Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kCt-nnoZhQFleSC6AXXZJsMZh-g.roa
File:                     kCt-nnoZhQFleSC6AXXZJsMZh-g.roa (raw, json)
Hash identifier:          ZN4O6i2JxG9CvGnLSSj+hK7uJlc6bNEPZHuQ90Vi4nc=
Subject key identifier:   90:2B:7E:9E:7A:19:85:01:65:79:20:BA:01:75:D9:26:C3:19:87:E8
Certificate issuer:       /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial:       019368AEF8CADE809A82E59612448CD179B2
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kCt-nnoZhQFleSC6AXXZJsMZh-g.roa
Signing time:             Tue 26 Nov 2024 13:35:17 +0000
ROA not before:           Tue 26 Nov 2024 13:35:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     396573
IP address blocks:        81.19.195.30/32 maxlen: 32
                          81.19.195.31/32 maxlen: 32
                          185.100.0.53/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:ae:f8:ca:de:80:9a:82:e5:96:12:44:8c:d1:79:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
        Validity
            Not Before: Nov 26 13:35:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=902b7e9e7a198501657920ba0175d926c31987e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:80:a7:22:56:37:ea:66:32:8d:52:99:a0:c1:
                    e4:84:2f:fe:0c:44:7b:f6:60:67:a7:a9:25:59:ab:
                    32:0b:97:02:73:a8:63:60:a1:3b:f6:fb:ab:76:a7:
                    73:14:31:3f:e9:c6:ae:b8:d1:0f:30:d8:c8:db:60:
                    a2:fa:7e:37:3c:cb:40:f5:d3:50:b7:a5:12:bb:a0:
                    7b:60:ae:8b:4d:5a:fe:2c:58:a2:c2:12:fc:16:84:
                    da:28:5a:63:f7:af:cb:83:33:b6:55:c4:a4:4b:13:
                    a7:3d:42:a2:6e:b5:01:92:9f:ef:e7:f5:c6:3e:51:
                    d7:b4:d6:db:de:e0:19:ca:ad:6c:fd:88:f9:f2:3c:
                    e7:5d:41:12:af:b1:70:52:c7:64:21:bd:75:55:e5:
                    80:14:57:be:2d:c4:1a:e9:10:2a:ad:d1:df:86:fb:
                    83:c9:4c:30:85:1b:1e:a8:7e:7e:5b:be:36:69:c7:
                    5d:1b:d2:04:03:98:40:e8:a8:ec:6a:ce:24:26:1a:
                    4b:5e:2f:ba:fa:15:04:42:cc:de:d9:a4:9a:16:89:
                    46:38:a2:8b:be:db:f5:ee:aa:e8:09:c7:10:60:e7:
                    35:19:8f:fe:31:b7:da:8a:c3:2f:06:bc:ec:40:93:
                    ce:43:6f:75:55:2f:f0:0d:66:21:93:33:b3:cb:09:
                    da:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:2B:7E:9E:7A:19:85:01:65:79:20:BA:01:75:D9:26:C3:19:87:E8
            X509v3 Authority Key Identifier:
                keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kCt-nnoZhQFleSC6AXXZJsMZh-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.19.195.30/31
                  185.100.0.53/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:f9:bb:50:2e:27:1c:03:05:39:6c:73:67:b2:22:42:77:78:
         c4:54:a5:a5:a5:0d:fb:3c:47:16:2f:48:99:be:08:8c:3a:19:
         38:6d:21:90:60:05:78:8b:b7:fd:d2:03:d6:fb:a2:c9:28:e9:
         2a:08:a0:10:73:11:72:10:36:85:22:92:87:e5:48:ab:83:05:
         76:f5:4f:c8:9d:d9:91:f7:2d:38:9b:b4:c2:59:19:19:2a:f7:
         d7:d3:52:d5:fc:20:b3:17:25:b9:b9:39:ad:c6:80:67:02:10:
         fa:c4:10:34:8c:bd:3c:fc:02:3c:44:ec:ab:ec:a8:53:b2:3e:
         63:9b:49:96:bc:7d:51:2a:a0:4b:f6:2f:69:63:6f:cf:be:e5:
         e6:fb:c8:a4:d4:74:ef:ba:c6:9d:d2:71:21:2e:d8:92:7b:c5:
         e8:bb:36:ac:19:78:ce:3f:34:d6:2a:70:fa:67:7c:b7:91:7a:
         12:18:d5:1a:af:6b:07:79:6f:a0:8d:a2:c1:ce:0c:a7:ec:b6:
         e1:65:b0:ab:c7:58:22:c9:9f:68:c6:ac:06:8f:2d:9a:66:77:
         4e:f7:6a:7c:d4:f4:e9:f6:74:0a:ed:8f:58:6a:5b:dd:0e:5b:
         a5:4a:e8:2e:cb:0b:32:a7:67:21:22:25:e4:ff:16:05:eb:d3:
         62:aa:4c:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorvjK3oCaguWWEkSM0XmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJiN2U5ZTdhMTk4NTAxNjU3OTIwYmEwMTc1ZDkyNmMzMTk4N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4CnIlY36mYyjVKZoMHkhC/+DER7
9mBnp6klWasyC5cCc6hjYKE79vurdqdzFDE/6cauuNEPMNjI22Ci+n43PMtA9dNQ
t6USu6B7YK6LTVr+LFiiwhL8FoTaKFpj96/LgzO2VcSkSxOnPUKibrUBkp/v5/XG
PlHXtNbb3uAZyq1s/Yj58jznXUESr7FwUsdkIb11VeWAFFe+LcQa6RAqrdHfhvuD
yUwwhRseqH5+W742acddG9IEA5hA6Kjsas4kJhpLXi+6+hUEQsze2aSaFolGOKKL
vtv17qroCccQYOc1GY/+MbfaisMvBrzsQJPOQ291VS/wDWYhkzOzywnaiwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJArfp56GYUBZXkgugF12SbDGYfoMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEva0N0LW5ub1poUUZsZVNDNkFYWFpKc01aaC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAKn5u1AuJxwDBTlsc2eyIkJ3eMRUpaWl
Dfs8RxYvSJm+CIw6GThtIZBgBXiLt/3SA9b7osko6SoIoBBzEXIQNoUikoflSKuD
BXb1T8id2ZH3LTibtMJZGRkq99fTUtX8ILMXJbm5Oa3GgGcCEPrEEDSMvTz8AjxE
7KvsqFOyPmObSZa8fVEqoEv2L2ljb8++5eb7yKTUdO+6xp3ScSEu2JJ7xei7NqwZ
eM4/NNYqcPpnfLeRehIY1Rqvawd5b6CNosHODKfstuFlsKvHWCLJn2jGrAaPLZpm
d073anzU9On2dArtj1hqW90OW6VK6C7LCzKnZyEiJeT/FgXr02KqTIQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:21 2025 by rpki-client