Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d5d664-db1b-4899-9515-2b792f1b3230/1/ibzBlLZVsgpfAe6UKCx1C2X09b0.roa
File:                     ibzBlLZVsgpfAe6UKCx1C2X09b0.roa (raw, json)
Hash identifier:          TlQ6cWnsutizNkU/sDRHcn+iOhKTn9SduGMgUcbSAAc=
Subject key identifier:   89:BC:C1:94:B6:55:B2:0A:5F:01:EE:94:28:2C:75:0B:65:F4:F5:BD
Certificate issuer:       /CN=9a9bbdaa00011f6c2f69518895fa023d32d5b7d9
Certificate serial:       01856F9DFEF85D24F751C38CE303867448E9
Authority key identifier: 9A:9B:BD:AA:00:01:1F:6C:2F:69:51:88:95:FA:02:3D:32:D5:B7:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mpu9qgABH2wvaVGIlfoCPTLVt9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d5d664-db1b-4899-9515-2b792f1b3230/1/ibzBlLZVsgpfAe6UKCx1C2X09b0.roa
Signing time:             Sun 01 Jan 2023 23:15:03 +0000
ROA not before:           Sun 01 Jan 2023 23:15:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35749
IP address blocks:        193.227.254.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:fe:f8:5d:24:f7:51:c3:8c:e3:03:86:74:48:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a9bbdaa00011f6c2f69518895fa023d32d5b7d9
        Validity
            Not Before: Jan  1 23:15:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89bcc194b655b20a5f01ee94282c750b65f4f5bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c3:b4:13:ef:3a:dd:ab:62:d9:7f:3e:6b:2d:
                    75:f9:75:92:2b:bf:75:b9:1a:db:66:e5:d9:c9:98:
                    a6:a2:e7:52:07:09:f9:5d:ca:54:a1:c6:95:20:6b:
                    13:f8:31:ff:ea:2d:29:fe:e7:d7:52:02:8e:14:0e:
                    96:c6:b5:93:50:07:02:e7:c9:f6:b9:e7:56:a2:8f:
                    28:75:66:00:5c:ce:df:53:9b:f4:bd:f4:8b:01:ac:
                    14:96:d9:c9:e9:4e:78:36:4f:5c:ac:85:fd:c7:4e:
                    c8:22:76:d5:a6:9b:c5:6a:4c:9d:cf:9e:c1:6e:3c:
                    74:d5:d0:e1:50:ea:f5:3d:30:20:fb:e9:fa:98:0c:
                    98:d9:54:26:8e:da:f5:dc:c4:d2:4c:36:dc:62:89:
                    44:6c:c6:e5:41:3c:4d:73:04:ee:2e:7b:46:21:d3:
                    ab:4f:a2:a2:00:40:9d:aa:27:70:d0:9e:28:75:62:
                    29:02:f7:d4:da:bf:da:a0:4e:a2:35:13:be:0b:66:
                    bf:16:66:eb:23:ac:70:6d:59:e7:b2:6c:54:4c:b8:
                    f5:9e:9a:4f:b4:82:73:06:48:fd:cf:a8:01:75:23:
                    a2:f0:d5:02:be:a3:11:58:19:b3:5a:4b:79:f4:a3:
                    7b:e4:fc:40:f6:a5:e0:87:44:82:61:57:31:5a:f5:
                    24:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:BC:C1:94:B6:55:B2:0A:5F:01:EE:94:28:2C:75:0B:65:F4:F5:BD
            X509v3 Authority Key Identifier:
                keyid:9A:9B:BD:AA:00:01:1F:6C:2F:69:51:88:95:FA:02:3D:32:D5:B7:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpu9qgABH2wvaVGIlfoCPTLVt9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d5d664-db1b-4899-9515-2b792f1b3230/1/ibzBlLZVsgpfAe6UKCx1C2X09b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d5d664-db1b-4899-9515-2b792f1b3230/1/mpu9qgABH2wvaVGIlfoCPTLVt9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.227.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:d5:fa:59:01:98:f7:dc:54:02:85:41:96:c3:2b:0c:f3:fe:
         61:5b:ee:1e:84:a7:74:90:10:84:19:3f:5f:f4:3d:4e:e6:a1:
         80:ad:2c:df:8b:a2:c0:0a:6c:70:09:13:1e:e8:4e:8a:f5:9d:
         1f:87:44:87:f3:3e:35:0f:da:f8:9d:7b:31:44:dc:cd:b3:ed:
         e6:2e:5c:60:a9:e5:37:40:f5:51:b5:32:5a:2d:db:7f:db:c0:
         f6:0b:23:5e:b5:11:44:03:13:64:2f:f7:64:dd:c5:00:06:a5:
         da:cf:4e:1b:b9:d4:6f:a7:69:7d:da:82:1e:d5:07:97:e5:51:
         bd:36:9c:20:55:1e:31:99:f5:e0:5c:e8:e6:4c:ab:b9:16:cd:
         b7:2a:d0:60:21:24:8f:91:91:bb:8e:42:ba:cf:ed:b2:67:61:
         af:17:58:be:98:a1:e5:fa:33:5c:00:05:95:04:63:60:f5:bd:
         15:9b:16:97:ba:11:20:3c:a8:90:ea:96:9a:a1:5b:66:fc:6d:
         10:8b:09:d2:5f:a2:78:5d:99:26:10:ba:4c:a8:cc:18:cf:8e:
         cf:8e:c6:d7:a9:19:86:7e:59:c1:79:f5:1f:56:7c:e8:09:7a:
         56:3c:2d:dc:ce:1f:b8:ff:bd:06:dc:66:29:51:58:5a:6a:3f:
         70:86:ad:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnf74XST3UcOM4wOGdEjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOWJiZGFhMDAwMTFmNmMyZjY5NTE4ODk1ZmEwMjNkMzJk
NWI3ZDkwHhcNMjMwMTAxMjMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJjYzE5NGI2NTViMjBhNWYwMWVlOTQyODJjNzUwYjY1ZjRmNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8O0E+863ati2X8+ay11+XWSK791
uRrbZuXZyZimoudSBwn5XcpUocaVIGsT+DH/6i0p/ufXUgKOFA6WxrWTUAcC58n2
uedWoo8odWYAXM7fU5v0vfSLAawUltnJ6U54Nk9crIX9x07IInbVppvFakydz57B
bjx01dDhUOr1PTAg++n6mAyY2VQmjtr13MTSTDbcYolEbMblQTxNcwTuLntGIdOr
T6KiAECdqidw0J4odWIpAvfU2r/aoE6iNRO+C2a/FmbrI6xwbVnnsmxUTLj1nppP
tIJzBkj9z6gBdSOi8NUCvqMRWBmzWkt59KN75PxA9qXgh0SCYVcxWvUk6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm8wZS2VbIKXwHulCgsdQtl9PW9MB8GA1UdIwQY
MBaAFJqbvaoAAR9sL2lRiJX6Aj0y1bfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXB1OXFnQUJIMnd2YVZHSWxmb0NQVExWdDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNWQ2NjQtZGIxYi00ODk5LTk1MTUt
MmI3OTJmMWIzMjMwLzEvaWJ6QmxMWlZzZ3BmQWU2VUtDeDFDMlgwOWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNWQ2NjQtZGIxYi00ODk5LTk1MTUtMmI3OTJmMWIzMjMw
LzEvbXB1OXFnQUJIMnd2YVZHSWxmb0NQVExWdDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBweP+MA0G
CSqGSIb3DQEBCwUAA4IBAQB91fpZAZj33FQChUGWwysM8/5hW+4ehKd0kBCEGT9f
9D1O5qGArSzfi6LACmxwCRMe6E6K9Z0fh0SH8z41D9r4nXsxRNzNs+3mLlxgqeU3
QPVRtTJaLdt/28D2CyNetRFEAxNkL/dk3cUABqXaz04budRvp2l92oIe1QeX5VG9
NpwgVR4xmfXgXOjmTKu5Fs23KtBgISSPkZG7jkK6z+2yZ2GvF1i+mKHl+jNcAAWV
BGNg9b0VmxaXuhEgPKiQ6paaoVtm/G0QiwnSX6J4XZkmELpMqMwYz47PjsbXqRmG
flnBefUfVnzoCXpWPC3czh+4/70G3GYpUVhaaj9whq3W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:10 2024 by rpki-client on console-fra.rpki-client.org