Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/X2etvPO_rkHfvF2PTA0UCF7OuGo.roa
File:                     X2etvPO_rkHfvF2PTA0UCF7OuGo.roa (raw, json)
Hash identifier:          HvmkcI3bZx+Xxr8uJchwhcCO7KBlAT80BsfYUoXpcE8=
Subject key identifier:   5F:67:AD:BC:F3:BF:AE:41:DF:BC:5D:8F:4C:0D:14:08:5E:CE:B8:6A
Certificate issuer:       /CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
Certificate serial:       068E5B0F
Authority key identifier: 4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/X2etvPO_rkHfvF2PTA0UCF7OuGo.roa
Signing time:             Sat 07 May 2022 03:21:46 +0000
ROA not before:           Sat 07 May 2022 03:21:46 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     23676
IP address blocks:        151.216.32.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109992719 (0x68e5b0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b3da6e99c666513a2cee5f0e0d3ab745f167dc3
        Validity
            Not Before: May  7 03:21:46 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=5f67adbcf3bfae41dfbc5d8f4c0d14085eceb86a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:28:cf:33:0f:61:e3:0a:31:a0:97:6c:83:78:
                    6b:31:1a:7f:67:c2:25:49:f8:fb:d1:6c:08:c7:12:
                    3b:01:c1:7c:85:e7:38:e9:33:3e:fc:d2:49:08:9c:
                    3c:b7:20:17:0f:9c:fa:1e:a3:9c:fb:c8:c6:15:67:
                    05:f9:4f:f2:93:9e:44:33:a4:a3:c5:b2:33:40:51:
                    db:66:3c:a8:2f:3b:a6:17:0d:a0:fc:42:c9:5c:99:
                    52:8c:c0:de:91:a8:19:ad:15:98:d0:be:73:81:5b:
                    3c:37:44:dc:cf:7c:95:90:28:64:6d:58:2b:e0:db:
                    ae:5b:41:62:50:e9:48:b1:b7:f9:68:da:3d:55:57:
                    20:68:bd:eb:29:33:a2:33:d6:6d:f0:ae:87:b3:31:
                    c5:7f:ba:2a:07:86:b7:d2:91:05:8a:78:62:c8:2d:
                    14:1e:f9:12:ee:b8:10:41:35:2e:87:bd:4c:5c:d8:
                    7f:49:b0:b2:27:a5:91:75:2a:c9:61:fb:fb:e3:fb:
                    23:7e:5c:58:e7:5d:72:cc:68:56:5c:d4:5a:5a:7a:
                    d5:c0:3b:f8:08:eb:07:2c:02:a2:e0:1a:5a:ce:f3:
                    47:a1:a0:0a:7f:33:49:31:60:1e:11:a6:93:a0:67:
                    74:62:20:dd:b9:ab:39:5c:ea:8a:b8:8a:44:7e:09:
                    6f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:67:AD:BC:F3:BF:AE:41:DF:BC:5D:8F:4C:0D:14:08:5E:CE:B8:6A
            X509v3 Authority Key Identifier:
                keyid:4B:3D:A6:E9:9C:66:65:13:A2:CE:E5:F0:E0:D3:AB:74:5F:16:7D:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz2m6ZxmZROizuXw4NOrdF8WfcM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/X2etvPO_rkHfvF2PTA0UCF7OuGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6f232e-2275-44e9-91c0-c7397a2669a9/1/Sz2m6ZxmZROizuXw4NOrdF8WfcM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.216.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:27:5c:1a:76:7d:0f:ce:f2:0f:80:f6:1c:e7:7e:a9:45:a8:
         6d:e4:b1:fa:2b:48:37:63:65:3c:8b:35:4d:2e:c3:09:f5:5c:
         9e:1d:cf:ea:35:1c:e5:68:db:50:a9:db:54:21:de:44:58:56:
         4d:b1:4d:c4:43:22:0f:06:46:7e:42:87:c2:ad:59:d4:63:08:
         53:e0:5f:ec:32:ca:b0:95:61:85:a3:9a:06:ce:32:97:57:8d:
         36:33:93:18:93:8d:b6:79:89:bb:11:7e:a8:32:b7:d2:f0:23:
         86:ed:2e:63:bb:e2:2b:0d:d0:74:7a:2f:e9:2a:b0:7e:54:2f:
         09:4d:b1:f1:1d:7e:53:a7:72:8e:1a:da:2e:6d:09:80:87:97:
         99:46:23:95:e2:9d:9d:75:f8:7a:fe:61:28:13:35:24:77:1b:
         d6:01:8a:b0:cb:41:c9:2c:18:c6:01:bc:9d:ed:ac:7d:89:7d:
         2c:d0:fd:7b:8a:36:47:ee:ee:62:19:2b:92:e0:db:16:a8:06:
         15:9d:13:84:6b:cc:4e:aa:f4:cb:0e:a4:04:78:99:13:15:b0:
         00:99:12:60:30:d1:2c:1a:d8:92:f4:12:6a:c9:e1:81:a9:f1:
         d8:cf:7a:1d:07:89:99:7a:f7:74:a7:90:dd:bf:9d:79:1d:bb:
         e2:8e:fa:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBo5bDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjNkYTZlOTljNjY2NTEzYTJjZWU1ZjBlMGQzYWI3NDVmMTY3ZGMzMB4XDTIyMDUw
NzAzMjE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY2N2FkYmNmM2Jm
YWU0MWRmYmM1ZDhmNGMwZDE0MDg1ZWNlYjg2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0ozzMPYeMKMaCXbIN4azEaf2fCJUn4+9FsCMcSOwHBfIXn
OOkzPvzSSQicPLcgFw+c+h6jnPvIxhVnBflP8pOeRDOko8WyM0BR22Y8qC87phcN
oPxCyVyZUozA3pGoGa0VmNC+c4FbPDdE3M98lZAoZG1YK+DbrltBYlDpSLG3+Wja
PVVXIGi96ykzojPWbfCuh7MxxX+6KgeGt9KRBYp4YsgtFB75Eu64EEE1Loe9TFzY
f0mwsielkXUqyWH7++P7I35cWOddcsxoVlzUWlp61cA7+AjrBywCouAaWs7zR6Gg
Cn8zSTFgHhGmk6BndGIg3bmrOVzqiriKRH4Jb4UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfZ62887+uQd+8XY9MDRQIXs64ajAfBgNVHSMEGDAWgBRLPabpnGZlE6LO
5fDg06t0XxZ9wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N6Mm02WnhtWlJPaXp1WHc0Tk9yZEY4V2ZjTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8x
L1gyZXR2UE9fcmtIZnZGMlBUQTBVQ0Y3T3VHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NmYyMzJlLTIyNzUtNDRlOS05MWMwLWM3Mzk3YTI2NjlhOS8xL1N6Mm02WnhtWlJP
aXp1WHc0Tk9yZEY4V2ZjTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJfYIDANBgkqhkiG9w0BAQsFAAOC
AQEAVydcGnZ9D87yD4D2HOd+qUWobeSx+itIN2NlPIs1TS7DCfVcnh3P6jUc5Wjb
UKnbVCHeRFhWTbFNxEMiDwZGfkKHwq1Z1GMIU+Bf7DLKsJVhhaOaBs4yl1eNNjOT
GJONtnmJuxF+qDK30vAjhu0uY7viKw3QdHov6SqwflQvCU2x8R1+U6dyjhraLm0J
gIeXmUYjleKdnXX4ev5hKBM1JHcb1gGKsMtBySwYxgG8ne2sfYl9LND9e4o2R+7u
YhkrkuDbFqgGFZ0ThGvMTqr0yw6kBHiZExWwAJkSYDDRLBrYkvQSasnhganx2M96
HQeJmXr3dKeQ3b+deR274o76eA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:28 2024 by rpki-client on console-fra.rpki-client.org