Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa
File:                     iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa (raw, json)
Hash identifier:          jJGgAFnrzAx2WO7vq5PQY4wE34fNymIBu60g6/DnPUw=
Subject key identifier:   89:2A:8A:33:F7:55:11:F3:AE:6C:2E:10:B3:55:FA:85:2C:1D:30:3B
Certificate issuer:       /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial:       018A94B11E0BF96861F5FA0B3E284EC7FBCA
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa
Signing time:             Thu 14 Sep 2023 17:15:50 +0000
ROA not before:           Thu 14 Sep 2023 17:15:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:94:b1:1e:0b:f9:68:61:f5:fa:0b:3e:28:4e:c7:fb:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
        Validity
            Not Before: Sep 14 17:15:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=892a8a33f75511f3ae6c2e10b355fa852c1d303b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c7:af:2f:78:5c:92:91:c8:d4:de:b4:cb:23:
                    1c:da:55:c8:fa:03:fc:67:d0:4a:d9:52:99:9b:5c:
                    58:12:8d:e3:63:48:92:f2:ad:af:c4:e9:97:e3:97:
                    3e:4e:6b:e1:19:95:f7:51:a6:cb:e0:f6:b6:bd:4d:
                    97:d7:69:55:79:cc:ce:04:6c:42:d2:41:aa:5a:4a:
                    bc:ce:d5:62:e4:c0:ff:b5:fc:2e:88:b2:81:d8:b8:
                    9f:bf:b1:4d:19:ea:25:c1:b4:d6:15:1e:dd:b5:2d:
                    88:c9:25:cc:40:4b:2c:dd:c3:6b:db:29:cd:4d:5e:
                    61:65:76:6f:99:f4:00:2a:57:30:e1:b4:c4:3c:90:
                    18:b6:29:73:1d:58:67:40:0d:16:91:b1:4d:e3:39:
                    a3:3b:28:f1:fa:84:1c:c4:f3:66:30:04:ca:73:58:
                    0c:9b:d7:97:5d:85:f9:57:24:96:85:9b:e0:f1:d7:
                    bc:7c:64:89:09:56:e4:4f:c5:7c:ce:d8:76:72:f5:
                    03:a9:30:71:f3:8c:f0:86:00:75:16:0a:17:77:39:
                    87:42:49:6c:c9:2c:de:d3:21:fd:eb:a0:1f:0d:4e:
                    b3:3b:cd:19:c9:b0:fa:31:68:8d:80:bb:43:c1:52:
                    b2:92:db:e4:61:32:17:73:78:d6:8a:24:56:9e:fe:
                    09:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:2A:8A:33:F7:55:11:F3:AE:6C:2E:10:B3:55:FA:85:2C:1D:30:3B
            X509v3 Authority Key Identifier:
                keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/iSqKM_dVEfOubC4Qs1X6hSwdMDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:df:b1:7f:ad:db:01:28:da:75:9e:3d:74:c8:1f:52:6b:f9:
         42:be:71:73:a6:90:85:4e:c5:4e:a5:35:28:18:d5:fd:ec:b2:
         90:ad:c7:46:95:c6:49:85:0b:50:c0:b2:6d:bf:18:7d:a5:a9:
         a9:3d:91:db:70:b3:9b:df:ae:b7:eb:09:fa:fd:86:35:7b:78:
         00:52:73:60:74:f4:ee:25:fc:16:b0:94:3d:78:97:fa:79:06:
         a5:1e:df:b5:55:9b:5b:ea:28:a6:14:c8:34:15:f3:f2:cf:8a:
         05:03:44:23:13:75:de:30:36:e6:cb:a6:fb:73:04:8e:dd:a0:
         9d:59:a5:4d:1a:d2:61:a3:d2:ec:24:08:df:cf:86:b7:ab:68:
         83:6a:d3:c3:05:bc:47:71:40:c2:39:ad:2f:4a:77:64:75:71:
         84:a8:46:e4:ca:3d:19:51:83:ef:f7:40:56:cf:c0:d7:a5:da:
         1b:35:4e:53:aa:98:71:a0:09:16:55:06:f9:a0:58:3a:97:63:
         cd:4e:3b:77:9d:64:23:90:eb:e6:18:2f:ab:b4:1d:44:37:67:
         cd:88:7d:3b:b6:9c:ac:26:58:33:9b:2a:f1:44:25:eb:b0:47:
         9b:06:16:c3:68:a0:ad:bf:e6:ab:40:28:63:5f:a9:84:0e:bd:
         7c:58:78:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqUsR4L+Whh9foLPihOx/vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE0MTcxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTJhOGEzM2Y3NTUxMWYzYWU2YzJlMTBiMzU1ZmE4NTJjMWQzMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcevL3hckpHI1N60yyMc2lXI+gP8
Z9BK2VKZm1xYEo3jY0iS8q2vxOmX45c+TmvhGZX3UabL4Pa2vU2X12lVeczOBGxC
0kGqWkq8ztVi5MD/tfwuiLKB2Lifv7FNGeolwbTWFR7dtS2IySXMQEss3cNr2ynN
TV5hZXZvmfQAKlcw4bTEPJAYtilzHVhnQA0WkbFN4zmjOyjx+oQcxPNmMATKc1gM
m9eXXYX5VySWhZvg8de8fGSJCVbkT8V8zth2cvUDqTBx84zwhgB1FgoXdzmHQkls
ySze0yH966AfDU6zO80ZybD6MWiNgLtDwVKyktvkYTIXc3jWiiRWnv4JlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIkqijP3VRHzrmwuELNV+oUsHTA7MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaVNxS01fZFZFZk91YkM0UXMxWDZoU3dkTURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAvfsX+t2wEo2nWePXTI
H1Jr+UK+cXOmkIVOxU6lNSgY1f3sspCtx0aVxkmFC1DAsm2/GH2lqak9kdtws5vf
rrfrCfr9hjV7eABSc2B09O4l/BawlD14l/p5BqUe37VVm1vqKKYUyDQV8/LPigUD
RCMTdd4wNubLpvtzBI7doJ1ZpU0a0mGj0uwkCN/PhreraINq08MFvEdxQMI5rS9K
d2R1cYSoRuTKPRlRg+/3QFbPwNel2hs1TlOqmHGgCRZVBvmgWDqXY81OO3edZCOQ
6+YYL6u0HUQ3Z82IfTu2nKwmWDObKvFEJeuwR5sGFsNooK2/5qtAKGNfqYQOvXxY
eBU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org