Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3dca4c-29b2-43e9-88ec-98b9d07db797/1/BBsPYrTy1KOAR1gKmHJOTKPjpxo.roa
File:                     BBsPYrTy1KOAR1gKmHJOTKPjpxo.roa (raw, json)
Hash identifier:          CMsujxqPXzFUpN6p0JBmAWQi1RykRFI1Jq6GRREkRbU=
Subject key identifier:   04:1B:0F:62:B4:F2:D4:A3:80:47:58:0A:98:72:4E:4C:A3:E3:A7:1A
Certificate issuer:       /CN=da36405d6df5fd4c71c98e1a45b1f16f34b4314c
Certificate serial:       5EFDEA
Authority key identifier: DA:36:40:5D:6D:F5:FD:4C:71:C9:8E:1A:45:B1:F1:6F:34:B4:31:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2jZAXW31_UxxyY4aRbHxbzS0MUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/3dca4c-29b2-43e9-88ec-98b9d07db797/1/BBsPYrTy1KOAR1gKmHJOTKPjpxo.roa
Signing time:             Mon 21 Mar 2022 14:46:03 +0000
ROA not before:           Mon 21 Mar 2022 14:46:03 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211114
IP address blocks:        178.211.130.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6225386 (0x5efdea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da36405d6df5fd4c71c98e1a45b1f16f34b4314c
        Validity
            Not Before: Mar 21 14:46:03 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=041b0f62b4f2d4a38047580a98724e4ca3e3a71a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8e:b1:24:c4:a3:3e:1b:18:a0:1a:a8:75:16:
                    1c:16:b0:bc:b0:37:fb:93:9e:3e:f8:01:5a:cc:ef:
                    70:85:b6:2a:7f:31:82:4d:d6:2a:6b:30:74:7e:34:
                    3d:70:ac:ae:68:81:08:4c:44:2d:ad:de:3e:5b:f6:
                    9c:d0:b4:3d:4f:3b:37:a2:45:bf:0c:c3:df:93:86:
                    21:df:00:35:ce:85:1d:f0:75:91:1e:7e:1b:59:ae:
                    89:cf:3b:36:18:b5:50:b0:dc:9e:4c:3a:4e:99:d4:
                    a3:37:6b:41:3e:30:31:ff:9e:ef:01:62:c9:e7:b8:
                    30:e4:fe:3e:cd:06:66:d3:6f:8f:c5:50:7b:c9:8a:
                    49:65:c6:df:1b:10:f5:26:e7:17:21:e2:0f:4e:5c:
                    73:79:d6:ce:83:aa:5c:f4:a2:e8:03:a7:86:2d:c4:
                    ab:54:01:e4:18:f9:c6:87:da:e7:3d:fe:8b:70:4a:
                    2d:63:f7:6e:5e:96:a3:db:61:54:52:65:c7:eb:2a:
                    58:d1:aa:c9:17:01:41:1d:30:35:3d:d8:17:6b:b4:
                    5e:1d:52:7f:71:75:2a:39:8a:56:75:4c:f8:ee:f4:
                    5a:05:7c:ab:c7:59:cb:02:55:16:a1:72:d1:34:13:
                    94:62:9c:b5:1f:58:83:bc:97:af:0b:ed:82:58:70:
                    f2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:1B:0F:62:B4:F2:D4:A3:80:47:58:0A:98:72:4E:4C:A3:E3:A7:1A
            X509v3 Authority Key Identifier:
                keyid:DA:36:40:5D:6D:F5:FD:4C:71:C9:8E:1A:45:B1:F1:6F:34:B4:31:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jZAXW31_UxxyY4aRbHxbzS0MUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3dca4c-29b2-43e9-88ec-98b9d07db797/1/BBsPYrTy1KOAR1gKmHJOTKPjpxo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3dca4c-29b2-43e9-88ec-98b9d07db797/1/2jZAXW31_UxxyY4aRbHxbzS0MUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:20:c9:22:05:6f:0b:4c:de:2a:fa:62:70:a0:34:fa:8f:a8:
         28:7a:c6:2f:c7:71:94:dc:69:ec:c3:9e:01:c4:0a:5c:31:7a:
         0e:c3:b5:d7:7f:e9:73:77:dc:45:74:22:01:10:01:92:3c:e0:
         d3:08:18:a6:5e:fe:17:61:7c:2c:15:30:a5:36:af:1f:68:f4:
         7b:fd:75:5b:d0:08:75:08:44:6b:5f:b0:cd:26:b4:50:38:d7:
         dd:10:fe:59:7b:2b:c9:4b:fa:f1:30:bf:ab:a6:e4:87:e9:2b:
         59:ba:21:0e:4c:00:c0:9f:2c:40:1a:49:55:4c:68:66:bf:f1:
         b1:79:51:4a:42:c2:a3:4d:6a:73:8a:9e:a7:52:17:4b:51:53:
         0c:0a:cd:52:4e:28:87:1a:a5:f6:62:d5:44:26:e9:60:1c:54:
         ec:b6:5b:de:0b:0a:a0:5d:16:fb:10:25:82:79:ee:29:ad:96:
         31:4e:2e:b1:b7:2e:37:1a:b9:9b:f3:6e:ed:9c:77:42:86:f3:
         6c:7a:e6:4d:d6:58:3f:f5:d5:c7:76:2c:05:1b:dc:4f:26:ac:
         fc:7a:7e:e8:11:29:ab:6e:ec:36:d0:32:1e:15:49:99:65:0b:
         14:8b:2c:5e:ce:74:b0:87:43:aa:55:a1:c1:de:d3:f0:1a:3a:
         ea:c6:f8:e9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDXv3qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRh
MzY0MDVkNmRmNWZkNGM3MWM5OGUxYTQ1YjFmMTZmMzRiNDMxNGMwHhcNMjIwMzIx
MTQ0NjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNDFiMGY2MmI0ZjJk
NGEzODA0NzU4MGE5ODcyNGU0Y2EzZTNhNzFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApY6xJMSjPhsYoBqodRYcFrC8sDf7k54++AFazO9whbYqfzGC
TdYqazB0fjQ9cKyuaIEITEQtrd4+W/ac0LQ9Tzs3okW/DMPfk4Yh3wA1zoUd8HWR
Hn4bWa6Jzzs2GLVQsNyeTDpOmdSjN2tBPjAx/57vAWLJ57gw5P4+zQZm02+PxVB7
yYpJZcbfGxD1JucXIeIPTlxzedbOg6pc9KLoA6eGLcSrVAHkGPnGh9rnPf6LcEot
Y/duXpaj22FUUmXH6ypY0arJFwFBHTA1PdgXa7ReHVJ/cXUqOYpWdUz47vRaBXyr
x1nLAlUWoXLRNBOUYpy1H1iDvJevC+2CWHDyswIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAQbD2K08tSjgEdYCphyTkyj46caMB8GA1UdIwQYMBaAFNo2QF1t9f1MccmO
GkWx8W80tDFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmpaQVhXMzFfVXh4eVk0YVJiSHhielMwTVV3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kNS8zZGNhNGMtMjliMi00M2U5LTg4ZWMtOThiOWQwN2RiNzk3LzEv
QkJzUFlyVHkxS09BUjFnS21ISk9US1BqcHhvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8z
ZGNhNGMtMjliMi00M2U5LTg4ZWMtOThiOWQwN2RiNzk3LzEvMmpaQVhXMzFfVXh4
eVk0YVJiSHhielMwTVV3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOCMA0GCSqGSIb3DQEBCwUAA4IB
AQC2IMkiBW8LTN4q+mJwoDT6j6goesYvx3GU3Gnsw54BxApcMXoOw7XXf+lzd9xF
dCIBEAGSPODTCBimXv4XYXwsFTClNq8faPR7/XVb0Ah1CERrX7DNJrRQONfdEP5Z
eyvJS/rxML+rpuSH6StZuiEOTADAnyxAGklVTGhmv/GxeVFKQsKjTWpzip6nUhdL
UVMMCs1STiiHGqX2YtVEJulgHFTstlveCwqgXRb7ECWCee4prZYxTi6xty43Grmb
827tnHdChvNseuZN1lg/9dXHdiwFG9xPJqz8en7oESmrbuw20DIeFUmZZQsUiyxe
znSwh0OqVaHB3tPwGjrqxvjp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:26 2024 by rpki-client on console-ams.rpki-client.org