Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/2bsJ1vau1naEAYIMi8zPF7x62-0.roa
File:                     2bsJ1vau1naEAYIMi8zPF7x62-0.roa (raw, json)
Hash identifier:          WjJhGFZ2sb0tk9sHrijROEg/4dmCw7Rtwtdz3XRmAp0=
Subject key identifier:   D9:BB:09:D6:F6:AE:D6:76:84:01:82:0C:8B:CC:CF:17:BC:7A:DB:ED
Certificate issuer:       /CN=926697c9efda955cba3e6f8970d72e996bf3c165
Certificate serial:       0185708CA5258306CF7CED95EF305061DA5B
Authority key identifier: 92:66:97:C9:EF:DA:95:5C:BA:3E:6F:89:70:D7:2E:99:6B:F3:C1:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kmaXye_alVy6Pm-JcNcumWvzwWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/2bsJ1vau1naEAYIMi8zPF7x62-0.roa
Signing time:             Mon 02 Jan 2023 03:35:43 +0000
ROA not before:           Mon 02 Jan 2023 03:35:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        178.20.28.0/22 maxlen: 24
                          88.218.47.0/24 maxlen: 24
                          88.218.45.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:a5:25:83:06:cf:7c:ed:95:ef:30:50:61:da:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=926697c9efda955cba3e6f8970d72e996bf3c165
        Validity
            Not Before: Jan  2 03:35:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9bb09d6f6aed6768401820c8bcccf17bc7adbed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:7d:fa:2f:4f:08:c7:e0:3e:14:ea:f7:95:44:
                    a4:15:84:a6:03:c9:3d:91:e9:c6:b1:86:ad:9e:3c:
                    88:d9:cf:fb:4a:79:a9:46:9a:b1:b0:0e:19:7d:ce:
                    63:1e:ff:ff:0d:95:cf:4e:2e:92:42:39:14:9c:86:
                    e0:ac:53:53:99:b6:f8:5d:e7:d6:be:b1:87:dc:fd:
                    55:69:27:ec:58:3d:af:bc:f2:77:a4:77:da:8d:b8:
                    56:6c:fc:65:36:3f:b2:bd:15:38:fc:61:73:2a:ae:
                    41:6f:14:f1:0a:d7:1b:5c:73:da:7b:57:f9:cb:b2:
                    83:a7:6c:2b:c3:ec:7e:a4:1a:6f:19:36:6f:af:bc:
                    04:92:de:d4:9e:c7:90:45:8f:40:41:0d:4f:9b:68:
                    75:03:df:ab:f2:2c:9a:89:69:27:db:09:13:20:7b:
                    80:93:e5:b6:a1:83:97:2c:6e:42:71:8b:74:e1:ef:
                    1d:e0:06:ca:e5:a1:c4:1c:14:a8:45:37:fb:0b:7c:
                    26:e3:7d:bb:c1:9d:f7:11:d5:5d:da:b1:6f:3a:90:
                    01:61:f0:59:65:f6:07:22:72:48:4f:bf:4f:01:ca:
                    13:f8:70:58:dd:a3:f3:b6:2b:7f:fc:de:09:d1:9e:
                    b8:0e:6c:41:02:0a:06:0a:09:46:6c:bd:da:67:07:
                    8e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:BB:09:D6:F6:AE:D6:76:84:01:82:0C:8B:CC:CF:17:BC:7A:DB:ED
            X509v3 Authority Key Identifier:
                keyid:92:66:97:C9:EF:DA:95:5C:BA:3E:6F:89:70:D7:2E:99:6B:F3:C1:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmaXye_alVy6Pm-JcNcumWvzwWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/2bsJ1vau1naEAYIMi8zPF7x62-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/kmaXye_alVy6Pm-JcNcumWvzwWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.45.0/24
                  88.218.47.0/24
                  178.20.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:b3:89:0d:52:77:a7:b2:03:b4:f4:67:02:0d:4d:83:28:7a:
         b8:c9:9b:eb:32:5b:8a:8d:ae:21:eb:f7:6e:bb:76:da:e6:95:
         c3:c3:c3:b8:22:fa:3d:df:0b:8c:d9:47:dd:15:a6:f9:d0:e5:
         ed:14:77:bd:e1:0e:1a:2b:43:dd:e2:64:c7:91:db:02:95:23:
         83:b5:e5:34:c9:83:83:4e:b8:54:d1:76:b2:87:60:22:c8:08:
         71:1d:46:60:91:95:63:a6:c1:ab:86:87:09:5c:e9:77:f0:6e:
         17:d1:3b:78:e1:aa:46:a0:89:9c:15:db:5b:76:e2:5f:6a:9d:
         56:a7:81:73:e0:0f:8d:76:b0:a2:55:54:fd:d0:45:fa:9b:60:
         bc:38:65:8f:b9:c1:e8:6b:0d:db:15:6b:f3:1c:73:0e:03:c0:
         be:38:4e:4c:f2:18:8e:59:9b:22:c0:03:d7:18:3d:1f:8d:78:
         f5:2d:bf:57:89:e1:f4:0b:3c:e9:7b:bf:77:ff:94:89:b1:e7:
         dc:72:09:3b:70:e4:e2:14:48:9c:85:1e:6a:f2:9d:42:03:78:
         68:28:1b:e4:b5:70:fb:0f:10:6e:aa:b8:86:8d:c8:77:b1:07:
         33:f6:47:73:03:40:51:89:27:cc:eb:01:5b:33:9f:f7:6a:6e:
         7a:50:fe:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjKUlgwbPfO2V7zBQYdpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjY5N2M5ZWZkYTk1NWNiYTNlNmY4OTcwZDcyZTk5NmJm
M2MxNjUwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJiMDlkNmY2YWVkNjc2ODQwMTgyMGM4YmNjY2YxN2JjN2FkYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh336L08Ix+A+FOr3lUSkFYSmA8k9
kenGsYatnjyI2c/7SnmpRpqxsA4Zfc5jHv//DZXPTi6SQjkUnIbgrFNTmbb4XefW
vrGH3P1VaSfsWD2vvPJ3pHfajbhWbPxlNj+yvRU4/GFzKq5BbxTxCtcbXHPae1f5
y7KDp2wrw+x+pBpvGTZvr7wEkt7UnseQRY9AQQ1Pm2h1A9+r8iyaiWkn2wkTIHuA
k+W2oYOXLG5CcYt04e8d4AbK5aHEHBSoRTf7C3wm4327wZ33EdVd2rFvOpABYfBZ
ZfYHInJIT79PAcoT+HBY3aPztit//N4J0Z64DmxBAgoGCglGbL3aZweOnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNm7Cdb2rtZ2hAGCDIvMzxe8etvtMB8GA1UdIwQY
MBaAFJJml8nv2pVcuj5viXDXLplr88FlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21hWHllX2FsVnk2UG0tSmNOY3VtV3Z6d1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wYzRmYmQtZTA3Zi00ZjU5LWI4ZjQt
MmE0NzEzZWViZmYzLzEvMmJzSjF2YXUxbmFFQVlJTWk4elBGN3g2Mi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wYzRmYmQtZTA3Zi00ZjU5LWI4ZjQtMmE0NzEzZWViZmYz
LzEva21hWHllX2FsVnk2UG0tSmNOY3VtV3Z6d1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNotAwQA
WNovAwQCshQcMA0GCSqGSIb3DQEBCwUAA4IBAQBCs4kNUnensgO09GcCDU2DKHq4
yZvrMluKja4h6/duu3ba5pXDw8O4Ivo93wuM2UfdFab50OXtFHe94Q4aK0Pd4mTH
kdsClSODteU0yYODTrhU0Xayh2AiyAhxHUZgkZVjpsGrhocJXOl38G4X0Tt44apG
oImcFdtbduJfap1Wp4Fz4A+NdrCiVVT90EX6m2C8OGWPucHoaw3bFWvzHHMOA8C+
OE5M8hiOWZsiwAPXGD0fjXj1Lb9XieH0Czzpe793/5SJsefccgk7cOTiFEichR5q
8p1CA3hoKBvktXD7DxBuqriGjch3sQcz9kdzA0BRiSfM6wFbM5/3am56UP6t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:10 2024 by rpki-client on console-fra.rpki-client.org