Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/5d1d57-fdea-4526-ae64-82a48dfe61bd/1/4H8-8beffK5l81yjZeTtkl4sKMk.roa
File:                     4H8-8beffK5l81yjZeTtkl4sKMk.roa (raw, json)
Hash identifier:          ck6sI4lLv/VDl5HFpoOBC+ZjLPMoIgF8kILnAnzBK/c=
Subject key identifier:   E0:7F:3E:F1:B7:9F:7C:AE:65:F3:5C:A3:65:E4:ED:92:5E:2C:28:C9
Certificate issuer:       /CN=a1b7fffa0278ed8655ebe6482a876dfc7c9de1bc
Certificate serial:       0182394D99E40E33B554826D966C1B03797D
Authority key identifier: A1:B7:FF:FA:02:78:ED:86:55:EB:E6:48:2A:87:6D:FC:7C:9D:E1:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obf_-gJ47YZV6-ZIKodt_Hyd4bw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/5d1d57-fdea-4526-ae64-82a48dfe61bd/1/4H8-8beffK5l81yjZeTtkl4sKMk.roa
Signing time:             Tue 26 Jul 2022 06:59:23 +0000
ROA not before:           Tue 26 Jul 2022 06:59:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        185.218.224.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:39:4d:99:e4:0e:33:b5:54:82:6d:96:6c:1b:03:79:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7fffa0278ed8655ebe6482a876dfc7c9de1bc
        Validity
            Not Before: Jul 26 06:59:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e07f3ef1b79f7cae65f35ca365e4ed925e2c28c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:03:db:55:8b:b1:06:78:27:9d:7e:1f:9e:f8:
                    9b:b0:bc:78:38:22:53:35:13:23:88:55:6f:5f:45:
                    82:29:ce:e0:fe:0e:28:95:3e:90:23:5b:ce:9d:93:
                    34:d3:ff:0a:f4:47:26:6b:06:85:65:ff:1e:f4:16:
                    48:c6:d6:2e:4c:b7:37:01:9e:a2:3f:a6:44:0c:ef:
                    cf:56:bb:42:90:df:51:2d:09:3d:0f:aa:da:33:de:
                    db:68:63:53:7f:b5:c8:4a:53:c8:eb:7b:22:e7:16:
                    1b:4d:3c:87:2c:5c:f1:7c:21:e8:6a:d8:c9:cd:7d:
                    69:1b:9d:03:c1:ed:c4:bf:73:ad:90:c6:8e:97:af:
                    08:93:e4:60:29:34:c4:8f:d6:93:3a:9a:50:22:36:
                    1f:63:b1:4b:41:44:8d:75:10:4c:64:03:3a:52:6a:
                    4a:38:0d:4c:76:60:15:cc:b9:16:ac:6a:2c:57:27:
                    43:9c:a5:0b:88:80:c2:53:9f:90:4b:83:eb:a8:be:
                    5e:13:0d:6c:9d:71:7c:c3:e1:08:4d:d1:39:0b:72:
                    60:fc:11:cb:0a:52:83:5e:68:15:50:a2:a6:71:71:
                    dc:10:2c:46:12:2c:d9:c8:86:17:3a:3b:92:35:92:
                    03:d0:0a:73:4b:0e:5a:17:1a:f2:e6:25:56:8e:5d:
                    d0:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:7F:3E:F1:B7:9F:7C:AE:65:F3:5C:A3:65:E4:ED:92:5E:2C:28:C9
            X509v3 Authority Key Identifier:
                keyid:A1:B7:FF:FA:02:78:ED:86:55:EB:E6:48:2A:87:6D:FC:7C:9D:E1:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obf_-gJ47YZV6-ZIKodt_Hyd4bw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5d1d57-fdea-4526-ae64-82a48dfe61bd/1/4H8-8beffK5l81yjZeTtkl4sKMk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5d1d57-fdea-4526-ae64-82a48dfe61bd/1/obf_-gJ47YZV6-ZIKodt_Hyd4bw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.218.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6c:27:a3:0d:9d:e5:ee:0f:fe:e8:89:4f:34:c2:2e:29:55:2e:
         7e:62:db:22:98:95:6d:74:1b:12:0f:04:0f:49:f1:46:50:38:
         34:05:6a:c1:1c:bb:43:50:43:82:8d:4d:5b:71:8b:73:e4:d9:
         90:4a:5d:88:30:c4:f6:fa:d1:bf:b6:86:61:d6:3e:52:a0:53:
         ed:7d:1f:b9:b5:be:d5:9f:e2:22:ef:70:33:2d:d4:8a:11:f0:
         a1:a2:aa:53:de:60:f2:c9:0c:24:34:95:a7:36:cb:48:ec:a7:
         3f:f3:fe:fa:c7:b6:a4:25:2b:0f:2f:39:43:69:e4:9a:be:c8:
         f3:b6:bb:af:5e:70:00:04:27:d1:ea:74:9d:ec:df:2d:83:be:
         21:48:69:79:80:40:7d:17:e5:0d:d9:62:37:63:95:74:90:29:
         53:b2:1c:88:5a:89:c9:5e:e0:9a:90:ac:e3:71:50:0b:b9:90:
         36:12:bb:fe:3e:08:ca:7f:f8:3b:59:4a:dc:e4:e9:6d:c1:b8:
         6d:8f:da:48:8e:71:e3:5f:16:91:27:35:51:ac:44:d9:d1:97:
         70:55:3e:c3:32:f9:06:14:61:1f:e1:88:9c:d1:72:ec:9d:f4:
         9a:57:26:93:a3:7f:a7:e6:3c:13:75:fc:04:47:04:5c:cb:60:
         61:8c:5e:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI5TZnkDjO1VIJtlmwbA3l9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdmZmZhMDI3OGVkODY1NWViZTY0ODJhODc2ZGZjN2M5
ZGUxYmMwHhcNMjIwNzI2MDY1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdmM2VmMWI3OWY3Y2FlNjVmMzVjYTM2NWU0ZWQ5MjVlMmMyOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQPbVYuxBngnnX4fnvibsLx4OCJT
NRMjiFVvX0WCKc7g/g4olT6QI1vOnZM00/8K9EcmawaFZf8e9BZIxtYuTLc3AZ6i
P6ZEDO/PVrtCkN9RLQk9D6raM97baGNTf7XISlPI63si5xYbTTyHLFzxfCHoatjJ
zX1pG50Dwe3Ev3OtkMaOl68Ik+RgKTTEj9aTOppQIjYfY7FLQUSNdRBMZAM6UmpK
OA1MdmAVzLkWrGosVydDnKULiIDCU5+QS4PrqL5eEw1snXF8w+EITdE5C3Jg/BHL
ClKDXmgVUKKmcXHcECxGEizZyIYXOjuSNZID0ApzSw5aFxry5iVWjl3QowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOB/PvG3n3yuZfNco2Xk7ZJeLCjJMB8GA1UdIwQY
MBaAFKG3//oCeO2GVevmSCqHbfx8neG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmXy1nSjQ3WVpWNi1aSUtvZHRfSHlkNGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81ZDFkNTctZmRlYS00NTI2LWFlNjQt
ODJhNDhkZmU2MWJkLzEvNEg4LThiZWZmSzVsODF5alplVHRrbDRzS01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC81ZDFkNTctZmRlYS00NTI2LWFlNjQtODJhNDhkZmU2MWJk
LzEvb2JmXy1nSjQ3WVpWNi1aSUtvZHRfSHlkNGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudrgMA0G
CSqGSIb3DQEBCwUAA4IBAQBsJ6MNneXuD/7oiU80wi4pVS5+YtsimJVtdBsSDwQP
SfFGUDg0BWrBHLtDUEOCjU1bcYtz5NmQSl2IMMT2+tG/toZh1j5SoFPtfR+5tb7V
n+Ii73AzLdSKEfChoqpT3mDyyQwkNJWnNstI7Kc/8/76x7akJSsPLzlDaeSavsjz
truvXnAABCfR6nSd7N8tg74hSGl5gEB9F+UN2WI3Y5V0kClTshyIWonJXuCakKzj
cVALuZA2Erv+PgjKf/g7WUrc5Oltwbhtj9pIjnHjXxaRJzVRrETZ0ZdwVT7DMvkG
FGEf4Yic0XLsnfSaVyaTo3+n5jwTdfwERwRcy2BhjF7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:15 2024 by rpki-client on console-ams.rpki-client.org