Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/vuOqkJ576TdEaXJp1TfrxOCwRC0.roa
File:                     vuOqkJ576TdEaXJp1TfrxOCwRC0.roa (raw, json)
Hash identifier:          Z+MjMiYxt6MDAWfYglmjvECMwme4DjstDsJyATyGhhY=
Subject key identifier:   BE:E3:AA:90:9E:7B:E9:37:44:69:72:69:D5:37:EB:C4:E0:B0:44:2D
Certificate issuer:       /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial:       019444EEA9CC74B0DCE6E445F6C4F1FA6F2F
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/vuOqkJ576TdEaXJp1TfrxOCwRC0.roa
Signing time:             Wed 08 Jan 2025 08:01:19 +0000
ROA not before:           Wed 08 Jan 2025 08:01:19 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     49100
IP address blocks:        109.125.128.0/19 maxlen: 19
                          109.125.128.0/22 maxlen: 22
                          109.125.132.0/22 maxlen: 22
                          185.82.28.0/22 maxlen: 22
                          185.82.28.0/24 maxlen: 24
                          185.129.184.0/21 maxlen: 21
                          185.129.196.0/22 maxlen: 22
                          185.129.197.0/24 maxlen: 24
                          185.129.200.0/22 maxlen: 22
                          185.129.212.0/22 maxlen: 22
                          185.129.216.0/22 maxlen: 22
                          185.129.228.0/22 maxlen: 22
                          185.129.230.0/23 maxlen: 23
                          185.129.237.0/24 maxlen: 24
                          185.129.240.0/22 maxlen: 22
                          2a03:54a0::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:44:ee:a9:cc:74:b0:dc:e6:e4:45:f6:c4:f1:fa:6f:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
        Validity
            Not Before: Jan  8 08:01:19 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bee3aa909e7be93744697269d537ebc4e0b0442d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:47:6c:35:93:ae:7b:4a:39:55:d7:50:bc:e1:
                    20:b0:9a:2c:cc:2f:73:f6:96:99:0b:a3:22:19:a5:
                    36:4f:42:80:75:35:3f:70:3a:d7:9a:3c:90:f1:30:
                    46:3d:9a:fe:36:fc:dc:4c:10:66:e9:d1:a3:a1:60:
                    c8:60:68:2f:89:29:f5:7a:1a:45:d9:a4:3f:fa:2f:
                    26:db:88:9e:25:05:d7:71:ba:62:d4:1f:0a:af:9f:
                    cf:6c:a0:4c:93:4c:b0:24:08:be:0b:15:5f:20:2d:
                    d7:c5:65:9b:fc:99:48:c8:a9:da:fd:c8:3e:f7:c6:
                    10:97:fe:12:fe:ed:06:51:44:47:8e:63:1c:33:a0:
                    d3:8d:79:6c:c2:87:38:2b:cb:00:00:b0:15:33:59:
                    ca:57:80:c2:95:79:9f:15:88:51:65:e7:e7:29:f9:
                    27:66:42:29:55:ce:20:c8:99:fd:4f:96:8c:fd:3b:
                    d2:56:bd:0d:f7:dd:09:c0:05:f3:f2:07:8b:69:c6:
                    b6:be:ab:82:17:bb:25:62:2a:b6:4b:c8:0e:39:1b:
                    6d:7a:a7:90:fc:85:92:a9:66:50:17:2c:6c:d5:c9:
                    86:50:40:a0:5b:21:6a:d7:e1:46:1b:7f:18:be:6f:
                    cc:90:43:b7:09:f3:5c:0b:da:fe:c6:80:96:bd:d5:
                    06:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E3:AA:90:9E:7B:E9:37:44:69:72:69:D5:37:EB:C4:E0:B0:44:2D
            X509v3 Authority Key Identifier:
                keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/vuOqkJ576TdEaXJp1TfrxOCwRC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.125.128.0/19
                  185.82.28.0/22
                  185.129.184.0/21
                  185.129.196.0-185.129.203.255
                  185.129.212.0-185.129.219.255
                  185.129.228.0/22
                  185.129.237.0/24
                  185.129.240.0/22
                IPv6:
                  2a03:54a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:f1:1b:5e:9f:0d:11:af:fd:64:31:ec:2d:68:9c:bd:7d:91:
         9a:8e:d1:1d:45:aa:49:1a:25:15:e3:89:5b:74:5f:ba:de:17:
         96:9c:b7:eb:e4:a8:e0:4f:82:8a:bd:3a:3e:a4:1a:35:13:b4:
         09:50:98:b4:7d:f0:34:b7:34:00:64:13:1d:5c:3e:84:a2:09:
         90:4d:f6:1d:16:54:72:9c:16:bd:b4:c0:20:70:52:a5:ce:f2:
         52:25:64:4c:a8:75:a3:15:11:b8:8f:f8:fa:34:45:42:ec:83:
         ea:01:0d:75:50:72:a6:87:42:5e:bc:77:d1:ee:b5:03:1c:33:
         ac:9f:0a:79:be:85:1b:86:72:77:74:17:9a:2b:58:5b:fa:15:
         3d:36:83:47:2a:7f:ec:b4:e7:8a:8b:7f:ae:db:04:cb:da:46:
         22:56:1b:29:e7:30:be:c9:2c:21:39:b9:b5:ac:43:19:2b:98:
         74:19:8e:11:d2:f9:6e:9b:1e:b2:41:99:29:cd:7f:31:3d:5a:
         92:40:2c:8e:23:ea:03:9a:f9:7c:37:4e:72:74:9f:af:d3:d6:
         e8:58:73:fc:64:8a:d0:fa:cf:b9:64:27:59:31:e7:3f:95:d4:
         ec:cf:07:4f:74:2d:a5:11:56:c3:8c:df:36:7f:1f:23:64:9a:
         bb:51:a2:ce
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZRE7qnMdLDc5uRF9sTx+m8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjUwMTA4MDgwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWUzYWE5MDllN2JlOTM3NDQ2OTcyNjlkNTM3ZWJjNGUwYjA0NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkdsNZOue0o5VddQvOEgsJoszC9z
9paZC6MiGaU2T0KAdTU/cDrXmjyQ8TBGPZr+NvzcTBBm6dGjoWDIYGgviSn1ehpF
2aQ/+i8m24ieJQXXcbpi1B8Kr5/PbKBMk0ywJAi+CxVfIC3XxWWb/JlIyKna/cg+
98YQl/4S/u0GUURHjmMcM6DTjXlswoc4K8sAALAVM1nKV4DClXmfFYhRZefnKfkn
ZkIpVc4gyJn9T5aM/TvSVr0N990JwAXz8geLaca2vquCF7slYiq2S8gOORtteqeQ
/IWSqWZQFyxs1cmGUECgWyFq1+FGG38Yvm/MkEO3CfNcC9r+xoCWvdUGzwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFL7jqpCee+k3RGlyadU368TgsEQtMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvdnVPcWtKNTc2VGRFYVhKcDFUZnJ4T0N3UkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQFbX2AAwQC
uVIcAwQDuYG4MAwDBAK5gcQDBAK5gcgwDAMEArmB1AMEArmB2AMEArmB5AMEALmB
7QMEArmB8DANBAIAAjAHAwUAKgNUoDANBgkqhkiG9w0BAQsFAAOCAQEAHPEbXp8N
Ea/9ZDHsLWicvX2Rmo7RHUWqSRolFeOJW3Rfut4Xlpy36+So4E+Cir06PqQaNRO0
CVCYtH3wNLc0AGQTHVw+hKIJkE32HRZUcpwWvbTAIHBSpc7yUiVkTKh1oxURuI/4
+jRFQuyD6gENdVBypodCXrx30e61AxwzrJ8Keb6FG4Zyd3QXmitYW/oVPTaDRyp/
7LTniot/rtsEy9pGIlYbKecwvsksITm5taxDGSuYdBmOEdL5bpseskGZKc1/MT1a
kkAsjiPqA5r5fDdOcnSfr9PW6Fhz/GSK0PrPuWQnWTHnP5XU7M8HT3QtpRFWw4zf
Nn8fI2Sau1Gizg==
-----END CERTIFICATE-----