Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa
File:                     KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa (raw, json)
Hash identifier:          GE+OW6+M0PvIZWjS19IHDFPUj9Xbkg4zo6bqce80n58=
Subject key identifier:   28:74:6D:8E:56:57:8F:D2:61:B1:24:26:0A:7A:B2:E4:F5:AB:3B:0D
Certificate issuer:       /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial:       0188D71A4937CB1E2B4A1606E6D38510C787
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa
Signing time:             Tue 20 Jun 2023 04:40:04 +0000
ROA not before:           Tue 20 Jun 2023 04:40:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     397563
IP address blocks:        194.26.215.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d7:1a:49:37:cb:1e:2b:4a:16:06:e6:d3:85:10:c7:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
        Validity
            Not Before: Jun 20 04:40:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=28746d8e56578fd261b124260a7ab2e4f5ab3b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:af:52:a9:9a:44:71:d3:bb:b9:dd:5e:5a:8e:
                    c3:5b:f7:1c:9e:0a:02:67:77:70:1e:e0:71:83:8b:
                    a0:86:83:07:45:11:d2:f0:a5:41:6c:f0:47:c2:f6:
                    6e:0b:67:62:8f:25:ea:7c:81:fd:ab:ca:0c:c7:d2:
                    04:6d:7c:5e:a2:7e:ac:58:42:e4:19:43:aa:1b:49:
                    35:27:55:a6:45:3d:f2:bc:7b:f2:86:1c:a1:76:a1:
                    94:db:47:41:10:58:df:6a:48:44:94:60:3f:dc:a9:
                    d4:4e:e7:db:68:e3:8b:b0:69:a5:be:cc:e1:33:a0:
                    de:5b:e8:be:39:d2:51:cd:d1:f5:ff:78:45:b3:70:
                    22:bd:da:b8:ea:29:72:08:12:28:55:b4:fc:3d:72:
                    73:da:25:eb:12:2b:76:4b:28:18:0a:6c:a7:75:d9:
                    b6:c4:30:d4:74:75:60:1f:4a:a1:97:30:61:e0:b8:
                    d4:e9:ee:18:61:8c:f0:52:e8:a8:45:4f:a4:e2:13:
                    f0:63:9a:76:bd:c0:e0:54:06:6e:14:25:15:da:4c:
                    e2:ce:0d:8d:aa:36:73:77:65:f2:ef:03:50:4a:13:
                    13:be:08:69:f5:6f:5d:8d:83:07:fd:24:95:b0:b3:
                    d7:cb:eb:65:60:7a:fa:91:a8:d0:ac:6c:d1:99:0a:
                    c2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:74:6D:8E:56:57:8F:D2:61:B1:24:26:0A:7A:B2:E4:F5:AB:3B:0D
            X509v3 Authority Key Identifier:
                keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/KHRtjlZXj9JhsSQmCnqy5PWrOw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:6d:a5:79:c3:98:0b:12:bf:ae:1d:3e:18:47:3b:a2:f4:62:
         e0:d8:96:9a:dd:1e:61:ee:f7:b8:b7:1f:c6:f3:75:0c:b2:44:
         d9:d5:52:d4:a2:c7:57:81:c0:0d:a9:19:90:06:9f:bc:f6:0f:
         79:7d:c8:29:e8:98:0d:ff:eb:c0:a4:a8:df:10:ad:d3:6b:7d:
         ab:64:a0:41:be:2d:a4:fa:91:48:17:b0:99:03:0e:0c:f3:f5:
         5f:8a:be:80:b7:60:03:95:73:80:d6:a6:f9:e3:93:79:ec:91:
         fb:f3:83:4e:72:a2:8e:da:97:b4:76:a2:46:cc:15:a3:76:6b:
         8f:92:5b:61:21:fc:96:02:0d:e7:01:1c:57:46:2a:a2:fd:07:
         88:39:34:18:db:33:e4:79:5f:fe:a6:99:cd:9d:d1:16:fd:67:
         e0:d2:b9:4f:2d:d0:1c:2f:61:84:90:49:69:f7:3b:eb:be:d5:
         85:7e:ef:e9:42:9c:5a:9e:75:5b:97:fb:91:a6:07:25:89:31:
         b9:33:2e:3d:0d:43:f6:56:79:42:86:54:64:8d:7c:11:13:5f:
         79:7f:a3:46:fe:af:12:a3:6e:2e:68:f9:dc:13:dc:fe:c7:9f:
         f3:b4:4f:c9:d6:59:a0:54:62:55:99:a3:40:60:e8:e2:9e:98:
         73:95:7d:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjXGkk3yx4rShYG5tOFEMeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWZlYTNhNzJmYWYwZGY0MzIyY2RhYWI5YTEzNmQ3OWRl
OGEzZWYwHhcNMjMwNjIwMDQ0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc0NmQ4ZTU2NTc4ZmQyNjFiMTI0MjYwYTdhYjJlNGY1YWIzYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna9SqZpEcdO7ud1eWo7DW/ccngoC
Z3dwHuBxg4ughoMHRRHS8KVBbPBHwvZuC2dijyXqfIH9q8oMx9IEbXxeon6sWELk
GUOqG0k1J1WmRT3yvHvyhhyhdqGU20dBEFjfakhElGA/3KnUTufbaOOLsGmlvszh
M6DeW+i+OdJRzdH1/3hFs3Aivdq46ilyCBIoVbT8PXJz2iXrEit2SygYCmynddm2
xDDUdHVgH0qhlzBh4LjU6e4YYYzwUuioRU+k4hPwY5p2vcDgVAZuFCUV2kzizg2N
qjZzd2Xy7wNQShMTvghp9W9djYMH/SSVsLPXy+tlYHr6kajQrGzRmQrCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh0bY5WV4/SYbEkJgp6suT1qzsNMB8GA1UdIwQY
MBaAFLPv6jpy+vDfQyLNqrmhNted6KPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWIt
YmZlMjIxNTUzZjA3LzEvS0hSdGpsWlhqOUpoc1NRbUNucXk1UFdyT3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWItYmZlMjIxNTUzZjA3
LzEvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrXMA0G
CSqGSIb3DQEBCwUAA4IBAQAZbaV5w5gLEr+uHT4YRzui9GLg2Jaa3R5h7ve4tx/G
83UMskTZ1VLUosdXgcANqRmQBp+89g95fcgp6JgN/+vApKjfEK3Ta32rZKBBvi2k
+pFIF7CZAw4M8/Vfir6At2ADlXOA1qb545N57JH784NOcqKO2pe0dqJGzBWjdmuP
klthIfyWAg3nARxXRiqi/QeIOTQY2zPkeV/+ppnNndEW/Wfg0rlPLdAcL2GEkElp
9zvrvtWFfu/pQpxannVbl/uRpgcliTG5My49DUP2VnlChlRkjXwRE195f6NG/q8S
o24uaPncE9z+x5/ztE/J1lmgVGJVmaNAYOjinphzlX1K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:54 2024 by rpki-client on console-ams.rpki-client.org