Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/WlD-nsb_VTLIYiO8vnaRe_dGgxE.roa
File:                     WlD-nsb_VTLIYiO8vnaRe_dGgxE.roa (raw, json)
Hash identifier:          bjtDPow8cv8OG2+O9QQjjpUSyNLwmGiCh2s8gYtgAWw=
Subject key identifier:   5A:50:FE:9E:C6:FF:55:32:C8:62:23:BC:BE:76:91:7B:F7:46:83:11
Certificate issuer:       /CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
Certificate serial:       01DE7AB7
Authority key identifier: 85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/WlD-nsb_VTLIYiO8vnaRe_dGgxE.roa
Signing time:             Sat 09 Apr 2022 04:24:47 +0000
ROA not before:           Sat 09 Apr 2022 04:24:47 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     14618
IP address blocks:        185.212.119.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31357623 (0x1de7ab7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
        Validity
            Not Before: Apr  9 04:24:47 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5a50fe9ec6ff5532c86223bcbe76917bf7468311
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:de:05:74:da:f5:b2:b8:3e:04:40:64:e0:69:
                    f6:53:69:df:1e:de:cd:7c:07:dd:53:d3:17:8e:57:
                    93:79:2b:43:d4:5d:dc:21:7a:e3:a5:11:c6:b8:37:
                    b8:47:e0:f8:f6:d1:02:3b:52:2f:c6:88:5b:86:3a:
                    fc:91:3a:1f:63:39:c1:db:99:54:43:89:e6:fa:b1:
                    c0:d5:7e:80:c3:72:d6:c8:25:fa:75:ec:cb:ee:b1:
                    b9:ee:43:52:cc:47:e9:2a:76:26:30:fa:ac:51:b1:
                    66:17:9a:ec:a2:78:c2:51:1d:3f:0f:b0:23:23:eb:
                    ce:f3:33:0a:7e:ee:74:22:46:a8:be:16:84:63:35:
                    b8:8e:3a:92:99:6c:3e:08:8b:60:0c:94:03:51:b5:
                    b8:25:1a:90:ca:f1:8a:ce:ef:fb:70:dd:2b:0e:9d:
                    e8:7f:ef:8a:bf:40:37:93:a5:85:91:b7:fa:0a:5a:
                    b8:4a:40:1b:09:48:f8:70:73:2d:29:8b:78:b2:7b:
                    0c:ff:17:5d:b5:0f:7c:86:20:2c:ac:70:91:97:47:
                    d6:87:0f:fc:97:f3:5a:36:2d:5b:ea:1a:ce:74:5b:
                    8a:a8:f6:10:aa:0d:6c:b2:65:31:57:01:db:23:ea:
                    0e:f4:10:27:70:a5:74:0f:ae:12:6a:dd:59:60:7d:
                    76:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:50:FE:9E:C6:FF:55:32:C8:62:23:BC:BE:76:91:7B:F7:46:83:11
            X509v3 Authority Key Identifier:
                keyid:85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/WlD-nsb_VTLIYiO8vnaRe_dGgxE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/hcP2qehVDAkLw7JX9yuPZbaan2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:80:9a:43:48:78:db:40:5c:e1:0d:83:8a:37:7f:33:f8:ab:
         b5:e0:da:5c:75:3f:4a:c7:0b:5b:33:49:4f:db:18:1a:a0:1b:
         83:ac:30:10:86:9e:c4:50:40:3f:9c:a7:32:b4:22:78:cb:9e:
         29:be:33:4b:e0:32:06:a0:41:c3:1a:70:50:1b:08:a8:14:9e:
         89:39:1a:e1:50:4f:f1:83:da:d8:86:a6:a5:77:e9:78:6b:23:
         0b:79:ca:a4:66:b1:55:ba:6b:12:33:f8:cb:3a:c1:6c:1f:fa:
         08:bf:6b:6d:6c:6a:35:2a:c4:aa:26:a4:fe:4e:0a:75:13:9f:
         f3:29:1f:57:15:9b:02:59:2b:b9:0d:2f:21:28:71:59:cc:48:
         72:eb:88:8b:0a:ad:44:c5:4c:34:dd:e5:30:0b:43:ff:d2:a6:
         9f:96:64:a7:ba:21:69:97:e3:72:eb:f5:95:25:07:04:55:bf:
         52:9e:72:2f:93:5c:1d:90:d1:7c:6a:e9:16:61:ac:c4:30:db:
         c7:2d:74:31:e3:d0:ca:2f:7c:0d:2a:e7:5c:e4:da:2a:f6:7e:
         79:67:f4:dd:e1:1c:78:6e:62:f9:b6:50:83:ca:2f:65:87:7a:
         22:71:e6:8f:b4:81:b3:4c:cb:b8:ba:b0:5d:62:e6:2f:bd:31:
         2e:c6:33:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAd56tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWMzZjZhOWU4NTUwYzA5MGJjM2IyNTdmNzJiOGY2NWI2OWE5ZjYxMB4XDTIyMDQw
OTA0MjQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE1MGZlOWVjNmZm
NTUzMmM4NjIyM2JjYmU3NjkxN2JmNzQ2ODMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXeBXTa9bK4PgRAZOBp9lNp3x7ezXwH3VPTF45Xk3krQ9Rd
3CF646URxrg3uEfg+PbRAjtSL8aIW4Y6/JE6H2M5wduZVEOJ5vqxwNV+gMNy1sgl
+nXsy+6xue5DUsxH6Sp2JjD6rFGxZhea7KJ4wlEdPw+wIyPrzvMzCn7udCJGqL4W
hGM1uI46kplsPgiLYAyUA1G1uCUakMrxis7v+3DdKw6d6H/vir9AN5OlhZG3+gpa
uEpAGwlI+HBzLSmLeLJ7DP8XXbUPfIYgLKxwkZdH1ocP/JfzWjYtW+oaznRbiqj2
EKoNbLJlMVcB2yPqDvQQJ3CldA+uEmrdWWB9dusCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaUP6exv9VMshiI7y+dpF790aDETAfBgNVHSMEGDAWgBSFw/ap6FUMCQvD
slf3K49ltpqfYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hjUDJxZWhWREFrTHc3Slg5eXVQWmJhYW4yRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvNTI0YmE1LTA5NmQtNDdmZi1hOGY0LWRjOGEyZDllYzZmMy8x
L1dsRC1uc2JfVlRMSVlpTzh2bmFSZV9kR2d4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
NTI0YmE1LTA5NmQtNDdmZi1hOGY0LWRjOGEyZDllYzZmMy8xL2hjUDJxZWhWREFr
THc3Slg5eXVQWmJhYW4yRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnUdzANBgkqhkiG9w0BAQsFAAOC
AQEARYCaQ0h420Bc4Q2Dijd/M/irteDaXHU/SscLWzNJT9sYGqAbg6wwEIaexFBA
P5ynMrQieMueKb4zS+AyBqBBwxpwUBsIqBSeiTka4VBP8YPa2IampXfpeGsjC3nK
pGaxVbprEjP4yzrBbB/6CL9rbWxqNSrEqiak/k4KdROf8ykfVxWbAlkruQ0vIShx
WcxIcuuIiwqtRMVMNN3lMAtD/9Kmn5Zkp7ohaZfjcuv1lSUHBFW/Up5yL5NcHZDR
fGrpFmGsxDDbxy10MePQyi98DSrnXOTaKvZ+eWf03eEceG5i+bZQg8ovZYd6InHm
j7SBs0zLuLqwXWLmL70xLsYztg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org