Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G6kouPrWHqLN6L5xHwfytwmcFVs.roa
File:                     G6kouPrWHqLN6L5xHwfytwmcFVs.roa (raw, json)
Hash identifier:          O7m96ztqi1GlDAEIPBssjTTVPMqVAUUfilktXyESAIU=
Subject key identifier:   1B:A9:28:B8:FA:D6:1E:A2:CD:E8:BE:71:1F:07:F2:B7:09:9C:15:5B
Certificate issuer:       /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial:       01856F6FF58C01C842A973C1F424D09C95BE
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G6kouPrWHqLN6L5xHwfytwmcFVs.roa
Signing time:             Sun 01 Jan 2023 22:24:46 +0000
ROA not before:           Sun 01 Jan 2023 22:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7029
IP address blocks:        194.36.172.0/23 maxlen: 23
                          194.36.172.0/24 maxlen: 24
                          194.36.173.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:6f:f5:8c:01:c8:42:a9:73:c1:f4:24:d0:9c:95:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
        Validity
            Not Before: Jan  1 22:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ba928b8fad61ea2cde8be711f07f2b7099c155b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ea:09:d9:d7:f2:25:87:62:41:a6:6a:91:a8:
                    00:55:93:24:b3:95:f1:00:2a:d3:bb:6a:af:40:50:
                    34:67:59:9b:b2:ae:42:e4:b9:f5:fd:b6:4f:6b:83:
                    38:10:ef:2f:0e:3c:88:85:ee:23:9e:b7:19:4d:36:
                    9a:f1:39:ff:22:ca:20:d7:65:cb:b7:e8:b6:68:0d:
                    f1:c4:a7:06:8e:e7:19:cd:9f:fa:0b:40:b1:30:36:
                    c6:eb:aa:25:6a:4b:e5:86:ca:79:a5:02:8b:3d:c2:
                    3e:44:3b:68:b7:f3:14:6c:a8:e0:0a:02:a4:1c:3c:
                    69:c1:07:ea:be:85:16:7e:70:78:ff:16:c0:9a:02:
                    85:ad:7d:fb:09:3a:f0:99:a3:7d:53:e1:5a:ff:10:
                    4e:3b:ec:10:a0:9b:62:69:b8:b3:56:17:b5:13:5e:
                    02:55:88:25:7a:4f:fe:b5:48:c6:a2:d5:09:1c:7d:
                    6b:79:4c:c6:07:77:b0:49:bb:ae:fb:89:c9:6b:6a:
                    61:62:63:e8:e0:81:1c:fd:4d:1f:e8:cf:94:b4:08:
                    db:a4:d0:68:87:0b:a1:99:1f:e0:14:49:0b:a4:af:
                    a5:a1:df:b8:54:76:04:82:00:cc:80:76:da:77:f0:
                    b2:6d:9f:a4:08:5d:68:11:cb:a4:5a:2f:ec:8e:74:
                    cc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:A9:28:B8:FA:D6:1E:A2:CD:E8:BE:71:1F:07:F2:B7:09:9C:15:5B
            X509v3 Authority Key Identifier:
                keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G6kouPrWHqLN6L5xHwfytwmcFVs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.36.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         72:e1:d8:4c:d4:bc:4f:82:6a:5c:5b:82:16:e6:a2:da:e6:d0:
         c4:d3:29:a7:c7:cc:8a:c3:10:1e:b5:f7:fe:35:09:82:ac:fc:
         b1:39:d6:e9:ca:9c:80:a0:fa:49:f2:be:c7:bd:3a:5a:75:2c:
         35:7b:0b:4e:b1:39:4a:d9:16:19:25:cd:04:7a:45:06:78:a1:
         b4:a2:97:28:d3:f5:f6:65:06:7e:6d:b1:5a:76:a7:b7:e9:82:
         21:39:d8:65:3d:11:fa:e2:58:dd:ac:25:ff:35:e8:93:aa:ad:
         4e:6f:5f:2f:25:c9:73:c4:b6:5d:1b:9b:a4:c2:a3:28:f8:03:
         c6:df:45:5e:54:87:a3:89:ae:50:fa:36:25:63:47:90:6a:6f:
         45:78:57:0a:40:61:76:20:e2:dc:d8:9b:7a:04:f1:b9:57:e0:
         d9:90:33:ab:e1:38:eb:2c:d8:fc:0a:4b:63:b2:1a:fa:1c:c2:
         51:bc:7b:5b:a2:43:08:00:20:05:b3:75:98:85:60:7b:cc:c5:
         f8:bb:59:9d:2b:84:83:12:59:14:85:42:97:75:4c:b2:27:dc:
         b0:c8:de:fa:2a:62:05:a6:5c:39:02:74:8b:39:32:38:a0:a8:
         14:e1:0e:50:2b:b7:54:18:60:32:14:7a:ec:f4:e6:1a:39:ef:
         b9:ca:6b:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvb/WMAchCqXPB9CTQnJW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjMwMTAxMjIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE5MjhiOGZhZDYxZWEyY2RlOGJlNzExZjA3ZjJiNzA5OWMxNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eoJ2dfyJYdiQaZqkagAVZMks5Xx
ACrTu2qvQFA0Z1mbsq5C5Ln1/bZPa4M4EO8vDjyIhe4jnrcZTTaa8Tn/Isog12XL
t+i2aA3xxKcGjucZzZ/6C0CxMDbG66olakvlhsp5pQKLPcI+RDtot/MUbKjgCgKk
HDxpwQfqvoUWfnB4/xbAmgKFrX37CTrwmaN9U+Fa/xBOO+wQoJtiabizVhe1E14C
VYglek/+tUjGotUJHH1reUzGB3ewSbuu+4nJa2phYmPo4IEc/U0f6M+UtAjbpNBo
hwuhmR/gFEkLpK+lod+4VHYEggDMgHbad/CybZ+kCF1oEcukWi/sjnTMRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBupKLj61h6izei+cR8H8rcJnBVbMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvRzZrb3VQcldIcUxONkw1eEh3Znl0d21jRlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiSsMA0G
CSqGSIb3DQEBCwUAA4IBAQBy4dhM1LxPgmpcW4IW5qLa5tDE0ymnx8yKwxAetff+
NQmCrPyxOdbpypyAoPpJ8r7HvTpadSw1ewtOsTlK2RYZJc0EekUGeKG0opco0/X2
ZQZ+bbFadqe36YIhOdhlPRH64ljdrCX/NeiTqq1Ob18vJclzxLZdG5ukwqMo+APG
30VeVIejia5Q+jYlY0eQam9FeFcKQGF2IOLc2Jt6BPG5V+DZkDOr4TjrLNj8Cktj
shr6HMJRvHtbokMIACAFs3WYhWB7zMX4u1mdK4SDElkUhUKXdUyyJ9ywyN76KmIF
plw5AnSLOTI4oKgU4Q5QK7dUGGAyFHrs9OYaOe+5ymtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:24 2024 by rpki-client on console-fra.rpki-client.org