Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ee5d9b-c8e6-499a-aaeb-e5e742f4577f/1/qrPALdIwWg75KR8arETbkZIA_20.roa
File:                     qrPALdIwWg75KR8arETbkZIA_20.roa (raw, json)
Hash identifier:          TYLyTMVd6rkPC2JtwCj/Om8Ag/r4OGuVCMshsgjyWLY=
Subject key identifier:   AA:B3:C0:2D:D2:30:5A:0E:F9:29:1F:1A:AC:44:DB:91:92:00:FF:6D
Certificate issuer:       /CN=651698c0cd983797915e7d793fb6d18c481e84c5
Certificate serial:       0189E47F0B56BC9D7EECB00B962DF203428E
Authority key identifier: 65:16:98:C0:CD:98:37:97:91:5E:7D:79:3F:B6:D1:8C:48:1E:84:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZRaYwM2YN5eRXn15P7bRjEgehMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ee5d9b-c8e6-499a-aaeb-e5e742f4577f/1/qrPALdIwWg75KR8arETbkZIA_20.roa
Signing time:             Fri 11 Aug 2023 12:07:58 +0000
ROA not before:           Fri 11 Aug 2023 12:07:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199737
IP address blocks:        178.211.132.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e4:7f:0b:56:bc:9d:7e:ec:b0:0b:96:2d:f2:03:42:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=651698c0cd983797915e7d793fb6d18c481e84c5
        Validity
            Not Before: Aug 11 12:07:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aab3c02dd2305a0ef9291f1aac44db919200ff6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:67:fc:e2:ff:aa:27:52:45:4c:7b:ee:68:5b:
                    24:28:df:70:90:19:ed:71:0d:f8:23:9f:8f:b5:e1:
                    bb:cb:dc:48:27:1b:d3:11:f2:54:14:33:bf:0c:f6:
                    3e:fc:9b:9e:9c:bc:a3:08:33:a4:26:ea:28:f1:0e:
                    67:0a:01:09:92:02:03:b9:82:2a:8a:05:33:f9:71:
                    5d:8f:4f:3d:31:99:31:5e:87:f5:8d:64:15:4e:9f:
                    7b:0d:3d:21:c8:15:df:07:e2:a7:ba:b8:92:c9:c7:
                    98:88:07:d9:e2:0e:b8:2e:5e:e5:dc:61:5d:0e:d3:
                    16:b3:c6:43:3d:20:11:ec:09:79:91:d7:29:38:bc:
                    0b:c9:08:45:e7:21:ff:d9:81:93:b7:50:b9:9c:82:
                    00:03:cc:ff:8a:7d:e4:47:36:6f:da:5e:be:8a:70:
                    da:82:43:0d:01:f5:93:c9:80:af:a9:21:f9:54:65:
                    2d:d8:27:9c:17:61:cc:71:8f:56:7a:72:80:fa:8d:
                    48:56:a4:f3:97:e1:a9:b9:3a:9d:34:ac:55:cf:66:
                    7d:f7:38:ad:4d:f5:2d:df:27:26:a7:ff:15:62:42:
                    24:9a:ce:56:d5:9c:2e:5c:6d:34:ef:cd:99:22:50:
                    86:bb:17:3a:80:82:66:c8:22:d5:aa:91:77:78:a7:
                    00:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B3:C0:2D:D2:30:5A:0E:F9:29:1F:1A:AC:44:DB:91:92:00:FF:6D
            X509v3 Authority Key Identifier:
                keyid:65:16:98:C0:CD:98:37:97:91:5E:7D:79:3F:B6:D1:8C:48:1E:84:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRaYwM2YN5eRXn15P7bRjEgehMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ee5d9b-c8e6-499a-aaeb-e5e742f4577f/1/qrPALdIwWg75KR8arETbkZIA_20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ee5d9b-c8e6-499a-aaeb-e5e742f4577f/1/ZRaYwM2YN5eRXn15P7bRjEgehMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.211.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:87:89:ac:9f:c1:e4:f9:e0:c4:75:44:8b:b9:66:38:f2:33:
         18:b9:d7:e7:a7:23:2b:66:e0:cb:67:52:77:f2:85:2b:9e:ab:
         58:5e:fb:ea:d8:88:44:97:7a:70:6f:3f:d5:ba:17:95:0a:3b:
         a9:4f:3f:3e:25:bb:c3:bf:d2:52:89:67:16:f3:78:07:dd:5d:
         ab:65:f0:7a:5a:e9:94:94:f8:f3:93:a8:b0:4f:ce:90:0d:cc:
         af:09:e2:a9:a3:bd:81:c7:8e:98:20:29:52:7f:26:ae:b3:6b:
         2d:fa:21:ff:68:58:c6:90:53:5b:7d:30:5c:29:78:b8:f1:8c:
         2d:17:e4:b8:ee:57:68:c0:7b:ac:56:be:da:98:98:14:ac:94:
         10:97:93:ae:d9:bb:d7:30:6b:d4:b6:05:f2:69:24:d1:ac:ed:
         61:c7:1e:0c:5a:32:92:be:6b:10:0f:66:da:90:c6:1c:26:8a:
         1a:3b:9f:91:9e:bb:00:77:47:ea:8e:be:cb:50:08:0b:10:ff:
         2c:53:91:96:c8:a1:a6:4e:65:65:12:0b:28:06:b3:46:a9:09:
         92:8d:36:2d:4e:28:c5:9f:61:79:98:99:fe:e5:34:dc:e8:f9:
         97:42:2b:5f:c3:5b:6d:00:d2:38:a4:9e:6a:e4:70:b8:00:9a:
         0b:42:39:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnkfwtWvJ1+7LALli3yA0KOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTY5OGMwY2Q5ODM3OTc5MTVlN2Q3OTNmYjZkMThjNDgx
ZTg0YzUwHhcNMjMwODExMTIwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWIzYzAyZGQyMzA1YTBlZjkyOTFmMWFhYzQ0ZGI5MTkyMDBmZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomf84v+qJ1JFTHvuaFskKN9wkBnt
cQ34I5+PteG7y9xIJxvTEfJUFDO/DPY+/JuenLyjCDOkJuoo8Q5nCgEJkgIDuYIq
igUz+XFdj089MZkxXof1jWQVTp97DT0hyBXfB+KnuriSyceYiAfZ4g64Ll7l3GFd
DtMWs8ZDPSAR7Al5kdcpOLwLyQhF5yH/2YGTt1C5nIIAA8z/in3kRzZv2l6+inDa
gkMNAfWTyYCvqSH5VGUt2CecF2HMcY9WenKA+o1IVqTzl+GpuTqdNKxVz2Z99zit
TfUt3ycmp/8VYkIkms5W1ZwuXG00782ZIlCGuxc6gIJmyCLVqpF3eKcAGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqzwC3SMFoO+SkfGqxE25GSAP9tMB8GA1UdIwQY
MBaAFGUWmMDNmDeXkV59eT+20YxIHoTFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJhWXdNMllONWVSWG4xNVA3YlJqRWdlaE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZTVkOWItYzhlNi00OTlhLWFhZWIt
ZTVlNzQyZjQ1NzdmLzEvcXJQQUxkSXdXZzc1S1I4YXJFVGJrWklBXzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZTVkOWItYzhlNi00OTlhLWFhZWItZTVlNzQyZjQ1Nzdm
LzEvWlJhWXdNMllONWVSWG4xNVA3YlJqRWdlaE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOEMA0G
CSqGSIb3DQEBCwUAA4IBAQBxh4msn8Hk+eDEdUSLuWY48jMYudfnpyMrZuDLZ1J3
8oUrnqtYXvvq2IhEl3pwbz/VuheVCjupTz8+JbvDv9JSiWcW83gH3V2rZfB6WumU
lPjzk6iwT86QDcyvCeKpo72Bx46YIClSfyaus2st+iH/aFjGkFNbfTBcKXi48Ywt
F+S47ldowHusVr7amJgUrJQQl5Ou2bvXMGvUtgXyaSTRrO1hxx4MWjKSvmsQD2ba
kMYcJooaO5+RnrsAd0fqjr7LUAgLEP8sU5GWyKGmTmVlEgsoBrNGqQmSjTYtTijF
n2F5mJn+5TTc6PmXQitfw1ttANI4pJ5q5HC4AJoLQjmL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org