Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5db01f-3f20-49f9-a7de-41400df54b37/1/VHUE4exITMINGXK21Lw2qmwjFYg.roa
File:                     VHUE4exITMINGXK21Lw2qmwjFYg.roa (raw, json)
Hash identifier:          bPGmM2uOt/5owA9B7DJuugNkVcwQQjuDvy69tIeegL0=
Subject key identifier:   54:75:04:E1:EC:48:4C:C2:0D:19:72:B6:D4:BC:36:AA:6C:23:15:88
Certificate issuer:       /CN=f571716c098aa06f4703154b98ab00228b5b7d89
Certificate serial:       026A80
Authority key identifier: F5:71:71:6C:09:8A:A0:6F:47:03:15:4B:98:AB:00:22:8B:5B:7D:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XFxbAmKoG9HAxVLmKsAIotbfYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5db01f-3f20-49f9-a7de-41400df54b37/1/VHUE4exITMINGXK21Lw2qmwjFYg.roa
Signing time:             Tue 25 Jan 2022 21:19:23 +0000
ROA not before:           Tue 25 Jan 2022 21:19:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     834
IP address blocks:        185.92.209.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 158336 (0x26a80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f571716c098aa06f4703154b98ab00228b5b7d89
        Validity
            Not Before: Jan 25 21:19:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=547504e1ec484cc20d1972b6d4bc36aa6c231588
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f9:1c:21:64:9f:21:c8:eb:94:30:51:c2:c7:
                    de:07:68:0d:75:10:06:43:72:20:be:ae:ef:a9:b8:
                    93:d7:b8:a5:40:ce:f8:d0:c7:15:2c:47:71:9a:af:
                    ed:6f:40:f9:3a:dd:4b:f5:fc:89:ae:b2:b3:b3:44:
                    41:65:83:e0:56:2c:88:67:d6:f6:48:90:79:cb:bd:
                    9d:b4:64:fb:37:ff:cb:95:22:c2:cb:d6:ab:6c:db:
                    51:93:01:fb:d1:86:01:cb:d9:ad:63:6c:12:c5:52:
                    02:dd:79:46:ea:d1:a5:4e:1a:a5:62:fe:ef:5b:78:
                    9a:12:4f:20:ea:e6:11:29:7d:0d:2d:cd:e1:25:a0:
                    ea:90:ca:a8:04:6d:3b:6c:fc:cb:3c:b2:da:79:f1:
                    1f:40:01:21:b9:f2:15:db:00:18:df:83:5c:45:8e:
                    b2:b1:03:f1:3b:a7:b4:f0:7a:a6:07:d2:3d:ab:c9:
                    02:7f:9e:d3:19:e9:c6:23:c8:69:a0:98:b9:aa:fe:
                    47:55:88:78:98:58:1c:57:6d:4d:2c:54:a0:8b:93:
                    b8:d5:f2:9d:ca:db:c3:2a:43:21:0d:50:a0:ab:41:
                    a5:df:cc:3a:58:87:e6:fc:2d:ef:ac:ca:97:14:f7:
                    b8:3a:62:3d:2a:b4:b0:f0:58:94:23:ef:e9:79:98:
                    72:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:75:04:E1:EC:48:4C:C2:0D:19:72:B6:D4:BC:36:AA:6C:23:15:88
            X509v3 Authority Key Identifier:
                keyid:F5:71:71:6C:09:8A:A0:6F:47:03:15:4B:98:AB:00:22:8B:5B:7D:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XFxbAmKoG9HAxVLmKsAIotbfYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5db01f-3f20-49f9-a7de-41400df54b37/1/VHUE4exITMINGXK21Lw2qmwjFYg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5db01f-3f20-49f9-a7de-41400df54b37/1/9XFxbAmKoG9HAxVLmKsAIotbfYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:c3:1c:99:19:f4:4e:f1:d2:c3:a2:b0:a6:68:dd:86:ce:19:
         c0:5c:1a:26:2b:ab:2c:6a:0c:1e:8e:99:ac:20:94:16:45:a7:
         44:5a:d6:be:21:97:cb:0e:54:5f:dc:e4:f1:84:4b:8e:dd:a9:
         c2:46:68:63:d6:16:84:38:fc:ae:aa:89:4c:d1:0f:ae:bc:9e:
         4d:dc:f1:93:1b:18:9f:93:db:52:3f:2a:1d:e4:0e:92:2d:76:
         63:81:f2:62:93:c8:12:9e:1b:b1:c1:62:4a:58:54:ae:9c:58:
         eb:68:a9:29:3d:c4:a9:d5:e4:f0:f5:3c:02:fa:fb:9a:4f:62:
         2d:8a:20:2f:b8:9e:31:3b:fc:6e:44:84:a0:ac:74:77:96:0d:
         a3:b9:87:77:c9:ee:fb:90:c3:92:75:03:b0:b1:1e:8a:e3:4f:
         81:4c:71:ed:92:bd:b0:a0:68:68:65:8d:6b:58:04:88:22:84:
         1c:f9:3b:aa:f8:ef:77:34:f1:b7:5c:3a:b5:0d:ea:9e:d6:18:
         45:e9:24:1b:90:c9:6a:17:f4:31:20:57:43:50:b4:72:5e:d9:
         6e:6b:5c:d6:33:a8:a6:28:5e:13:88:ce:32:a9:be:56:54:76:
         32:a6:07:4f:22:95:9e:be:a8:0f:18:03:71:cc:d0:cf:c7:f0:
         a0:4e:00:96
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAmqAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
NzE3MTZjMDk4YWEwNmY0NzAzMTU0Yjk4YWIwMDIyOGI1YjdkODkwHhcNMjIwMTI1
MjExOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1NDc1MDRlMWVjNDg0
Y2MyMGQxOTcyYjZkNGJjMzZhYTZjMjMxNTg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2/kcIWSfIcjrlDBRwsfeB2gNdRAGQ3Igvq7vqbiT17ilQM74
0McVLEdxmq/tb0D5Ot1L9fyJrrKzs0RBZYPgViyIZ9b2SJB5y72dtGT7N//LlSLC
y9arbNtRkwH70YYBy9mtY2wSxVIC3XlG6tGlThqlYv7vW3iaEk8g6uYRKX0NLc3h
JaDqkMqoBG07bPzLPLLaefEfQAEhufIV2wAY34NcRY6ysQPxO6e08HqmB9I9q8kC
f57TGenGI8hpoJi5qv5HVYh4mFgcV21NLFSgi5O41fKdytvDKkMhDVCgq0Gl38w6
WIfm/C3vrMqXFPe4OmI9KrSw8FiUI+/peZhybQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFR1BOHsSEzCDRlyttS8NqpsIxWIMB8GA1UdIwQYMBaAFPVxcWwJiqBvRwMV
S5irACKLW32JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OVhGeGJBbUtvRzlIQXhWTG1Lc0FJb3RiZllrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mYS81ZGIwMWYtM2YyMC00OWY5LWE3ZGUtNDE0MDBkZjU0YjM3LzEv
VkhVRTRleElUTUlOR1hLMjFMdzJxbXdqRllnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81
ZGIwMWYtM2YyMC00OWY5LWE3ZGUtNDE0MDBkZjU0YjM3LzEvOVhGeGJBbUtvRzlI
QXhWTG1Lc0FJb3RiZllrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVzRMA0GCSqGSIb3DQEBCwUAA4IB
AQB0wxyZGfRO8dLDorCmaN2GzhnAXBomK6ssagwejpmsIJQWRadEWta+IZfLDlRf
3OTxhEuO3anCRmhj1haEOPyuqolM0Q+uvJ5N3PGTGxifk9tSPyod5A6SLXZjgfJi
k8gSnhuxwWJKWFSunFjraKkpPcSp1eTw9TwC+vuaT2ItiiAvuJ4xO/xuRISgrHR3
lg2juYd3ye77kMOSdQOwsR6K40+BTHHtkr2woGhoZY1rWASIIoQc+Tuq+O93NPG3
XDq1Deqe1hhF6SQbkMlqF/QxIFdDULRyXtlua1zWM6imKF4TiM4yqb5WVHYypgdP
IpWevqgPGANxzNDPx/CgTgCW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org