Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/ldfhkyJVCVZqJzuXqcmFMnZ-3Dk.roa
File:                     ldfhkyJVCVZqJzuXqcmFMnZ-3Dk.roa (raw, json)
Hash identifier:          u4gt9wzWU9vhRsdEv9h4ITah829Cu0wV4UmHwCek4f0=
Subject key identifier:   95:D7:E1:93:22:55:09:56:6A:27:3B:97:A9:C9:85:32:76:7E:DC:39
Certificate issuer:       /CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
Certificate serial:       0A91F3
Authority key identifier: D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/ldfhkyJVCVZqJzuXqcmFMnZ-3Dk.roa
Signing time:             Fri 25 Mar 2022 08:45:18 +0000
ROA not before:           Fri 25 Mar 2022 08:45:18 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        37.140.250.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 692723 (0xa91f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d52865e83b701b8ba934101c34c11ebdf3fa83bb
        Validity
            Not Before: Mar 25 08:45:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=95d7e193225509566a273b97a9c98532767edc39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a1:28:82:82:b8:6c:d0:68:e3:dc:a7:a4:51:
                    98:73:37:71:e2:8a:a4:91:88:7f:51:9f:a0:8f:ff:
                    f8:8d:39:58:6b:a0:2f:38:c5:4a:0d:1e:40:c1:1e:
                    6f:c0:ca:59:6e:d6:04:79:64:8e:55:a8:2e:83:3c:
                    3b:ac:c0:26:d4:76:3f:48:bb:f6:85:e4:bb:b9:74:
                    02:38:ce:01:14:ec:26:23:49:5a:b6:9c:3e:cb:4d:
                    20:1d:4b:86:b4:8b:79:37:97:65:4b:34:94:4b:0e:
                    db:61:66:88:16:d4:ee:5e:c3:8e:24:b2:6d:ec:02:
                    bb:6f:a5:e8:8b:da:a8:28:93:85:14:a0:c8:f3:ab:
                    4f:08:53:6c:b1:22:12:b2:36:b8:e6:8f:d6:7b:2d:
                    bb:ec:d6:da:84:6c:b8:db:3a:d0:0c:e4:78:5c:96:
                    b8:e5:ab:e6:7b:6d:95:13:59:ba:51:78:00:70:80:
                    03:5a:26:e3:99:e0:f3:e3:e9:ce:40:3d:15:e5:10:
                    3a:b1:e1:c7:6f:b5:71:d0:5c:f7:b7:1d:43:56:b3:
                    6e:14:e2:ac:79:e7:ce:e6:fd:6d:17:62:e5:94:cd:
                    7a:73:87:0d:f6:a1:90:33:e9:27:2a:f9:7c:a4:6b:
                    cf:eb:bf:37:61:fa:70:ac:7c:5e:2d:6c:c3:c0:86:
                    ae:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D7:E1:93:22:55:09:56:6A:27:3B:97:A9:C9:85:32:76:7E:DC:39
            X509v3 Authority Key Identifier:
                keyid:D5:28:65:E8:3B:70:1B:8B:A9:34:10:1C:34:C1:1E:BD:F3:FA:83:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Shl6DtwG4upNBAcNMEevfP6g7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/ldfhkyJVCVZqJzuXqcmFMnZ-3Dk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5c565e-0427-4097-bc12-eb70ba1bde7b/1/1Shl6DtwG4upNBAcNMEevfP6g7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.140.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:a3:7d:5e:e8:62:d0:1e:f7:8e:0f:8b:4d:0a:93:39:29:f6:
         ae:8e:c8:84:59:f7:bf:e6:e7:4a:72:de:22:61:1e:cf:42:92:
         b7:a6:42:4e:43:ed:fa:ac:ec:45:43:3e:cd:62:af:cc:3b:8d:
         3a:1f:09:77:d4:39:f3:df:83:1e:42:44:bb:7c:15:66:e6:75:
         12:c2:42:ad:57:51:6a:8f:00:85:7f:c5:63:f6:6b:e4:34:a5:
         f0:e2:97:bf:78:37:10:34:ad:6d:31:e1:71:8d:d2:40:ee:48:
         1f:23:f9:79:c3:57:e2:82:b6:b6:ec:68:b1:7d:20:14:80:31:
         4e:5a:9f:3e:e4:bf:cc:e2:70:c1:6f:a3:e4:93:e3:d8:97:f2:
         65:f9:b6:1e:95:2e:e9:f0:d1:53:7a:6a:1b:30:f8:40:5f:ca:
         16:6d:0f:c1:65:e7:e4:49:03:f0:43:ea:02:4b:f5:35:40:b1:
         15:94:28:71:76:83:6c:04:9e:69:16:e7:1e:9b:75:93:4b:e8:
         05:f5:6b:64:6d:12:07:d4:5c:8c:f5:d1:27:93:cd:13:64:0d:
         38:23:48:84:80:5b:97:b1:a3:c3:19:a2:ca:93:9b:65:57:dc:
         23:29:13:b9:1d:e2:38:46:e6:5c:64:11:12:60:61:d7:cc:04:
         e9:50:48:74
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCpHzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
Mjg2NWU4M2I3MDFiOGJhOTM0MTAxYzM0YzExZWJkZjNmYTgzYmIwHhcNMjIwMzI1
MDg0NTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NWQ3ZTE5MzIyNTUw
OTU2NmEyNzNiOTdhOWM5ODUzMjc2N2VkYzM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmKEogoK4bNBo49ynpFGYczdx4oqkkYh/UZ+gj//4jTlYa6Av
OMVKDR5AwR5vwMpZbtYEeWSOVagugzw7rMAm1HY/SLv2heS7uXQCOM4BFOwmI0la
tpw+y00gHUuGtIt5N5dlSzSUSw7bYWaIFtTuXsOOJLJt7AK7b6Xoi9qoKJOFFKDI
86tPCFNssSISsja45o/Wey277NbahGy42zrQDOR4XJa45avme22VE1m6UXgAcIAD
WibjmeDz4+nOQD0V5RA6seHHb7Vx0Fz3tx1DVrNuFOKseefO5v1tF2LllM16c4cN
9qGQM+knKvl8pGvP6783YfpwrHxeLWzDwIau6wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJXX4ZMiVQlWaic7l6nJhTJ2ftw5MB8GA1UdIwQYMBaAFNUoZeg7cBuLqTQQ
HDTBHr3z+oO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MVNobDZEdHdHNHVwTkJBY05NRWV2ZlA2ZzdzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYi81YzU2NWUtMDQyNy00MDk3LWJjMTItZWI3MGJhMWJkZTdiLzEv
bGRmaGt5SlZDVlpxSnp1WHFjbUZNblotM0RrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81
YzU2NWUtMDQyNy00MDk3LWJjMTItZWI3MGJhMWJkZTdiLzEvMVNobDZEdHdHNHVw
TkJBY05NRWV2ZlA2ZzdzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz6MA0GCSqGSIb3DQEBCwUAA4IB
AQCIo31e6GLQHveOD4tNCpM5KfaujsiEWfe/5udKct4iYR7PQpK3pkJOQ+36rOxF
Qz7NYq/MO406Hwl31Dnz34MeQkS7fBVm5nUSwkKtV1FqjwCFf8Vj9mvkNKXw4pe/
eDcQNK1tMeFxjdJA7kgfI/l5w1figra27GixfSAUgDFOWp8+5L/M4nDBb6Pkk+PY
l/Jl+bYelS7p8NFTemobMPhAX8oWbQ/BZefkSQPwQ+oCS/U1QLEVlChxdoNsBJ5p
Fucem3WTS+gF9WtkbRIH1FyM9dEnk80TZA04I0iEgFuXsaPDGaLKk5tlV9wjKRO5
HeI4RuZcZBESYGHXzATpUEh0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org