Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/GZo6HQJDgr4_w4Z-O3_MdX6i7HQ.roa
File:                     GZo6HQJDgr4_w4Z-O3_MdX6i7HQ.roa (raw, json)
Hash identifier:          jD+bE3IQWyJcvSL4KFRtUPUbI05jKjD3iN/5eE0RPCE=
Subject key identifier:   19:9A:3A:1D:02:43:82:BE:3F:C3:86:7E:3B:7F:CC:75:7E:A2:EC:74
Certificate issuer:       /CN=edc7cb00b3d414afa97c482eab5fdc76a1634b3d
Certificate serial:       0A4B14
Authority key identifier: ED:C7:CB:00:B3:D4:14:AF:A9:7C:48:2E:AB:5F:DC:76:A1:63:4B:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7cfLALPUFK-pfEguq1_cdqFjSz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/GZo6HQJDgr4_w4Z-O3_MdX6i7HQ.roa
Signing time:             Fri 25 Mar 2022 08:51:25 +0000
ROA not before:           Fri 25 Mar 2022 08:51:25 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        212.23.206.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 674580 (0xa4b14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edc7cb00b3d414afa97c482eab5fdc76a1634b3d
        Validity
            Not Before: Mar 25 08:51:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=199a3a1d024382be3fc3867e3b7fcc757ea2ec74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:2d:f1:12:e7:87:07:f0:50:89:73:3f:24:34:
                    18:22:85:10:1a:23:64:b0:1d:f5:96:b1:75:7d:50:
                    32:ba:78:9f:bc:dc:46:ee:e0:b3:a1:1f:a0:78:9b:
                    3c:4d:2a:14:60:2c:7c:a6:66:c3:aa:6f:8a:ab:0c:
                    b2:5f:da:bd:4a:43:9b:b7:85:0f:20:e0:47:0e:90:
                    df:94:97:4b:b3:23:ec:2d:c0:99:68:87:3c:a2:9e:
                    df:d3:67:f4:42:73:24:87:b0:e4:4f:0b:c0:01:d1:
                    11:7a:61:b9:9d:26:6a:a8:74:89:17:fd:1a:0a:e2:
                    a2:79:38:f0:d5:60:21:fa:bb:e9:63:31:2f:f6:15:
                    d1:72:fa:6b:d4:27:93:5d:78:9b:20:ee:87:2e:5a:
                    9d:0e:d8:6c:a4:8e:1b:50:77:d0:8b:e3:07:b5:43:
                    c6:a4:8d:52:27:af:4e:8f:73:26:78:47:b2:6f:61:
                    0f:e7:b5:16:e1:b8:62:5d:08:d4:55:a1:46:70:a3:
                    6d:63:75:03:24:41:9f:24:6e:d0:63:15:19:73:c9:
                    da:7f:aa:f7:1b:ce:61:d9:f3:1c:c6:5a:b5:a9:3b:
                    1a:6f:26:58:6a:64:48:df:1b:7b:a8:69:21:2f:d8:
                    39:df:52:37:d8:0f:a7:64:23:f6:3b:f0:c3:43:3a:
                    15:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:9A:3A:1D:02:43:82:BE:3F:C3:86:7E:3B:7F:CC:75:7E:A2:EC:74
            X509v3 Authority Key Identifier:
                keyid:ED:C7:CB:00:B3:D4:14:AF:A9:7C:48:2E:AB:5F:DC:76:A1:63:4B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cfLALPUFK-pfEguq1_cdqFjSz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/GZo6HQJDgr4_w4Z-O3_MdX6i7HQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/7cfLALPUFK-pfEguq1_cdqFjSz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:df:74:3a:e2:81:fe:18:61:4d:01:50:7a:7f:be:15:62:cd:
         32:d3:1f:99:5e:f0:14:5d:5b:33:cd:85:f2:0a:8f:e4:c8:ee:
         2a:b6:0a:e0:88:43:b2:1a:b9:42:33:91:59:45:55:37:b0:8d:
         ff:c9:39:a9:7b:7d:53:c3:dc:4c:a7:e1:3b:a8:de:e5:c6:c6:
         5c:10:aa:2e:b4:53:5b:a7:70:5d:e4:61:93:b1:5b:b6:a4:ac:
         22:06:e0:93:61:aa:89:64:6f:8d:85:63:54:02:bd:9d:9f:d5:
         f6:e2:0d:36:31:05:41:cf:78:72:fa:64:5b:74:5e:45:de:4d:
         08:0e:21:cd:c5:ea:5d:47:02:66:b4:8e:95:d2:c9:9a:f8:a4:
         ec:9d:7e:23:5d:56:82:72:d3:8f:c5:ec:fd:44:fb:68:1f:42:
         d7:09:01:e5:a8:f0:58:b7:25:4e:e2:4f:70:ff:a7:4e:50:91:
         65:60:ac:df:dd:d9:88:62:4c:8a:7c:51:ac:43:61:c5:63:cd:
         55:60:87:19:51:e5:5f:c5:16:f6:c2:17:4f:d3:3a:ee:04:9b:
         d8:8a:66:e7:c0:af:20:be:b6:17:84:7a:62:88:ce:47:c0:c8:
         c2:7f:19:5e:a8:76:09:37:47:f7:cc:2b:4e:2d:7b:2b:e3:53:
         60:d1:75:56
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCksUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVk
YzdjYjAwYjNkNDE0YWZhOTdjNDgyZWFiNWZkYzc2YTE2MzRiM2QwHhcNMjIwMzI1
MDg1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxOTlhM2ExZDAyNDM4
MmJlM2ZjMzg2N2UzYjdmY2M3NTdlYTJlYzc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5S3xEueHB/BQiXM/JDQYIoUQGiNksB31lrF1fVAyunifvNxG
7uCzoR+geJs8TSoUYCx8pmbDqm+KqwyyX9q9SkObt4UPIOBHDpDflJdLsyPsLcCZ
aIc8op7f02f0QnMkh7DkTwvAAdERemG5nSZqqHSJF/0aCuKieTjw1WAh+rvpYzEv
9hXRcvpr1CeTXXibIO6HLlqdDthspI4bUHfQi+MHtUPGpI1SJ69Oj3MmeEeyb2EP
57UW4bhiXQjUVaFGcKNtY3UDJEGfJG7QYxUZc8naf6r3G85h2fMcxlq1qTsabyZY
amRI3xt7qGkhL9g531I32A+nZCP2O/DDQzoVNwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFBmaOh0CQ4K+P8OGfjt/zHV+oux0MB8GA1UdIwQYMBaAFO3HywCz1BSvqXxI
Lqtf3HahY0s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
N2NmTEFMUFVGSy1wZkVndXExX2NkcUZqU3owLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYy80ZTIwZjEtNTY4OS00MTFjLTkzNzktYzE1OTE2NWRlMGM3LzEv
R1pvNkhRSkRncjRfdzRaLU8zX01kWDZpN0hRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80
ZTIwZjEtNTY4OS00MTFjLTkzNzktYzE1OTE2NWRlMGM3LzEvN2NmTEFMUFVGSy1w
ZkVndXExX2NkcUZqU3owLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfOMA0GCSqGSIb3DQEBCwUAA4IB
AQBt33Q64oH+GGFNAVB6f74VYs0y0x+ZXvAUXVszzYXyCo/kyO4qtgrgiEOyGrlC
M5FZRVU3sI3/yTmpe31Tw9xMp+E7qN7lxsZcEKoutFNbp3Bd5GGTsVu2pKwiBuCT
YaqJZG+NhWNUAr2dn9X24g02MQVBz3hy+mRbdF5F3k0IDiHNxepdRwJmtI6V0sma
+KTsnX4jXVaCctOPxez9RPtoH0LXCQHlqPBYtyVO4k9w/6dOUJFlYKzf3dmIYkyK
fFGsQ2HFY81VYIcZUeVfxRb2whdP0zruBJvYimbnwK8gvrYXhHpiiM5HwMjCfxle
qHYJN0f3zCtOLXsr41Ng0XVW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:44 2024 by rpki-client on console-ams.rpki-client.org