Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/9Gc7LPWEZuxVH1eCeGKP5hx5ga4.roa
File:                     9Gc7LPWEZuxVH1eCeGKP5hx5ga4.roa (raw, json)
Hash identifier:          7ki7Dzdm7wo55p4rC4ZaXwyDmpdhI6nRIYrSYAUJiso=
Subject key identifier:   F4:67:3B:2C:F5:84:66:EC:55:1F:57:82:78:62:8F:E6:1C:79:81:AE
Certificate issuer:       /CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Certificate serial:       018B002D32DD80EF537D6954862D39FF5136
Authority key identifier: 9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/9Gc7LPWEZuxVH1eCeGKP5hx5ga4.roa
Signing time:             Thu 05 Oct 2023 14:10:44 +0000
ROA not before:           Thu 05 Oct 2023 14:10:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        176.118.161.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:00:2d:32:dd:80:ef:53:7d:69:54:86:2d:39:ff:51:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
        Validity
            Not Before: Oct  5 14:10:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4673b2cf58466ec551f578278628fe61c7981ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0b:39:d7:f7:f0:3f:6f:10:63:a2:44:76:ae:
                    0e:da:01:e4:52:65:1c:29:34:77:01:6b:50:ca:be:
                    9c:d4:31:8f:fd:7c:61:ba:c2:28:11:00:4f:dc:ff:
                    15:7d:af:86:df:71:41:05:33:d5:33:ed:a5:59:6c:
                    dd:61:f6:f8:55:32:cc:78:de:79:39:44:a5:f8:8a:
                    e5:7a:7e:62:40:7c:77:52:92:40:e3:23:88:b5:d9:
                    24:14:6d:a0:f1:e2:dd:22:4f:3d:89:57:a0:94:6a:
                    4f:14:4d:18:9b:75:a5:97:cd:57:82:de:ac:f9:bc:
                    bd:04:40:0c:1a:f2:9e:67:fb:17:eb:aa:19:74:70:
                    56:08:ed:ab:b5:c9:17:a5:21:99:ab:87:88:b4:ad:
                    19:f0:f4:3a:3f:99:18:30:cf:c7:6b:0e:9b:b2:42:
                    ec:a8:f0:ab:f7:50:29:0a:6b:91:5c:ed:cc:06:ee:
                    71:bd:cc:31:f2:0d:b8:3a:2b:43:ef:63:ce:ac:52:
                    31:a1:93:30:6b:81:23:6f:f9:1b:a1:e2:47:15:22:
                    86:1c:f4:1b:d3:c5:c1:0f:4d:0d:63:3f:88:0c:de:
                    a6:62:2e:5a:ec:09:6b:fe:e1:19:b4:14:64:f8:32:
                    e6:73:76:95:d0:b1:34:c7:e3:ca:6a:61:7d:37:62:
                    cb:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:67:3B:2C:F5:84:66:EC:55:1F:57:82:78:62:8F:E6:1C:79:81:AE
            X509v3 Authority Key Identifier:
                keyid:9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/9Gc7LPWEZuxVH1eCeGKP5hx5ga4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/naqfFPl9Ta2MAEwlOl4c58fdfEs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.118.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:64:df:7f:c1:43:4f:99:94:95:50:a9:03:59:c9:c7:8b:7e:
         09:98:2d:5e:42:43:c5:e7:ae:6f:32:b6:0f:ff:a4:24:c0:53:
         52:b3:d1:d6:b1:9b:de:67:38:82:e7:d1:38:4f:68:1d:8c:1d:
         61:fa:78:11:d0:d2:d7:c3:d5:6c:12:f0:77:5d:66:24:ea:71:
         f5:8e:cc:7c:f3:b5:b7:95:16:b7:15:4d:2a:0b:22:54:10:a9:
         ee:80:6d:bd:67:fd:08:d6:7b:6e:4d:19:58:d7:12:44:d6:6c:
         37:78:9c:2b:7f:51:52:4a:53:14:76:a7:16:51:12:be:36:8b:
         b8:88:65:b4:3d:66:9b:83:69:6a:28:79:f3:35:94:1b:68:8c:
         a0:37:bc:12:4d:74:91:10:b7:e8:c6:bc:be:44:90:55:43:24:
         f0:de:76:8d:8a:6c:01:ed:c2:ea:03:0a:73:3a:7c:bf:dc:04:
         16:75:03:24:05:75:c4:37:2f:ea:86:d6:00:aa:cb:2e:85:50:
         ea:f8:e6:ca:d2:8c:a8:b1:2e:19:7f:cc:de:99:5a:52:4d:aa:
         9b:54:8d:ce:96:ac:cd:ae:82:4d:a8:83:ea:e8:c0:e9:d4:ea:
         fe:6d:7b:ca:61:0b:92:26:a1:9f:47:fc:ab:60:3d:bd:06:75:
         f9:df:73:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsALTLdgO9TfWlUhi05/1E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYWE5ZjE0Zjk3ZDRkYWQ4YzAwNGMyNTNhNWUxY2U3Yzdk
ZDdjNGIwHhcNMjMxMDA1MTQxMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY3M2IyY2Y1ODQ2NmVjNTUxZjU3ODI3ODYyOGZlNjFjNzk4MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Qs51/fwP28QY6JEdq4O2gHkUmUc
KTR3AWtQyr6c1DGP/XxhusIoEQBP3P8Vfa+G33FBBTPVM+2lWWzdYfb4VTLMeN55
OUSl+Irlen5iQHx3UpJA4yOItdkkFG2g8eLdIk89iVeglGpPFE0Ym3Wll81Xgt6s
+by9BEAMGvKeZ/sX66oZdHBWCO2rtckXpSGZq4eItK0Z8PQ6P5kYMM/Haw6bskLs
qPCr91ApCmuRXO3MBu5xvcwx8g24OitD72POrFIxoZMwa4Ejb/kboeJHFSKGHPQb
08XBD00NYz+IDN6mYi5a7Alr/uEZtBRk+DLmc3aV0LE0x+PKamF9N2LLswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRnOyz1hGbsVR9Xgnhij+YceYGuMB8GA1UdIwQY
MBaAFJ2qnxT5fU2tjABMJTpeHOfH3XxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2Nzct
NDE0MDEwMDhhNzBjLzEvOUdjN0xQV0VadXhWSDFlQ2VHS1A1aHg1Z2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2NzctNDE0MDEwMDhhNzBj
LzEvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHahMA0G
CSqGSIb3DQEBCwUAA4IBAQADZN9/wUNPmZSVUKkDWcnHi34JmC1eQkPF565vMrYP
/6QkwFNSs9HWsZveZziC59E4T2gdjB1h+ngR0NLXw9VsEvB3XWYk6nH1jsx887W3
lRa3FU0qCyJUEKnugG29Z/0I1ntuTRlY1xJE1mw3eJwrf1FSSlMUdqcWURK+Nou4
iGW0PWabg2lqKHnzNZQbaIygN7wSTXSRELfoxry+RJBVQyTw3naNimwB7cLqAwpz
Ony/3AQWdQMkBXXENy/qhtYAqssuhVDq+ObK0oyosS4Zf8zemVpSTaqbVI3OlqzN
roJNqIPq6MDp1Or+bXvKYQuSJqGfR/yrYD29BnX533Ov
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:24 2024 by rpki-client on console-fra.rpki-client.org