Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/nYzCsU9rhYQEMtsXv9pS28lHuVE.roa
File:                     nYzCsU9rhYQEMtsXv9pS28lHuVE.roa (raw, json)
Hash identifier:          RJyr5SZBg2rv2AnEUE1fjEtTsE2LUGSxg6PRAm+lysU=
Subject key identifier:   9D:8C:C2:B1:4F:6B:85:84:04:32:DB:17:BF:DA:52:DB:C9:47:B9:51
Certificate issuer:       /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial:       018C31C19CA58E1552F8F4AE3C067DF3892B
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/nYzCsU9rhYQEMtsXv9pS28lHuVE.roa
Signing time:             Sun 03 Dec 2023 22:17:01 +0000
ROA not before:           Sun 03 Dec 2023 22:17:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49434
IP address blocks:        194.180.225.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:31:c1:9c:a5:8e:15:52:f8:f4:ae:3c:06:7d:f3:89:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
        Validity
            Not Before: Dec  3 22:17:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d8cc2b14f6b85840432db17bfda52dbc947b951
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:25:46:3d:ad:9a:49:bd:b9:a8:2e:9e:6f:57:
                    11:65:76:4c:06:c2:68:50:dc:a8:09:1c:9b:48:c0:
                    31:58:2b:80:11:86:ea:ca:74:8d:9f:b1:e4:84:88:
                    de:85:9d:03:b5:4b:16:07:ed:14:da:94:99:f5:f7:
                    c7:90:fe:62:7f:0d:6e:9d:1e:a6:2e:a5:1a:e2:f0:
                    5b:df:e3:68:cb:a3:5f:33:d5:1b:3f:63:e0:78:da:
                    32:75:48:d1:a5:e2:29:91:6d:9d:b1:29:6e:6b:b7:
                    12:63:16:55:75:26:98:83:df:14:bb:92:ca:a6:42:
                    fd:e9:80:fa:71:a3:b7:d4:be:6b:b8:50:65:97:55:
                    35:a0:2d:82:21:8d:d2:e2:90:9b:9c:e0:47:e7:9d:
                    72:84:d7:80:34:3d:5f:63:ce:99:ac:e2:c7:19:3e:
                    04:f7:76:21:78:69:4c:b2:bc:a4:dc:7b:40:8c:ce:
                    b9:92:ec:d6:fe:55:20:d2:0c:77:3c:d5:54:48:66:
                    57:d1:e1:ef:3d:58:e9:7f:8b:cd:92:74:be:1f:51:
                    24:ac:0a:75:ff:43:5d:bd:77:89:80:ef:b0:74:f4:
                    a1:df:da:e8:0e:27:f2:da:1a:a0:09:93:28:ac:aa:
                    b9:a5:da:04:95:1b:73:00:06:45:5d:b6:0d:3b:35:
                    b0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:8C:C2:B1:4F:6B:85:84:04:32:DB:17:BF:DA:52:DB:C9:47:B9:51
            X509v3 Authority Key Identifier:
                keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/nYzCsU9rhYQEMtsXv9pS28lHuVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.180.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:de:df:46:ff:ad:df:c1:9f:91:bf:34:2b:ad:68:b9:93:a0:
         21:ff:88:28:f4:3f:d5:35:75:3e:b9:bd:31:e0:f6:0f:3a:71:
         1b:21:48:4e:22:2d:38:c5:f9:0f:3c:78:a4:b8:79:23:42:f2:
         4c:c6:ef:5d:47:af:30:99:00:a8:2f:a4:e8:67:30:9c:ec:53:
         ef:e0:e9:e6:16:0f:1f:be:7c:de:6c:8c:62:f7:52:ba:99:1c:
         01:64:ec:0a:b7:34:69:31:7a:dc:83:58:45:90:ed:12:9e:eb:
         50:f9:90:5f:30:31:10:a7:33:77:87:8f:08:11:7b:5d:45:72:
         92:d0:98:97:de:30:1e:a1:f3:9e:f9:d9:6e:a1:e9:fb:1b:19:
         c4:cc:1f:16:82:5e:d5:b4:38:39:f9:26:e9:73:c9:4c:30:a5:
         07:cf:4a:fc:64:a8:7e:ed:6c:a6:2d:4e:b3:91:41:6f:a2:20:
         1d:6f:ae:98:8a:2b:c3:27:61:f5:8d:8f:20:16:c3:11:8a:31:
         34:5f:5d:4e:2a:28:9f:4e:f4:c6:28:8c:65:a2:32:5d:9a:95:
         0d:c0:c7:b4:87:41:ca:63:11:7c:bb:d9:f7:0e:19:45:8f:fa:
         85:77:67:1b:c0:c3:91:9b:a5:1d:ea:a1:4a:30:b9:9e:46:62:
         92:54:6e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwxwZyljhVS+PSuPAZ984krMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjMxMjAzMjIxNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDhjYzJiMTRmNmI4NTg0MDQzMmRiMTdiZmRhNTJkYmM5NDdiOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSVGPa2aSb25qC6eb1cRZXZMBsJo
UNyoCRybSMAxWCuAEYbqynSNn7HkhIjehZ0DtUsWB+0U2pSZ9ffHkP5ifw1unR6m
LqUa4vBb3+Noy6NfM9UbP2PgeNoydUjRpeIpkW2dsSlua7cSYxZVdSaYg98Uu5LK
pkL96YD6caO31L5ruFBll1U1oC2CIY3S4pCbnOBH551yhNeAND1fY86ZrOLHGT4E
93YheGlMsryk3HtAjM65kuzW/lUg0gx3PNVUSGZX0eHvPVjpf4vNknS+H1EkrAp1
/0NdvXeJgO+wdPSh39roDify2hqgCZMorKq5pdoElRtzAAZFXbYNOzWw/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2MwrFPa4WEBDLbF7/aUtvJR7lRMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvbll6Q3NVOXJoWVFFTXRzWHY5cFMyOGxIdVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrThMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ3t9G/63fwZ+RvzQrrWi5k6Ah/4go9D/VNXU+ub0x
4PYPOnEbIUhOIi04xfkPPHikuHkjQvJMxu9dR68wmQCoL6ToZzCc7FPv4OnmFg8f
vnzebIxi91K6mRwBZOwKtzRpMXrcg1hFkO0SnutQ+ZBfMDEQpzN3h48IEXtdRXKS
0JiX3jAeofOe+dluoen7GxnEzB8Wgl7VtDg5+Sbpc8lMMKUHz0r8ZKh+7WymLU6z
kUFvoiAdb66YiivDJ2H1jY8gFsMRijE0X11OKiifTvTGKIxlojJdmpUNwMe0h0HK
YxF8u9n3DhlFj/qFd2cbwMORm6Ud6qFKMLmeRmKSVG7h
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:18 2024 by rpki-client on console-ams.rpki-client.org