Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/mAA3gmY5NFZ7bsLmET3nWNo7wrA.roa
File:                     mAA3gmY5NFZ7bsLmET3nWNo7wrA.roa (raw, json)
Hash identifier:          r3pbQEAo0kTbRr7DCZgeQM5lrl7nAbzDGiF5OiHdyTg=
Subject key identifier:   98:00:37:82:66:39:34:56:7B:6E:C2:E6:11:3D:E7:58:DA:3B:C2:B0
Certificate issuer:       /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial:       01364788
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/mAA3gmY5NFZ7bsLmET3nWNo7wrA.roa
Signing time:             Thu 17 Mar 2022 20:07:10 +0000
ROA not before:           Thu 17 Mar 2022 20:07:10 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212598
IP address blocks:        194.26.215.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20334472 (0x1364788)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
        Validity
            Not Before: Mar 17 20:07:10 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=98003782663934567b6ec2e6113de758da3bc2b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:99:9d:ee:8d:7e:96:d8:42:1e:a3:a8:dc:de:
                    2a:1b:55:dc:a8:b9:d8:29:d9:32:df:3c:98:b9:f6:
                    80:fe:d3:12:28:f3:e3:d8:24:1c:de:93:6b:42:b2:
                    a3:ac:a3:e3:a6:f4:51:27:f4:59:ab:25:1a:e2:ee:
                    c5:9d:f9:4b:27:44:39:c9:10:d2:b8:8c:c8:c4:29:
                    21:42:6c:67:7b:76:c2:be:40:af:ad:ff:a8:8c:f1:
                    f7:09:55:66:03:48:85:a5:5c:dc:4d:3a:77:c7:16:
                    e4:d8:0a:93:fd:24:03:77:b7:64:72:79:e2:a6:72:
                    a4:ff:a4:dc:fd:7d:cf:77:8b:3a:d8:78:88:ad:fe:
                    3a:f0:f7:e1:6b:0d:53:d6:52:6c:f6:8d:82:df:89:
                    5b:00:0a:4f:3d:d7:09:74:69:6f:b2:fc:56:9f:ec:
                    9f:f7:66:43:a4:d6:fa:fe:e5:f9:33:96:db:dc:19:
                    e6:48:13:c1:b7:88:91:a9:32:b9:3f:3b:51:a1:e5:
                    86:50:14:45:c3:62:f9:74:a4:20:7f:8b:7a:16:5e:
                    67:6b:00:5b:c3:01:69:72:7b:53:b8:ed:ec:9e:d3:
                    7a:f9:70:fb:a9:84:b2:5c:20:29:40:29:f4:24:dd:
                    cd:c9:c5:2b:f7:cf:4f:a9:5d:58:64:9b:5f:63:bc:
                    f3:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:00:37:82:66:39:34:56:7B:6E:C2:E6:11:3D:E7:58:DA:3B:C2:B0
            X509v3 Authority Key Identifier:
                keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/mAA3gmY5NFZ7bsLmET3nWNo7wrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:23:5d:b0:ea:b2:30:8e:09:78:48:c4:2c:ae:ab:d4:41:1c:
         12:32:b8:a2:18:84:5d:fa:80:45:1a:9e:d5:20:2a:81:b9:35:
         d6:59:63:33:cc:52:74:11:28:7f:05:be:d7:e6:0f:c3:71:87:
         d5:a4:79:e5:18:f7:02:77:57:6d:b8:72:bb:4a:b2:51:59:52:
         62:81:6f:bb:ef:2f:de:49:e9:c1:ef:c7:b3:e5:b4:c5:5b:d0:
         42:1f:ea:aa:f9:37:13:0a:0d:b7:d2:b7:b5:49:fe:f2:3d:91:
         11:fb:27:05:7f:e5:c7:86:38:37:ae:ef:af:b4:a3:52:02:0f:
         52:43:33:ea:f5:b0:af:b1:d3:6a:ad:1f:70:fc:59:4b:f0:e8:
         c4:74:68:ce:51:ea:78:2c:dd:88:c9:75:d6:7c:c6:b4:db:7b:
         cf:c7:71:40:f1:c6:55:ac:06:a8:a2:64:79:a3:df:be:7c:76:
         a5:8a:4e:24:dd:40:35:20:aa:79:36:b6:dd:ae:8e:60:1b:06:
         88:bc:5f:ea:6b:40:d2:f6:07:28:5a:48:ba:69:78:4f:9c:7c:
         5d:f4:08:93:60:1a:e4:c9:52:9d:42:f4:bc:e2:64:ff:98:35:
         38:07:ea:c9:26:73:f8:c3:90:f1:02:4b:a5:62:25:5b:b7:37:
         46:1c:4e:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATZHiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2VmZWEzYTcyZmFmMGRmNDMyMmNkYWFiOWExMzZkNzlkZThhM2VmMB4XDTIyMDMx
NzIwMDcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgwMDM3ODI2NjM5
MzQ1NjdiNmVjMmU2MTEzZGU3NThkYTNiYzJiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyZne6NfpbYQh6jqNzeKhtV3Ki52CnZMt88mLn2gP7TEijz
49gkHN6Ta0Kyo6yj46b0USf0WaslGuLuxZ35SydEOckQ0riMyMQpIUJsZ3t2wr5A
r63/qIzx9wlVZgNIhaVc3E06d8cW5NgKk/0kA3e3ZHJ54qZypP+k3P19z3eLOth4
iK3+OvD34WsNU9ZSbPaNgt+JWwAKTz3XCXRpb7L8Vp/sn/dmQ6TW+v7l+TOW29wZ
5kgTwbeIkakyuT87UaHlhlAURcNi+XSkIH+LehZeZ2sAW8MBaXJ7U7jt7J7Tevlw
+6mEslwgKUAp9CTdzcnFK/fPT6ldWGSbX2O88/UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYADeCZjk0VntuwuYRPedY2jvCsDAfBgNVHSMEGDAWgBSz7+o6cvrw30Mi
zaq5oTbXneij7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3MtX3FPbkw2OE45RElzMnF1YUUyMTUzb28tOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvY2Q5NGYyLTNiMTktNDgyNi1hMGViLWJmZTIyMTU1M2YwNy8x
L21BQTNnbVk1TkZaN2JzTG1FVDNuV05vN3dyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
Y2Q5NGYyLTNiMTktNDgyNi1hMGViLWJmZTIyMTU1M2YwNy8xL3MtX3FPbkw2OE45
RElzMnF1YUUyMTUzb28tOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIa1zANBgkqhkiG9w0BAQsFAAOC
AQEAoiNdsOqyMI4JeEjELK6r1EEcEjK4ohiEXfqARRqe1SAqgbk11lljM8xSdBEo
fwW+1+YPw3GH1aR55Rj3AndXbbhyu0qyUVlSYoFvu+8v3knpwe/Hs+W0xVvQQh/q
qvk3EwoNt9K3tUn+8j2REfsnBX/lx4Y4N67vr7SjUgIPUkMz6vWwr7HTaq0fcPxZ
S/DoxHRozlHqeCzdiMl11nzGtNt7z8dxQPHGVawGqKJkeaPfvnx2pYpOJN1ANSCq
eTa23a6OYBsGiLxf6mtA0vYHKFpIuml4T5x8XfQIk2Aa5MlSnUL0vOJk/5g1OAfq
ySZz+MOQ8QJLpWIlW7c3RhxOHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org