Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/b8aef7-5be9-4db0-bffc-f467d5a0bafa/1/1-ADUQoPYmQWO-6Htv-JnxgLpNOc.roa
File:                     1-ADUQoPYmQWO-6Htv-JnxgLpNOc.roa (raw, json)
Hash identifier:          YeQJ8MHoata7XbP6u19bQ8CJJ+m9iVAjRc3dT1iUYlk=
Subject key identifier:   F8:00:D4:42:83:D8:99:05:8E:FB:A1:ED:BF:E2:67:C6:02:E9:34:E7
Certificate issuer:       /CN=986b772dc18934e51f27b52cbe65b3241261bf65
Certificate serial:       840856
Authority key identifier: 98:6B:77:2D:C1:89:34:E5:1F:27:B5:2C:BE:65:B3:24:12:61:BF:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mGt3LcGJNOUfJ7UsvmWzJBJhv2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/b8aef7-5be9-4db0-bffc-f467d5a0bafa/1/1-ADUQoPYmQWO-6Htv-JnxgLpNOc.roa
Signing time:             Sat 01 Jan 2022 03:54:48 +0000
ROA not before:           Sat 01 Jan 2022 03:54:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7018
IP address blocks:        195.96.131.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8652886 (0x840856)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=986b772dc18934e51f27b52cbe65b3241261bf65
        Validity
            Not Before: Jan  1 03:54:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f800d44283d899058efba1edbfe267c602e934e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:59:6a:bb:0d:cd:c9:64:aa:a9:8b:33:eb:2e:
                    55:86:cf:8e:01:d6:76:af:84:f6:c0:98:e5:10:4a:
                    41:08:5d:0e:ca:15:f1:c4:26:ef:dd:3f:14:ff:40:
                    a0:a7:bd:62:9b:27:c5:d1:57:e1:01:85:87:15:6c:
                    3f:a0:36:15:b0:fd:97:b9:62:56:1a:0f:5d:b7:22:
                    4f:91:eb:38:e6:ad:24:3a:79:35:fe:14:93:21:48:
                    83:51:5e:e7:23:0a:59:81:5c:dd:a8:c9:91:4a:b3:
                    f5:04:3a:91:2e:86:cd:65:b7:69:d0:b7:8b:01:ac:
                    d5:15:dd:4a:b2:a5:4c:b9:ad:d6:15:c5:74:02:e4:
                    62:8b:ec:9e:e4:2f:6a:3e:be:9c:57:cf:19:69:e0:
                    8b:41:45:6a:db:2d:fd:74:68:3b:64:37:69:45:ae:
                    95:be:3c:ab:99:90:f9:bb:11:04:e1:a5:c9:8e:11:
                    43:bf:83:6e:69:41:ae:3a:d7:47:65:f9:b8:14:85:
                    cf:19:7a:47:8d:2f:65:ba:17:98:f9:11:cc:91:39:
                    c2:1d:d2:7b:bf:b9:e1:23:db:ad:72:69:8c:b4:f6:
                    91:20:35:9d:5a:70:d8:5e:25:e7:c0:24:3f:05:91:
                    71:80:72:f6:00:5e:a0:20:62:89:f5:f7:ae:18:49:
                    ad:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:00:D4:42:83:D8:99:05:8E:FB:A1:ED:BF:E2:67:C6:02:E9:34:E7
            X509v3 Authority Key Identifier:
                keyid:98:6B:77:2D:C1:89:34:E5:1F:27:B5:2C:BE:65:B3:24:12:61:BF:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGt3LcGJNOUfJ7UsvmWzJBJhv2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b8aef7-5be9-4db0-bffc-f467d5a0bafa/1/1-ADUQoPYmQWO-6Htv-JnxgLpNOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b8aef7-5be9-4db0-bffc-f467d5a0bafa/1/mGt3LcGJNOUfJ7UsvmWzJBJhv2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.96.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:e6:0c:b4:38:8c:98:e6:57:37:4c:c4:ef:26:1e:52:46:4b:
         14:67:78:43:25:26:51:90:40:dc:27:fa:96:12:56:90:1d:75:
         b5:b8:59:81:26:9e:f5:b7:7f:7f:5e:68:f2:99:81:10:ce:2d:
         16:0e:e6:67:74:ed:c5:3f:e3:60:fe:71:c2:57:30:e0:0e:8c:
         1b:f6:e1:dd:74:49:0f:2b:d5:01:80:5c:38:b8:0c:96:f7:cf:
         da:d1:be:d6:e4:a8:36:58:cc:54:1d:e5:5a:15:6e:52:89:1c:
         55:fa:17:eb:c4:d4:e5:2f:47:e7:66:30:b2:9c:bf:8b:dd:02:
         d7:be:39:ff:8a:57:d2:a6:eb:05:ee:f8:23:d7:33:bb:8e:09:
         5e:6b:77:11:11:2b:b2:ca:d0:04:6c:b9:d6:1f:89:ed:3f:64:
         52:a8:ac:50:a6:7a:e5:33:6a:b8:c5:1a:04:f3:a4:51:59:8d:
         87:5d:fb:d9:45:89:83:b8:3f:2e:ae:58:6b:fb:8d:af:90:75:
         f5:11:66:a1:9f:4d:3e:6e:11:ff:b0:b6:c2:49:1d:e0:be:cd:
         33:c9:39:fc:c9:38:16:08:99:0a:44:e1:65:01:e7:70:e9:e3:
         6d:fd:75:e8:5e:8c:5e:46:e0:b3:96:0a:d0:1c:3d:c3:df:b8:
         a5:a7:59:d2
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAIQIVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODZiNzcyZGMxODkzNGU1MWYyN2I1MmNiZTY1YjMyNDEyNjFiZjY1MB4XDTIyMDEw
MTAzNTQ0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjgwMGQ0NDI4M2Q4
OTkwNThlZmJhMWVkYmZlMjY3YzYwMmU5MzRlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOlZarsNzclkqqmLM+suVYbPjgHWdq+E9sCY5RBKQQhdDsoV
8cQm790/FP9AoKe9YpsnxdFX4QGFhxVsP6A2FbD9l7liVhoPXbciT5HrOOatJDp5
Nf4UkyFIg1Fe5yMKWYFc3ajJkUqz9QQ6kS6GzWW3adC3iwGs1RXdSrKlTLmt1hXF
dALkYovsnuQvaj6+nFfPGWngi0FFatst/XRoO2Q3aUWulb48q5mQ+bsRBOGlyY4R
Q7+DbmlBrjrXR2X5uBSFzxl6R40vZboXmPkRzJE5wh3Se7+54SPbrXJpjLT2kSA1
nVpw2F4l58AkPwWRcYBy9gBeoCBiifX3rhhJrTcCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT4ANRCg9iZBY77oe2/4mfGAuk05zAfBgNVHSMEGDAWgBSYa3ctwYk05R8n
tSy+ZbMkEmG/ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21HdDNMY0dKTk9VZko3VXN2bVd6SkJKaHYyVS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYjhhZWY3LTViZTktNGRiMC1iZmZjLWY0NjdkNWEwYmFmYS8x
LzEtQURVUW9QWW1RV08tNkh0di1KbnhnTHBOT2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vk
L2I4YWVmNy01YmU5LTRkYjAtYmZmYy1mNDY3ZDVhMGJhZmEvMS9tR3QzTGNHSk5P
VWZKN1Vzdm1XekpCSmh2MlUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDYIMwDQYJKoZIhvcNAQELBQAD
ggEBAM3mDLQ4jJjmVzdMxO8mHlJGSxRneEMlJlGQQNwn+pYSVpAddbW4WYEmnvW3
f39eaPKZgRDOLRYO5md07cU/42D+ccJXMOAOjBv24d10SQ8r1QGAXDi4DJb3z9rR
vtbkqDZYzFQd5VoVblKJHFX6F+vE1OUvR+dmMLKcv4vdAte+Of+KV9Km6wXu+CPX
M7uOCV5rdxERK7LK0ARsudYfie0/ZFKorFCmeuUzarjFGgTzpFFZjYdd+9lFiYO4
Py6uWGv7ja+QdfURZqGfTT5uEf+wtsJJHeC+zTPJOfzJOBYImQpE4WUB53Dp4239
dehejF5G4LOWCtAcPcPfuKWnWdI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:20 2024 by rpki-client on console-ams.rpki-client.org