Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa
File:                     E2lVmu3ucJqsGetsNibq-yjL4Ig.roa (raw, json)
Hash identifier:          mfsEiIjb0gCnA17BNalJ/ppRNN73kWCeXHhrRosnWgE=
Subject key identifier:   13:69:55:9A:ED:EE:70:9A:AC:19:EB:6C:36:26:EA:FB:28:CB:E0:88
Certificate issuer:       /CN=175e203932401abb457968db37075a17c68f09f6
Certificate serial:       0188528CB25FA22E9AD62114E8681E4E5D94
Authority key identifier: 17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa
Signing time:             Thu 25 May 2023 10:55:32 +0000
ROA not before:           Thu 25 May 2023 10:55:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206592
IP address blocks:        176.105.152.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:8c:b2:5f:a2:2e:9a:d6:21:14:e8:68:1e:4e:5d:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=175e203932401abb457968db37075a17c68f09f6
        Validity
            Not Before: May 25 10:55:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1369559aedee709aac19eb6c3626eafb28cbe088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:71:6d:0c:37:03:7d:08:66:d5:7c:c8:e4:5b:
                    61:f3:dc:c5:57:10:cf:9d:23:8a:af:9e:de:85:a1:
                    4d:21:97:70:5e:b4:a6:56:2e:ae:f2:b2:dd:4c:7d:
                    8f:39:7e:ce:7f:47:3c:12:ab:09:89:ab:c2:91:6a:
                    6c:52:a2:44:72:0c:80:4f:03:f6:fc:bc:a0:2d:a0:
                    aa:54:77:28:3c:4b:9f:93:45:8e:b6:c2:cb:a3:56:
                    f2:1c:91:1d:d8:0f:aa:76:d1:04:6d:92:4f:29:1d:
                    db:49:67:5e:1e:36:0c:72:7f:cc:b2:03:7a:cd:57:
                    15:1f:78:e9:0c:cf:8e:fa:fc:ca:b9:23:82:ae:b3:
                    d1:39:54:29:f9:d6:35:38:36:c2:86:96:52:80:f8:
                    63:90:66:26:be:0c:83:dd:92:91:34:9a:0c:73:2c:
                    e9:31:11:85:cf:69:6a:9d:09:79:6c:3a:38:06:f5:
                    71:3e:8d:79:3f:d2:41:4f:c4:8f:4e:17:16:ff:e5:
                    52:64:0d:37:50:b2:5b:9c:bf:b4:ea:b0:99:43:5a:
                    37:4f:9b:8b:79:65:b5:e7:10:c1:fc:33:fd:dd:03:
                    e4:8c:f9:3d:b2:9a:01:89:2e:b7:93:a3:6c:e3:a5:
                    68:6d:61:7a:64:87:83:c2:63:c6:0d:5c:60:71:f7:
                    0c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:69:55:9A:ED:EE:70:9A:AC:19:EB:6C:36:26:EA:FB:28:CB:E0:88
            X509v3 Authority Key Identifier:
                keyid:17:5E:20:39:32:40:1A:BB:45:79:68:DB:37:07:5A:17:C6:8F:09:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F14gOTJAGrtFeWjbNwdaF8aPCfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/E2lVmu3ucJqsGetsNibq-yjL4Ig.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/18e9c2-bd1f-43a2-8660-384c541a59e1/1/F14gOTJAGrtFeWjbNwdaF8aPCfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.105.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ce:9f:a7:f0:c6:7e:52:d9:e9:08:fa:58:dd:61:44:6e:d6:e1:
         21:c7:69:d7:f9:1e:87:2d:bc:cb:2d:d3:c0:51:5f:b4:47:f9:
         78:5c:7d:9f:c6:2b:f3:55:5b:6b:b3:90:6f:36:54:da:7e:d3:
         8f:62:db:bd:fb:38:0b:a0:87:55:45:6e:e5:d4:8a:b4:a7:a6:
         ea:60:8a:c5:29:ed:28:e3:12:b1:f7:e8:f5:da:34:e3:cd:cb:
         1d:ab:af:33:fe:a3:b9:1d:87:48:4f:36:2a:9f:6e:b0:fa:d7:
         76:63:ff:7a:cf:c1:ea:91:c4:76:5a:43:43:9d:ee:8d:8e:40:
         7a:a3:4f:60:2d:1e:e6:3d:fb:2c:e8:f1:ee:0b:71:8c:73:d4:
         33:c0:ab:aa:9e:a3:a3:17:6a:2b:7c:8a:ec:2c:e8:f4:ba:f5:
         80:b1:87:8d:fd:6d:4d:d6:60:09:9a:b7:9c:d9:a5:79:df:99:
         72:39:a3:e3:3f:b2:3a:34:46:13:90:af:64:2e:be:2a:6b:2f:
         6d:f5:99:08:ca:aa:89:ea:64:7a:09:cc:08:f2:e5:ef:97:39:
         fd:9a:15:07:18:77:f4:35:7c:01:5d:b3:b6:91:9e:f4:e9:a8:
         6a:0a:59:ee:fb:ed:6f:f1:a1:bd:f7:30:be:72:6a:9f:57:ed:
         df:ec:fd:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSjLJfoi6a1iEU6GgeTl2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NWUyMDM5MzI0MDFhYmI0NTc5NjhkYjM3MDc1YTE3YzY4
ZjA5ZjYwHhcNMjMwNTI1MTA1NTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY5NTU5YWVkZWU3MDlhYWMxOWViNmMzNjI2ZWFmYjI4Y2JlMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3FtDDcDfQhm1XzI5Fth89zFVxDP
nSOKr57ehaFNIZdwXrSmVi6u8rLdTH2POX7Of0c8EqsJiavCkWpsUqJEcgyATwP2
/LygLaCqVHcoPEufk0WOtsLLo1byHJEd2A+qdtEEbZJPKR3bSWdeHjYMcn/MsgN6
zVcVH3jpDM+O+vzKuSOCrrPROVQp+dY1ODbChpZSgPhjkGYmvgyD3ZKRNJoMcyzp
MRGFz2lqnQl5bDo4BvVxPo15P9JBT8SPThcW/+VSZA03ULJbnL+06rCZQ1o3T5uL
eWW15xDB/DP93QPkjPk9spoBiS63k6Ns46VobWF6ZIeDwmPGDVxgcfcMSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNpVZrt7nCarBnrbDYm6vsoy+CIMB8GA1UdIwQY
MBaAFBdeIDkyQBq7RXlo2zcHWhfGjwn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAt
Mzg0YzU0MWE1OWUxLzEvRTJsVm11M3VjSnFzR2V0c05pYnEteWpMNElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOGU5YzItYmQxZi00M2EyLTg2NjAtMzg0YzU0MWE1OWUx
LzEvRjE0Z09USkFHcnRGZVdqYk53ZGFGOGFQQ2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGmYMA0G
CSqGSIb3DQEBCwUAA4IBAQDOn6fwxn5S2ekI+ljdYURu1uEhx2nX+R6HLbzLLdPA
UV+0R/l4XH2fxivzVVtrs5BvNlTaftOPYtu9+zgLoIdVRW7l1Iq0p6bqYIrFKe0o
4xKx9+j12jTjzcsdq68z/qO5HYdITzYqn26w+td2Y/96z8HqkcR2WkNDne6NjkB6
o09gLR7mPfss6PHuC3GMc9QzwKuqnqOjF2orfIrsLOj0uvWAsYeN/W1N1mAJmrec
2aV535lyOaPjP7I6NEYTkK9kLr4qay9t9ZkIyqqJ6mR6CcwI8uXvlzn9mhUHGHf0
NXwBXbO2kZ706ahqClnu++1v8aG99zC+cmqfV+3f7P2J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:56 2024 by rpki-client on console-fra.rpki-client.org