Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/3DdPdrGblLT3D4Y3tUKcST6kC5o.roa
File:                     3DdPdrGblLT3D4Y3tUKcST6kC5o.roa (raw, json)
Hash identifier:          6iho0Tm44U7PoDfM3u3F/ERfmxc5Dw167jQVEI1lSbI=
Subject key identifier:   DC:37:4F:76:B1:9B:94:B4:F7:0F:86:37:B5:42:9C:49:3E:A4:0B:9A
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       08193CFE
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/3DdPdrGblLT3D4Y3tUKcST6kC5o.roa
Signing time:             Sat 01 Jan 2022 13:04:48 +0000
ROA not before:           Sat 01 Jan 2022 13:04:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        88.218.239.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135871742 (0x8193cfe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jan  1 13:04:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dc374f76b19b94b4f70f8637b5429c493ea40b9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:27:70:f3:60:6d:d3:e5:02:2c:0b:5d:ff:6f:
                    31:17:67:a8:63:0e:95:77:27:77:c2:1e:b5:f5:c3:
                    a0:5f:79:8b:d3:23:77:10:71:a7:54:13:ab:f1:b5:
                    ac:0e:f4:93:93:e0:9f:eb:2e:93:7a:2d:71:42:cd:
                    b1:8d:a5:0e:80:34:76:74:e0:d1:ab:fe:9e:56:8b:
                    e4:19:31:30:d7:b0:79:4d:df:73:82:19:da:34:37:
                    b9:14:b0:90:b8:bb:f2:95:3d:08:65:60:09:d7:d1:
                    ad:95:5b:4d:c0:c9:88:d4:91:9f:64:db:7d:0b:74:
                    43:ee:17:b6:2c:1f:5b:16:9a:97:f3:89:a2:d9:44:
                    d0:ae:77:ff:95:4e:65:0c:62:0e:83:0e:0e:2e:89:
                    81:ee:3d:2d:a0:be:a1:ae:06:0b:3a:1c:29:83:05:
                    a9:d2:03:37:4e:c5:41:04:54:a6:2e:49:53:54:16:
                    42:0b:af:ce:9c:7e:67:7e:92:49:c9:90:21:63:6a:
                    af:35:2e:c9:3a:54:e9:28:ca:ab:c1:3f:77:c4:d0:
                    bc:88:ea:41:dc:f7:dd:70:fb:e3:50:cc:81:00:f3:
                    10:ca:53:0a:f3:9c:fc:72:8d:d0:f6:d9:77:30:ee:
                    e8:c7:1a:e5:c9:15:d4:d3:86:cf:6b:bf:a1:28:9c:
                    58:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:37:4F:76:B1:9B:94:B4:F7:0F:86:37:B5:42:9C:49:3E:A4:0B:9A
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/3DdPdrGblLT3D4Y3tUKcST6kC5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:d1:40:aa:73:35:b6:91:bf:ee:cc:11:fe:f2:a0:04:89:36:
         b5:a1:ad:c6:aa:c6:ef:47:f2:13:0b:ce:94:3f:e3:5e:b3:69:
         3c:26:48:b7:52:eb:72:d2:aa:6d:bb:46:6e:92:c0:6c:23:53:
         ff:52:c0:31:da:8f:8e:df:73:77:04:70:97:80:73:7a:b2:dc:
         a1:ab:44:51:a4:9f:be:70:8f:ef:ab:40:de:63:13:d0:e9:aa:
         40:be:98:38:8b:92:56:c1:a6:64:c3:91:27:5b:e9:ba:3d:cd:
         1a:36:4d:3e:c1:9b:56:1a:65:df:74:d4:b9:77:7b:da:b2:f3:
         ac:71:2c:0f:1c:54:71:06:c4:db:34:2f:73:b2:ea:93:3e:d3:
         32:95:2c:41:9c:f8:46:ef:9e:97:fb:e6:7c:31:aa:dc:62:ff:
         dc:ee:1b:59:a1:4a:5f:70:49:07:4f:67:16:68:c5:52:44:4f:
         c1:77:e0:92:cb:f0:0e:41:41:63:9b:c7:86:85:ed:60:76:34:
         cb:a8:73:81:e9:5d:b0:10:a7:cd:52:7a:a8:de:68:8b:11:8f:
         c0:9a:4d:62:db:b7:02:8c:95:ab:ae:c5:42:c6:4f:f1:f5:eb:
         07:b3:f8:68:87:85:78:8e:0e:05:18:54:3d:44:b7:06:c6:53:
         d0:5e:c8:da
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBk8/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjdkMmM5YWQzNmQ5Zjg4MWZhODFmZDQ3NTM4N2ZiODcwYjViNGZiMB4XDTIyMDEw
MTEzMDQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMzNzRmNzZiMTli
OTRiNGY3MGY4NjM3YjU0MjljNDkzZWE0MGI5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8ncPNgbdPlAiwLXf9vMRdnqGMOlXcnd8IetfXDoF95i9Mj
dxBxp1QTq/G1rA70k5Pgn+suk3otcULNsY2lDoA0dnTg0av+nlaL5BkxMNeweU3f
c4IZ2jQ3uRSwkLi78pU9CGVgCdfRrZVbTcDJiNSRn2TbfQt0Q+4XtiwfWxaal/OJ
otlE0K53/5VOZQxiDoMODi6Jge49LaC+oa4GCzocKYMFqdIDN07FQQRUpi5JU1QW
Qguvzpx+Z36SScmQIWNqrzUuyTpU6SjKq8E/d8TQvIjqQdz33XD741DMgQDzEMpT
CvOc/HKN0PbZdzDu6Mca5ckV1NOGz2u/oSicWE8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTcN092sZuUtPcPhje1QpxJPqQLmjAfBgNVHSMEGDAWgBRLfSya022fiB+o
H9R1OH+4cLW0+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MzMHNtdE50bjRnZnFCX1VkVGhfdUhDMXRQcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8x
LzNEZFBkckdibExUM0Q0WTN0VUtjU1Q2a0M1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8xL1MzMHNtdE50bjRn
ZnFCX1VkVGhfdUhDMXRQcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFja7zANBgkqhkiG9w0BAQsFAAOC
AQEAk9FAqnM1tpG/7swR/vKgBIk2taGtxqrG70fyEwvOlD/jXrNpPCZIt1LrctKq
bbtGbpLAbCNT/1LAMdqPjt9zdwRwl4BzerLcoatEUaSfvnCP76tA3mMT0OmqQL6Y
OIuSVsGmZMORJ1vpuj3NGjZNPsGbVhpl33TUuXd72rLzrHEsDxxUcQbE2zQvc7Lq
kz7TMpUsQZz4Ru+el/vmfDGq3GL/3O4bWaFKX3BJB09nFmjFUkRPwXfgksvwDkFB
Y5vHhoXtYHY0y6hzgeldsBCnzVJ6qN5oixGPwJpNYtu3AoyVq67FQsZP8fXrB7P4
aIeFeI4OBRhUPUS3BsZT0F7I2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org