Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/is2afNp3pzqgjW8zyAWZ6tTGfxA.roa
File:                     is2afNp3pzqgjW8zyAWZ6tTGfxA.roa (raw, json)
Hash identifier:          BVQLZZn0Pf6gfo1nfE0KEZQ0l616HF2OUf7hMV7HvBQ=
Subject key identifier:   8A:CD:9A:7C:DA:77:A7:3A:A0:8D:6F:33:C8:05:99:EA:D4:C6:7F:10
Certificate issuer:       /CN=edc7cb00b3d414afa97c482eab5fdc76a1634b3d
Certificate serial:       01875103297AD732F90F7BD0E56693B25F13
Authority key identifier: ED:C7:CB:00:B3:D4:14:AF:A9:7C:48:2E:AB:5F:DC:76:A1:63:4B:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7cfLALPUFK-pfEguq1_cdqFjSz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/is2afNp3pzqgjW8zyAWZ6tTGfxA.roa
Signing time:             Wed 05 Apr 2023 10:42:54 +0000
ROA not before:           Wed 05 Apr 2023 10:42:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        212.23.206.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:03:29:7a:d7:32:f9:0f:7b:d0:e5:66:93:b2:5f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edc7cb00b3d414afa97c482eab5fdc76a1634b3d
        Validity
            Not Before: Apr  5 10:42:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8acd9a7cda77a73aa08d6f33c80599ead4c67f10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a7:15:46:b7:22:93:1a:de:41:c2:5c:c9:d8:
                    16:1e:87:b1:eb:41:e9:40:60:9f:ec:b2:e1:6b:7f:
                    66:cf:ce:07:d9:8e:f2:b9:f8:d7:d4:2f:c5:37:62:
                    c8:ca:d3:ad:3f:70:47:e8:da:88:d2:28:09:56:e6:
                    73:93:a0:42:fa:01:1c:5f:66:92:2b:76:f0:f2:39:
                    cc:9f:d0:12:fd:4c:22:49:a5:40:45:bf:be:98:15:
                    fd:28:c8:82:e9:f6:e5:f6:28:41:84:3b:1b:99:46:
                    34:0e:80:36:b8:09:ce:24:54:8f:b4:8f:d5:7d:92:
                    2a:3e:72:ff:93:49:d9:c5:85:6f:98:48:8f:94:6c:
                    2c:b4:83:13:1a:e4:c1:6d:d7:f8:7f:f1:32:d0:12:
                    d3:c1:f2:15:5a:57:63:c8:7b:06:ce:d9:7e:04:bf:
                    fb:fe:f4:c9:3f:4f:4e:ac:d8:a4:1a:fe:1e:07:71:
                    23:73:5c:65:5c:7a:f6:30:db:2f:f0:e4:62:b3:1a:
                    60:ac:f7:31:d9:d5:cb:fc:f1:85:34:12:11:42:99:
                    ca:1b:e6:d5:e1:6b:e2:bc:2b:33:1d:58:26:bb:63:
                    ff:4b:cf:17:92:4e:a3:9e:1b:42:ba:5c:b1:6d:0c:
                    68:c4:b0:61:f4:a3:da:f9:47:ea:7b:cf:bc:33:c5:
                    67:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:CD:9A:7C:DA:77:A7:3A:A0:8D:6F:33:C8:05:99:EA:D4:C6:7F:10
            X509v3 Authority Key Identifier:
                keyid:ED:C7:CB:00:B3:D4:14:AF:A9:7C:48:2E:AB:5F:DC:76:A1:63:4B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cfLALPUFK-pfEguq1_cdqFjSz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/is2afNp3pzqgjW8zyAWZ6tTGfxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/4e20f1-5689-411c-9379-c159165de0c7/1/7cfLALPUFK-pfEguq1_cdqFjSz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:4b:e8:90:87:79:30:90:b1:f3:d1:bd:09:8e:b5:90:5b:70:
         12:86:12:b1:e2:88:2a:df:a4:87:ff:f1:8b:7b:29:09:ed:45:
         07:ea:93:49:d5:9f:a7:ef:ef:10:48:85:97:59:6d:fa:64:e6:
         ae:f4:ef:fc:da:fa:1f:90:97:31:cd:0e:ba:5c:1e:40:65:5b:
         be:12:85:72:ef:dc:33:e5:fb:e4:11:5c:65:be:41:71:f9:2a:
         68:c6:91:e0:9d:4d:78:db:c7:3b:17:35:a4:7b:ae:eb:31:49:
         7e:33:9c:d7:3f:25:25:c7:6b:3d:c5:d5:37:d8:fe:90:60:4b:
         73:5d:b0:40:65:68:90:60:18:a6:22:11:db:88:5a:45:d8:f1:
         79:5f:6c:20:47:01:a3:a6:2a:62:4b:62:b4:d2:1a:56:3e:93:
         47:1c:af:d6:9f:4a:ec:aa:78:df:a9:1a:db:46:4c:20:49:0b:
         46:99:ff:28:f5:e8:de:ab:f3:13:f9:96:69:af:c2:3f:b1:88:
         bf:76:75:9c:85:b1:59:b4:82:f2:a4:e5:a6:6f:bd:27:ce:82:
         61:31:9a:a0:f4:e6:98:76:b4:a0:16:0b:f2:41:d0:64:5b:24:
         b6:92:24:2c:f1:27:f5:83:df:ee:62:66:66:15:96:e1:4f:5c:
         ea:f2:47:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdRAyl61zL5D3vQ5WaTsl8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzdjYjAwYjNkNDE0YWZhOTdjNDgyZWFiNWZkYzc2YTE2
MzRiM2QwHhcNMjMwNDA1MTA0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNkOWE3Y2RhNzdhNzNhYTA4ZDZmMzNjODA1OTllYWQ0YzY3ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKcVRrcikxreQcJcydgWHoex60Hp
QGCf7LLha39mz84H2Y7yufjX1C/FN2LIytOtP3BH6NqI0igJVuZzk6BC+gEcX2aS
K3bw8jnMn9AS/UwiSaVARb++mBX9KMiC6fbl9ihBhDsbmUY0DoA2uAnOJFSPtI/V
fZIqPnL/k0nZxYVvmEiPlGwstIMTGuTBbdf4f/Ey0BLTwfIVWldjyHsGztl+BL/7
/vTJP09OrNikGv4eB3Ejc1xlXHr2MNsv8ORisxpgrPcx2dXL/PGFNBIRQpnKG+bV
4WvivCszHVgmu2P/S88Xkk6jnhtCulyxbQxoxLBh9KPa+Ufqe8+8M8Vn6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIrNmnzad6c6oI1vM8gFmerUxn8QMB8GA1UdIwQY
MBaAFO3HywCz1BSvqXxILqtf3HahY0s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NmTEFMUFVGSy1wZkVndXExX2NkcUZqU3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80ZTIwZjEtNTY4OS00MTFjLTkzNzkt
YzE1OTE2NWRlMGM3LzEvaXMyYWZOcDNwenFnalc4enlBV1o2dFRHZnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy80ZTIwZjEtNTY4OS00MTFjLTkzNzktYzE1OTE2NWRlMGM3
LzEvN2NmTEFMUFVGSy1wZkVndXExX2NkcUZqU3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfOMA0G
CSqGSIb3DQEBCwUAA4IBAQBRS+iQh3kwkLHz0b0JjrWQW3AShhKx4ogq36SH//GL
eykJ7UUH6pNJ1Z+n7+8QSIWXWW36ZOau9O/82vofkJcxzQ66XB5AZVu+EoVy79wz
5fvkEVxlvkFx+SpoxpHgnU1428c7FzWke67rMUl+M5zXPyUlx2s9xdU32P6QYEtz
XbBAZWiQYBimIhHbiFpF2PF5X2wgRwGjpipiS2K00hpWPpNHHK/Wn0rsqnjfqRrb
RkwgSQtGmf8o9ejeq/MT+ZZpr8I/sYi/dnWchbFZtILypOWmb70nzoJhMZqg9OaY
drSgFgvyQdBkWyS2kiQs8Sf1g9/uYmZmFZbhT1zq8kfO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:44 2024 by rpki-client on console-ams.rpki-client.org