Route Origin Authorization

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/4/3139332e33322e38362e302f32342d3234203d3e2036323333.roa
File:                     3139332e33322e38362e302f32342d3234203d3e2036323333.roa (raw, json)
Hash identifier:          l5FjYGIghcI8ZslOE/WTjcqo5iUjqPXvnHne/Tzt34w=
Subject key identifier:   0A:76:EC:A1:76:1E:5F:DA:F3:38:03:BC:8C:F7:F5:F2:B2:FC:31:EF
Certificate issuer:       /CN=000b188a1a40bd66afbda0909efa612125bc8a02
Certificate serial:       02A372C6F2E660B84F5EFF3CACC0B5995CC24988
Authority key identifier: 00:0B:18:8A:1A:40:BD:66:AF:BD:A0:90:9E:FA:61:21:25:BC:8A:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AAsYihpAvWavvaCQnvphISW8igI.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/4/3139332e33322e38362e302f32342d3234203d3e2036323333.roa
Signing time:             Thu 10 Nov 2022 15:37:49 +0000
ROA not before:           Thu 10 Nov 2022 15:32:49 +0000
ROA not after:            Thu 09 Nov 2023 15:37:49 +0000
asID:                     6233
IP address blocks:        193.32.86.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:a3:72:c6:f2:e6:60:b8:4f:5e:ff:3c:ac:c0:b5:99:5c:c2:49:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=000b188a1a40bd66afbda0909efa612125bc8a02
        Validity
            Not Before: Nov 10 15:32:49 2022 GMT
            Not After : Nov  9 15:37:49 2023 GMT
        Subject: CN=0A76ECA1761E5FDAF33803BC8CF7F5F2B2FC31EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:37:10:55:68:1b:10:d7:dd:e0:dd:80:56:61:
                    36:50:84:0d:df:fc:e8:17:52:eb:11:83:2a:68:3d:
                    36:1a:3b:2b:73:da:13:98:ae:6e:7b:59:df:ea:89:
                    f4:90:fd:bc:80:37:b6:90:24:12:17:8e:a7:1a:81:
                    1a:f7:cd:0e:d5:79:c6:3d:01:08:d4:c3:ac:9c:9b:
                    4f:02:96:35:c8:bc:60:95:f0:01:11:27:bb:6f:fa:
                    fd:4c:c0:d2:a7:9f:3c:61:23:c1:f6:89:c5:c4:6b:
                    05:73:b8:cc:fa:26:d4:62:9d:e3:a1:ac:f3:93:37:
                    43:01:4c:29:80:ad:d6:db:34:cb:e4:d5:fe:e0:48:
                    3a:d6:d1:b7:34:37:da:8d:a0:83:6e:b4:c8:d1:dc:
                    c5:08:bd:ee:b9:a8:e9:63:80:b1:19:1e:d8:00:20:
                    09:b4:6f:3d:27:dd:30:ac:e4:72:44:50:24:19:6d:
                    87:d5:2a:11:f7:c5:95:59:7d:ae:04:45:d6:d8:44:
                    1c:c8:40:87:6a:e5:0a:a8:75:75:ff:4c:cf:0a:1c:
                    f9:1b:75:c1:c9:84:ee:8b:43:59:46:1f:5b:77:63:
                    fb:d2:f8:c0:0e:b8:12:fb:d7:1c:4f:1e:ec:35:c1:
                    96:a6:c5:8f:a2:4c:d1:8e:ce:7b:f1:2c:9b:34:2e:
                    aa:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:76:EC:A1:76:1E:5F:DA:F3:38:03:BC:8C:F7:F5:F2:B2:FC:31:EF
            X509v3 Authority Key Identifier:
                keyid:00:0B:18:8A:1A:40:BD:66:AF:BD:A0:90:9E:FA:61:21:25:BC:8A:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/4/000B188A1A40BD66AFBDA0909EFA612125BC8A02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAsYihpAvWavvaCQnvphISW8igI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/4/3139332e33322e38362e302f32342d3234203d3e2036323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:59:da:1a:1a:41:e3:c4:fa:5f:10:4d:41:cc:d4:ca:d5:4b:
         dc:73:f6:2e:16:4e:ca:84:34:2f:4f:cc:58:5f:37:5b:e1:af:
         8a:12:02:df:3f:bf:25:7a:74:46:1f:99:d8:0d:a5:48:c5:c9:
         1c:4e:e5:c6:20:26:d2:9a:4a:72:be:7e:66:9d:7f:68:2a:e4:
         63:a2:58:ec:c9:90:54:d0:bb:dc:88:92:4c:45:a9:33:4c:72:
         03:de:03:2b:f4:07:5a:77:c2:cc:aa:73:a5:37:d0:9f:df:c6:
         7d:61:75:b0:85:e7:15:e8:f8:bd:95:7f:64:6a:72:1e:ee:f5:
         25:62:f6:07:81:6d:cb:2e:3d:0b:f2:c6:7a:5b:9a:47:ac:a6:
         07:b5:98:23:19:b3:02:ec:47:fe:21:57:5b:b4:43:a6:e1:67:
         65:9d:42:08:17:31:56:81:c9:a8:b0:b1:3e:93:e6:ff:ac:3f:
         c2:92:18:0d:14:4d:fa:d6:64:1f:b8:d1:38:c5:4c:66:bf:ff:
         8e:7b:6d:30:b9:18:b0:19:3e:65:2b:94:0e:2c:ad:15:4f:1a:
         1e:48:4f:0a:bb:6f:5f:c5:5f:e6:2e:7e:51:58:eb:74:63:f2:
         94:b2:f8:73:71:c3:68:32:b1:bf:c7:c3:d0:a3:8e:a3:4e:71:
         6b:1d:3f:b1
-----BEGIN CERTIFICATE-----
MIIEwDCCA6igAwIBAgIUAqNyxvLmYLhPXv88rMC1mVzCSYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDAwYjE4OGExYTQwYmQ2NmFmYmRhMDkwOWVmYTYxMjEy
NWJjOGEwMjAeFw0yMjExMTAxNTMyNDlaFw0yMzExMDkxNTM3NDlaMDMxMTAvBgNV
BAMTKDBBNzZFQ0ExNzYxRTVGREFGMzM4MDNCQzhDRjdGNUYyQjJGQzMxRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpNxBVaBsQ193g3YBWYTZQhA3f
/OgXUusRgypoPTYaOytz2hOYrm57Wd/qifSQ/byAN7aQJBIXjqcagRr3zQ7VecY9
AQjUw6ycm08CljXIvGCV8AERJ7tv+v1MwNKnnzxhI8H2icXEawVzuMz6JtRineOh
rPOTN0MBTCmArdbbNMvk1f7gSDrW0bc0N9qNoINutMjR3MUIve65qOljgLEZHtgA
IAm0bz0n3TCs5HJEUCQZbYfVKhH3xZVZfa4ERdbYRBzIQIdq5QqodXX/TM8KHPkb
dcHJhO6LQ1lGH1t3Y/vS+MAOuBL71xxPHuw1wZamxY+iTNGOznvxLJs0LqrPAgMB
AAGjggHKMIIBxjAdBgNVHQ4EFgQUCnbsoXYeX9rzOAO8jPf18rL8Me8wHwYDVR0j
BBgwFoAUAAsYihpAvWavvaCQnvphISW8igIwDgYDVR0PAQH/BAQDAgeAMF4GA1Ud
HwRXMFUwU6BRoE+GTXJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80LzAw
MEIxODhBMUE0MEJENjZBRkJEQTA5MDlFRkE2MTIxMjVCQzhBMDIuY3JsMGQGCCsG
AQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9BQXNZaWhwQXZXYXZ2YUNRbnZwaElTVzhpZ0kuY2Vy
MHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLnJvYS5u
ZXQvcnJkcC94VG9tLzQvMzEzOTMzMmUzMzMyMmUzODM2MmUzMDJmMzIzNDJkMzIz
NDIwM2QzZTIwMzYzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBIFYwDQYJKoZIhvcNAQELBQAD
ggEBADdZ2hoaQePE+l8QTUHM1MrVS9xz9i4WTsqENC9PzFhfN1vhr4oSAt8/vyV6
dEYfmdgNpUjFyRxO5cYgJtKaSnK+fmadf2gq5GOiWOzJkFTQu9yIkkxFqTNMcgPe
Ayv0B1p3wsyqc6U30J/fxn1hdbCF5xXo+L2Vf2Rqch7u9SVi9geBbcsuPQvyxnpb
mkespge1mCMZswLsR/4hV1u0Q6bhZ2WdQggXMVaByaiwsT6T5v+sP8KSGA0UTfrW
ZB+40TjFTGa//457bTC5GLAZPmUrlA4srRVPGh5ITwq7b1/FX+YuflFY63Rj8pSy
+HNxw2gysb/Hw9CjjqNOcWsdP7E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:49 2024 by rpki-client on console-ams.rpki-client.org