Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f11aa4-fbec-4e19-a8f0-0bb312db0684/1/SQgxUcH86Ex7iD4byzUmndBW1eU.roa
File:                     SQgxUcH86Ex7iD4byzUmndBW1eU.roa (raw, json)
Hash identifier:          RnwgJ7z7SNvPeEYaW898fgFZgo3afGkrKW1PqHvks/0=
Subject key identifier:   49:08:31:51:C1:FC:E8:4C:7B:88:3E:1B:CB:35:26:9D:D0:56:D5:E5
Certificate issuer:       /CN=1f6611d4d1619eda47ac4ef8d24b43e6cf4bc698
Certificate serial:       01828345C4BBF4A7E1BC483FB48D6C61B047
Authority key identifier: 1F:66:11:D4:D1:61:9E:DA:47:AC:4E:F8:D2:4B:43:E6:CF:4B:C6:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H2YR1NFhntpHrE740ktD5s9Lxpg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/f11aa4-fbec-4e19-a8f0-0bb312db0684/1/SQgxUcH86Ex7iD4byzUmndBW1eU.roa
Signing time:             Tue 09 Aug 2022 15:42:43 +0000
ROA not before:           Tue 09 Aug 2022 15:42:43 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     22773
IP address blocks:        193.32.204.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:83:45:c4:bb:f4:a7:e1:bc:48:3f:b4:8d:6c:61:b0:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f6611d4d1619eda47ac4ef8d24b43e6cf4bc698
        Validity
            Not Before: Aug  9 15:42:43 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=49083151c1fce84c7b883e1bcb35269dd056d5e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:6e:c4:ad:80:e9:8d:a1:57:dd:64:89:64:b1:
                    81:6b:0a:a3:34:f2:13:83:2a:8f:14:36:59:16:6e:
                    1f:bc:57:8c:e1:27:bd:5c:d8:9e:b4:e0:78:56:6a:
                    af:fa:b6:c5:6b:a3:9a:6f:bd:99:28:99:07:f9:82:
                    d2:04:bc:cf:34:6d:98:74:93:d0:b7:f8:29:f8:79:
                    62:ef:fd:f5:a8:a7:6a:f7:f5:7f:21:3c:57:f4:09:
                    d5:4c:97:73:80:e5:e8:e0:85:f4:ea:73:57:a3:08:
                    41:fc:4d:1c:a7:49:80:7d:68:61:5b:47:08:18:24:
                    7b:a9:21:7a:5a:e5:f6:7e:c1:07:7b:4f:a1:06:2a:
                    80:8b:6b:fd:3a:b7:bd:2e:82:aa:87:d6:5b:20:da:
                    e5:5f:5e:90:80:05:b6:0f:d3:ac:82:d4:13:46:6d:
                    a0:20:9f:4d:e9:c3:7b:49:42:06:aa:b9:0f:77:3b:
                    1a:29:a3:2b:ef:a6:40:aa:8b:66:9e:00:a7:1a:2d:
                    20:c5:32:1f:5a:80:51:14:b7:30:9d:ac:0e:17:1a:
                    1a:c1:11:85:c0:a6:d1:f7:54:13:cb:f6:af:55:28:
                    6d:e3:af:d0:4f:3f:40:23:ba:c4:3c:e0:03:8f:60:
                    ac:3c:d3:07:cb:6e:ff:08:98:ef:3b:b3:a2:4a:98:
                    bf:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:08:31:51:C1:FC:E8:4C:7B:88:3E:1B:CB:35:26:9D:D0:56:D5:E5
            X509v3 Authority Key Identifier:
                keyid:1F:66:11:D4:D1:61:9E:DA:47:AC:4E:F8:D2:4B:43:E6:CF:4B:C6:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2YR1NFhntpHrE740ktD5s9Lxpg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f11aa4-fbec-4e19-a8f0-0bb312db0684/1/SQgxUcH86Ex7iD4byzUmndBW1eU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f11aa4-fbec-4e19-a8f0-0bb312db0684/1/H2YR1NFhntpHrE740ktD5s9Lxpg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:59:19:29:59:66:54:46:5e:6d:02:05:6b:04:de:d0:46:de:
         03:87:a6:84:25:ee:a0:5f:99:e3:ec:0f:b5:4e:5e:b3:df:55:
         92:e4:ab:ae:cb:c1:39:e6:0d:59:92:0e:a9:55:55:dc:90:2b:
         2a:1a:2d:26:ba:39:9a:e3:ab:df:23:6c:aa:16:0d:29:ca:26:
         38:1e:5a:52:a4:0c:19:e5:5f:3c:d1:1d:82:04:f7:ce:6b:a6:
         4d:d2:65:f5:bd:90:61:fc:c5:63:04:c8:e7:25:ae:5b:35:ab:
         37:d6:37:66:c7:4a:10:5f:61:fa:ce:10:bb:1d:c6:c6:b5:4f:
         05:99:34:4f:eb:4c:da:ca:bf:e0:be:04:da:27:7f:2d:d6:2d:
         a7:53:88:e7:25:b1:da:d0:64:6d:95:82:39:f9:44:6a:b6:01:
         76:17:13:98:ff:96:fc:6d:7f:b8:af:77:56:5f:6b:56:90:82:
         84:62:59:9e:b0:73:66:66:51:97:23:3c:d2:98:aa:01:dd:f6:
         91:90:87:ac:76:1f:7d:54:ee:fb:82:f5:ea:92:c9:f5:93:ff:
         d4:21:55:0e:a3:20:0f:2c:28:46:27:31:45:44:37:e2:55:43:
         74:c4:64:57:3a:17:23:c4:f8:05:75:fe:e4:df:bf:bd:ba:04:
         0c:98:f4:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKDRcS79KfhvEg/tI1sYbBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjYxMWQ0ZDE2MTllZGE0N2FjNGVmOGQyNGI0M2U2Y2Y0
YmM2OTgwHhcNMjIwODA5MTU0MjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA4MzE1MWMxZmNlODRjN2I4ODNlMWJjYjM1MjY5ZGQwNTZkNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm7ErYDpjaFX3WSJZLGBawqjNPIT
gyqPFDZZFm4fvFeM4Se9XNietOB4Vmqv+rbFa6Oab72ZKJkH+YLSBLzPNG2YdJPQ
t/gp+Hli7/31qKdq9/V/ITxX9AnVTJdzgOXo4IX06nNXowhB/E0cp0mAfWhhW0cI
GCR7qSF6WuX2fsEHe0+hBiqAi2v9Ore9LoKqh9ZbINrlX16QgAW2D9OsgtQTRm2g
IJ9N6cN7SUIGqrkPdzsaKaMr76ZAqotmngCnGi0gxTIfWoBRFLcwnawOFxoawRGF
wKbR91QTy/avVSht46/QTz9AI7rEPOADj2CsPNMHy27/CJjvO7OiSpi/IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkIMVHB/OhMe4g+G8s1Jp3QVtXlMB8GA1UdIwQY
MBaAFB9mEdTRYZ7aR6xO+NJLQ+bPS8aYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJZUjFORmhudHBIckU3NDBrdEQ1czlMeHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9mMTFhYTQtZmJlYy00ZTE5LWE4ZjAt
MGJiMzEyZGIwNjg0LzEvU1FneFVjSDg2RXg3aUQ0Ynl6VW1uZEJXMWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9mMTFhYTQtZmJlYy00ZTE5LWE4ZjAtMGJiMzEyZGIwNjg0
LzEvSDJZUjFORmhudHBIckU3NDBrdEQ1czlMeHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSDMMA0G
CSqGSIb3DQEBCwUAA4IBAQCtWRkpWWZURl5tAgVrBN7QRt4Dh6aEJe6gX5nj7A+1
Tl6z31WS5Kuuy8E55g1Zkg6pVVXckCsqGi0mujma46vfI2yqFg0pyiY4HlpSpAwZ
5V880R2CBPfOa6ZN0mX1vZBh/MVjBMjnJa5bNas31jdmx0oQX2H6zhC7HcbGtU8F
mTRP60zayr/gvgTaJ38t1i2nU4jnJbHa0GRtlYI5+URqtgF2FxOY/5b8bX+4r3dW
X2tWkIKEYlmesHNmZlGXIzzSmKoB3faRkIesdh99VO77gvXqksn1k//UIVUOoyAP
LChGJzFFRDfiVUN0xGRXOhcjxPgFdf7k37+9ugQMmPQx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:09 2024 by rpki-client on console-fra.rpki-client.org