Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/454d35-a80c-4ddb-966d-a0fdf6f2e72d/1/tiTm60BG6K2QXgwNqRZJUDVrtd0.roa
File:                     tiTm60BG6K2QXgwNqRZJUDVrtd0.roa (raw, json)
Hash identifier:          BIfXTA31ZZzOLn6AzaKTZb5Ff5u3maFGY+3Ev3B8/D0=
Subject key identifier:   B6:24:E6:EB:40:46:E8:AD:90:5E:0C:0D:A9:16:49:50:35:6B:B5:DD
Certificate issuer:       /CN=8fb17426e77745a6887b6e2c8a110dadb7194bc7
Certificate serial:       17F9E1EF
Authority key identifier: 8F:B1:74:26:E7:77:45:A6:88:7B:6E:2C:8A:11:0D:AD:B7:19:4B:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j7F0Jud3RaaIe24sihENrbcZS8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/454d35-a80c-4ddb-966d-a0fdf6f2e72d/1/tiTm60BG6K2QXgwNqRZJUDVrtd0.roa
Signing time:             Sat 01 Jan 2022 08:04:05 +0000
ROA not before:           Sat 01 Jan 2022 08:04:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     396982
IP address blocks:        193.238.80.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 402252271 (0x17f9e1ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fb17426e77745a6887b6e2c8a110dadb7194bc7
        Validity
            Not Before: Jan  1 08:04:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b624e6eb4046e8ad905e0c0da9164950356bb5dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:21:61:01:81:67:d6:42:5c:1a:e0:13:05:ca:
                    b7:43:1a:cb:70:10:13:73:5d:28:f8:66:23:6e:2c:
                    83:c3:9e:99:7a:17:28:a0:47:3d:4a:5e:d9:72:4d:
                    f3:a1:15:61:66:00:25:87:e7:79:c6:e0:b2:41:93:
                    b9:8d:0c:f5:4d:11:cd:d9:8c:cf:ae:be:20:3d:b6:
                    d7:7b:f0:da:fe:78:12:5e:5c:b3:b6:4f:b3:a3:b3:
                    51:eb:39:7b:7b:32:65:8e:c2:d3:c3:62:b9:ea:70:
                    17:f7:9f:fa:1e:79:77:9b:c5:fd:69:17:4a:b2:93:
                    25:47:83:33:df:8d:39:b2:eb:39:02:5f:4b:8a:ed:
                    f1:5e:f6:c7:17:fb:93:c4:8b:48:32:66:f9:e4:a0:
                    9d:03:5e:46:5b:c6:78:a5:8b:e2:24:16:ae:d0:95:
                    67:7d:ad:33:f0:49:76:bd:66:95:03:d5:c4:ff:98:
                    80:91:b7:05:91:1a:ad:2e:52:73:52:1c:d0:f6:b9:
                    dc:81:6f:b4:4b:ec:a2:c6:7b:21:15:f5:15:5b:ea:
                    af:15:21:97:95:fe:d5:08:6f:f4:63:64:cd:d6:7b:
                    c5:9a:fb:ae:90:34:9c:ab:55:d5:1e:af:8b:fc:d6:
                    65:56:42:66:9b:aa:d0:f7:8b:65:4a:e4:f7:bc:ed:
                    92:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:24:E6:EB:40:46:E8:AD:90:5E:0C:0D:A9:16:49:50:35:6B:B5:DD
            X509v3 Authority Key Identifier:
                keyid:8F:B1:74:26:E7:77:45:A6:88:7B:6E:2C:8A:11:0D:AD:B7:19:4B:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7F0Jud3RaaIe24sihENrbcZS8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/454d35-a80c-4ddb-966d-a0fdf6f2e72d/1/tiTm60BG6K2QXgwNqRZJUDVrtd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/454d35-a80c-4ddb-966d-a0fdf6f2e72d/1/j7F0Jud3RaaIe24sihENrbcZS8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.238.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:d1:fb:a2:ba:99:d3:7d:57:c2:ac:92:a5:8e:b4:22:6a:bf:
         ee:6e:bf:33:d5:29:86:c4:fc:f9:ff:cc:dd:a9:48:ce:32:b3:
         52:10:6f:aa:de:94:e7:ed:33:c7:b2:f4:05:27:78:dd:b2:3b:
         95:2d:f7:dd:74:a2:d6:06:83:bd:39:bc:43:c7:89:28:3f:43:
         bc:29:cc:8c:be:35:60:68:2e:b9:d3:04:02:b2:27:8d:ac:18:
         5e:5a:f8:41:42:f9:9b:b7:b7:10:65:29:ef:74:84:b2:2e:e8:
         28:5d:be:49:95:fd:86:8e:b3:d8:80:56:47:2d:82:c9:89:a4:
         65:d1:e4:c7:a5:bf:bb:c4:24:0a:19:bd:de:1c:07:93:75:59:
         8f:83:d0:82:dc:08:62:06:35:e3:c7:a9:7e:c4:85:77:92:4c:
         0f:e1:35:e8:cb:39:c1:65:98:c9:82:88:d0:18:cb:2b:d9:11:
         5a:4a:99:5f:fa:96:4b:80:7a:b6:fc:8e:cf:c2:4b:90:a5:c0:
         89:53:52:ef:2e:ff:b4:64:66:cb:02:bd:de:16:1e:d0:dc:3f:
         7c:ae:a6:89:1d:55:9a:67:95:a1:aa:f5:d1:01:8a:05:43:88:
         8d:a8:6a:8d:cb:0a:28:63:fc:69:d2:c8:83:04:46:35:4e:37:
         d8:e5:77:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF/nh7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmIxNzQyNmU3Nzc0NWE2ODg3YjZlMmM4YTExMGRhZGI3MTk0YmM3MB4XDTIyMDEw
MTA4MDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYyNGU2ZWI0MDQ2
ZThhZDkwNWUwYzBkYTkxNjQ5NTAzNTZiYjVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOshYQGBZ9ZCXBrgEwXKt0May3AQE3NdKPhmI24sg8OemXoX
KKBHPUpe2XJN86EVYWYAJYfnecbgskGTuY0M9U0RzdmMz66+ID2213vw2v54El5c
s7ZPs6OzUes5e3syZY7C08NiuepwF/ef+h55d5vF/WkXSrKTJUeDM9+NObLrOQJf
S4rt8V72xxf7k8SLSDJm+eSgnQNeRlvGeKWL4iQWrtCVZ32tM/BJdr1mlQPVxP+Y
gJG3BZEarS5Sc1Ic0Pa53IFvtEvsosZ7IRX1FVvqrxUhl5X+1Qhv9GNkzdZ7xZr7
rpA0nKtV1R6vi/zWZVZCZpuq0PeLZUrk97ztkt0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2JObrQEborZBeDA2pFklQNWu13TAfBgNVHSMEGDAWgBSPsXQm53dFpoh7
biyKEQ2ttxlLxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o3RjBKdWQzUmFhSWUyNHNpaEVOcmJjWlM4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNDU0ZDM1LWE4MGMtNGRkYi05NjZkLWEwZmRmNmYyZTcyZC8x
L3RpVG02MEJHNksyUVhnd05xUlpKVURWcnRkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NDU0ZDM1LWE4MGMtNGRkYi05NjZkLWEwZmRmNmYyZTcyZC8xL2o3RjBKdWQzUmFh
SWUyNHNpaEVOcmJjWlM4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHuUDANBgkqhkiG9w0BAQsFAAOC
AQEARdH7orqZ031XwqySpY60Imq/7m6/M9UphsT8+f/M3alIzjKzUhBvqt6U5+0z
x7L0BSd43bI7lS333XSi1gaDvTm8Q8eJKD9DvCnMjL41YGguudMEArInjawYXlr4
QUL5m7e3EGUp73SEsi7oKF2+SZX9ho6z2IBWRy2CyYmkZdHkx6W/u8QkChm93hwH
k3VZj4PQgtwIYgY148epfsSFd5JMD+E16Ms5wWWYyYKI0BjLK9kRWkqZX/qWS4B6
tvyOz8JLkKXAiVNS7y7/tGRmywK93hYe0Nw/fK6miR1VmmeVoar10QGKBUOIjahq
jcsKKGP8adLIgwRGNU432OV3aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:46 2024 by rpki-client on console-ams.rpki-client.org