Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa
File:                     If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa (raw, json)
Hash identifier:          Ei6TJyzqPmV9Mm2D2yZDcDzEZpVT5/jEamzRFRfKysQ=
Subject key identifier:   21:FD:2F:65:E0:15:BC:E5:12:21:D0:54:8C:E2:B6:4D:31:4A:F2:14
Certificate issuer:       /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial:       018CC94CED923240F9F541E0A44ADED6EB84
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa
Signing time:             Tue 02 Jan 2024 08:31:51 +0000
ROA not before:           Tue 02 Jan 2024 08:31:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3169
IP address blocks:        45.88.4.0/24 maxlen: 24
                          155.133.62.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:4c:ed:92:32:40:f9:f5:41:e0:a4:4a:de:d6:eb:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
        Validity
            Not Before: Jan  2 08:31:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=21fd2f65e015bce51221d0548ce2b64d314af214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ae:a2:f5:d6:b8:7f:ed:36:69:95:e3:fc:0e:
                    21:97:c4:db:05:82:bf:c2:dc:9b:d4:49:26:f4:7d:
                    33:ed:8c:9d:34:6c:e4:57:43:05:24:a5:a7:c6:28:
                    51:5d:87:e4:b7:63:8d:53:7c:62:40:af:71:95:4c:
                    39:98:3a:bd:f4:0c:18:f9:3e:2e:9b:e1:8b:47:3a:
                    90:7c:4a:2d:29:bd:18:fc:d1:1f:30:a1:63:9c:f7:
                    77:b4:fb:cf:22:7d:c8:dc:a6:df:b2:7e:fb:71:39:
                    0e:78:7a:e4:ac:bd:a7:ad:52:87:e9:60:99:c5:03:
                    76:28:e1:c3:17:14:1c:ae:c7:1a:d8:1f:e7:eb:37:
                    17:3e:59:b6:07:35:29:b5:94:ad:ae:d6:ad:c3:4a:
                    c1:40:14:a4:e7:a1:fb:1f:90:74:b1:11:11:8d:77:
                    75:7b:59:14:55:34:71:21:98:8a:ff:17:52:ff:81:
                    c3:eb:91:bb:f6:6b:c8:0e:32:2a:e3:67:49:ef:ba:
                    66:b4:7c:7d:46:13:29:55:57:ed:3b:ad:4a:77:cf:
                    72:ed:ac:30:8d:f8:b5:c0:c0:44:a2:5d:d7:a5:64:
                    1a:42:9e:eb:45:91:ff:64:57:e9:6c:50:bb:bd:10:
                    94:9f:c1:79:de:8a:e5:ae:77:0d:5e:9d:15:10:07:
                    29:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:FD:2F:65:E0:15:BC:E5:12:21:D0:54:8C:E2:B6:4D:31:4A:F2:14
            X509v3 Authority Key Identifier:
                keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.4.0/24
                  155.133.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c8:dd:c9:78:4f:c8:7f:05:97:c8:1a:b4:ee:84:e2:c1:8e:fb:
         32:a9:ab:3d:cc:cc:9c:09:f4:68:b1:83:33:ba:b8:a0:51:e5:
         1b:1d:de:09:99:d7:5c:97:24:8b:dd:c4:a6:64:2a:cf:fb:89:
         a3:6d:70:7f:05:2e:da:1b:ed:4a:73:ed:fa:33:0d:4a:cd:db:
         10:c1:3a:8f:63:34:a8:41:98:64:bb:5f:72:f1:17:ba:0f:5c:
         b7:c6:8f:c6:8d:f8:90:6c:1d:bb:d7:01:eb:85:ca:7c:06:01:
         62:31:51:5a:f7:e4:d8:96:bd:05:70:25:33:08:f6:30:a8:3e:
         1b:c0:18:42:c6:1b:b8:1a:3d:cc:c4:8f:c1:29:a6:2c:05:7e:
         be:7d:3a:21:8b:6d:a9:5f:12:71:12:e1:ba:2a:8b:f5:85:f0:
         6a:82:a9:d4:ad:2b:4e:78:11:f0:be:2c:a1:3a:64:df:1b:de:
         91:11:57:38:7a:ca:83:9a:a7:0c:c4:7f:45:73:62:68:34:a6:
         f6:45:a7:8b:3c:b0:b0:fe:86:70:03:fb:9d:a5:71:3c:2c:1f:
         b7:6a:69:56:51:2f:c5:3a:57:2f:22:11:65:f5:4c:f1:78:20:
         ef:66:cd:59:e6:1f:24:ef:e3:67:8b:23:88:70:79:b1:01:57:
         55:19:91:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTO2SMkD59UHgpEre1uuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwMTAyMDgzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZkMmY2NWUwMTViY2U1MTIyMWQwNTQ4Y2UyYjY0ZDMxNGFmMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj66i9da4f+02aZXj/A4hl8TbBYK/
wtyb1Ekm9H0z7YydNGzkV0MFJKWnxihRXYfkt2ONU3xiQK9xlUw5mDq99AwY+T4u
m+GLRzqQfEotKb0Y/NEfMKFjnPd3tPvPIn3I3Kbfsn77cTkOeHrkrL2nrVKH6WCZ
xQN2KOHDFxQcrsca2B/n6zcXPlm2BzUptZStrtatw0rBQBSk56H7H5B0sRERjXd1
e1kUVTRxIZiK/xdS/4HD65G79mvIDjIq42dJ77pmtHx9RhMpVVftO61Kd89y7aww
jfi1wMBEol3XpWQaQp7rRZH/ZFfpbFC7vRCUn8F53orlrncNXp0VEAcpIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCH9L2XgFbzlEiHQVIzitk0xSvIUMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvSWYwdlplQVZ2T1VTSWRCVWpPSzJUVEZLOGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
Generated at Wed Jun 12 14:31:35 2024 by rpki-client on console-ams.rpki-client.org