Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ffec15-7525-4b11-9ced-aabe41da64d9/1/Yu8y200cnp2gHondH0ivkVKoKHE.roa
File:                     Yu8y200cnp2gHondH0ivkVKoKHE.roa (raw, json)
Hash identifier:          udIcOZ73k+YCmK/N5fas4XzNzQEclGah9u/MC01lfos=
Subject key identifier:   62:EF:32:DB:4D:1C:9E:9D:A0:1E:89:DD:1F:48:AF:91:52:A8:28:71
Certificate issuer:       /CN=6373975bd0b3f329ff954f951cffe7d867c2ca36
Certificate serial:       01856F02116E75C51A81CF38A768ADD5A227
Authority key identifier: 63:73:97:5B:D0:B3:F3:29:FF:95:4F:95:1C:FF:E7:D8:67:C2:CA:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3OXW9Cz8yn_lU-VHP_n2GfCyjY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ffec15-7525-4b11-9ced-aabe41da64d9/1/Yu8y200cnp2gHondH0ivkVKoKHE.roa
Signing time:             Sun 01 Jan 2023 20:24:44 +0000
ROA not before:           Sun 01 Jan 2023 20:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        212.23.210.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:11:6e:75:c5:1a:81:cf:38:a7:68:ad:d5:a2:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6373975bd0b3f329ff954f951cffe7d867c2ca36
        Validity
            Not Before: Jan  1 20:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=62ef32db4d1c9e9da01e89dd1f48af9152a82871
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bf:7a:af:cc:c3:64:b3:9e:04:47:aa:ef:34:
                    9b:6d:f2:e6:4c:77:86:9a:7e:48:8e:43:c0:b9:13:
                    1e:5e:88:cd:82:ff:30:0a:a5:4d:2a:36:6d:b9:5f:
                    5d:bb:0b:7d:03:a0:1e:3c:06:4e:a2:85:3f:f7:76:
                    6c:65:c9:1b:cd:20:af:21:75:be:b7:7d:e4:8e:47:
                    6b:f0:a9:f4:51:a5:aa:7b:7a:c3:0e:4a:56:d9:4c:
                    31:0f:52:a4:64:91:cb:f6:ae:13:1a:36:dc:7c:a2:
                    e3:03:f1:ac:16:da:e1:05:fd:b8:b5:78:40:64:95:
                    f5:5b:af:32:aa:d1:e7:75:3e:07:0c:cd:79:72:3b:
                    e7:3e:1b:95:7d:95:7e:40:f5:7a:ac:f6:f3:ce:5a:
                    5f:05:34:d1:10:2c:58:f3:d9:9d:16:df:22:93:69:
                    41:13:f5:69:02:98:6f:6e:98:69:d1:dc:86:68:8e:
                    89:11:f7:43:3f:b2:3c:0f:b1:d4:4b:72:1a:1e:e2:
                    87:78:08:20:23:1f:14:d2:aa:fa:ae:e4:26:e7:4e:
                    ed:90:4a:d5:9f:c3:0a:e5:e4:37:3e:e7:ee:3f:0f:
                    1f:4e:82:2c:93:9f:d5:a1:c6:70:b1:f6:ce:99:1d:
                    af:3f:c4:7f:d9:6f:c5:13:07:fe:06:b1:a6:7f:3e:
                    c3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:EF:32:DB:4D:1C:9E:9D:A0:1E:89:DD:1F:48:AF:91:52:A8:28:71
            X509v3 Authority Key Identifier:
                keyid:63:73:97:5B:D0:B3:F3:29:FF:95:4F:95:1C:FF:E7:D8:67:C2:CA:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3OXW9Cz8yn_lU-VHP_n2GfCyjY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ffec15-7525-4b11-9ced-aabe41da64d9/1/Yu8y200cnp2gHondH0ivkVKoKHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ffec15-7525-4b11-9ced-aabe41da64d9/1/Y3OXW9Cz8yn_lU-VHP_n2GfCyjY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:28:04:39:06:96:c2:f8:6e:25:5d:a1:3d:4a:6a:15:ea:bb:
         fa:47:3a:38:6a:7e:76:44:67:5c:8c:86:5b:5a:67:49:cd:fd:
         d0:50:ad:22:5a:b5:87:9b:1c:7e:17:dc:d5:84:a4:ce:5a:77:
         d4:7e:c6:f0:81:b7:3d:7d:26:91:c8:31:9b:34:82:89:29:e9:
         d5:e6:76:bf:1b:b0:e1:cf:30:64:f5:bc:d4:c2:5e:25:4f:4a:
         ae:4e:51:b5:76:5c:1b:ef:f9:76:40:eb:77:3c:ac:8f:9d:3d:
         02:74:27:45:a7:35:b9:4f:54:10:d6:36:2c:39:e1:97:80:ec:
         de:d8:0f:8f:8b:07:58:ad:7c:6a:52:61:81:aa:89:23:04:31:
         e7:da:da:18:ca:36:fd:68:76:b7:f9:b3:11:ff:bb:ca:54:30:
         60:24:e9:d5:13:15:04:51:53:0b:3a:a1:1c:0e:58:a4:98:73:
         b7:88:6e:bc:ff:ee:70:36:63:52:da:83:72:4f:41:e4:69:7d:
         fa:0f:05:30:d6:30:f7:e9:79:b2:c2:ca:a3:c6:5c:9b:b2:2d:
         09:3a:2f:e3:c3:5f:72:67:63:32:31:ee:cc:1b:c7:f0:9f:a2:
         2f:86:85:52:7e:e6:21:0e:54:1e:27:78:93:55:12:45:af:4c:
         da:8a:90:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAhFudcUagc84p2it1aInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzM5NzViZDBiM2YzMjlmZjk1NGY5NTFjZmZlN2Q4Njdj
MmNhMzYwHhcNMjMwMTAxMjAyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmVmMzJkYjRkMWM5ZTlkYTAxZTg5ZGQxZjQ4YWY5MTUyYTgyODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp796r8zDZLOeBEeq7zSbbfLmTHeG
mn5IjkPAuRMeXojNgv8wCqVNKjZtuV9duwt9A6AePAZOooU/93ZsZckbzSCvIXW+
t33kjkdr8Kn0UaWqe3rDDkpW2UwxD1KkZJHL9q4TGjbcfKLjA/GsFtrhBf24tXhA
ZJX1W68yqtHndT4HDM15cjvnPhuVfZV+QPV6rPbzzlpfBTTRECxY89mdFt8ik2lB
E/VpAphvbphp0dyGaI6JEfdDP7I8D7HUS3IaHuKHeAggIx8U0qr6ruQm507tkErV
n8MK5eQ3PufuPw8fToIsk5/VocZwsfbOmR2vP8R/2W/FEwf+BrGmfz7DnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLvMttNHJ6doB6J3R9Ir5FSqChxMB8GA1UdIwQY
MBaAFGNzl1vQs/Mp/5VPlRz/59hnwso2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNPWFc5Q3o4eW5fbFUtVkhQX24yR2ZDeWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mZmVjMTUtNzUyNS00YjExLTljZWQt
YWFiZTQxZGE2NGQ5LzEvWXU4eTIwMGNucDJnSG9uZEgwaXZrVktvS0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mZmVjMTUtNzUyNS00YjExLTljZWQtYWFiZTQxZGE2NGQ5
LzEvWTNPWFc5Q3o4eW5fbFUtVkhQX24yR2ZDeWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfSMA0G
CSqGSIb3DQEBCwUAA4IBAQBgKAQ5BpbC+G4lXaE9SmoV6rv6Rzo4an52RGdcjIZb
WmdJzf3QUK0iWrWHmxx+F9zVhKTOWnfUfsbwgbc9fSaRyDGbNIKJKenV5na/G7Dh
zzBk9bzUwl4lT0quTlG1dlwb7/l2QOt3PKyPnT0CdCdFpzW5T1QQ1jYsOeGXgOze
2A+PiwdYrXxqUmGBqokjBDHn2toYyjb9aHa3+bMR/7vKVDBgJOnVExUEUVMLOqEc
DlikmHO3iG68/+5wNmNS2oNyT0HkaX36DwUw1jD36Xmywsqjxlybsi0JOi/jw19y
Z2MyMe7MG8fwn6IvhoVSfuYhDlQeJ3iTVRJFr0zaipBm
-----END CERTIFICATE-----
Generated at Fri Nov 10 10:32:09 2023 by rpki-client on console-ams.rpki-client.org