Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QtX9m3U2JPFFIIVRxjGC7z8UJqE.roa
File:                     QtX9m3U2JPFFIIVRxjGC7z8UJqE.roa (raw, json)
Hash identifier:          C6igfUsNSq5imXd9D0DkVawt6VNIAp7G+fummEvaJik=
Subject key identifier:   42:D5:FD:9B:75:36:24:F1:45:20:85:51:C6:31:82:EF:3F:14:26:A1
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       0185709500AA092718DFC470EAFC62D558AA
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QtX9m3U2JPFFIIVRxjGC7z8UJqE.roa
Signing time:             Mon 02 Jan 2023 03:44:51 +0000
ROA not before:           Mon 02 Jan 2023 03:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        83.97.119.0/24 maxlen: 24
                          83.97.118.0/24 maxlen: 24
                          83.97.117.0/24 maxlen: 24
                          83.97.116.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:95:00:aa:09:27:18:df:c4:70:ea:fc:62:d5:58:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jan  2 03:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=42d5fd9b753624f145208551c63182ef3f1426a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:e8:14:21:9d:d9:05:6a:22:0a:a9:52:8a:83:
                    47:49:73:9f:35:15:c5:c8:e8:c1:b9:29:f3:86:16:
                    23:56:97:ce:a6:f1:37:75:84:03:bc:e2:ea:25:9b:
                    13:7e:be:d4:76:15:36:39:8f:b5:f0:3a:22:39:87:
                    85:7e:21:e5:e7:e7:8a:03:a4:a0:f6:dc:50:cb:e8:
                    ee:aa:a7:e6:79:25:5d:b9:27:04:74:26:c6:4f:17:
                    ab:24:f6:1e:4c:94:6d:33:2c:85:2b:11:05:14:dc:
                    b7:4a:d9:af:47:6e:fd:0b:32:91:9e:dc:19:4c:34:
                    f5:42:be:37:6c:10:0a:57:74:3b:ff:65:9d:be:d7:
                    9b:54:7d:c5:15:49:cc:65:ad:ab:e3:8d:09:31:46:
                    b5:2a:9b:eb:23:a8:0f:8f:38:07:8c:d0:3d:9c:89:
                    e4:e9:90:2b:0f:c2:76:80:74:b6:8e:de:b0:a1:88:
                    46:13:d5:38:b7:50:a5:19:dc:9c:2f:1c:18:06:71:
                    4e:ee:d2:46:ba:d6:1e:a8:ac:93:d9:6e:9b:89:cf:
                    3f:7d:f3:67:8c:72:81:23:cb:12:64:5e:9c:61:bd:
                    98:60:46:15:2b:f0:05:ba:1b:d6:6e:60:ed:5b:9f:
                    ad:a7:48:63:1a:fe:d6:83:f7:da:90:3e:87:d2:e5:
                    87:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D5:FD:9B:75:36:24:F1:45:20:85:51:C6:31:82:EF:3F:14:26:A1
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/QtX9m3U2JPFFIIVRxjGC7z8UJqE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:a0:91:01:08:11:80:e4:b1:44:ff:f9:0a:0a:77:7a:71:db:
         eb:88:a7:2a:0e:6a:6e:ab:a4:ab:80:ce:36:10:79:76:64:5e:
         4c:34:5c:6e:5c:b1:de:59:d0:30:1c:6b:87:20:0d:5b:3d:45:
         21:13:2e:6d:54:bb:2b:5f:10:d3:93:3a:72:67:ee:b5:20:ce:
         5e:15:35:5d:39:5e:b7:95:99:64:cd:c6:f9:de:05:67:4f:04:
         ed:8e:94:1d:ee:40:72:c0:de:c1:91:e6:0b:ce:f0:83:8c:b7:
         e6:ed:fb:6b:c6:68:ea:99:1c:2d:95:eb:f0:ab:05:62:af:15:
         ed:f3:36:57:c9:d5:12:0b:8a:e0:7c:e4:1f:66:50:59:cc:55:
         61:4d:fa:40:10:ca:73:30:43:5c:8d:8e:99:06:9a:68:f1:df:
         97:99:1d:b3:46:eb:31:28:e4:8a:7e:e6:1d:1b:31:99:0f:35:
         09:34:4a:76:db:f9:29:0e:e3:4f:b7:73:49:35:b0:08:42:22:
         e5:18:e3:e9:2e:8e:40:0c:77:dd:5e:df:a4:47:41:41:c7:b6:
         b1:95:04:d0:27:e9:ae:a2:09:23:df:4d:10:bc:45:2e:08:5f:
         91:6c:a8:04:84:c3:f3:7a:15:5c:93:4c:21:e3:1d:b3:a0:60:
         5a:4b:57:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlQCqCScY38Rw6vxi1ViqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjMwMTAyMDM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ1ZmQ5Yjc1MzYyNGYxNDUyMDg1NTFjNjMxODJlZjNmMTQyNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ugUIZ3ZBWoiCqlSioNHSXOfNRXF
yOjBuSnzhhYjVpfOpvE3dYQDvOLqJZsTfr7UdhU2OY+18DoiOYeFfiHl5+eKA6Sg
9txQy+juqqfmeSVduScEdCbGTxerJPYeTJRtMyyFKxEFFNy3StmvR279CzKRntwZ
TDT1Qr43bBAKV3Q7/2WdvtebVH3FFUnMZa2r440JMUa1KpvrI6gPjzgHjNA9nInk
6ZArD8J2gHS2jt6woYhGE9U4t1ClGdycLxwYBnFO7tJGutYeqKyT2W6bic8/ffNn
jHKBI8sSZF6cYb2YYEYVK/AFuhvWbmDtW5+tp0hjGv7Wg/fakD6H0uWHkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELV/Zt1NiTxRSCFUcYxgu8/FCahMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvUXRYOW0zVTJKUEZGSUlWUnhqR0M3ejhVSnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU2F0MA0G
CSqGSIb3DQEBCwUAA4IBAQCFoJEBCBGA5LFE//kKCnd6cdvriKcqDmpuq6SrgM42
EHl2ZF5MNFxuXLHeWdAwHGuHIA1bPUUhEy5tVLsrXxDTkzpyZ+61IM5eFTVdOV63
lZlkzcb53gVnTwTtjpQd7kBywN7BkeYLzvCDjLfm7ftrxmjqmRwtlevwqwVirxXt
8zZXydUSC4rgfOQfZlBZzFVhTfpAEMpzMENcjY6ZBppo8d+XmR2zRusxKOSKfuYd
GzGZDzUJNEp22/kpDuNPt3NJNbAIQiLlGOPpLo5ADHfdXt+kR0FBx7axlQTQJ+mu
ogkj300QvEUuCF+RbKgEhMPzehVck0wh4x2zoGBaS1em
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org