Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/bRI8hhafrhs0IA2R4yauXOxMepU.roa
File:                     bRI8hhafrhs0IA2R4yauXOxMepU.roa (raw, json)
Hash identifier:          rMzUlxTC4o+cxYDOGKCMuHrDItU3Q1Jq1bB4iNflY5U=
Subject key identifier:   6D:12:3C:86:16:9F:AE:1B:34:20:0D:91:E3:26:AE:5C:EC:4C:7A:95
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       088329FE
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/bRI8hhafrhs0IA2R4yauXOxMepU.roa
Signing time:             Sat 12 Feb 2022 19:08:13 +0000
ROA not before:           Sat 12 Feb 2022 19:08:13 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     197328
IP address blocks:        194.28.156.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142813694 (0x88329fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Feb 12 19:08:13 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=6d123c86169fae1b34200d91e326ae5cec4c7a95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:08:dd:d0:20:87:a6:e9:e2:14:ba:33:81:cf:
                    61:85:e7:d6:6e:f7:fd:08:06:db:e0:b8:30:b2:fc:
                    b8:7f:10:c3:50:33:f2:77:55:a4:ed:a1:b3:df:18:
                    93:28:57:ba:57:e3:e7:7a:8e:a6:bc:83:86:c3:83:
                    8a:1b:96:ba:46:9b:4d:24:2a:5a:68:65:85:90:43:
                    9c:75:dc:31:ad:d8:01:6d:05:9a:18:b1:d2:b4:61:
                    46:b1:3f:e8:0d:eb:73:a6:80:0c:00:2f:64:8d:5d:
                    2d:35:50:94:e1:53:81:d1:7d:55:be:c4:e1:ca:51:
                    1b:ae:4d:94:81:69:9e:99:11:85:28:5a:09:9a:14:
                    01:12:9a:e8:09:4d:10:a4:0b:bc:f2:94:d1:9b:2d:
                    b4:66:4d:e7:da:fa:d1:9c:d8:66:58:45:89:13:6f:
                    3d:ff:b0:02:94:26:3e:97:e7:9a:81:63:0a:62:46:
                    e2:65:1e:df:64:7b:79:a8:39:fc:72:b6:89:3f:c4:
                    78:7d:60:d8:71:8d:79:d6:ba:7d:c3:35:fb:54:b5:
                    46:e3:b1:56:93:6f:09:6a:8d:49:38:d5:de:97:25:
                    99:c3:7c:b2:18:22:bb:95:53:9e:ff:33:a0:9b:67:
                    2c:aa:5a:d8:b6:2a:d4:0f:ef:85:27:47:72:5b:ac:
                    25:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:12:3C:86:16:9F:AE:1B:34:20:0D:91:E3:26:AE:5C:EC:4C:7A:95
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/bRI8hhafrhs0IA2R4yauXOxMepU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:74:69:6c:2d:8c:0b:4a:91:23:21:a5:b9:fd:03:ce:78:eb:
         8f:43:a6:bb:f4:d6:d6:df:d3:17:0a:55:87:39:00:f4:c7:6e:
         af:99:25:0d:66:00:b7:5e:dc:db:63:90:ec:b9:6f:d6:90:e1:
         e8:1a:ed:8b:a7:1f:a7:90:3f:dd:47:ef:1a:c5:5b:b1:6e:8c:
         3f:64:f5:f1:38:4f:ae:da:e5:22:47:fa:d6:c5:95:0b:14:b3:
         1d:c1:25:48:fd:9b:3f:e3:44:b2:10:55:4c:cb:83:d5:69:f7:
         34:6c:4f:9c:df:c4:6a:01:f1:0a:c8:1d:0c:bf:61:da:a6:a4:
         2f:61:3f:fc:5e:80:74:93:f3:78:e3:a5:93:d7:e2:fd:11:12:
         e3:c3:15:c6:4a:fc:7c:73:40:2b:6e:2c:ae:2f:43:76:92:91:
         f0:ed:5a:1a:94:10:7c:cb:6d:ed:25:73:5e:1d:08:47:86:c1:
         89:af:ea:02:58:6e:73:75:ee:6b:1d:af:0c:09:87:a0:92:0c:
         cf:5e:ea:c6:10:6b:f5:5a:b5:fc:df:25:1d:42:e7:66:44:9a:
         e5:e3:6b:73:2d:e7:ae:ca:d8:4f:8a:27:d1:19:e1:03:87:9e:
         6a:32:7f:a6:d6:48:e2:61:37:cb:87:ed:97:90:88:6f:36:e1:
         89:d1:b6:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIMp/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjdkMmM5YWQzNmQ5Zjg4MWZhODFmZDQ3NTM4N2ZiODcwYjViNGZiMB4XDTIyMDIx
MjE5MDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxMjNjODYxNjlm
YWUxYjM0MjAwZDkxZTMyNmFlNWNlYzRjN2E5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoI3dAgh6bp4hS6M4HPYYXn1m73/QgG2+C4MLL8uH8Qw1Az
8ndVpO2hs98YkyhXulfj53qOpryDhsODihuWukabTSQqWmhlhZBDnHXcMa3YAW0F
mhix0rRhRrE/6A3rc6aADAAvZI1dLTVQlOFTgdF9Vb7E4cpRG65NlIFpnpkRhSha
CZoUARKa6AlNEKQLvPKU0ZsttGZN59r60ZzYZlhFiRNvPf+wApQmPpfnmoFjCmJG
4mUe32R7eag5/HK2iT/EeH1g2HGNeda6fcM1+1S1RuOxVpNvCWqNSTjV3pclmcN8
shgiu5VTnv8zoJtnLKpa2LYq1A/vhSdHclusJWECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtEjyGFp+uGzQgDZHjJq5c7Ex6lTAfBgNVHSMEGDAWgBRLfSya022fiB+o
H9R1OH+4cLW0+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MzMHNtdE50bjRnZnFCX1VkVGhfdUhDMXRQcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8x
L2JSSThoaGFmcmhzMElBMlI0eWF1WE94TWVwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OTMwODgyLTQ0YjQtNDJlMy05MjRmLWY3MWM0M2RhYTU5Yi8xL1MzMHNtdE50bjRn
ZnFCX1VkVGhfdUhDMXRQcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIcnDANBgkqhkiG9w0BAQsFAAOC
AQEAAnRpbC2MC0qRIyGluf0Dznjrj0Omu/TW1t/TFwpVhzkA9Mdur5klDWYAt17c
22OQ7Llv1pDh6Brti6cfp5A/3UfvGsVbsW6MP2T18ThPrtrlIkf61sWVCxSzHcEl
SP2bP+NEshBVTMuD1Wn3NGxPnN/EagHxCsgdDL9h2qakL2E//F6AdJPzeOOlk9fi
/RES48MVxkr8fHNAK24sri9DdpKR8O1aGpQQfMtt7SVzXh0IR4bBia/qAlhuc3Xu
ax2vDAmHoJIMz17qxhBr9Vq1/N8lHULnZkSa5eNrcy3nrsrYT4on0RnhA4eeajJ/
ptZI4mE3y4ftl5CIbzbhidG2IA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:19 2024 by rpki-client on console-fra.rpki-client.org