Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/1-Daq0yzlNJdaEgAJWSbjqZRlGYM.roa
File:                     1-Daq0yzlNJdaEgAJWSbjqZRlGYM.roa (raw, json)
Hash identifier:          FWpIw5YbEArDg6D+THuexwIcmAA04Nd4I6QUOzHrFNg=
Subject key identifier:   F8:36:AA:D3:2C:E5:34:97:5A:12:00:09:59:26:E3:A9:94:65:19:83
Certificate issuer:       /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial:       DF3122
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/1-Daq0yzlNJdaEgAJWSbjqZRlGYM.roa
Signing time:             Wed 09 Feb 2022 12:11:16 +0000
ROA not before:           Wed 09 Feb 2022 12:11:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        194.26.215.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14627106 (0xdf3122)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
        Validity
            Not Before: Feb  9 12:11:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f836aad32ce534975a1200095926e3a994651983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7a:93:02:7e:f1:da:3a:18:7c:9b:ec:15:95:
                    2b:6c:a3:7e:6a:d8:d8:12:96:d0:43:2c:75:cd:aa:
                    e4:ee:68:e7:2a:72:60:96:75:16:a0:07:42:61:ff:
                    3c:2c:f1:ea:8f:e8:f3:ef:30:a9:70:67:c9:a2:b3:
                    a2:bd:a8:8c:de:13:de:45:38:04:fb:fb:e3:9f:ee:
                    51:6e:8d:bf:b9:8c:1e:be:16:35:b1:59:39:52:c5:
                    25:ad:f7:57:ae:35:cd:dc:af:d3:25:4b:7e:43:10:
                    2b:90:6a:35:07:87:62:84:95:b3:e9:b1:02:56:93:
                    83:8c:36:09:fb:4f:c7:59:ec:08:80:a8:03:ee:ee:
                    1e:87:19:e5:85:52:11:92:d9:31:21:35:c3:36:e2:
                    54:61:e2:9d:df:0e:73:17:00:03:9f:eb:41:09:1f:
                    e2:df:73:97:67:ea:30:fa:ef:3c:a6:0b:72:99:1c:
                    05:a3:b8:71:50:ab:6a:5f:a5:4e:3b:2e:1c:e0:ef:
                    28:9e:ca:3c:6c:37:3f:f4:eb:fc:e1:09:06:ba:78:
                    87:0a:6c:ff:36:28:a0:c6:d9:29:4b:be:98:ea:25:
                    21:85:a1:d6:e5:95:18:4e:98:41:52:0c:5a:76:79:
                    1f:25:2b:65:7a:dc:4d:11:18:6b:4c:f2:e3:7b:09:
                    df:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:36:AA:D3:2C:E5:34:97:5A:12:00:09:59:26:E3:A9:94:65:19:83
            X509v3 Authority Key Identifier:
                keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/1-Daq0yzlNJdaEgAJWSbjqZRlGYM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:6b:6e:21:ee:06:f7:e1:9b:41:8c:e7:d4:86:68:04:4a:fc:
         2d:e1:3a:6f:d6:7b:b9:16:e4:23:d7:08:b1:24:ee:ee:e1:e1:
         a4:97:9b:d8:8b:ec:e8:c3:af:a0:3e:7e:89:21:5c:36:2c:bd:
         34:cc:5e:d4:bf:91:1d:23:30:55:84:c1:5e:aa:f1:70:40:48:
         28:c2:f4:1e:a7:26:ee:c6:79:4e:a6:c9:2b:22:f0:9e:cf:3e:
         84:29:93:cf:c5:42:b5:de:2a:2f:a2:e0:19:90:9c:e8:cc:74:
         0f:32:81:39:64:ac:f6:a2:fc:fd:51:26:f0:e8:0f:76:b3:20:
         8b:52:6f:77:88:41:5f:a1:0b:c7:ad:38:5d:38:ae:99:8c:fb:
         b3:e5:b2:75:32:1f:94:26:7b:14:81:4c:b1:e3:59:b0:5a:50:
         b1:90:45:72:32:d2:dd:55:e4:6a:66:65:55:a3:97:27:e1:7f:
         ae:c8:c1:9e:39:a0:e9:86:6c:f8:9f:3f:77:e4:95:45:2d:d4:
         fa:4c:48:6b:f7:81:c3:17:2a:0d:be:82:fd:fc:1f:1e:21:2b:
         5d:1f:86:ba:65:ba:da:55:62:f1:0c:bf:e0:6c:31:78:27:1f:
         b6:4b:0f:94:04:0e:f0:f3:ad:cf:38:a0:57:11:c7:50:3e:8a:
         f3:54:71:2f
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAN8xIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2VmZWEzYTcyZmFmMGRmNDMyMmNkYWFiOWExMzZkNzlkZThhM2VmMB4XDTIyMDIw
OTEyMTExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjgzNmFhZDMyY2U1
MzQ5NzVhMTIwMDA5NTkyNmUzYTk5NDY1MTk4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh6kwJ+8do6GHyb7BWVK2yjfmrY2BKW0EMsdc2q5O5o5ypy
YJZ1FqAHQmH/PCzx6o/o8+8wqXBnyaKzor2ojN4T3kU4BPv745/uUW6Nv7mMHr4W
NbFZOVLFJa33V641zdyv0yVLfkMQK5BqNQeHYoSVs+mxAlaTg4w2CftPx1nsCICo
A+7uHocZ5YVSEZLZMSE1wzbiVGHind8OcxcAA5/rQQkf4t9zl2fqMPrvPKYLcpkc
BaO4cVCral+lTjsuHODvKJ7KPGw3P/Tr/OEJBrp4hwps/zYooMbZKUu+mOolIYWh
1uWVGE6YQVIMWnZ5HyUrZXrcTREYa0zy43sJ3+8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT4NqrTLOU0l1oSAAlZJuOplGUZgzAfBgNVHSMEGDAWgBSz7+o6cvrw30Mi
zaq5oTbXneij7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3MtX3FPbkw2OE45RElzMnF1YUUyMTUzb28tOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvY2Q5NGYyLTNiMTktNDgyNi1hMGViLWJmZTIyMTU1M2YwNy8x
LzEtRGFxMHl6bE5KZGFFZ0FKV1NianFaUmxHWU0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jm
L2NkOTRmMi0zYjE5LTQ4MjYtYTBlYi1iZmUyMjE1NTNmMDcvMS9zLV9xT25MNjhO
OURJczJxdWFFMjE1M29vLTguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCGtcwDQYJKoZIhvcNAQELBQAD
ggEBAK9rbiHuBvfhm0GM59SGaARK/C3hOm/We7kW5CPXCLEk7u7h4aSXm9iL7OjD
r6A+fokhXDYsvTTMXtS/kR0jMFWEwV6q8XBASCjC9B6nJu7GeU6mySsi8J7PPoQp
k8/FQrXeKi+i4BmQnOjMdA8ygTlkrPai/P1RJvDoD3azIItSb3eIQV+hC8etOF04
rpmM+7PlsnUyH5QmexSBTLHjWbBaULGQRXIy0t1V5GpmZVWjlyfhf67IwZ45oOmG
bPifP3fklUUt1PpMSGv3gcMXKg2+gv38Hx4hK10fhrplutpVYvEMv+BsMXgnH7ZL
D5QEDvDzrc84oFcRx1A+ivNUcS8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:54 2024 by rpki-client on console-ams.rpki-client.org