Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/MHQMsbyaXUDvmAlf54o5exxctPo.roa
File:                     MHQMsbyaXUDvmAlf54o5exxctPo.roa (raw, json)
Hash identifier:          fTvjmD64Np+DdVnwO0UWQ+oYEshVhVHmmqPKt3qBeK8=
Subject key identifier:   30:74:0C:B1:BC:9A:5D:40:EF:98:09:5F:E7:8A:39:7B:1C:5C:B4:FA
Certificate issuer:       /CN=02b798bf1b6118db3f38fe69b9d8aa0277c04a0b
Certificate serial:       018258F31A7D09115AC6F921BDD51CFF0066
Authority key identifier: 02:B7:98:BF:1B:61:18:DB:3F:38:FE:69:B9:D8:AA:02:77:C0:4A:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AreYvxthGNs_OP5pudiqAnfASgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/MHQMsbyaXUDvmAlf54o5exxctPo.roa
Signing time:             Mon 01 Aug 2022 10:28:23 +0000
ROA not before:           Mon 01 Aug 2022 10:28:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     211144
IP address blocks:        88.151.9.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:58:f3:1a:7d:09:11:5a:c6:f9:21:bd:d5:1c:ff:00:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02b798bf1b6118db3f38fe69b9d8aa0277c04a0b
        Validity
            Not Before: Aug  1 10:28:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=30740cb1bc9a5d40ef98095fe78a397b1c5cb4fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f9:04:0b:c8:b8:1b:c4:d7:98:74:d6:43:de:
                    87:fd:31:f6:96:44:06:d5:f7:5f:3c:02:82:1d:62:
                    33:a3:3d:15:ab:24:76:a6:cd:d8:29:54:58:1f:e2:
                    ae:17:e1:5f:1a:d4:d1:2d:a9:55:64:e3:ff:b4:20:
                    c4:85:06:a3:b0:df:72:60:f6:f4:4d:44:03:0e:17:
                    0e:ff:bb:3e:cc:01:eb:3d:a1:b7:d1:68:a7:32:de:
                    68:63:52:93:48:d6:2b:39:ab:07:27:a6:63:f3:cf:
                    e2:1c:fa:ad:9c:19:8f:15:00:67:a7:27:75:2d:4f:
                    37:aa:b4:a9:53:e6:b1:1d:e5:6b:1e:e0:3b:f9:74:
                    3a:c8:66:6c:a2:8b:41:e8:e5:21:fc:a9:16:fa:df:
                    11:8f:64:39:72:98:fa:23:f0:32:56:e5:e2:75:03:
                    f1:de:84:29:13:55:7f:15:5b:81:cc:97:2e:ed:32:
                    38:47:82:e1:22:3f:89:62:20:10:f8:85:55:b2:46:
                    60:ef:2a:14:f8:24:83:ba:cd:d0:1b:ed:f8:2e:25:
                    21:8b:82:8a:b7:a2:f0:fa:90:e8:93:67:e2:2c:15:
                    cf:c8:f7:d3:ba:9e:3f:6b:9b:66:c3:2a:e0:7b:6c:
                    7d:c4:d2:70:3e:3f:e5:9f:12:33:17:bc:dd:7c:37:
                    7a:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:74:0C:B1:BC:9A:5D:40:EF:98:09:5F:E7:8A:39:7B:1C:5C:B4:FA
            X509v3 Authority Key Identifier:
                keyid:02:B7:98:BF:1B:61:18:DB:3F:38:FE:69:B9:D8:AA:02:77:C0:4A:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AreYvxthGNs_OP5pudiqAnfASgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/MHQMsbyaXUDvmAlf54o5exxctPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/AreYvxthGNs_OP5pudiqAnfASgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.151.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:0c:04:b0:46:a4:80:1a:c5:57:b8:1b:1f:ae:09:4f:5b:62:
         8b:92:43:1b:0c:fc:85:df:36:cf:d7:5e:af:fb:0c:de:cb:89:
         5c:93:6f:0b:39:1e:a7:a8:10:f7:25:97:8b:5d:90:bb:bf:f6:
         c9:ed:83:44:66:5d:ef:bc:58:5b:6b:72:53:38:9c:a9:ae:14:
         de:26:e8:7d:83:c0:99:d2:04:78:9d:34:63:6d:36:b7:f8:a3:
         a4:0e:ff:02:76:84:eb:cf:76:b0:e3:92:a0:f7:17:21:8a:9b:
         ac:a3:b5:20:5c:ff:62:fb:f2:29:7d:72:52:00:ff:e6:8b:b0:
         b5:d9:c5:8e:37:38:c8:4b:f0:94:c1:42:59:f5:05:e8:75:ec:
         80:ab:c4:b7:b2:ac:21:13:2c:a3:14:60:bb:c4:f6:83:1d:39:
         2f:bd:25:8d:15:94:a0:67:54:ed:b7:eb:be:53:9d:3a:cd:6b:
         20:82:80:1b:eb:56:09:93:43:32:88:0a:36:d7:46:8c:62:8a:
         fc:ec:6d:c4:74:d7:00:7c:9e:47:b4:4e:93:ea:93:e0:89:ef:
         ae:66:e4:bf:66:19:9b:1c:38:a2:f7:a8:61:b7:9c:a3:17:de:
         aa:b4:70:6a:5a:8b:07:fa:cb:66:6a:c8:3a:14:0b:5d:ab:7a:
         3a:5d:91:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJY8xp9CRFaxvkhvdUc/wBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjc5OGJmMWI2MTE4ZGIzZjM4ZmU2OWI5ZDhhYTAyNzdj
MDRhMGIwHhcNMjIwODAxMTAyODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc0MGNiMWJjOWE1ZDQwZWY5ODA5NWZlNzhhMzk3YjFjNWNiNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPkEC8i4G8TXmHTWQ96H/TH2lkQG
1fdfPAKCHWIzoz0VqyR2ps3YKVRYH+KuF+FfGtTRLalVZOP/tCDEhQajsN9yYPb0
TUQDDhcO/7s+zAHrPaG30WinMt5oY1KTSNYrOasHJ6Zj88/iHPqtnBmPFQBnpyd1
LU83qrSpU+axHeVrHuA7+XQ6yGZsootB6OUh/KkW+t8Rj2Q5cpj6I/AyVuXidQPx
3oQpE1V/FVuBzJcu7TI4R4LhIj+JYiAQ+IVVskZg7yoU+CSDus3QG+34LiUhi4KK
t6Lw+pDok2fiLBXPyPfTup4/a5tmwyrge2x9xNJwPj/lnxIzF7zdfDd6dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDB0DLG8ml1A75gJX+eKOXscXLT6MB8GA1UdIwQY
MBaAFAK3mL8bYRjbPzj+abnYqgJ3wEoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJlWXZ4dGhHTnNfT1A1cHVkaXFBbmZBU2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mYTc4YmQtMDNiYi00MzRjLWE3MTQt
MTBhZDVhOGJmZDA4LzEvTUhRTXNieWFYVUR2bUFsZjU0bzVleHhjdFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mYTc4YmQtMDNiYi00MzRjLWE3MTQtMTBhZDVhOGJmZDA4
LzEvQXJlWXZ4dGhHTnNfT1A1cHVkaXFBbmZBU2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJcJMA0G
CSqGSIb3DQEBCwUAA4IBAQAFDASwRqSAGsVXuBsfrglPW2KLkkMbDPyF3zbP116v
+wzey4lck28LOR6nqBD3JZeLXZC7v/bJ7YNEZl3vvFhba3JTOJyprhTeJuh9g8CZ
0gR4nTRjbTa3+KOkDv8CdoTrz3aw45Kg9xchipuso7UgXP9i+/IpfXJSAP/mi7C1
2cWONzjIS/CUwUJZ9QXodeyAq8S3sqwhEyyjFGC7xPaDHTkvvSWNFZSgZ1Ttt+u+
U506zWsggoAb61YJk0MyiAo210aMYor87G3EdNcAfJ5HtE6T6pPgie+uZuS/Zhmb
HDii96hht5yjF96qtHBqWosH+stmasg6FAtdq3o6XZHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:55 2024 by rpki-client on console-fra.rpki-client.org