Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/txTvcATBj-K30QwR9aQ4KI6jeSw.roa
File:                     txTvcATBj-K30QwR9aQ4KI6jeSw.roa (raw, json)
Hash identifier:          NwftYwZIsIu7lvJ2TbsbQ1w7mhPyY1tqh2fZ7P00M24=
Subject key identifier:   B7:14:EF:70:04:C1:8F:E2:B7:D1:0C:11:F5:A4:38:28:8E:A3:79:2C
Certificate issuer:       /CN=fc5b53dfa8316093c172b4315922ef17e65f051d
Certificate serial:       0184332D302288620C29DFA5BD0577E6AF87
Authority key identifier: FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/txTvcATBj-K30QwR9aQ4KI6jeSw.roa
Signing time:             Tue 01 Nov 2022 12:31:50 +0000
ROA not before:           Tue 01 Nov 2022 12:31:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1299
IP address blocks:        89.117.68.0/24 maxlen: 24
                          89.117.72.0/21 maxlen: 24
                          89.117.84.0/23 maxlen: 24
                          89.117.88.0/22 maxlen: 24
                          89.117.109.0/24 maxlen: 24
                          89.117.28.0/22 maxlen: 24
                          89.117.32.0/23 maxlen: 24
                          89.117.132.0/22 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.117.130.0/24 maxlen: 24
                          89.117.142.0/23 maxlen: 24
                          84.46.234.0/23 maxlen: 24
                          89.116.112.0/24 maxlen: 24
                          89.116.113.0/24 maxlen: 24
                          89.116.115.0/24 maxlen: 24
                          89.116.135.0/24 maxlen: 24
                          89.116.156.0/24 maxlen: 24
                          89.116.70.0/24 maxlen: 24
                          86.38.202.0/23 maxlen: 24
                          89.116.99.0/24 maxlen: 24
                          89.116.218.0/24 maxlen: 24
                          89.116.223.0/24 maxlen: 24
                          89.116.220.0/24 maxlen: 24
                          89.116.233.0/24 maxlen: 24
                          89.116.252.0/24 maxlen: 24
                          89.116.161.0/24 maxlen: 24
                          89.116.171.0/24 maxlen: 24
                          89.116.175.0/24 maxlen: 24
                          89.116.177.0/24 maxlen: 24
                          89.116.193.0/24 maxlen: 24
                          89.116.203.0/24 maxlen: 24
                          89.116.208.0/24 maxlen: 24
                          89.116.210.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:33:2d:30:22:88:62:0c:29:df:a5:bd:05:77:e6:af:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc5b53dfa8316093c172b4315922ef17e65f051d
        Validity
            Not Before: Nov  1 12:31:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b714ef7004c18fe2b7d10c11f5a438288ea3792c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:be:2f:ca:05:7a:6d:40:19:2e:5c:cd:5e:63:
                    fd:eb:51:96:60:50:72:67:51:47:60:51:98:db:3e:
                    5f:cf:42:49:28:25:15:90:f4:8a:21:ab:3a:ec:ba:
                    f5:af:4a:1c:34:b6:c2:59:14:79:2d:a2:25:31:dc:
                    36:60:82:3c:15:40:36:ee:89:0f:93:a7:57:a9:22:
                    83:7f:b4:95:6d:9d:16:20:ec:24:0b:1b:02:70:71:
                    41:6e:63:80:f9:40:3c:1c:19:74:a2:bb:f0:23:78:
                    bd:0d:9e:e9:f1:7f:aa:a4:a2:69:57:c8:56:60:79:
                    1c:7f:aa:91:b2:56:95:3e:f7:1d:c4:8c:da:65:76:
                    e1:e0:37:c4:bd:48:ed:4f:be:6e:1f:d9:6f:77:0f:
                    c2:26:c0:48:46:e7:f2:1e:8d:2d:e9:d6:db:b3:e7:
                    42:a7:34:56:d4:72:27:f5:a3:4d:d1:25:22:cd:eb:
                    c9:5b:fa:46:2a:40:54:bd:7e:60:5e:4d:22:aa:ea:
                    e4:0e:6d:2e:d5:2a:03:54:da:67:9a:2e:7b:ba:e0:
                    1f:b3:15:b2:70:0d:5c:12:38:bf:9a:b9:a3:e6:2a:
                    02:96:47:ac:55:51:4d:d4:ab:85:7f:2f:0a:66:d7:
                    65:2b:60:8d:1f:c2:18:3b:a1:fc:f5:aa:2c:c5:c0:
                    ec:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:14:EF:70:04:C1:8F:E2:B7:D1:0C:11:F5:A4:38:28:8E:A3:79:2C
            X509v3 Authority Key Identifier:
                keyid:FC:5B:53:DF:A8:31:60:93:C1:72:B4:31:59:22:EF:17:E6:5F:05:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FtT36gxYJPBcrQxWSLvF-ZfBR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/txTvcATBj-K30QwR9aQ4KI6jeSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/5d56e5-838a-43f3-b52c-14efc982867f/1/_FtT36gxYJPBcrQxWSLvF-ZfBR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.46.234.0/23
                  86.38.202.0/23
                  89.116.70.0/24
                  89.116.99.0/24
                  89.116.112.0/23
                  89.116.115.0/24
                  89.116.135.0/24
                  89.116.156.0/24
                  89.116.161.0/24
                  89.116.171.0/24
                  89.116.175.0/24
                  89.116.177.0/24
                  89.116.193.0/24
                  89.116.203.0/24
                  89.116.208.0/24
                  89.116.210.0/23
                  89.116.218.0/24
                  89.116.220.0/24
                  89.116.223.0/24
                  89.116.233.0/24
                  89.116.252.0/24
                  89.117.28.0-89.117.33.255
                  89.117.68.0/24
                  89.117.72.0/21
                  89.117.84.0/23
                  89.117.88.0/22
                  89.117.109.0/24
                  89.117.129.0-89.117.130.255
                  89.117.132.0/22
                  89.117.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:72:a1:3d:3c:ce:85:b1:34:78:22:d5:3b:7d:13:9f:9b:23:
         ad:14:7a:10:00:9d:9a:0b:58:79:00:55:ea:7f:eb:a1:f0:19:
         5b:0c:1c:28:40:db:c8:f5:25:f0:75:8c:34:34:f2:9e:88:ca:
         c0:e5:61:6a:d8:38:63:8f:89:0f:aa:7f:b8:9e:9e:4c:34:8a:
         5d:4f:c7:89:01:94:38:c6:b7:4e:03:af:4b:67:cf:91:83:97:
         b2:58:35:0c:b4:75:f7:60:22:5d:90:89:2e:75:49:66:86:77:
         89:7c:7d:12:89:cb:76:f6:82:f7:1e:db:5f:6d:76:5d:7f:2f:
         7c:ef:ba:1b:4c:92:0a:01:f0:b6:c8:06:19:de:af:e0:31:3b:
         27:7e:1f:42:d2:c2:50:9a:de:23:00:da:34:fc:eb:d7:f6:5a:
         fe:c9:42:69:fb:15:a2:b2:e4:53:90:a2:26:1f:23:02:5d:65:
         91:81:47:bc:a8:cd:7e:17:85:73:d7:40:e2:70:c1:66:a0:8a:
         ed:6b:bc:a4:a0:11:35:e5:14:b7:43:a2:ea:2f:68:35:89:57:
         fc:73:f0:b4:da:88:c7:da:a4:8e:90:41:d7:4f:50:d9:85:6f:
         1a:07:2b:38:cf:86:7d:86:33:5f:3e:5d:16:d8:8f:43:68:3e:
         58:fb:d6:e2
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYQzLTAiiGIMKd+lvQV35q+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNWI1M2RmYTgzMTYwOTNjMTcyYjQzMTU5MjJlZjE3ZTY1
ZjA1MWQwHhcNMjIxMTAxMTIzMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE0ZWY3MDA0YzE4ZmUyYjdkMTBjMTFmNWE0MzgyODhlYTM3OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb4vygV6bUAZLlzNXmP961GWYFBy
Z1FHYFGY2z5fz0JJKCUVkPSKIas67Lr1r0ocNLbCWRR5LaIlMdw2YII8FUA27okP
k6dXqSKDf7SVbZ0WIOwkCxsCcHFBbmOA+UA8HBl0orvwI3i9DZ7p8X+qpKJpV8hW
YHkcf6qRslaVPvcdxIzaZXbh4DfEvUjtT75uH9lvdw/CJsBIRufyHo0t6dbbs+dC
pzRW1HIn9aNN0SUizevJW/pGKkBUvX5gXk0iqurkDm0u1SoDVNpnmi57uuAfsxWy
cA1cEji/mrmj5ioClkesVVFN1KuFfy8KZtdlK2CNH8IYO6H89aosxcDs5wIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFLcU73AEwY/it9EMEfWkOCiOo3ksMB8GA1UdIwQY
MBaAFPxbU9+oMWCTwXK0MVki7xfmXwUdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMt
MTRlZmM5ODI4NjdmLzEvdHhUdmNBVEJqLUszMFF3UjlhUTRLSTZqZVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81ZDU2ZTUtODM4YS00M2YzLWI1MmMtMTRlZmM5ODI4Njdm
LzEvX0Z0VDM2Z3hZSlBCY3JReFdTTHZGLVpmQlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAFU
LuoDBAFWJsoDBABZdEYDBABZdGMDBAFZdHADBABZdHMDBABZdIcDBABZdJwDBABZ
dKEDBABZdKsDBABZdK8DBABZdLEDBABZdMEDBABZdMsDBABZdNADBAFZdNIDBABZ
dNoDBABZdNwDBABZdN8DBABZdOkDBABZdPwwDAMEAll1HAMEAVl1IAMEAFl1RAME
A1l1SAMEAVl1VAMEAll1WAMEAFl1bTAMAwQAWXWBAwQAWXWCAwQCWXWEAwQBWXWO
MA0GCSqGSIb3DQEBCwUAA4IBAQA2cqE9PM6FsTR4ItU7fROfmyOtFHoQAJ2aC1h5
AFXqf+uh8BlbDBwoQNvI9SXwdYw0NPKeiMrA5WFq2Dhjj4kPqn+4np5MNIpdT8eJ
AZQ4xrdOA69LZ8+Rg5eyWDUMtHX3YCJdkIkudUlmhneJfH0Sict29oL3HttfbXZd
fy9877obTJIKAfC2yAYZ3q/gMTsnfh9C0sJQmt4jANo0/OvX9lr+yUJp+xWisuRT
kKImHyMCXWWRgUe8qM1+F4Vz10DicMFmoIrta7ykoBE15RS3Q6LqL2g1iVf8c/C0
2ojH2qSOkEHXT1DZhW8aBys4z4Z9hjNfPl0W2I9DaD5Y+9bi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org