Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/5525ae-4401-40a6-9059-c63050257066/1/7PUMcLwJaPl9tF_urTotrYhll3Q.roa
File:                     7PUMcLwJaPl9tF_urTotrYhll3Q.roa (raw, json)
Hash identifier:          feawL0ER+VVmDJcP8GYdlsuA6Xyyat6iRYa6ApKCqiE=
Subject key identifier:   EC:F5:0C:70:BC:09:68:F9:7D:B4:5F:EE:AD:3A:2D:AD:88:65:97:74
Certificate issuer:       /CN=d9e2760d70a0d6b7a047130edbd996d041e9d300
Certificate serial:       4F17
Authority key identifier: D9:E2:76:0D:70:A0:D6:B7:A0:47:13:0E:DB:D9:96:D0:41:E9:D3:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2eJ2DXCg1regRxMO29mW0EHp0wA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/5525ae-4401-40a6-9059-c63050257066/1/7PUMcLwJaPl9tF_urTotrYhll3Q.roa
Signing time:             Tue 25 Jan 2022 18:23:25 +0000
ROA not before:           Tue 25 Jan 2022 18:23:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212667
IP address blocks:        185.187.19.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20247 (0x4f17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9e2760d70a0d6b7a047130edbd996d041e9d300
        Validity
            Not Before: Jan 25 18:23:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=ecf50c70bc0968f97db45feead3a2dad88659774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:26:9d:a5:e0:3f:39:64:f5:34:e8:f6:12:3d:
                    80:27:08:e0:d9:6d:5e:a3:0c:10:0c:24:0d:39:16:
                    16:bd:99:cd:ec:98:2c:e1:7d:b9:9e:bd:da:b3:f8:
                    2a:6a:aa:9b:08:6f:12:aa:12:a6:fc:bc:d1:03:5e:
                    a6:98:a5:a9:c3:12:73:91:57:c4:85:87:7e:e2:99:
                    5f:c1:27:65:b4:08:2f:13:d3:3e:34:90:f4:d6:0c:
                    bf:83:06:58:d2:88:b1:8b:99:d6:5b:76:ca:0b:07:
                    e0:1b:46:7f:3b:16:5d:c0:72:6f:ca:4b:1f:58:63:
                    51:2a:34:31:13:fd:fb:f5:38:b7:dc:92:58:fb:4d:
                    95:4e:1d:6e:23:1e:6b:9a:68:f8:a7:19:28:ed:2b:
                    48:2d:a4:51:49:29:6b:00:ec:cc:97:16:7d:a8:89:
                    a9:b4:a1:ce:ba:51:8c:b6:0b:18:59:61:4f:cc:fb:
                    27:50:46:81:3a:3f:fd:a2:b3:1d:99:43:1d:6e:65:
                    0f:28:c5:9a:d6:fd:ad:cc:97:1c:2a:6a:15:0e:55:
                    59:30:1f:6b:fa:d3:6c:f3:e6:f4:d9:84:3d:06:4e:
                    3a:4b:9d:ff:52:ae:40:18:bc:bd:b8:8d:0e:f0:2c:
                    a9:0d:6b:1b:71:0a:56:3b:e4:8d:c3:58:df:54:2e:
                    90:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:F5:0C:70:BC:09:68:F9:7D:B4:5F:EE:AD:3A:2D:AD:88:65:97:74
            X509v3 Authority Key Identifier:
                keyid:D9:E2:76:0D:70:A0:D6:B7:A0:47:13:0E:DB:D9:96:D0:41:E9:D3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2eJ2DXCg1regRxMO29mW0EHp0wA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5525ae-4401-40a6-9059-c63050257066/1/7PUMcLwJaPl9tF_urTotrYhll3Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5525ae-4401-40a6-9059-c63050257066/1/2eJ2DXCg1regRxMO29mW0EHp0wA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:a5:c3:a9:38:f7:da:40:24:6e:d8:53:01:19:88:8f:9f:0a:
         bc:af:55:64:30:d1:e5:1b:59:b8:9d:8f:2a:c5:fb:5b:6d:f8:
         b6:d6:82:cc:83:d8:d5:2d:1f:80:77:02:25:75:92:6d:9d:2a:
         92:e2:f2:b7:47:dc:c5:fd:7e:2e:e3:86:88:e9:e6:a8:78:ea:
         ac:d7:17:4b:1a:4a:7e:da:2a:20:86:e7:b2:4b:c2:14:59:cb:
         a5:fa:f6:35:a2:a8:64:ac:73:86:2d:12:e6:8d:6c:9b:06:e9:
         69:11:df:73:ae:d0:5a:c1:8c:b6:a1:90:59:b7:8a:c6:3a:29:
         5c:9f:b2:74:f2:fd:e0:e8:d0:c8:0f:c2:f9:3b:d5:45:04:91:
         30:a8:b3:97:1e:0d:91:00:88:5b:b8:47:85:dc:d5:ea:2e:d5:
         82:02:26:e8:94:ca:37:0b:54:b5:13:e7:15:54:aa:48:c1:dd:
         23:b5:44:7e:98:0e:56:c0:72:79:b8:7f:bb:6f:3b:60:ce:c5:
         84:e8:cb:f3:ef:37:12:9a:fe:cb:89:ae:c4:8f:ad:62:56:b1:
         fc:3f:af:10:37:19:77:bf:87:5b:60:1c:d5:52:57:24:3f:4b:
         fb:3f:f1:5b:7c:c3:f8:11:d4:f6:ff:b5:01:f6:9c:1d:61:e6:
         dd:9d:03:32
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICTxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZDll
Mjc2MGQ3MGEwZDZiN2EwNDcxMzBlZGJkOTk2ZDA0MWU5ZDMwMDAeFw0yMjAxMjUx
ODIzMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGVjZjUwYzcwYmMwOTY4
Zjk3ZGI0NWZlZWFkM2EyZGFkODg2NTk3NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiJp2l4D85ZPU06PYSPYAnCODZbV6jDBAMJA05Fha9mc3smCzh
fbmevdqz+CpqqpsIbxKqEqb8vNEDXqaYpanDEnORV8SFh37imV/BJ2W0CC8T0z40
kPTWDL+DBljSiLGLmdZbdsoLB+AbRn87Fl3Acm/KSx9YY1EqNDET/fv1OLfcklj7
TZVOHW4jHmuaaPinGSjtK0gtpFFJKWsA7MyXFn2oiam0oc66UYy2CxhZYU/M+ydQ
RoE6P/2isx2ZQx1uZQ8oxZrW/a3MlxwqahUOVVkwH2v602zz5vTZhD0GTjpLnf9S
rkAYvL24jQ7wLKkNaxtxClY75I3DWN9ULpDLAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQU7PUMcLwJaPl9tF/urTotrYhll3QwHwYDVR0jBBgwFoAU2eJ2DXCg1regRxMO
29mW0EHp0wAwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8y
ZUoyRFhDZzFyZWdSeE1PMjltVzBFSHAwd0EuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxUL2M3LzU1MjVhZS00NDAxLTQwYTYtOTA1OS1jNjMwNTAyNTcwNjYvMS83
UFVNY0x3SmFQbDl0Rl91clRvdHJZaGxsM1Eucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3LzU1
MjVhZS00NDAxLTQwYTYtOTA1OS1jNjMwNTAyNTcwNjYvMS8yZUoyRFhDZzFyZWdS
eE1PMjltVzBFSHAwd0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5uxMwDQYJKoZIhvcNAQELBQADggEB
AGalw6k499pAJG7YUwEZiI+fCryvVWQw0eUbWbidjyrF+1tt+LbWgsyD2NUtH4B3
AiV1km2dKpLi8rdH3MX9fi7jhojp5qh46qzXF0saSn7aKiCG57JLwhRZy6X69jWi
qGSsc4YtEuaNbJsG6WkR33Ou0FrBjLahkFm3isY6KVyfsnTy/eDo0MgPwvk71UUE
kTCos5ceDZEAiFu4R4Xc1eou1YICJuiUyjcLVLUT5xVUqkjB3SO1RH6YDlbAcnm4
f7tvO2DOxYToy/PvNxKa/suJrsSPrWJWsfw/rxA3GXe/h1tgHNVSVyQ/S/s/8Vt8
w/gR1Pb/tQH2nB1h5t2dAzI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:28 2024 by rpki-client on console-ams.rpki-client.org