Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/6e20ca-a1ef-4ae8-aef1-e4509fb9cf20/1/Z0JKCMGq44uP74sPDVgZWcVLoSg.roa
File:                     Z0JKCMGq44uP74sPDVgZWcVLoSg.roa (raw, json)
Hash identifier:          MrDxrK+H2LAMzhkcPAK6v66Sr1v20yVZeSV6+E9ylnI=
Subject key identifier:   67:42:4A:08:C1:AA:E3:8B:8F:EF:8B:0F:0D:58:19:59:C5:4B:A1:28
Certificate issuer:       /CN=ed536c19a691c2f544220a9521474a8765e59cf1
Certificate serial:       018571030311F0D520134A97C7DA7B438B1A
Authority key identifier: ED:53:6C:19:A6:91:C2:F5:44:22:0A:95:21:47:4A:87:65:E5:9C:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7VNsGaaRwvVEIgqVIUdKh2XlnPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/6e20ca-a1ef-4ae8-aef1-e4509fb9cf20/1/Z0JKCMGq44uP74sPDVgZWcVLoSg.roa
Signing time:             Mon 02 Jan 2023 05:45:00 +0000
ROA not before:           Mon 02 Jan 2023 05:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211612
IP address blocks:        185.206.83.128/26 maxlen: 26

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:03:11:f0:d5:20:13:4a:97:c7:da:7b:43:8b:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed536c19a691c2f544220a9521474a8765e59cf1
        Validity
            Not Before: Jan  2 05:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67424a08c1aae38b8fef8b0f0d581959c54ba128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:15:d0:b5:60:68:80:08:e4:0c:4a:4b:59:f7:
                    66:58:05:31:56:21:30:af:71:a4:c5:de:14:15:4f:
                    6e:40:ec:27:1c:43:22:db:28:b4:53:c4:e9:c9:77:
                    59:18:20:23:b8:0f:86:74:fe:08:39:73:00:08:5a:
                    bf:c2:87:57:0d:76:94:9e:b3:1d:7e:47:bb:61:f8:
                    fe:51:a2:7e:8b:b7:8c:8e:1e:a4:26:f4:21:94:24:
                    8a:46:12:bb:2d:75:dd:2a:e2:b9:9d:5d:31:19:c0:
                    d2:ed:8d:0f:81:1f:dd:74:96:b0:38:43:da:af:62:
                    99:86:a8:2a:75:82:96:7e:90:0e:72:5f:e9:92:4e:
                    53:97:67:7c:34:27:15:92:b7:83:b8:8c:c0:22:be:
                    27:01:75:46:dd:d2:cc:9e:6e:bb:0e:55:08:a4:04:
                    85:12:89:dc:e0:86:b7:5b:e0:84:62:5f:63:39:34:
                    ee:6d:df:d5:b9:3b:90:01:2c:6c:ee:ce:ca:c9:b4:
                    1c:3c:f5:6e:4a:14:0a:a4:25:40:aa:69:fa:bd:5e:
                    89:af:87:fa:75:8a:37:f9:be:c0:93:6f:19:1d:95:
                    31:2b:42:7b:53:56:c9:7b:37:23:8e:61:20:c2:92:
                    32:e0:81:d6:1f:9e:c3:d9:ed:8d:df:39:e2:fa:81:
                    34:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:42:4A:08:C1:AA:E3:8B:8F:EF:8B:0F:0D:58:19:59:C5:4B:A1:28
            X509v3 Authority Key Identifier:
                keyid:ED:53:6C:19:A6:91:C2:F5:44:22:0A:95:21:47:4A:87:65:E5:9C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VNsGaaRwvVEIgqVIUdKh2XlnPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6e20ca-a1ef-4ae8-aef1-e4509fb9cf20/1/Z0JKCMGq44uP74sPDVgZWcVLoSg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/6e20ca-a1ef-4ae8-aef1-e4509fb9cf20/1/7VNsGaaRwvVEIgqVIUdKh2XlnPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.83.128/26

    Signature Algorithm: sha256WithRSAEncryption
         c8:6a:ee:32:79:af:fe:35:9b:45:0b:0f:8e:5b:1a:71:56:a8:
         1c:93:84:2e:db:2c:10:2e:89:56:b6:3e:07:e0:70:d7:4c:cf:
         51:13:5c:4d:bd:96:d3:ab:30:d1:84:c2:4e:05:a7:bc:23:cf:
         a3:44:fe:35:23:38:d9:4e:f1:b9:15:3b:e7:00:88:cf:b5:e2:
         3b:cb:ea:34:b7:11:96:1d:69:d2:6e:7f:bc:dd:41:27:fe:2a:
         34:0d:74:1e:ed:6c:af:2f:0c:fd:12:f9:fb:3a:fc:80:1c:7f:
         c0:ad:42:d7:d4:c9:ad:b6:44:a3:f9:02:44:ae:ed:2d:4b:86:
         7e:0f:44:49:90:db:3a:98:e8:88:ed:5c:db:fd:1e:c2:05:b9:
         f2:e2:e7:2b:6d:1f:19:c2:8a:62:dd:94:cb:be:04:a6:4f:94:
         fe:dd:53:8f:da:21:f4:ce:ec:06:29:0d:22:7d:f4:87:3b:26:
         c4:4d:18:33:d5:3f:40:3a:7c:c0:ab:6c:44:65:51:51:18:13:
         80:1e:54:52:c4:91:2a:58:2b:d4:30:4b:36:45:7c:d3:91:1b:
         da:0a:85:36:66:c9:54:58:7c:f6:c3:a8:8e:79:ef:c7:c6:00:
         f2:2a:bd:6b:66:94:a6:07:54:d3:5d:3c:90:32:55:61:f3:80:
         4f:d4:40:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxAwMR8NUgE0qXx9p7Q4saMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNTM2YzE5YTY5MWMyZjU0NDIyMGE5NTIxNDc0YTg3NjVl
NTljZjEwHhcNMjMwMTAyMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQyNGEwOGMxYWFlMzhiOGZlZjhiMGYwZDU4MTk1OWM1NGJhMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxXQtWBogAjkDEpLWfdmWAUxViEw
r3Gkxd4UFU9uQOwnHEMi2yi0U8TpyXdZGCAjuA+GdP4IOXMACFq/wodXDXaUnrMd
fke7Yfj+UaJ+i7eMjh6kJvQhlCSKRhK7LXXdKuK5nV0xGcDS7Y0PgR/ddJawOEPa
r2KZhqgqdYKWfpAOcl/pkk5Tl2d8NCcVkreDuIzAIr4nAXVG3dLMnm67DlUIpASF
Eonc4Ia3W+CEYl9jOTTubd/VuTuQASxs7s7KybQcPPVuShQKpCVAqmn6vV6Jr4f6
dYo3+b7Ak28ZHZUxK0J7U1bJezcjjmEgwpIy4IHWH57D2e2N3zni+oE0ZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGdCSgjBquOLj++LDw1YGVnFS6EoMB8GA1UdIwQY
MBaAFO1TbBmmkcL1RCIKlSFHSodl5ZzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1ZOc0dhYVJ3dlZFSWdxVklVZEtoMlhsblBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ZTIwY2EtYTFlZi00YWU4LWFlZjEt
ZTQ1MDlmYjljZjIwLzEvWjBKS0NNR3E0NHVQNzRzUERWZ1pXY1ZMb1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ZTIwY2EtYTFlZi00YWU4LWFlZjEtZTQ1MDlmYjljZjIw
LzEvN1ZOc0dhYVJ3dlZFSWdxVklVZEtoMlhsblBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUGuc5TgDAN
BgkqhkiG9w0BAQsFAAOCAQEAyGruMnmv/jWbRQsPjlsacVaoHJOELtssEC6JVrY+
B+Bw10zPURNcTb2W06sw0YTCTgWnvCPPo0T+NSM42U7xuRU75wCIz7XiO8vqNLcR
lh1p0m5/vN1BJ/4qNA10Hu1sry8M/RL5+zr8gBx/wK1C19TJrbZEo/kCRK7tLUuG
fg9ESZDbOpjoiO1c2/0ewgW58uLnK20fGcKKYt2Uy74Epk+U/t1Tj9oh9M7sBikN
In30hzsmxE0YM9U/QDp8wKtsRGVRURgTgB5UUsSRKlgr1DBLNkV805Eb2gqFNmbJ
VFh89sOojnnvx8YA8iq9a2aUpgdU0108kDJVYfOAT9RAUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org