Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa
File:                     NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa (raw, json)
Hash identifier:          0I5CJlRyw+Qne7GP5zecYS+NQyZptZ+kYmo5/65tCWc=
Subject key identifier:   36:D1:9A:21:CB:10:5F:37:61:22:FE:CD:E4:78:23:E0:94:D6:56:26
Certificate issuer:       /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial:       018FDEA8AEDAD6AA9A6B073FA661F386A106
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa
Signing time:             Mon 03 Jun 2024 15:12:27 +0000
ROA not before:           Mon 03 Jun 2024 15:12:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9050
IP address blocks:        84.243.64.0/18 maxlen: 18
                          86.34.0.0/15 maxlen: 15
                          86.34.0.0/16 maxlen: 16
                          86.35.0.0/16 maxlen: 16
                          86.35.0.0/21 maxlen: 21
                          86.35.9.0/24 maxlen: 24
                          86.35.10.0/24 maxlen: 24
                          86.35.12.0/24 maxlen: 24
                          86.35.13.0/24 maxlen: 24
                          86.35.14.0/24 maxlen: 24
                          86.35.15.0/24 maxlen: 24
                          86.35.16.0/20 maxlen: 20
                          86.35.32.0/19 maxlen: 19
                          86.35.64.0/18 maxlen: 18
                          86.35.128.0/17 maxlen: 17
                          89.120.0.0/16 maxlen: 16
                          89.121.0.0/16 maxlen: 16
                          89.121.0.0/18 maxlen: 18
                          89.121.64.0/18 maxlen: 18
                          89.121.128.0/17 maxlen: 17
                          89.122.0.0/16 maxlen: 16
                          89.123.0.0/16 maxlen: 16
                          89.123.0.0/17 maxlen: 17
                          89.123.128.0/17 maxlen: 17
                          92.80.0.0/16 maxlen: 16
                          92.81.0.0/16 maxlen: 16
                          92.81.128.0/17 maxlen: 17
                          92.82.0.0/16 maxlen: 16
                          92.82.0.0/18 maxlen: 18
                          92.83.0.0/16 maxlen: 16
                          92.83.0.0/19 maxlen: 19
                          92.84.0.0/16 maxlen: 16
                          92.85.0.0/16 maxlen: 16
                          92.86.0.0/16 maxlen: 16
                          92.86.36.0/24 maxlen: 24
                          92.86.38.0/24 maxlen: 24
                          92.86.48.0/24 maxlen: 24
                          92.86.50.0/24 maxlen: 24
                          92.86.90.0/24 maxlen: 24
                          92.87.0.0/16 maxlen: 16
                          92.87.11.0/24 maxlen: 24
                          92.87.54.0/24 maxlen: 24
                          92.87.118.0/24 maxlen: 24
                          92.87.128.0/23 maxlen: 23
                          92.87.133.0/24 maxlen: 24
                          92.87.170.0/24 maxlen: 24
                          92.87.173.0/24 maxlen: 24
                          92.87.174.0/24 maxlen: 24
                          92.87.175.0/24 maxlen: 24
                          92.87.214.0/23 maxlen: 23
                          92.87.232.0/24 maxlen: 24
                          92.87.244.0/24 maxlen: 24
                          92.87.245.0/24 maxlen: 24
                          109.96.0.0/16 maxlen: 16
                          109.97.0.0/16 maxlen: 16
                          109.98.0.0/16 maxlen: 16
                          109.98.113.0/24 maxlen: 24
                          109.98.115.0/24 maxlen: 24
                          109.98.117.0/24 maxlen: 24
                          109.98.119.0/24 maxlen: 24
                          109.98.121.0/24 maxlen: 24
                          109.98.123.0/24 maxlen: 24
                          109.98.126.0/24 maxlen: 24
                          109.98.192.0/23 maxlen: 23
                          109.98.192.0/24 maxlen: 24
                          109.98.193.0/24 maxlen: 24
                          109.99.0.0/16 maxlen: 16
                          109.99.158.0/24 maxlen: 24
                          109.99.184.0/24 maxlen: 24
                          109.99.185.0/24 maxlen: 24
                          109.99.189.0/24 maxlen: 24
                          109.99.192.0/24 maxlen: 24
                          109.99.214.0/24 maxlen: 24
                          109.99.216.0/24 maxlen: 24
                          109.100.0.0/16 maxlen: 16
                          109.101.0.0/16 maxlen: 16
                          109.102.0.0/16 maxlen: 16
                          109.102.161.0/24 maxlen: 24
                          109.102.163.0/24 maxlen: 24
                          109.103.0.0/16 maxlen: 16
                          185.133.64.0/22 maxlen: 22
                          185.133.64.0/24 maxlen: 24
                          217.115.208.0/20 maxlen: 20
                          2a02:d10::/32 maxlen: 64
                          2a02:d10:800:1::/64 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:de:a8:ae:da:d6:aa:9a:6b:07:3f:a6:61:f3:86:a1:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
        Validity
            Not Before: Jun  3 15:12:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=36d19a21cb105f376122fecde47823e094d65626
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4f:78:61:df:b6:e8:9b:9e:8b:24:44:a5:93:
                    2c:1c:b7:29:9b:b8:3b:8e:ac:d8:a8:18:f1:f9:ab:
                    e4:14:15:d9:dc:6a:2b:b8:06:f9:6a:5c:54:ea:58:
                    76:73:7b:8e:b6:bb:f7:ea:c9:be:07:45:2a:5f:1d:
                    69:13:f0:bd:a5:c8:22:d0:71:13:9f:91:83:06:9a:
                    83:3c:b1:10:61:d0:43:5a:df:05:50:68:f0:27:8c:
                    c3:cc:5e:77:49:51:1f:57:d9:a3:4f:8b:4a:e8:29:
                    ee:ef:bd:ad:bf:86:3f:f7:dc:92:66:17:8a:63:76:
                    f4:06:b7:13:a6:2e:f4:aa:7c:4e:f8:a8:82:2d:14:
                    f4:70:bd:63:60:ad:8f:6e:37:f8:ee:1b:d2:e3:27:
                    de:d2:8c:9e:13:5a:40:2b:d4:a3:38:07:6c:7b:ea:
                    e7:d7:5b:47:69:ba:85:e5:cf:e9:d7:37:36:85:37:
                    25:44:a4:50:91:9d:0e:03:ed:23:fd:4e:dc:f6:7c:
                    5c:75:0d:f8:de:9e:18:14:e1:18:75:8d:08:68:84:
                    ac:8f:38:b5:d2:2d:08:0d:36:eb:41:ec:4c:f1:cc:
                    90:eb:ee:a6:67:7e:8b:8b:d7:04:2f:da:73:f0:44:
                    76:93:0e:b1:9a:fe:24:df:e6:36:63:c7:d5:5f:88:
                    c8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D1:9A:21:CB:10:5F:37:61:22:FE:CD:E4:78:23:E0:94:D6:56:26
            X509v3 Authority Key Identifier:
                keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/NtGaIcsQXzdhIv7N5Hgj4JTWViY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.243.64.0/18
                  86.34.0.0/15
                  89.120.0.0/14
                  92.80.0.0/13
                  109.96.0.0/13
                  185.133.64.0/22
                  217.115.208.0/20
                IPv6:
                  2a02:d10::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:c1:4e:32:a5:81:ad:ec:82:fd:01:ef:c5:0c:7b:6a:a7:94:
         74:d7:fe:6d:d7:7b:91:4c:09:dc:5f:31:a8:7e:be:ec:60:60:
         dc:82:57:25:8e:ea:4c:23:8d:fd:ac:0c:74:b1:d1:c1:c3:19:
         69:f4:f3:ec:8e:e1:df:44:c9:bc:95:bc:b4:26:7a:62:1d:4f:
         ce:3e:76:03:06:76:de:13:b7:8e:9d:16:cc:60:d0:ba:76:d5:
         14:78:56:6e:ae:cd:f8:d9:4f:8b:5a:14:91:ea:20:3e:20:d0:
         8d:39:63:71:a8:51:60:aa:b9:92:df:94:52:7d:dc:de:8c:0b:
         c4:10:fe:da:94:0e:c7:3b:2b:cd:14:42:f4:cf:4a:78:e5:9b:
         4c:93:c5:a4:8f:96:3d:7c:15:50:63:5b:78:5e:ef:70:25:4b:
         1f:75:50:68:ea:55:8f:20:5a:68:ee:78:0c:cc:12:27:6a:46:
         bd:16:68:7f:8b:ec:5c:2a:9a:fd:be:8f:cd:6a:67:c1:de:79:
         d7:93:80:47:d9:ac:8d:a1:9b:24:36:09:a9:81:1d:9f:39:0c:
         b8:e2:96:96:d3:27:d3:89:08:84:ad:d6:0a:37:21:a4:d6:b9:
         d2:ec:58:88:95:63:ec:bf:37:a3:7b:94:bb:d6:ac:04:e9:d8:
         fe:5d:50:ca
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY/eqK7a1qqaawc/pmHzhqEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjQwNjAzMTUxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQxOWEyMWNiMTA1ZjM3NjEyMmZlY2RlNDc4MjNlMDk0ZDY1NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr094Yd+26JueiyREpZMsHLcpm7g7
jqzYqBjx+avkFBXZ3GoruAb5alxU6lh2c3uOtrv36sm+B0UqXx1pE/C9pcgi0HET
n5GDBpqDPLEQYdBDWt8FUGjwJ4zDzF53SVEfV9mjT4tK6Cnu772tv4Y/99ySZheK
Y3b0BrcTpi70qnxO+KiCLRT0cL1jYK2Pbjf47hvS4yfe0oyeE1pAK9SjOAdse+rn
11tHabqF5c/p1zc2hTclRKRQkZ0OA+0j/U7c9nxcdQ343p4YFOEYdY0IaISsjzi1
0i0IDTbrQexM8cyQ6+6mZ36Li9cEL9pz8ER2kw6xmv4k3+Y2Y8fVX4jImQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDbRmiHLEF83YSL+zeR4I+CU1lYmMB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvTnRHYUljc1FYemRoSXY3TjVIZ2o0SlRXVmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAK7BTjKlga3sgv0B78UMe2qnlHTX/m3Xe5FMCdxfMah+
vuxgYNyCVyWO6kwjjf2sDHSx0cHDGWn08+yO4d9EybyVvLQmemIdT84+dgMGdt4T
t46dFsxg0Lp21RR4Vm6uzfjZT4taFJHqID4g0I05Y3GoUWCquZLflFJ93N6MC8QQ
/tqUDsc7K80UQvTPSnjlm0yTxaSPlj18FVBjW3he73AlSx91UGjqVY8gWmjueAzM
EidqRr0WaH+L7Fwqmv2+j81qZ8HeedeTgEfZrI2hmyQ2CamBHZ85DLjilpbTJ9OJ
CISt1go3IaTWudLsWIiVY+y/N6N7lLvWrATp2P5dUMo=
-----END CERTIFICATE-----
Generated at Wed Jun 26 14:22:53 2024 by rpki-client on console-ams.rpki-client.org