Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f7c4f1-341a-445e-8e33-50cb88276ae6/1/uoICBo65eEmYF6cWaUOArQYdW3k.roa
File:                     uoICBo65eEmYF6cWaUOArQYdW3k.roa (raw, json)
Hash identifier:          ju//jbNHjZ4mE62/QP/B0PIUN6Ducw+lBBtTv9SpPkY=
Subject key identifier:   BA:82:02:06:8E:B9:78:49:98:17:A7:16:69:43:80:AD:06:1D:5B:79
Certificate issuer:       /CN=23daf57a212bb7f320a2246f97959575d0e68ce3
Certificate serial:       01856CB85390DA77E9820544F944BAE4BB7B
Authority key identifier: 23:DA:F5:7A:21:2B:B7:F3:20:A2:24:6F:97:95:95:75:D0:E6:8C:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I9r1eiErt_MgoiRvl5WVddDmjOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f7c4f1-341a-445e-8e33-50cb88276ae6/1/uoICBo65eEmYF6cWaUOArQYdW3k.roa
Signing time:             Sun 01 Jan 2023 09:44:57 +0000
ROA not before:           Sun 01 Jan 2023 09:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        176.116.31.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:b8:53:90:da:77:e9:82:05:44:f9:44:ba:e4:bb:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23daf57a212bb7f320a2246f97959575d0e68ce3
        Validity
            Not Before: Jan  1 09:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ba8202068eb978499817a716694380ad061d5b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:6d:a1:7a:e9:41:b9:d7:90:9a:1c:a2:71:47:
                    64:81:c3:c1:ee:0b:0a:07:21:8b:a6:6c:8c:61:bb:
                    e4:5f:9f:a2:cc:8b:79:54:5c:12:d6:32:cd:d6:49:
                    58:db:4f:f6:26:1e:7d:06:d7:6c:de:73:4b:6d:b7:
                    28:83:88:28:4b:15:e5:e7:fa:af:96:3c:02:b1:ef:
                    b6:b0:d1:90:dc:a8:69:14:cd:0c:a4:86:19:49:5e:
                    dd:05:1c:f2:78:ee:55:7d:14:48:9c:7e:7d:f0:4a:
                    b2:5d:2e:88:fc:9c:a8:7f:b9:7a:53:cc:28:f1:54:
                    65:05:b8:39:50:04:98:11:b2:e0:a4:74:fe:a3:4e:
                    fe:ab:75:52:c4:9a:83:56:e9:09:95:38:90:2c:c8:
                    6b:1c:14:e0:3e:e6:fe:31:19:ae:a2:75:59:b1:92:
                    b1:65:b9:35:dd:b8:d4:99:18:61:93:13:7f:5e:93:
                    31:09:f7:dd:4f:31:39:2f:51:9d:a3:87:d3:c1:9c:
                    59:cc:d9:b7:56:13:a2:75:d4:da:9b:88:27:ba:9a:
                    0b:f7:99:c8:c4:d1:55:f1:9f:32:60:6f:4b:a5:11:
                    f3:3c:c7:4e:5a:82:4a:7e:ec:ba:98:81:f8:1b:f4:
                    50:5e:03:97:7f:56:d1:4e:eb:94:d6:dd:6f:4a:49:
                    e4:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:82:02:06:8E:B9:78:49:98:17:A7:16:69:43:80:AD:06:1D:5B:79
            X509v3 Authority Key Identifier:
                keyid:23:DA:F5:7A:21:2B:B7:F3:20:A2:24:6F:97:95:95:75:D0:E6:8C:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9r1eiErt_MgoiRvl5WVddDmjOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f7c4f1-341a-445e-8e33-50cb88276ae6/1/uoICBo65eEmYF6cWaUOArQYdW3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f7c4f1-341a-445e-8e33-50cb88276ae6/1/I9r1eiErt_MgoiRvl5WVddDmjOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.116.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dd:e0:37:c2:2b:ac:a6:2a:bc:2e:90:f7:95:b2:82:c7:d5:49:
         ab:33:c7:61:21:65:b6:4a:4f:18:bd:59:91:e5:3b:68:33:59:
         e8:d7:fc:03:e0:0a:18:c4:85:7e:ba:32:8a:d8:03:fd:2f:da:
         a6:52:9c:6d:e9:38:dc:da:6a:cc:64:f7:dd:8e:f8:2f:4b:21:
         29:34:64:b5:c6:66:d2:c4:bf:68:a8:fc:4d:de:3c:9d:62:81:
         5e:c2:a0:94:37:1e:62:a5:2d:78:3f:cf:c1:30:fc:98:ee:13:
         f6:cc:42:2b:5d:42:ca:5b:3d:d6:61:0b:6e:26:f5:44:85:47:
         11:57:a2:68:1c:bd:d9:b5:1b:f5:77:f3:14:80:2d:f3:98:62:
         3e:e4:15:62:fa:be:3b:e9:3b:1d:c1:02:96:ad:04:f7:e0:12:
         11:30:04:49:08:c8:62:d8:20:40:bc:13:d9:02:7b:8d:c9:2a:
         b8:1b:75:cd:2f:7c:07:fd:d1:13:ae:b8:38:10:a6:9f:2b:73:
         2a:a5:56:ee:03:4c:42:b9:fa:f9:53:97:80:6d:bb:cb:fd:e0:
         35:94:7c:a1:78:bf:be:10:b0:b0:63:15:99:e1:ee:a7:85:cc:
         9d:10:91:c5:2a:b0:a7:32:61:44:66:19:63:55:7f:54:9f:f2:
         78:64:f7:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuFOQ2nfpggVE+US65Lt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZGFmNTdhMjEyYmI3ZjMyMGEyMjQ2Zjk3OTU5NTc1ZDBl
NjhjZTMwHhcNMjMwMTAxMDk0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTgyMDIwNjhlYjk3ODQ5OTgxN2E3MTY2OTQzODBhZDA2MWQ1Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W2heulBudeQmhyicUdkgcPB7gsK
ByGLpmyMYbvkX5+izIt5VFwS1jLN1klY20/2Jh59Btds3nNLbbcog4goSxXl5/qv
ljwCse+2sNGQ3KhpFM0MpIYZSV7dBRzyeO5VfRRInH598EqyXS6I/Jyof7l6U8wo
8VRlBbg5UASYEbLgpHT+o07+q3VSxJqDVukJlTiQLMhrHBTgPub+MRmuonVZsZKx
Zbk13bjUmRhhkxN/XpMxCffdTzE5L1Gdo4fTwZxZzNm3VhOiddTam4gnupoL95nI
xNFV8Z8yYG9LpRHzPMdOWoJKfuy6mIH4G/RQXgOXf1bRTuuU1t1vSknktwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqCAgaOuXhJmBenFmlDgK0GHVt5MB8GA1UdIwQY
MBaAFCPa9XohK7fzIKIkb5eVlXXQ5ozjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlyMWVpRXJ0X01nb2lSdmw1V1ZkZERtak9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mN2M0ZjEtMzQxYS00NDVlLThlMzMt
NTBjYjg4Mjc2YWU2LzEvdW9JQ0JvNjVlRW1ZRjZjV2FVT0FyUVlkVzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mN2M0ZjEtMzQxYS00NDVlLThlMzMtNTBjYjg4Mjc2YWU2
LzEvSTlyMWVpRXJ0X01nb2lSdmw1V1ZkZERtak9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQfMA0G
CSqGSIb3DQEBCwUAA4IBAQDd4DfCK6ymKrwukPeVsoLH1UmrM8dhIWW2Sk8YvVmR
5TtoM1no1/wD4AoYxIV+ujKK2AP9L9qmUpxt6Tjc2mrMZPfdjvgvSyEpNGS1xmbS
xL9oqPxN3jydYoFewqCUNx5ipS14P8/BMPyY7hP2zEIrXULKWz3WYQtuJvVEhUcR
V6JoHL3ZtRv1d/MUgC3zmGI+5BVi+r476TsdwQKWrQT34BIRMARJCMhi2CBAvBPZ
AnuNySq4G3XNL3wH/dETrrg4EKafK3MqpVbuA0xCufr5U5eAbbvL/eA1lHyheL++
ELCwYxWZ4e6nhcydEJHFKrCnMmFEZhljVX9Un/J4ZPdv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:16 2024 by rpki-client on console-fra.rpki-client.org