Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4b7620-1dce-409c-be7e-8d563fe44158/1/SSi3c9G59RxF0AqZxlKnM04r5Zc.roa
File:                     SSi3c9G59RxF0AqZxlKnM04r5Zc.roa (raw, json)
Hash identifier:          JijAtoEtVbNjdlp2kniJZWr+Nf0U+JmM+FkqNcbPc1A=
Subject key identifier:   49:28:B7:73:D1:B9:F5:1C:45:D0:0A:99:C6:52:A7:33:4E:2B:E5:97
Certificate issuer:       /CN=bd9a4d121740f5a33879327db23ac287f2e113a1
Certificate serial:       0182917ECA0351B7F01DB0A88DB5D645F6B1
Authority key identifier: BD:9A:4D:12:17:40:F5:A3:38:79:32:7D:B2:3A:C2:87:F2:E1:13:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vZpNEhdA9aM4eTJ9sjrCh_LhE6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/4b7620-1dce-409c-be7e-8d563fe44158/1/SSi3c9G59RxF0AqZxlKnM04r5Zc.roa
Signing time:             Fri 12 Aug 2022 09:59:41 +0000
ROA not before:           Fri 12 Aug 2022 09:59:41 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     196838
IP address blocks:        194.156.253.0/24 maxlen: 24
                          194.156.252.0/24 maxlen: 24
                          194.156.255.0/24 maxlen: 24
                          194.156.254.0/24 maxlen: 24
                          109.69.160.0/24 maxlen: 24
                          109.69.162.0/24 maxlen: 24
                          109.69.161.0/24 maxlen: 24
                          109.69.164.0/24 maxlen: 24
                          109.69.163.0/24 maxlen: 24
                          109.69.166.0/24 maxlen: 24
                          93.159.192.0/24 maxlen: 24
                          109.69.165.0/24 maxlen: 24
                          93.159.194.0/24 maxlen: 24
                          109.69.167.0/24 maxlen: 24
                          93.159.193.0/24 maxlen: 24
                          93.159.196.0/24 maxlen: 24
                          93.159.195.0/24 maxlen: 24
                          93.159.198.0/24 maxlen: 24
                          93.159.197.0/24 maxlen: 24
                          93.159.199.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:91:7e:ca:03:51:b7:f0:1d:b0:a8:8d:b5:d6:45:f6:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd9a4d121740f5a33879327db23ac287f2e113a1
        Validity
            Not Before: Aug 12 09:59:41 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=4928b773d1b9f51c45d00a99c652a7334e2be597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ab:ad:77:e2:56:ee:48:43:e1:b6:d0:4f:a4:
                    2a:4f:21:47:53:d1:8e:05:d8:08:bd:94:b3:3d:c7:
                    33:47:3b:48:b5:f9:6d:15:4d:b4:9f:99:84:1d:31:
                    c8:b4:85:5c:6d:55:06:2b:c3:05:8d:c3:a3:e8:3b:
                    d6:ef:72:d1:c3:ce:f9:05:f8:1e:ed:62:78:ac:34:
                    10:26:74:82:57:70:3e:d3:1e:84:af:7d:6d:7b:25:
                    85:5f:fb:f9:7f:f6:06:60:2b:c9:b0:fd:cb:86:d1:
                    b5:b5:19:8b:88:f5:36:d4:08:1a:cc:6a:97:62:bb:
                    9a:cb:ff:a3:b9:6e:a5:8b:12:db:f8:b0:88:f5:49:
                    54:d6:29:86:32:35:b2:39:37:8d:3e:ec:e5:32:40:
                    f3:4e:32:c4:dd:7a:04:97:cb:90:53:4a:56:8f:73:
                    f7:c7:e8:d4:7f:e0:6b:12:5d:a0:f8:ae:03:ac:eb:
                    a2:cb:1e:fe:31:0d:94:97:6d:25:f7:78:e0:fc:de:
                    04:f4:2b:8e:31:15:95:df:d9:18:0f:a6:94:30:e0:
                    b0:a6:12:78:30:fe:d2:dc:ab:d6:6c:de:cf:62:b8:
                    67:5a:62:16:ea:19:40:ce:ba:ba:ff:0e:f4:70:cf:
                    8b:ef:1f:64:b6:25:50:d0:ab:f8:93:8c:02:6a:12:
                    06:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:28:B7:73:D1:B9:F5:1C:45:D0:0A:99:C6:52:A7:33:4E:2B:E5:97
            X509v3 Authority Key Identifier:
                keyid:BD:9A:4D:12:17:40:F5:A3:38:79:32:7D:B2:3A:C2:87:F2:E1:13:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZpNEhdA9aM4eTJ9sjrCh_LhE6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4b7620-1dce-409c-be7e-8d563fe44158/1/SSi3c9G59RxF0AqZxlKnM04r5Zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4b7620-1dce-409c-be7e-8d563fe44158/1/vZpNEhdA9aM4eTJ9sjrCh_LhE6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.159.192.0/21
                  109.69.160.0/21
                  194.156.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:4d:22:d3:2a:5d:8a:85:40:d2:bd:a4:ea:bd:cf:2c:40:3b:
         cb:67:35:87:9c:47:ac:9a:24:47:13:07:b7:fb:9b:8f:8e:06:
         94:7e:a6:16:a0:a0:7d:2c:6f:23:c0:a1:1c:bd:33:03:4a:c5:
         d6:89:45:cb:0c:6a:ec:03:0d:ed:4b:63:bf:07:23:23:bd:e2:
         87:17:60:4a:47:93:6e:7b:28:3b:c0:c5:8e:53:7b:8a:4b:d6:
         80:71:99:a0:b8:9a:f2:c3:5a:82:1b:69:33:19:2d:a6:66:5c:
         c4:88:29:2a:3a:27:e8:6e:27:6d:03:7f:51:40:fd:83:80:bc:
         57:ea:fc:1e:88:04:04:d2:89:38:77:fa:0e:7a:0e:56:4f:62:
         9a:b8:a9:81:d5:cb:79:6d:4f:bc:a3:66:5f:79:51:a1:05:ea:
         11:56:33:0a:16:1f:a2:30:a4:9a:ce:7a:5e:55:ad:d3:71:1e:
         92:08:ac:60:3d:6c:82:d0:3a:a9:aa:29:45:0c:a8:86:1d:54:
         07:62:f6:15:d3:80:56:9d:60:a0:a4:68:d3:40:a1:14:cd:5a:
         ec:6b:27:53:3f:d9:55:26:60:b8:44:7d:30:44:04:2c:99:be:
         89:41:96:47:78:72:80:a4:33:9a:e2:ea:09:f0:eb:46:f7:a2:
         08:c9:ee:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKRfsoDUbfwHbCojbXWRfaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOWE0ZDEyMTc0MGY1YTMzODc5MzI3ZGIyM2FjMjg3ZjJl
MTEzYTEwHhcNMjIwODEyMDk1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI4Yjc3M2QxYjlmNTFjNDVkMDBhOTljNjUyYTczMzRlMmJlNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKutd+JW7khD4bbQT6QqTyFHU9GO
BdgIvZSzPcczRztItfltFU20n5mEHTHItIVcbVUGK8MFjcOj6DvW73LRw875Bfge
7WJ4rDQQJnSCV3A+0x6Er31teyWFX/v5f/YGYCvJsP3LhtG1tRmLiPU21AgazGqX
Yruay/+juW6lixLb+LCI9UlU1imGMjWyOTeNPuzlMkDzTjLE3XoEl8uQU0pWj3P3
x+jUf+BrEl2g+K4DrOuiyx7+MQ2Ul20l93jg/N4E9CuOMRWV39kYD6aUMOCwphJ4
MP7S3KvWbN7PYrhnWmIW6hlAzrq6/w70cM+L7x9ktiVQ0Kv4k4wCahIG/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEkot3PRufUcRdAKmcZSpzNOK+WXMB8GA1UdIwQY
MBaAFL2aTRIXQPWjOHkyfbI6wofy4ROhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpwTkVoZEE5YU00ZVRKOXNqckNoX0xoRTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Yjc2MjAtMWRjZS00MDljLWJlN2Ut
OGQ1NjNmZTQ0MTU4LzEvU1NpM2M5RzU5UnhGMEFxWnhsS25NMDRyNVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Yjc2MjAtMWRjZS00MDljLWJlN2UtOGQ1NjNmZTQ0MTU4
LzEvdlpwTkVoZEE5YU00ZVRKOXNqckNoX0xoRTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXZ/AAwQD
bUWgAwQCwpz8MA0GCSqGSIb3DQEBCwUAA4IBAQBwTSLTKl2KhUDSvaTqvc8sQDvL
ZzWHnEesmiRHEwe3+5uPjgaUfqYWoKB9LG8jwKEcvTMDSsXWiUXLDGrsAw3tS2O/
ByMjveKHF2BKR5Nueyg7wMWOU3uKS9aAcZmguJryw1qCG2kzGS2mZlzEiCkqOifo
bidtA39RQP2DgLxX6vweiAQE0ok4d/oOeg5WT2KauKmB1ct5bU+8o2ZfeVGhBeoR
VjMKFh+iMKSaznpeVa3TcR6SCKxgPWyC0DqpqilFDKiGHVQHYvYV04BWnWCgpGjT
QKEUzVrsaydTP9lVJmC4RH0wRAQsmb6JQZZHeHKApDOa4uoJ8OtG96IIye7s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:46 2024 by rpki-client on console-ams.rpki-client.org