8:87:7f:bd:
                    e1:6e:09:81:64:9d:2f:0f:03:dc:16:f1:fe:b2:d2:
                    8a:f7:fd:bb:83:58:eb:a4:21:6d:af:cd:65:9a:e4:
                    42:71:88:f9:db:e4:c3:91:e2:21:32:cd:22:a3:4e:
                    16:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:0A:BE:BB:6A:D5:B1:D5:94:4F:B3:78:60:3A:D1:AB:B9:0A:FD:52
            X509v3 Authority Key Identifier:
                keyid:B0:CC:4A:04:3D:3F:45:F3:FE:AB:F7:EC:06:20:63:7F:46:1A:E7:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMxKBD0_RfP-q_fsBiBjf0Ya5_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/81db49-fb83-4219-9f89-619d31b554b3/1/xAq-u2rVsdWUT7N4YDrRq7kK_VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/81db49-fb83-4219-9f89-619d31b554b3/1/sMxKBD0_RfP-q_fsBiBjf0Ya5_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:6c:05:bc:f1:ff:eb:ec:3a:aa:39:35:5b:a3:d3:f7:cb:28:
         4b:61:1c:24:0d:c2:b7:1b:a6:61:71:43:04:ab:9b:1b:fc:70:
         7a:5c:55:1b:aa:3a:c9:51:89:e6:32:52:79:e1:29:26:a6:55:
         97:d7:20:c7:ec:e1:07:52:65:82:84:75:bd:97:0d:12:92:9a:
         ce:16:a5:08:27:b6:3b:35:ca:a3:2a:3e:64:6e:f4:74:6c:05:
         e8:c6:47:1f:ba:6c:11:bf:37:1d:dd:76:f7:3a:78:41:c7:e4:
         78:b4:63:f8:59:fe:33:cd:cd:86:bc:a8:b0:63:18:a9:ba:23:
         29:94:6d:87:86:ca:6d:5a:01:5c:6e:b5:a6:04:79:5f:80:63:
         00:33:88:df:32:d9:f6:bd:bd:6e:69:44:a3:93:76:0d:e7:c8:
         55:f3:60:7f:5a:96:46:79:13:f7:2d:0e:fa:e0:2a:8b:00:c4:
         51:a3:8a:b6:aa:03:27:a6:33:c7:05:a7:51:f0:d0:cc:db:a3:
         45:31:8a:82:cc:e8:ac:1b:56:9e:a2:ed:f5:08:c6:0e:e2:be:
         d2:b4:34:d2:0e:41:05:34:00:9c:96:bb:0c:a8:77:2f:b3:56:
         65:5a:31:be:ca:31:ce:9d:f1:20:79:f3:1b:95:12:75:3f:f8:
         92:27:79:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOTgxmwHYRVatGBblcu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwY2M0YTA0M2QzZjQ1ZjNmZWFiZjdlYzA2MjA2MzdmNDYx
YWU3ZjgwHhcNMjMwMTAyMDg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBhYmViYjZhZDViMWQ1OTQ0ZmIzNzg2MDNhZDFhYmI5MGFmZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFjW8Gn9ikYd4moBG3L49Y4QFvGB
HF93uCQqPbOk1vsPNhaE2Hmi2VgXWZmFv9u6UkggVKTXRSuHO0IjNb3aaG+t9WxN
dUdqL1hYTuiB/75M/VVqcvbBTuEGcPnMkZY4ud5BUV3j7GHjMxmr4QtEXJUvNrv7
48nccn1nPwNb3DLwN7K+ULEgUfEPM1lqHnJWA4FYudTcM8NMRTxRrU7HcKtHGb7B
iYJh4efH5j4uOg9FvdOIimM8HzFrdrmq9r8PrTeNLUZHozqS3IeDlriHf73hbgmB
ZJ0vDwPcFvH+stKK9/27g1jrpCFtr81lmuRCcYj52+TDkeIhMs0io04WVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQKvrtq1bHVlE+zeGA60au5Cv1SMB8GA1UdIwQY
MBaAFLDMSgQ9P0Xz/qv37AYgY39GGuf4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc014S0JEMF9SZlAtcV9mc0JpQmpmMFlhNV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84MWRiNDktZmI4My00MjE5LTlmODkt
NjE5ZDMxYjU1NGIzLzEveEFxLXUyclZzZFdVVDdONFlEclJxN2tLX1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84MWRiNDktZmI4My00MjE5LTlmODktNjE5ZDMxYjU1NGIz
LzEvc014S0JEMF9SZlAtcV9mc0JpQmpmMFlhNV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXppxMA0G
CSqGSIb3DQEBCwUAA4IBAQBBbAW88f/r7DqqOTVbo9P3yyhLYRwkDcK3G6ZhcUME
q5sb/HB6XFUbqjrJUYnmMlJ54SkmplWX1yDH7OEHUmWChHW9lw0SkprOFqUIJ7Y7
NcqjKj5kbvR0bAXoxkcfumwRvzcd3Xb3OnhBx+R4tGP4Wf4zzc2GvKiwYxipuiMp
lG2HhsptWgFcbrWmBHlfgGMAM4jfMtn2vb1uaUSjk3YN58hV82B/WpZGeRP3LQ76
4CqLAMRRo4q2qgMnpjPHBadR8NDM26NFMYqCzOisG1aeou31CMYO4r7StDTSDkEF
NACclrsMqHcvs1ZlWjG+yjHOnfEgefMblRJ1P/iSJ3kH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:12 2024 by rpki-client on console-fra.rpki-client.org