Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/j84gdMiaspSWfj61o6VirkHwNB0.roa
File:                     j84gdMiaspSWfj61o6VirkHwNB0.roa (raw, json)
Hash identifier:          cHq4CUZahBTSTz8ZETMjW3UFzK23Be3xg5c6xIQ3I4o=
Subject key identifier:   8F:CE:20:74:C8:9A:B2:94:96:7E:3E:B5:A3:A5:62:AE:41:F0:34:1D
Certificate issuer:       /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial:       01857094FFEE7B091D8085B6BAA384AB3DA6
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/j84gdMiaspSWfj61o6VirkHwNB0.roa
Signing time:             Mon 02 Jan 2023 03:44:51 +0000
ROA not before:           Mon 02 Jan 2023 03:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49453
IP address blocks:        83.97.117.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:ff:ee:7b:09:1d:80:85:b6:ba:a3:84:ab:3d:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
        Validity
            Not Before: Jan  2 03:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8fce2074c89ab294967e3eb5a3a562ae41f0341d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3c:32:12:96:53:d7:bb:4f:68:74:0d:5c:bf:
                    6a:ad:95:87:3c:23:98:f2:f8:9c:f1:7f:6b:77:0f:
                    b0:df:f2:65:58:88:a0:63:99:86:fe:0d:84:c6:02:
                    2a:ca:1d:31:57:98:b2:25:1d:71:f3:86:f2:d6:a3:
                    0a:2c:55:87:9d:8a:fc:76:39:9d:d9:70:8e:95:28:
                    bd:b6:68:29:47:02:6f:a6:94:9c:f4:92:6f:3f:07:
                    2c:f7:81:54:c0:a9:d1:0d:c9:99:80:c3:1e:43:64:
                    01:98:77:9e:6d:d7:99:5f:1c:92:a5:02:7a:1b:56:
                    fd:12:4c:e2:ec:f6:da:a3:55:bc:52:c1:cd:27:aa:
                    46:ec:46:86:28:cc:95:4d:b5:4b:77:78:46:c6:ca:
                    af:46:1b:83:75:42:c6:1a:57:2c:33:4c:75:fa:c4:
                    19:a5:05:27:a7:17:5b:67:36:74:5b:f5:20:e7:ad:
                    98:d6:ad:c7:51:d4:e5:e8:fc:3d:6c:16:f8:f7:92:
                    18:99:34:a6:75:95:7f:d3:8b:27:c4:d6:f6:c1:35:
                    f0:5c:12:03:02:f5:d5:3c:1b:9f:83:8e:bd:a8:3f:
                    d7:19:81:3b:46:90:43:e6:48:95:55:bb:aa:24:f8:
                    7f:36:63:3d:ed:5b:c2:a4:64:a6:70:69:8f:73:74:
                    52:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:CE:20:74:C8:9A:B2:94:96:7E:3E:B5:A3:A5:62:AE:41:F0:34:1D
            X509v3 Authority Key Identifier:
                keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/j84gdMiaspSWfj61o6VirkHwNB0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:ed:c2:0f:0a:42:9c:8c:5d:05:23:03:c0:57:a3:05:1f:52:
         51:a3:63:a7:e5:f8:18:b2:45:10:67:81:50:42:72:13:ce:d1:
         89:14:88:9d:f5:15:e0:15:0a:89:bc:bf:46:a7:62:a4:a5:7f:
         58:09:26:45:ab:d0:e7:bb:16:f8:da:66:ce:7f:4c:54:d5:ff:
         0c:c3:b4:55:57:0c:91:1b:61:2e:73:0b:12:0e:d8:3b:ba:2d:
         18:73:7f:e6:9d:ee:38:29:35:d6:70:87:64:8a:2c:f6:62:81:
         8e:51:91:45:5d:c6:4b:80:5f:0b:2b:62:47:9f:86:8c:88:f2:
         7e:f0:a6:f4:e0:dd:90:16:22:4a:05:7f:6e:cd:f8:b8:76:86:
         16:38:c5:39:b8:27:de:41:52:a2:27:ea:54:0c:00:1b:f7:dd:
         74:c6:9e:a4:e1:6a:08:11:b2:95:3f:e2:0c:e8:ee:64:4e:9e:
         6c:74:f4:a1:80:1b:1a:6b:2d:00:d1:08:b4:1e:4a:50:5d:54:
         d9:da:85:84:5e:65:fc:c0:ac:7f:13:3b:85:3e:06:bc:5d:cf:
         ea:0c:e9:d0:b0:cf:0c:6b:7e:c1:59:c9:02:e3:ca:be:e2:65:
         b5:ea:82:76:82:3e:e7:67:91:3c:09:7b:ac:2c:5a:ca:08:5c:
         de:16:e2:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlP/uewkdgIW2uqOEqz2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjMwMTAyMDM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNlMjA3NGM4OWFiMjk0OTY3ZTNlYjVhM2E1NjJhZTQxZjAzNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTwyEpZT17tPaHQNXL9qrZWHPCOY
8vic8X9rdw+w3/JlWIigY5mG/g2ExgIqyh0xV5iyJR1x84by1qMKLFWHnYr8djmd
2XCOlSi9tmgpRwJvppSc9JJvPwcs94FUwKnRDcmZgMMeQ2QBmHeebdeZXxySpQJ6
G1b9Ekzi7Pbao1W8UsHNJ6pG7EaGKMyVTbVLd3hGxsqvRhuDdULGGlcsM0x1+sQZ
pQUnpxdbZzZ0W/Ug562Y1q3HUdTl6Pw9bBb495IYmTSmdZV/04snxNb2wTXwXBID
AvXVPBufg469qD/XGYE7RpBD5kiVVbuqJPh/NmM97VvCpGSmcGmPc3RS3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/OIHTImrKUln4+taOlYq5B8DQdMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvajg0Z2RNaWFzcFNXZmo2MW82Vmlya0h3TkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU2F1MA0G
CSqGSIb3DQEBCwUAA4IBAQCC7cIPCkKcjF0FIwPAV6MFH1JRo2On5fgYskUQZ4FQ
QnITztGJFIid9RXgFQqJvL9Gp2KkpX9YCSZFq9Dnuxb42mbOf0xU1f8Mw7RVVwyR
G2EucwsSDtg7ui0Yc3/mne44KTXWcIdkiiz2YoGOUZFFXcZLgF8LK2JHn4aMiPJ+
8Kb04N2QFiJKBX9uzfi4doYWOMU5uCfeQVKiJ+pUDAAb9910xp6k4WoIEbKVP+IM
6O5kTp5sdPShgBsaay0A0Qi0HkpQXVTZ2oWEXmX8wKx/EzuFPga8Xc/qDOnQsM8M
a37BWckC48q+4mW16oJ2gj7nZ5E8CXusLFrKCFzeFuIi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org