Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/9cceef-c1da-467b-af24-49797b889454/1/MI5roXHKfRvuPKIEH7bAivjHJPk.roa
File:                     MI5roXHKfRvuPKIEH7bAivjHJPk.roa (raw, json)
Hash identifier:          0DjO9ZDGgLFlxV+uY6SKRA6mLfzVI55OErEVg/NTR3s=
Subject key identifier:   30:8E:6B:A1:71:CA:7D:1B:EE:3C:A2:04:1F:B6:C0:8A:F8:C7:24:F9
Certificate issuer:       /CN=1f6dc71102ece756c1d9ac4fcbfc4f2bd847724c
Certificate serial:       01856B80DF6873EBAB637E0F8B2BBE0CF38A
Authority key identifier: 1F:6D:C7:11:02:EC:E7:56:C1:D9:AC:4F:CB:FC:4F:2B:D8:47:72:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H23HEQLs51bB2axPy_xPK9hHckw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/9cceef-c1da-467b-af24-49797b889454/1/MI5roXHKfRvuPKIEH7bAivjHJPk.roa
Signing time:             Sun 01 Jan 2023 04:04:46 +0000
ROA not before:           Sun 01 Jan 2023 04:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203061
IP address blocks:        194.32.106.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:80:df:68:73:eb:ab:63:7e:0f:8b:2b:be:0c:f3:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f6dc71102ece756c1d9ac4fcbfc4f2bd847724c
        Validity
            Not Before: Jan  1 04:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=308e6ba171ca7d1bee3ca2041fb6c08af8c724f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e4:80:44:3f:d6:4e:6d:94:3c:0e:1e:f5:7b:
                    a2:06:d0:eb:d4:8c:4b:74:fb:2a:5e:fe:37:ab:c0:
                    ba:a4:2c:54:29:96:67:cf:d9:44:82:4f:06:4b:55:
                    40:fa:7b:9b:65:67:ce:fd:f9:e2:2f:a1:a2:34:15:
                    b5:85:0c:49:76:33:c5:de:35:7e:99:18:5b:8d:03:
                    b6:23:18:ff:73:6d:37:79:ff:3a:4c:61:8e:c7:23:
                    aa:b7:75:9a:57:d7:85:35:c3:71:fc:e4:e1:7c:53:
                    d1:5a:2e:bd:51:ee:3d:de:79:84:45:a2:38:16:bc:
                    97:7b:a3:8f:9d:5b:31:fd:0a:4b:75:e6:cb:29:35:
                    84:94:79:69:86:72:ed:4a:14:d7:43:0e:02:9f:30:
                    75:ea:7f:af:9f:a9:ad:a9:9e:8a:c8:de:77:82:88:
                    45:50:59:68:95:91:3e:ef:f8:5a:bf:82:36:f0:2c:
                    e4:c4:ea:de:6d:93:29:42:6a:24:4c:17:8e:91:07:
                    6c:15:1f:c2:32:09:ab:e1:c3:7b:a7:f2:fd:c3:75:
                    df:12:99:63:90:ec:a3:ce:6a:16:17:88:12:e7:81:
                    0c:b5:d4:c7:ae:23:10:7c:97:e8:83:53:29:21:ac:
                    2b:93:e0:e5:22:13:47:44:4f:d6:1b:6c:3a:10:b7:
                    5e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:8E:6B:A1:71:CA:7D:1B:EE:3C:A2:04:1F:B6:C0:8A:F8:C7:24:F9
            X509v3 Authority Key Identifier:
                keyid:1F:6D:C7:11:02:EC:E7:56:C1:D9:AC:4F:CB:FC:4F:2B:D8:47:72:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H23HEQLs51bB2axPy_xPK9hHckw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9cceef-c1da-467b-af24-49797b889454/1/MI5roXHKfRvuPKIEH7bAivjHJPk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9cceef-c1da-467b-af24-49797b889454/1/H23HEQLs51bB2axPy_xPK9hHckw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:d7:a7:32:6d:04:93:71:f3:06:f1:f3:e2:d8:dd:ec:c1:11:
         14:dd:1a:dc:52:30:57:67:4d:27:f3:7a:20:2f:59:20:c9:2e:
         c4:6b:86:b8:86:f9:40:3e:7b:5a:0d:11:93:5c:56:66:4d:13:
         fd:3a:93:1c:75:da:fd:2f:12:6e:1f:f0:b2:d5:01:42:a8:79:
         75:6c:a2:67:21:59:e1:13:8b:58:f8:e9:ca:c7:1c:32:18:44:
         ad:5c:d7:dd:93:ba:f9:84:1a:5b:8f:c9:c5:ef:0d:75:2a:3e:
         ae:e6:8b:a0:2e:51:b8:13:e9:cb:5a:bf:d9:94:1c:a3:da:c7:
         a8:cf:f6:86:47:de:57:8a:75:0a:45:8a:1a:39:0b:ee:0e:26:
         5b:f8:1d:e1:21:80:6d:82:69:e9:64:9b:42:86:d1:b5:d9:13:
         72:6a:28:28:34:0d:3b:d3:b1:ed:86:37:ae:c1:e1:54:8a:40:
         03:57:4d:ee:51:93:e0:29:3f:87:cc:10:9a:21:3e:62:e3:78:
         19:d2:96:82:e1:de:26:22:ce:c3:8b:bd:e5:51:5d:4d:dd:59:
         a1:3d:a0:50:62:e3:a8:1d:94:76:32:ab:7d:9e:3c:fe:3e:55:
         2a:fb:01:60:d2:6d:5f:b1:4c:cd:63:15:33:3f:80:22:29:1f:
         72:10:b3:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgN9oc+urY34Piyu+DPOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNmRjNzExMDJlY2U3NTZjMWQ5YWM0ZmNiZmM0ZjJiZDg0
NzcyNGMwHhcNMjMwMTAxMDQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDhlNmJhMTcxY2E3ZDFiZWUzY2EyMDQxZmI2YzA4YWY4YzcyNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuSARD/WTm2UPA4e9XuiBtDr1IxL
dPsqXv43q8C6pCxUKZZnz9lEgk8GS1VA+nubZWfO/fniL6GiNBW1hQxJdjPF3jV+
mRhbjQO2Ixj/c203ef86TGGOxyOqt3WaV9eFNcNx/OThfFPRWi69Ue493nmERaI4
FryXe6OPnVsx/QpLdebLKTWElHlphnLtShTXQw4CnzB16n+vn6mtqZ6KyN53gohF
UFlolZE+7/hav4I28CzkxOrebZMpQmokTBeOkQdsFR/CMgmr4cN7p/L9w3XfEplj
kOyjzmoWF4gS54EMtdTHriMQfJfog1MpIawrk+DlIhNHRE/WG2w6ELdevwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCOa6Fxyn0b7jyiBB+2wIr4xyT5MB8GA1UdIwQY
MBaAFB9txxEC7OdWwdmsT8v8TyvYR3JMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDIzSEVRTHM1MWJCMmF4UHlfeFBLOWhIY2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85Y2NlZWYtYzFkYS00NjdiLWFmMjQt
NDk3OTdiODg5NDU0LzEvTUk1cm9YSEtmUnZ1UEtJRUg3YkFpdmpISlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85Y2NlZWYtYzFkYS00NjdiLWFmMjQtNDk3OTdiODg5NDU0
LzEvSDIzSEVRTHM1MWJCMmF4UHlfeFBLOWhIY2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiBqMA0G
CSqGSIb3DQEBCwUAA4IBAQCk16cybQSTcfMG8fPi2N3swREU3RrcUjBXZ00n83og
L1kgyS7Ea4a4hvlAPntaDRGTXFZmTRP9OpMcddr9LxJuH/Cy1QFCqHl1bKJnIVnh
E4tY+OnKxxwyGEStXNfdk7r5hBpbj8nF7w11Kj6u5ougLlG4E+nLWr/ZlByj2seo
z/aGR95XinUKRYoaOQvuDiZb+B3hIYBtgmnpZJtChtG12RNyaigoNA0707Hthjeu
weFUikADV03uUZPgKT+HzBCaIT5i43gZ0paC4d4mIs7Di73lUV1N3VmhPaBQYuOo
HZR2Mqt9njz+PlUq+wFg0m1fsUzNYxUzP4AiKR9yELO7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org